Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poP2ckwCoT8tOc8vIVAL4AOA3eM.cer
File:                     poP2ckwCoT8tOc8vIVAL4AOA3eM.cer (raw, json)
Hash identifier:          cS+x5ulixsh65Mwg+hcef2ozF9jJ//P0L2UyZ/SMLXY=
Subject key identifier:   A6:83:F6:72:4C:02:A1:3F:2D:39:CF:2F:21:50:0B:E0:03:80:DD:E3
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01AC19
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/poP2ckwCoT8tOc8vIVAL4AOA3eM.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 26 Jun 2023 14:52:19 +0000
Certificate not after:    Sat 31 Aug 2024 00:00:00 +0000
Subordinate resources:    AS: 38077
                          IP: 103.112.36.0/22
                          IP: 180.189.160.0/20
                          IP: 2405:1f00::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 06:56:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 109593 (0x1ac19)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jun 26 14:52:19 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=A91A8D22/serialNumber=A683F6724C02A13F2D39CF2F21500BE00380DDE3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:64:1f:b4:54:01:b3:b2:8e:d9:fe:c6:51:37:
                    af:ad:55:9f:6d:df:8e:84:f5:e8:0e:c6:e7:92:38:
                    ed:06:00:ef:33:f2:f8:5f:24:98:c0:36:65:be:1f:
                    b8:48:16:c6:3a:55:6b:99:b5:4f:33:0f:8f:41:1f:
                    85:6f:84:e1:ca:a4:46:ec:23:4a:7c:cb:b1:f8:aa:
                    4c:06:ba:43:d6:1b:5e:82:d6:23:bc:81:85:a4:7d:
                    fd:a7:91:ca:62:94:00:b5:de:7f:be:7f:98:26:da:
                    38:23:d4:11:71:bb:3c:48:3f:a5:95:bb:ff:56:b8:
                    68:6c:ec:22:ed:81:16:5a:ed:63:49:45:32:46:cc:
                    b7:20:44:a6:b2:01:d8:38:df:92:11:39:55:79:ee:
                    2e:bb:35:ba:1d:79:fe:26:6a:0e:75:c7:cb:8c:ac:
                    1f:db:52:65:ad:a7:4a:19:80:5c:f0:43:0a:f6:a2:
                    f2:54:2d:75:8c:ac:90:27:00:ab:53:33:da:40:d7:
                    fc:9d:1d:ee:f2:56:20:b5:8c:23:4f:cf:23:b6:59:
                    ec:47:8d:f9:4d:63:0d:68:03:fa:e2:0e:22:31:59:
                    52:eb:c7:18:e0:9a:b6:45:25:be:1e:48:bd:50:3b:
                    08:f8:67:47:3e:15:16:5b:ad:41:6c:ca:8a:19:c1:
                    25:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:83:F6:72:4C:02:A1:3F:2D:39:CF:2F:21:50:0B:E0:03:80:DD:E3
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/poP2ckwCoT8tOc8vIVAL4AOA3eM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  38077

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.112.36.0/22
                  180.189.160.0/20
                IPv6:
                  2405:1f00::/32

    Signature Algorithm: sha256WithRSAEncryption
         27:22:a6:de:bc:b1:bf:ae:c6:b5:da:49:52:c9:fa:3b:3e:50:
         34:21:1e:83:58:32:36:05:84:25:28:52:fc:0e:e1:e6:a6:3f:
         6b:f1:54:89:11:b6:63:88:12:cb:f2:51:22:c7:9f:c0:f2:1f:
         bd:cf:3d:c4:8a:4a:02:ec:e4:e9:14:fe:22:4e:2d:69:a9:e2:
         2e:13:57:44:8f:92:11:3e:7f:67:59:d0:71:23:98:76:0f:24:
         60:b7:58:a6:14:06:c5:e0:36:9b:df:2c:1d:57:e0:e3:2a:34:
         09:13:57:fd:4b:bf:55:f9:86:c3:5e:a8:e4:71:9a:04:1f:0c:
         67:75:d2:19:47:95:94:ac:1d:e9:cb:00:de:cf:8a:99:7e:90:
         f3:b9:9f:07:a6:bc:37:d9:e1:48:10:4e:8d:39:7b:62:5e:28:
         0d:40:f4:3a:02:9a:c9:ab:6c:a5:a5:12:d4:99:fc:cd:a5:60:
         0d:54:81:ea:5a:fc:90:38:7c:33:ca:52:09:85:fe:0c:0e:c0:
         06:13:e8:91:85:16:fd:a5:ff:43:39:68:be:7a:55:60:7c:fc:
         6d:1d:dd:0b:86:70:b9:ca:eb:12:ee:8a:2f:f3:bd:32:0f:8e:
         19:f5:74:26:58:ce:d6:27:74:96:71:86:7b:ec:95:88:4b:79:
         7b:b0:31:eb
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAawZMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDYyNjE0NTIxOVoXDTI0MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQThEMjIxMTAvBgNVBAUTKEE2ODNGNjcyNEMwMkExM0YyRDM5Q0Yy
RjIxNTAwQkUwMDM4MERERTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJZB+0VAGzso7Z/sZRN6+tVZ9t346E9egOxueSOO0GAO8z8vhfJJjANmW+H7hI
FsY6VWuZtU8zD49BH4VvhOHKpEbsI0p8y7H4qkwGukPWG16C1iO8gYWkff2nkcpi
lAC13n++f5gm2jgj1BFxuzxIP6WVu/9WuGhs7CLtgRZa7WNJRTJGzLcgRKayAdg4
35IROVV57i67Nbodef4mag51x8uMrB/bUmWtp0oZgFzwQwr2ovJULXWMrJAnAKtT
M9pA1/ydHe7yViC1jCNPzyO2WexHjflNYw1oA/riDiIxWVLrxxjgmrZFJb4eSL1Q
Owj4Z0c+FRZbrUFsyooZwSWvAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUpoP2ckwC
oT8tOc8vIVAL4AOA3eMwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE4RDIyLzI1MjY5Nzk4MUQ5MjExRTJCNjE4Q0FGNDA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBOEQyMi8yNTI2OTc5ODFEOTIxMUUyQjYxOENBRjQwOEIwMkNEMi9wb1AyY2t3
Q29UOHRPYzh2SVZBTDRBT0EzZU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAJS9MDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ3AkAwQEtL2g
MA0EAgACMAcDBQAkBR8AMA0GCSqGSIb3DQEBCwUAA4IBAQAnIqbevLG/rsa12klS
yfo7PlA0IR6DWDI2BYQlKFL8DuHmpj9r8VSJEbZjiBLL8lEix5/A8h+9zz3EikoC
7OTpFP4iTi1pqeIuE1dEj5IRPn9nWdBxI5h2DyRgt1imFAbF4Dab3ywdV+DjKjQJ
E1f9S79V+YbDXqjkcZoEHwxnddIZR5WUrB3pywDez4qZfpDzuZ8Hprw32eFIEE6N
OXtiXigNQPQ6AprJq2ylpRLUmfzNpWANVIHqWvyQOHwzylIJhf4MDsAGE+iRhRb9
pf9DOWi+elVgfPxtHd0LhnC5yusS7oov870yD44Z9XQmWM7WJ3SWcYZ77JWIS3l7
sDHr
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:17:01 2024 by rpki-client on console-ams.rpki-client.org