Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ogxX9SzpjIhI9jYlDkpGcIEbUHY.cer
File:                     ogxX9SzpjIhI9jYlDkpGcIEbUHY.cer (raw, json)
Hash identifier:          ErxzpubU9JpONyF8am1XCI3ZDgMr4IgcW3RZyCCSm5Y=
Subject key identifier:   A2:0C:57:F5:2C:E9:8C:88:48:F6:36:25:0E:4A:46:70:81:1B:50:76
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D3D8
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91E7656/0EE3A5BC0CD611EABF562553C4F9AE02/ogxX9SzpjIhI9jYlDkpGcIEbUHY.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91E7656/0EE3A5BC0CD611EABF562553C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 22 Dec 2023 19:28:40 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 4859
                          AS: 7547 -- 7549
                          IP: 45.113.168.0/22
                          IP: 103.53.92.0/22
                          IP: 203.207.64.0 -- 203.207.91.255
                          IP: 203.207.96.0/20
                          IP: 203.207.128.0/18
                          IP: 203.207.200.0/21
                          IP: 203.207.224.0/19
                          IP: 2406:7d00::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 119768 (0x1d3d8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec 22 19:28:40 2023 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A91E7656/serialNumber=A20C57F52CE98C8848F636250E4A4670811B5076
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:6f:b7:71:f6:9d:5a:fc:75:60:b8:02:d8:95:
                    3d:b6:9d:29:c6:8f:e8:c0:cc:89:76:ef:14:6a:bd:
                    7d:01:c3:98:3f:be:6d:4d:c0:98:9e:69:73:ee:2b:
                    93:78:79:5e:9a:f5:a0:be:a7:55:61:03:d5:e0:ec:
                    e2:5d:53:4e:3b:2f:d7:c5:6a:6b:4a:58:59:5f:30:
                    55:1e:c4:1e:1c:c5:66:80:9b:ec:87:07:1b:fd:c0:
                    fc:68:5e:1c:e9:9c:08:51:59:ed:52:3e:17:35:b1:
                    5f:b6:ea:8c:67:57:89:79:42:b6:a7:2c:0e:fa:1d:
                    f7:33:57:b2:ef:dd:f9:b4:88:84:b7:cb:4a:83:e6:
                    7d:95:04:a4:ad:d5:f2:8e:23:e1:2a:d1:13:ef:8b:
                    02:2e:14:91:f7:e0:40:ba:0e:ba:92:9a:b7:6d:af:
                    6f:a6:f7:9b:02:24:60:85:15:74:fc:5f:e0:6d:aa:
                    27:cf:d3:5e:15:75:24:5e:99:f8:78:11:14:eb:38:
                    51:4d:e2:15:35:6e:43:1d:c2:3b:5a:14:35:66:e2:
                    f1:c6:7b:61:14:79:f2:de:24:7f:d6:9d:05:ca:31:
                    30:fe:a7:d2:ad:56:fa:b1:58:16:cf:e5:16:ab:fe:
                    c9:9d:93:40:e9:97:30:45:b6:b5:a4:44:18:c6:6b:
                    2f:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:0C:57:F5:2C:E9:8C:88:48:F6:36:25:0E:4A:46:70:81:1B:50:76
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E7656/0EE3A5BC0CD611EABF562553C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E7656/0EE3A5BC0CD611EABF562553C4F9AE02/ogxX9SzpjIhI9jYlDkpGcIEbUHY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  4859
                  7547-7549

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.113.168.0/22
                  103.53.92.0/22
                  203.207.64.0-203.207.91.255
                  203.207.96.0/20
                  203.207.128.0/18
                  203.207.200.0/21
                  203.207.224.0/19
                IPv6:
                  2406:7d00::/32

    Signature Algorithm: sha256WithRSAEncryption
         34:a2:cd:2d:5c:d0:8e:80:5d:2c:1a:ac:f2:09:52:91:bb:60:
         c0:2e:d9:14:15:03:3b:5b:5d:18:3d:49:20:53:82:cc:d3:8b:
         ab:e7:cd:6b:f0:c9:4a:c5:92:7c:d5:78:7e:2d:68:b9:9f:0f:
         e2:f8:37:ef:f8:ef:91:0c:b8:1f:db:28:06:fa:13:22:d2:f8:
         8a:05:da:85:90:02:b4:33:4c:35:fd:5b:cd:df:e0:35:83:34:
         69:dc:5e:a8:49:e7:29:1d:a9:28:b9:57:7d:3d:a8:fe:8f:bf:
         e4:fd:62:e7:a2:f4:04:f8:85:65:dd:08:23:ff:64:8e:d2:23:
         1b:4f:e5:c5:ef:34:93:43:5b:d9:b6:6f:98:c8:82:2e:0b:9a:
         cd:5a:1e:81:83:a5:25:8b:97:e5:d4:08:37:e0:56:38:0f:e8:
         f2:1a:82:7b:c7:20:1e:6b:f2:e4:ca:54:9e:63:df:25:ac:c1:
         3d:32:e2:e7:f7:22:ff:1a:12:dc:d0:35:66:ea:69:a7:f8:af:
         bf:50:b8:6a:d5:6d:db:8b:7e:8a:e9:5e:09:0a:c2:0a:0a:86:
         68:e3:d5:ba:b3:01:c3:e7:ec:62:fd:ac:60:33:16:da:d9:0d:
         7b:c5:fa:05:94:c1:a4:4b:fa:53:df:12:7d:31:26:2c:3a:7c:
         e2:99:8f:bd
-----BEGIN CERTIFICATE-----
MIIGXjCCBUagAwIBAgIDAdPYMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIyMjE5Mjg0MFoXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTc2NTYxMTAvBgNVBAUTKEEyMEM1N0Y1MkNFOThDODg0OEY2MzYy
NTBFNEE0NjcwODExQjUwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC9b7dx9p1a/HVguALYlT22nSnGj+jAzIl27xRqvX0Bw5g/vm1NwJieaXPuK5N4
eV6a9aC+p1VhA9Xg7OJdU047L9fFamtKWFlfMFUexB4cxWaAm+yHBxv9wPxoXhzp
nAhRWe1SPhc1sV+26oxnV4l5QranLA76HfczV7Lv3fm0iIS3y0qD5n2VBKSt1fKO
I+Eq0RPviwIuFJH34EC6DrqSmrdtr2+m95sCJGCFFXT8X+BtqifP014VdSRemfh4
ERTrOFFN4hU1bkMdwjtaFDVm4vHGe2EUefLeJH/WnQXKMTD+p9KtVvqxWBbP5Rar
/smdk0DplzBFtrWkRBjGay+tAgMBAAGjggNTMIIDTzAdBgNVHQ4EFgQUogxX9Szp
jIhI9jYlDkpGcIEbUHYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU3NjU2LzBFRTNBNUJDMENENjExRUFCRjU2MjU1M0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFNzY1Ni8wRUUzQTVCQzBDRDYxMUVBQkY1NjI1NTNDNEY5QUUwMi9vZ3hYOVN6
cGpJaEk5allsRGtwR2NJRWJVSFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIwYIKwYBBQUHAQgBAf8EFDAS
oBAwDgICEvswCAICHXsCAh19MFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQC
LXGoAwQCZzVcMAwDBAbLz0ADBALLz1gDBATLz2ADBAbLz4ADBAPLz8gDBAXLz+Aw
DQQCAAIwBwMFACQGfQAwDQYJKoZIhvcNAQELBQADggEBADSizS1c0I6AXSwarPIJ
UpG7YMAu2RQVAztbXRg9SSBTgszTi6vnzWvwyUrFknzVeH4taLmfD+L4N+/475EM
uB/bKAb6EyLS+IoF2oWQArQzTDX9W83f4DWDNGncXqhJ5ykdqSi5V309qP6Pv+T9
Yuei9AT4hWXdCCP/ZI7SIxtP5cXvNJNDW9m2b5jIgi4Lms1aHoGDpSWLl+XUCDfg
VjgP6PIagnvHIB5r8uTKVJ5j3yWswT0y4uf3Iv8aEtzQNWbqaaf4r79QuGrVbduL
forpXgkKwgoKhmjj1bqzAcPn7GL9rGAzFtrZDXvF+gWUwaRL+lPfEn0xJiw6fOKZ
j70=
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:47:25 2024 by rpki-client on console-ams.rpki-client.org