Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pBhnIpZRYlTNTMrUSSUeGdG26V0.cer
File:                     pBhnIpZRYlTNTMrUSSUeGdG26V0.cer (raw, json)
Hash identifier:          ENmDHoLypDpZNsmaKNGjV1JOraX4FdfJkbOxL/NwOlE=
Subject key identifier:   A4:18:67:22:96:51:62:54:CD:4C:CA:D4:49:25:1E:19:D1:B6:E9:5D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01B8FD
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A913FE3D/81E654BCE53611EBB980326AC4F9AE02/pBhnIpZRYlTNTMrUSSUeGdG26V0.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A913FE3D/81E654BCE53611EBB980326AC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sun 27 Aug 2023 14:01:00 +0000
Certificate not after:    Mon 30 Sep 2024 00:00:00 +0000
Subordinate resources:    AS: 142555
                          IP: 103.169.68.0/23
                          IP: 2001:df6:ed80::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 12:32:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 112893 (0x1b8fd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Aug 27 14:01:00 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=A913FE3D/serialNumber=A418672296516254CD4CCAD449251E19D1B6E95D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:9a:6f:db:42:27:bc:19:ee:62:aa:60:fb:99:
                    b6:5f:96:c0:4e:54:3d:44:c1:62:ad:0c:96:3d:c6:
                    90:0a:ef:e2:10:8a:23:e9:4e:3f:10:c7:b7:ff:6f:
                    34:88:5c:4d:58:73:eb:76:3f:85:47:ef:c9:a2:de:
                    70:7c:e1:48:fc:5d:c3:92:0a:60:7f:68:74:e9:61:
                    75:32:3e:69:c8:07:a9:39:dc:2a:bf:2c:d5:c2:bf:
                    a1:70:b2:a1:9f:7d:6c:57:99:13:40:00:07:91:c7:
                    e4:ce:57:48:88:49:9b:ce:23:db:5e:10:c1:e6:ab:
                    18:da:17:82:8a:1a:a3:f0:41:29:19:3a:01:bb:d1:
                    33:24:e8:78:49:bc:cd:ab:ea:fc:2d:0d:9e:79:9f:
                    ff:6f:c4:75:f8:ab:bb:41:47:80:d6:db:26:6d:6e:
                    ba:bf:3d:80:97:2e:e3:46:3e:2b:21:b9:44:73:36:
                    8e:b1:43:74:cd:fa:d7:9e:13:6a:09:ab:d5:15:42:
                    6d:ea:f4:c5:b2:9c:9f:30:93:4e:fc:49:91:ea:49:
                    aa:6b:2f:e2:84:c6:2f:f6:65:6f:51:2a:dd:9f:8e:
                    ec:01:3b:67:1d:83:62:f3:52:f3:45:28:41:0b:c9:
                    19:39:51:9f:f5:f2:57:ec:bd:73:78:95:c6:3d:17:
                    27:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:18:67:22:96:51:62:54:CD:4C:CA:D4:49:25:1E:19:D1:B6:E9:5D
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913FE3D/81E654BCE53611EBB980326AC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913FE3D/81E654BCE53611EBB980326AC4F9AE02/pBhnIpZRYlTNTMrUSSUeGdG26V0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  142555

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.169.68.0/23
                IPv6:
                  2001:df6:ed80::/48

    Signature Algorithm: sha256WithRSAEncryption
         99:e8:f2:c8:97:61:34:f7:d0:03:db:91:de:7e:c4:b0:48:26:
         49:76:28:97:18:2e:60:e1:97:77:9f:ba:22:12:1c:b9:4c:82:
         ff:1f:c2:53:46:e3:8f:27:7f:7c:b3:9c:ff:9d:33:94:b0:44:
         07:e5:86:90:23:4f:14:35:b2:74:f4:ff:02:5a:b1:68:73:5c:
         80:00:b7:45:65:42:1d:a0:5a:d0:be:dd:04:1b:a9:01:ad:2a:
         7a:3e:90:07:9e:d2:ae:25:98:cb:a5:a4:03:94:5d:98:fb:3a:
         4e:e8:2d:24:7f:43:4f:58:81:24:ce:42:20:7d:56:04:14:ef:
         0d:62:48:6e:e7:eb:dc:65:34:d3:a0:21:3e:ef:92:97:86:a4:
         22:3b:09:b6:9c:34:77:d8:1e:4e:b4:7e:43:02:f1:da:42:4d:
         15:af:38:af:e9:b9:6b:46:ae:19:29:22:cd:3d:67:cc:41:0c:
         2b:ed:7e:56:da:87:71:92:2a:e8:5d:80:ff:4d:13:b2:61:ef:
         66:a4:11:a1:3f:f8:67:40:da:59:44:ed:de:7f:9d:31:99:e9:
         9b:e7:1e:6c:00:59:f3:12:83:c7:81:0e:34:66:5f:31:b4:e9:
         ea:a7:2b:22:a6:6c:18:68:94:ff:2e:f5:de:f4:7b:06:44:76:
         5a:96:76:c5
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAbj9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDgyNzE0MDEwMFoXDTI0MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0ZFM0QxMTAvBgNVBAUTKEE0MTg2NzIyOTY1MTYyNTRDRDRDQ0FE
NDQ5MjUxRTE5RDFCNkU5NUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDUmm/bQie8Ge5iqmD7mbZflsBOVD1EwWKtDJY9xpAK7+IQiiPpTj8Qx7f/bzSI
XE1Yc+t2P4VH78mi3nB84Uj8XcOSCmB/aHTpYXUyPmnIB6k53Cq/LNXCv6FwsqGf
fWxXmRNAAAeRx+TOV0iISZvOI9teEMHmqxjaF4KKGqPwQSkZOgG70TMk6HhJvM2r
6vwtDZ55n/9vxHX4q7tBR4DW2yZtbrq/PYCXLuNGPishuURzNo6xQ3TN+teeE2oJ
q9UVQm3q9MWynJ8wk078SZHqSaprL+KExi/2ZW9RKt2fjuwBO2cdg2LzUvNFKEEL
yRk5UZ/18lfsvXN4lcY9Fyf1AgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUpBhnIpZR
YlTNTMrUSSUeGdG26V0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNGRTNELzgxRTY1NEJDRTUzNjExRUJCOTgwMzI2QUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzRkUzRC84MUU2NTRCQ0U1MzYxMUVCQjk4MDMyNkFDNEY5QUUwMi9wQmhuSXBa
UllsVE5UTXJVU1NVZUdkRzI2VjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAizbMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ6lEMA8EAgAC
MAkDBwAgAQ327YAwDQYJKoZIhvcNAQELBQADggEBAJno8siXYTT30APbkd5+xLBI
Jkl2KJcYLmDhl3efuiISHLlMgv8fwlNG448nf3yznP+dM5SwRAflhpAjTxQ1snT0
/wJasWhzXIAAt0VlQh2gWtC+3QQbqQGtKno+kAee0q4lmMulpAOUXZj7Ok7oLSR/
Q09YgSTOQiB9VgQU7w1iSG7n69xlNNOgIT7vkpeGpCI7CbacNHfYHk60fkMC8dpC
TRWvOK/puWtGrhkpIs09Z8xBDCvtflbah3GSKuhdgP9NE7Jh72akEaE/+GdA2llE
7d5/nTGZ6ZvnHmwAWfMSg8eBDjRmXzG06eqnKyKmbBholP8u9d70ewZEdlqWdsU=
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:34:21 2024 by rpki-client on console-ams.rpki-client.org