Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oC73fAXKEwwiKYXNdK6TjaeaT78.cer
File:                     oC73fAXKEwwiKYXNdK6TjaeaT78.cer (raw, json)
Hash identifier:          WIMOSJdKdr2Q4LQZHbLuzlDMj1JLf6g6WucFkxjx5oc=
Subject key identifier:   A0:2E:F7:7C:05:CA:13:0C:22:29:85:CD:74:AE:93:8D:A7:9A:4F:BF
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E0F0
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91398E5/7840D95EE49111E791BE1869C4F9AE02/oC73fAXKEwwiKYXNdK6TjaeaT78.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91398E5/7840D95EE49111E791BE1869C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 27 Feb 2024 14:38:03 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    AS: 136465
                          IP: 103.89.48.0/22
                          IP: 2400:e9c0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 23:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123120 (0x1e0f0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb 27 14:38:03 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A91398E5/serialNumber=A02EF77C05CA130C222985CD74AE938DA79A4FBF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:c0:eb:47:08:4d:e3:29:49:b0:2f:de:73:3e:
                    10:d3:66:e0:6c:6a:9f:23:2f:89:05:a8:80:3d:ad:
                    e1:0f:36:e9:54:d0:fa:ae:db:69:94:04:20:fa:1e:
                    0f:66:b3:75:1a:a1:c1:17:59:8f:b7:fb:37:9c:36:
                    08:f2:45:f7:07:f4:7c:a7:35:62:0d:7b:1b:50:d5:
                    96:41:95:ce:f5:85:2c:71:ed:5a:7b:a5:e5:52:e9:
                    af:89:c5:86:0f:63:65:66:75:b7:0f:2c:ca:ad:65:
                    9c:0b:d0:4f:80:48:5f:d2:bf:90:04:c7:4a:3c:e6:
                    69:15:c6:18:43:f0:0a:b5:c7:91:99:f5:f0:70:2c:
                    8f:1a:51:36:0f:99:c4:03:e4:32:93:09:00:64:75:
                    68:41:4c:51:f4:69:0e:f1:ea:74:ad:06:85:1b:4b:
                    aa:22:55:b7:46:25:f4:96:e5:df:f9:5e:94:dc:a4:
                    33:8d:e8:b7:dd:5a:ca:97:bc:92:d9:dc:80:52:d6:
                    18:b4:23:6c:68:33:18:58:33:86:e2:22:fe:cf:77:
                    59:3f:87:52:42:90:b1:c7:5d:12:1d:f4:ed:75:f6:
                    da:70:54:fa:0f:7b:ac:54:97:e6:54:a5:65:c8:65:
                    4a:85:e7:ae:92:26:5c:a1:d1:79:30:53:20:fe:17:
                    46:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:2E:F7:7C:05:CA:13:0C:22:29:85:CD:74:AE:93:8D:A7:9A:4F:BF
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91398E5/7840D95EE49111E791BE1869C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91398E5/7840D95EE49111E791BE1869C4F9AE02/oC73fAXKEwwiKYXNdK6TjaeaT78.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  136465

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.89.48.0/22
                IPv6:
                  2400:e9c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         30:20:8a:03:e1:ee:05:66:a2:cf:62:24:69:bc:73:44:e0:f8:
         7d:38:fb:34:65:ce:69:a1:b5:51:8d:0b:24:97:23:b2:84:25:
         32:32:fc:a4:b3:3a:6f:93:4a:b3:49:25:b1:9e:99:fb:ea:87:
         68:16:60:ee:d9:1b:30:65:04:79:b3:2e:5b:73:3a:6c:3c:c5:
         de:05:fe:59:5d:ad:5d:7b:26:19:80:e9:e8:07:cb:c4:62:bd:
         c9:ff:ae:db:87:58:12:d4:4c:92:79:87:fc:eb:ac:ca:72:66:
         ba:8d:f9:c9:a7:4b:26:05:44:25:2d:86:78:7f:d7:d4:66:f7:
         47:32:de:2d:d2:f6:02:4a:85:1e:16:09:0c:73:41:3a:cd:c2:
         f9:39:e9:01:9e:fc:6b:66:34:ee:1d:b9:9f:ea:4b:32:66:a7:
         f7:2d:10:3e:3f:86:78:d2:a7:f7:4b:9c:85:e4:78:48:0b:fb:
         45:29:4b:a2:13:95:00:aa:b0:d5:05:41:50:f1:60:9e:0b:96:
         f5:8f:3c:14:15:7a:39:ba:83:a9:55:12:45:cb:30:f2:fa:03:
         3a:7b:48:a3:af:15:87:56:42:1f:07:d0:60:a1:67:07:5d:b7:
         90:4a:0e:d5:d8:85:90:88:08:78:96:a2:cc:7b:5c:e7:28:a0:
         e6:be:02:55
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAeDwMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIyNzE0MzgwM1oXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzk4RTUxMTAvBgNVBAUTKEEwMkVGNzdDMDVDQTEzMEMyMjI5ODVD
RDc0QUU5MzhEQTc5QTRGQkYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIwOtHCE3jKUmwL95zPhDTZuBsap8jL4kFqIA9reEPNulU0Pqu22mUBCD6Hg9m
s3UaocEXWY+3+zecNgjyRfcH9HynNWINextQ1ZZBlc71hSxx7Vp7peVS6a+JxYYP
Y2VmdbcPLMqtZZwL0E+ASF/Sv5AEx0o85mkVxhhD8Aq1x5GZ9fBwLI8aUTYPmcQD
5DKTCQBkdWhBTFH0aQ7x6nStBoUbS6oiVbdGJfSW5d/5XpTcpDON6LfdWsqXvJLZ
3IBS1hi0I2xoMxhYM4biIv7Pd1k/h1JCkLHHXRId9O119tpwVPoPe6xUl+ZUpWXI
ZUqF566SJlyh0XkwUyD+F0YdAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUoC73fAXK
EwwiKYXNdK6TjaeaT78wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM5OEU1Lzc4NDBEOTVFRTQ5MTExRTc5MUJFMTg2OUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzOThFNS83ODQwRDk1RUU0OTExMUU3OTFCRTE4NjlDNEY5QUUwMi9vQzczZkFY
S0V3d2lLWVhOZEs2VGphZWFUNzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhURMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ1kwMA0EAgAC
MAcDBQAkAOnAMA0GCSqGSIb3DQEBCwUAA4IBAQAwIIoD4e4FZqLPYiRpvHNE4Ph9
OPs0Zc5pobVRjQsklyOyhCUyMvykszpvk0qzSSWxnpn76odoFmDu2RswZQR5sy5b
czpsPMXeBf5ZXa1deyYZgOnoB8vEYr3J/67bh1gS1EySeYf866zKcma6jfnJp0sm
BUQlLYZ4f9fUZvdHMt4t0vYCSoUeFgkMc0E6zcL5OekBnvxrZjTuHbmf6ksyZqf3
LRA+P4Z40qf3S5yF5HhIC/tFKUuiE5UAqrDVBUFQ8WCeC5b1jzwUFXo5uoOpVRJF
yzDy+gM6e0ijrxWHVkIfB9BgoWcHXbeQSg7V2IWQiAh4lqLMe1znKKDmvgJV
-----END CERTIFICATE-----
Generated at Fri Mar 29 00:00:58 2024 by rpki-client on console-fra.rpki-client.org