Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/peado7v7jl3TlkjmpD4A-nI95lg.cer
File:                     peado7v7jl3TlkjmpD4A-nI95lg.cer (raw, json)
Hash identifier:          OhkV0OehLsoxJNKkJo/RB5dOgJVJnhuUarIDhMvQH80=
Subject key identifier:   A5:E6:9D:A3:BB:FB:8E:5D:D3:96:48:E6:A4:3E:00:FA:72:3D:E6:58
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E481
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91190B4/BC8C10AE573C11EAB0A4E335C4F9AE02/peado7v7jl3TlkjmpD4A-nI95lg.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91190B4/BC8C10AE573C11EAB0A4E335C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 14 Mar 2024 12:49:12 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    AS: 134444
                          IP: 103.16.20.0/22
                          IP: 202.20.32.0/20
                          IP: 2405:e840::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 124033 (0x1e481)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar 14 12:49:12 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A91190B4/serialNumber=A5E69DA3BBFB8E5DD39648E6A43E00FA723DE658
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:52:06:88:df:90:22:6c:43:45:bc:cf:6e:aa:
                    fb:de:08:88:2e:3a:57:66:07:39:f2:7d:ec:54:06:
                    8f:a1:cf:66:9c:a5:5b:b8:55:80:42:04:4a:9a:b2:
                    31:cb:a0:f1:8b:d2:09:8f:5d:1d:27:a4:11:07:90:
                    05:de:91:5b:0e:a2:17:1b:a3:8f:00:ca:e0:a8:12:
                    43:26:55:ce:18:16:4c:e6:24:0e:39:50:92:34:16:
                    5a:af:c0:93:84:fd:3c:fa:54:70:bd:bd:07:75:54:
                    01:50:36:f5:7f:3c:ab:56:b1:06:c8:43:cd:8a:2c:
                    5f:10:31:81:8f:cc:0c:b1:95:c0:e7:f0:6f:e6:d9:
                    4f:18:d8:cd:06:a3:25:47:20:8d:72:21:4c:60:4e:
                    da:25:34:88:03:13:00:44:9f:15:e6:98:e2:7f:4f:
                    bc:09:a7:af:1c:ab:3b:0b:0a:3a:85:59:bf:d0:73:
                    d3:7c:f2:f9:88:9d:67:8c:4e:b0:30:92:86:a9:fa:
                    cd:da:1a:62:11:2c:b1:db:b7:ed:d4:f2:46:39:9a:
                    75:08:16:3f:96:f3:ce:71:08:14:5e:dd:6b:16:42:
                    6d:ff:46:57:8e:b7:61:d5:41:48:47:f4:63:c9:d2:
                    06:f8:7b:4e:6b:f3:bb:39:e3:7e:0e:0d:4f:b1:ba:
                    9c:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:E6:9D:A3:BB:FB:8E:5D:D3:96:48:E6:A4:3E:00:FA:72:3D:E6:58
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91190B4/BC8C10AE573C11EAB0A4E335C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91190B4/BC8C10AE573C11EAB0A4E335C4F9AE02/peado7v7jl3TlkjmpD4A-nI95lg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  134444

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.16.20.0/22
                  202.20.32.0/20
                IPv6:
                  2405:e840::/32

    Signature Algorithm: sha256WithRSAEncryption
         c6:c9:73:ec:57:d9:d6:30:a8:f6:83:73:68:2e:e6:6a:da:e6:
         d4:6e:26:15:b3:bc:f8:1b:36:d4:1b:00:0a:38:4b:16:8f:83:
         2f:16:a7:12:ef:19:c9:3d:f6:7c:be:6e:25:6c:69:ee:1b:51:
         3f:9f:13:e8:cf:e8:26:1e:b3:26:c9:f4:da:ca:fa:f5:92:92:
         21:25:92:82:57:5a:04:29:41:c8:f2:c1:63:5f:fc:74:7c:e1:
         75:c5:c6:24:08:0f:8b:21:cc:0f:71:c4:71:11:45:7e:d3:62:
         40:d1:2b:d0:bf:a1:f8:1f:e5:72:81:02:a1:1c:96:b7:57:73:
         24:4d:56:35:77:64:6e:ef:46:c0:c1:c5:7b:fd:f4:9c:a8:c1:
         12:d7:2b:c9:26:db:7c:22:98:71:e4:1e:59:67:a9:1e:49:24:
         2c:6a:5c:4e:a5:dd:5c:96:b9:91:97:b0:61:69:da:e6:7c:4e:
         25:e0:ec:7a:59:a1:7d:f7:c1:ee:95:52:35:47:59:d9:3d:fc:
         e3:a3:87:7d:8a:1d:be:41:af:50:9d:87:7b:c8:c7:99:d0:a2:
         31:14:87:39:01:de:54:06:22:62:91:99:e7:3c:70:22:36:19:
         55:98:2a:78:24:b4:15:18:43:d2:f2:d4:ee:56:22:c0:00:87:
         35:dd:2c:35
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAeSBMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMxNDEyNDkxMloXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTkwQjQxMTAvBgNVBAUTKEE1RTY5REEzQkJGQjhFNUREMzk2NDhF
NkE0M0UwMEZBNzIzREU2NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCtUgaI35AibENFvM9uqvveCIguOldmBznyfexUBo+hz2acpVu4VYBCBEqasjHL
oPGL0gmPXR0npBEHkAXekVsOohcbo48AyuCoEkMmVc4YFkzmJA45UJI0FlqvwJOE
/Tz6VHC9vQd1VAFQNvV/PKtWsQbIQ82KLF8QMYGPzAyxlcDn8G/m2U8Y2M0GoyVH
II1yIUxgTtolNIgDEwBEnxXmmOJ/T7wJp68cqzsLCjqFWb/Qc9N88vmInWeMTrAw
koap+s3aGmIRLLHbt+3U8kY5mnUIFj+W885xCBRe3WsWQm3/RleOt2HVQUhH9GPJ
0gb4e05r87s5434ODU+xupx7AgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUpeado7v7
jl3TlkjmpD4A+nI95lgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTE5MEI0L0JDOEMxMEFFNTczQzExRUFCMEE0RTMzNUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExOTBCNC9CQzhDMTBBRTU3M0MxMUVBQjBBNEUzMzVDNEY5QUUwMi9wZWFkbzd2
N2psM1Rsa2ptcEQ0QS1uSTk1bGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg0sMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZxAUAwQEyhQg
MA0EAgACMAcDBQAkBehAMA0GCSqGSIb3DQEBCwUAA4IBAQDGyXPsV9nWMKj2g3No
LuZq2ubUbiYVs7z4GzbUGwAKOEsWj4MvFqcS7xnJPfZ8vm4lbGnuG1E/nxPoz+gm
HrMmyfTayvr1kpIhJZKCV1oEKUHI8sFjX/x0fOF1xcYkCA+LIcwPccRxEUV+02JA
0SvQv6H4H+VygQKhHJa3V3MkTVY1d2Ru70bAwcV7/fScqMES1yvJJtt8Iphx5B5Z
Z6keSSQsalxOpd1clrmRl7BhadrmfE4l4Ox6WaF998HulVI1R1nZPfzjo4d9ih2+
Qa9QnYd7yMeZ0KIxFIc5Ad5UBiJikZnnPHAiNhlVmCp4JLQVGEPS8tTuViLAAIc1
3Sw1
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:00:05 2024 by rpki-client on console-ams.rpki-client.org