Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oWw_hyQag9GqVIDUKnT099HOXS4.cer
File:                     oWw_hyQag9GqVIDUKnT099HOXS4.cer (raw, json)
Hash identifier:          mW0U5K51iX6ruiJ67iIUSkmNnotvYc+JCETHnolzGSY=
Subject key identifier:   A1:6C:3F:87:24:1A:83:D1:AA:54:80:D4:2A:74:F4:F7:D1:CE:5D:2E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CF54
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91CE620/3AA59ADC919011EE87FEE00BC4F9AE02/oWw_hyQag9GqVIDUKnT099HOXS4.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91CE620/3AA59ADC919011EE87FEE00BC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sun 03 Dec 2023 03:58:40 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 210.79.174.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118612 (0x1cf54)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec  3 03:58:40 2023 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A91CE620/serialNumber=A16C3F87241A83D1AA5480D42A74F4F7D1CE5D2E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:85:f3:05:25:dd:41:a5:1f:af:07:df:0e:bd:
                    a2:71:f7:62:85:b9:0a:77:ab:1d:e0:d6:fc:e7:37:
                    bb:ac:8c:cf:83:bb:4c:9c:58:0e:e6:db:2d:1e:9d:
                    fa:1f:c6:c3:e4:fa:11:08:04:08:5f:75:d2:a7:db:
                    01:e7:5e:bb:9c:0e:70:2a:5c:11:6d:7f:6e:aa:06:
                    67:79:ce:81:90:d2:71:d6:55:e5:43:4a:01:af:0a:
                    7a:b0:6d:de:51:d0:e3:2e:af:9b:99:83:a4:92:6e:
                    ad:b1:9c:6c:df:ba:c4:b9:9b:e1:79:12:23:42:74:
                    91:51:1f:57:92:4d:db:4b:35:b1:7d:dc:1a:30:3d:
                    3e:f8:c4:83:01:5e:77:57:d2:95:e0:73:e6:c6:0d:
                    b3:34:41:f5:45:cb:ec:38:4e:a0:5d:15:57:6a:67:
                    87:18:7d:38:02:d4:9e:fa:c9:c4:a8:99:b0:f5:5e:
                    28:b0:e4:0e:03:f0:e4:43:96:96:bb:3a:7d:7c:12:
                    62:f2:2b:73:a7:ed:61:62:10:09:4f:21:bd:3e:cb:
                    44:0d:76:ca:0b:e9:85:45:c6:11:0d:04:af:15:97:
                    ab:3d:c0:7d:07:b3:77:7d:be:8e:e7:28:57:de:a8:
                    f6:57:d1:3f:04:9b:0d:81:2d:5c:d2:d8:31:2c:a8:
                    83:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:6C:3F:87:24:1A:83:D1:AA:54:80:D4:2A:74:F4:F7:D1:CE:5D:2E
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CE620/3AA59ADC919011EE87FEE00BC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CE620/3AA59ADC919011EE87FEE00BC4F9AE02/oWw_hyQag9GqVIDUKnT099HOXS4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.79.174.0/23

    Signature Algorithm: sha256WithRSAEncryption
         31:7e:5f:92:80:7b:1f:ef:57:fc:b7:32:cc:4f:32:36:86:fa:
         af:ef:83:ec:e5:9c:be:eb:21:e2:ff:2f:1f:2e:02:86:8e:3d:
         02:0a:c9:c5:d9:fd:04:f4:43:8a:38:ea:b6:96:c1:ee:66:a9:
         63:bf:bb:8d:69:29:7c:7e:cf:aa:1f:5c:58:94:3a:de:76:db:
         23:18:89:c0:52:ef:05:ef:0a:d7:69:10:97:d3:be:85:fa:80:
         81:8c:b3:16:5a:15:fd:10:b4:84:a9:8f:c0:6f:f2:c2:2c:80:
         25:bc:a8:bd:22:88:f3:cf:98:7c:2e:2d:75:1d:31:dc:76:c5:
         db:1e:8b:42:ef:f2:09:be:75:62:f9:ea:a1:ab:2e:36:51:01:
         35:df:c1:fd:e8:25:6c:de:c7:1b:fa:03:c1:d0:20:11:55:fe:
         65:69:95:01:cb:f0:7d:c6:0f:e3:14:03:11:2c:e2:e5:6f:ee:
         26:79:2c:32:b6:c8:7b:ec:4b:71:5c:b0:09:85:a9:2a:40:27:
         93:1e:c3:e2:6c:eb:c6:6e:2b:e6:8f:a0:66:ee:41:55:11:33:
         c3:a0:13:77:b9:e1:e8:43:4e:22:bf:a8:ab:4e:d9:b6:91:18:
         f6:4d:b4:0c:52:a7:de:af:0f:64:d1:ba:b8:40:eb:12:30:14:
         8c:47:af:62
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAc9UMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIwMzAzNTg0MFoXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQ0U2MjAxMTAvBgNVBAUTKEExNkMzRjg3MjQxQTgzRDFBQTU0ODBE
NDJBNzRGNEY3RDFDRTVEMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCmhfMFJd1BpR+vB98OvaJx92KFuQp3qx3g1vznN7usjM+Du0ycWA7m2y0enfof
xsPk+hEIBAhfddKn2wHnXrucDnAqXBFtf26qBmd5zoGQ0nHWVeVDSgGvCnqwbd5R
0OMur5uZg6SSbq2xnGzfusS5m+F5EiNCdJFRH1eSTdtLNbF93BowPT74xIMBXndX
0pXgc+bGDbM0QfVFy+w4TqBdFVdqZ4cYfTgC1J76ycSombD1Xiiw5A4D8ORDlpa7
On18EmLyK3On7WFiEAlPIb0+y0QNdsoL6YVFxhENBK8Vl6s9wH0Hs3d9vo7nKFfe
qPZX0T8Emw2BLVzS2DEsqIMdAgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQUoWw/hyQa
g9GqVIDUKnT099HOXS4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNFNjIwLzNBQTU5QURDOTE5MDExRUU4N0ZFRTAwQkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDRTYyMC8zQUE1OUFEQzkxOTAxMUVFODdGRUUwMEJDNEY5QUUwMi9vV3dfaHlR
YWc5R3FWSURVS25UMDk5SE9YUzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBAHST64wDQYJKoZIhvcNAQELBQADggEBADF+X5KAex/vV/y3MsxP
MjaG+q/vg+zlnL7rIeL/Lx8uAoaOPQIKycXZ/QT0Q4o46raWwe5mqWO/u41pKXx+
z6ofXFiUOt522yMYicBS7wXvCtdpEJfTvoX6gIGMsxZaFf0QtISpj8Bv8sIsgCW8
qL0iiPPPmHwuLXUdMdx2xdsei0Lv8gm+dWL56qGrLjZRATXfwf3oJWzexxv6A8HQ
IBFV/mVplQHL8H3GD+MUAxEs4uVv7iZ5LDK2yHvsS3FcsAmFqSpAJ5Mew+Js68Zu
K+aPoGbuQVURM8OgE3e54ehDTiK/qKtO2baRGPZNtAxSp96vD2TRurhA6xIwFIxH
r2I=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:00:04 2024 by rpki-client on console-ams.rpki-client.org