Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oMuyz3rtg8IZc8cLZMCkFWxb9dI.cer
File:                     oMuyz3rtg8IZc8cLZMCkFWxb9dI.cer (raw, json)
Hash identifier:          doJhC5psVJoIajp/Ih4TNUhLMRbGfofv3nhyKS1iN/o=
Subject key identifier:   A0:CB:B2:CF:7A:ED:83:C2:19:73:C7:0B:64:C0:A4:15:6C:5B:F5:D2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01B049
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9138B72/1E400A9A9AB711EAAB22A37DC4F9AE02/oMuyz3rtg8IZc8cLZMCkFWxb9dI.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9138B72/1E400A9A9AB711EAAB22A37DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 14 Jul 2023 20:41:11 +0000
Certificate not after:    Sat 31 Aug 2024 00:00:00 +0000
Subordinate resources:    AS: 132290
                          IP: 103.140.82.0/23
                          IP: 2001:df0:b380::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 110665 (0x1b049)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul 14 20:41:11 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=A9138B72/serialNumber=A0CBB2CF7AED83C21973C70B64C0A4156C5BF5D2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:5f:72:31:ba:c6:3e:10:8d:22:ad:94:f1:59:
                    1c:3e:55:cd:7b:10:7f:c5:06:d5:9c:f9:d7:69:30:
                    24:ad:84:8e:8a:6f:08:4f:b0:1d:2b:d7:b0:d3:3e:
                    2c:f1:7e:87:7d:b0:f4:f8:63:37:a8:2e:e3:13:1a:
                    2f:2e:69:1a:f0:d6:12:8b:0d:e2:4e:02:d8:a7:01:
                    32:e2:97:c9:e6:b6:71:2b:04:da:12:62:4b:3a:13:
                    d2:63:ff:55:50:b9:f4:d9:bd:8a:ec:63:14:73:ce:
                    1b:a1:c0:b4:c7:01:76:97:26:da:67:be:7b:2c:b2:
                    9b:bb:5a:21:60:71:f0:7a:57:e7:a0:e2:07:7d:6f:
                    10:be:ce:8b:20:16:1a:38:46:e0:8b:ce:95:e4:39:
                    9f:df:0b:2f:a4:5b:22:39:98:9c:e3:bc:1c:bc:89:
                    b5:00:09:70:f2:f9:e6:1c:a6:ae:9f:a3:9e:40:f2:
                    e3:71:02:68:43:f8:4c:60:d6:4d:b6:fd:a6:b3:ec:
                    ca:50:ed:76:49:cc:a7:34:ca:3b:1d:6c:43:45:0c:
                    a1:0a:21:8b:90:8a:0a:c9:d0:ae:af:5a:65:5c:48:
                    1d:d5:2d:48:5f:77:70:76:39:60:1a:04:2a:c0:0e:
                    7d:0d:7f:cd:0d:55:b0:5e:14:5a:e2:56:d2:7c:90:
                    86:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:CB:B2:CF:7A:ED:83:C2:19:73:C7:0B:64:C0:A4:15:6C:5B:F5:D2
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9138B72/1E400A9A9AB711EAAB22A37DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9138B72/1E400A9A9AB711EAAB22A37DC4F9AE02/oMuyz3rtg8IZc8cLZMCkFWxb9dI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  132290

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.140.82.0/23
                IPv6:
                  2001:df0:b380::/48

    Signature Algorithm: sha256WithRSAEncryption
         7b:d4:87:18:ee:c8:44:76:57:01:a8:f2:6d:40:78:1e:55:32:
         dd:d1:d0:80:b4:a1:f8:00:ba:f4:9b:37:73:eb:92:41:e6:6f:
         5d:52:fb:8f:b1:8b:df:e8:e5:c0:e1:73:f1:6d:da:39:8a:10:
         c1:4e:6d:a2:89:4e:73:c8:49:b5:ba:a8:57:c7:1a:b0:4f:ef:
         a5:5a:e2:d8:5b:6e:96:e4:26:ac:8a:86:ff:3b:0a:f3:c3:d2:
         b3:22:34:f6:e6:dd:2f:2a:19:e4:a1:66:26:1c:5e:8d:69:9a:
         39:8b:c5:c1:1a:b8:3b:63:f1:ab:f1:4a:11:94:46:fa:52:ec:
         ea:b2:f2:13:19:82:af:73:3a:df:5f:75:9d:6b:02:6c:db:5c:
         0d:ff:0c:6d:97:e1:54:ce:a2:59:e4:f6:a1:1f:7b:4b:f1:bd:
         8e:6c:6c:d1:10:21:55:ee:88:bf:6b:eb:bb:ef:de:13:8f:67:
         8c:95:f4:23:31:e8:90:dc:0c:5b:2d:c6:10:54:c9:ae:ce:12:
         ff:92:a1:bd:d2:18:2f:6d:c6:77:29:b9:f6:05:0c:31:96:9d:
         53:05:2d:68:aa:26:e4:b1:bd:de:f5:a1:52:54:77:40:6b:8f:
         27:30:e3:4f:be:a2:c1:f9:5e:78:ea:5a:3e:37:8b:16:ae:64:
         bf:f3:8d:77
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAbBJMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDcxNDIwNDExMVoXDTI0MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzhCNzIxMTAvBgNVBAUTKEEwQ0JCMkNGN0FFRDgzQzIxOTczQzcw
QjY0QzBBNDE1NkM1QkY1RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBX3IxusY+EI0irZTxWRw+Vc17EH/FBtWc+ddpMCSthI6KbwhPsB0r17DTPizx
fod9sPT4YzeoLuMTGi8uaRrw1hKLDeJOAtinATLil8nmtnErBNoSYks6E9Jj/1VQ
ufTZvYrsYxRzzhuhwLTHAXaXJtpnvnssspu7WiFgcfB6V+eg4gd9bxC+zosgFho4
RuCLzpXkOZ/fCy+kWyI5mJzjvBy8ibUACXDy+eYcpq6fo55A8uNxAmhD+Exg1k22
/aaz7MpQ7XZJzKc0yjsdbENFDKEKIYuQigrJ0K6vWmVcSB3VLUhfd3B2OWAaBCrA
Dn0Nf80NVbBeFFriVtJ8kIa5AgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUoMuyz3rt
g8IZc8cLZMCkFWxb9dIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM4QjcyLzFFNDAwQTlBOUFCNzExRUFBQjIyQTM3REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzOEI3Mi8xRTQwMEE5QTlBQjcxMUVBQUIyMkEzN0RDNEY5QUUwMi9vTXV5ejNy
dGc4SVpjOGNMWk1Da0ZXeGI5ZEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgTCMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ4xSMA8EAgAC
MAkDBwAgAQ3ws4AwDQYJKoZIhvcNAQELBQADggEBAHvUhxjuyER2VwGo8m1AeB5V
Mt3R0IC0ofgAuvSbN3PrkkHmb11S+4+xi9/o5cDhc/Ft2jmKEMFObaKJTnPISbW6
qFfHGrBP76Va4thbbpbkJqyKhv87CvPD0rMiNPbm3S8qGeShZiYcXo1pmjmLxcEa
uDtj8avxShGURvpS7Oqy8hMZgq9zOt9fdZ1rAmzbXA3/DG2X4VTOolnk9qEfe0vx
vY5sbNEQIVXuiL9r67vv3hOPZ4yV9CMx6JDcDFstxhBUya7OEv+Sob3SGC9txncp
ufYFDDGWnVMFLWiqJuSxvd71oVJUd0Brjycw40++osH5XnjqWj43ixauZL/zjXc=
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:02:39 2024 by rpki-client on console-fra.rpki-client.org