Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q2JivH0C7BrUi3HamLc9IqNi2vA.cer
File:                     q2JivH0C7BrUi3HamLc9IqNi2vA.cer (raw, json)
Hash identifier:          xNpw1SBVHEwCNPjcHdzQ9TEC9y0l93M+6E5EViK9X3k=
Subject key identifier:   AB:62:62:BC:7D:02:EC:1A:D4:8B:71:DA:98:B7:3D:22:A3:62:DA:F0
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D098
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/q2JivH0C7BrUi3HamLc9IqNi2vA.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 07 Dec 2023 22:16:26 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    AS: 7544
                          AS: 17639
                          AS: 56207
                          IP: 103.93.220.0/22
                          IP: 111.125.64.0/18
                          IP: 120.29.64.0/18
                          IP: 121.58.192.0/18
                          IP: 123.253.136.0/22
                          IP: 202.69.160.0/19
                          IP: 210.4.96.0/19
                          IP: 2405:3200::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 06:56:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118936 (0x1d098)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec  7 22:16:26 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A91E2454/serialNumber=AB6262BC7D02EC1AD48B71DA98B73D22A362DAF0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:30:b7:d7:32:fd:29:eb:9e:eb:80:69:8e:71:
                    2b:3c:84:be:8a:cb:e7:d0:cc:4a:8f:73:56:0c:fe:
                    cf:8a:99:0a:06:d9:48:95:40:ff:f7:80:1e:b7:c5:
                    3c:fe:a2:2d:d4:43:ab:3b:1c:57:6d:c9:1f:5b:7e:
                    9b:2c:aa:01:e9:e4:48:e1:51:a8:dd:4c:e2:eb:24:
                    72:62:95:3e:65:de:9c:67:0e:11:b0:77:b4:4b:68:
                    6e:6c:e5:19:81:5c:ca:03:2d:4f:42:37:96:61:97:
                    2b:69:ac:02:6e:de:cd:48:32:80:db:a0:8e:ed:f8:
                    a6:2a:ef:64:31:78:4c:57:6e:55:49:5b:f6:d5:a9:
                    22:55:d4:59:55:4b:25:70:80:95:f6:c7:f0:06:21:
                    b7:7e:34:13:ba:2a:ef:f8:d9:c7:bf:8f:fa:c5:5e:
                    7f:8a:e7:3d:ec:20:98:f0:01:d8:7d:3c:ab:c1:ab:
                    41:cc:69:b8:24:c9:85:98:b9:14:ed:3b:04:e7:07:
                    f8:35:c8:08:eb:98:74:53:6a:84:fa:29:58:4e:90:
                    a1:da:b7:b4:c9:91:c6:b9:b5:52:d6:c7:f4:77:0a:
                    a3:f7:39:5d:86:93:63:01:4a:d2:52:1f:5d:58:d8:
                    32:2a:6e:12:b6:02:ea:b2:cd:81:2d:36:7f:75:d8:
                    3c:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:62:62:BC:7D:02:EC:1A:D4:8B:71:DA:98:B7:3D:22:A3:62:DA:F0
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/q2JivH0C7BrUi3HamLc9IqNi2vA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  7544
                  17639
                  56207

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.93.220.0/22
                  111.125.64.0/18
                  120.29.64.0/18
                  121.58.192.0/18
                  123.253.136.0/22
                  202.69.160.0/19
                  210.4.96.0/19
                IPv6:
                  2405:3200::/32

    Signature Algorithm: sha256WithRSAEncryption
         1d:82:9d:fa:28:a4:3a:20:1e:32:08:c3:be:16:da:8e:7a:f9:
         ce:c9:04:e4:73:eb:d4:f1:37:71:4e:33:30:9a:03:45:bf:34:
         91:fe:ba:c3:ae:12:81:75:d8:bb:42:d7:4d:05:7b:52:41:f2:
         cb:b4:49:9e:ce:d1:c9:de:09:65:b8:b2:9b:55:12:b6:32:a6:
         34:84:24:7b:72:d1:17:08:87:06:0e:89:ad:7b:d7:ae:f3:ed:
         5b:36:e4:17:26:c8:b6:fb:ab:30:4b:d3:87:83:38:23:40:ad:
         83:89:b5:a4:8b:8f:eb:30:ca:f0:2d:a9:ec:65:be:a6:82:35:
         e9:86:8f:85:eb:57:bd:f9:e4:70:eb:3a:49:75:9d:de:25:5b:
         9e:9e:71:b0:65:9b:ff:b9:7f:61:93:a3:e4:90:d6:fe:0f:02:
         22:16:81:72:cd:8f:1f:bd:57:bc:44:40:4d:aa:a7:e7:3b:1f:
         1a:1e:02:8d:9f:90:eb:3d:b1:d4:50:e9:75:93:e5:12:47:bf:
         1a:fb:b9:7b:d1:0c:48:95:45:4c:19:75:91:d2:b2:38:15:c2:
         a1:cf:5c:85:57:25:02:25:91:67:66:b0:ea:14:f3:6c:c6:44:
         84:d8:8c:f3:98:90:84:38:78:cb:e6:11:4f:67:44:20:3f:58:
         62:1c:22:20
-----BEGIN CERTIFICATE-----
MIIGVTCCBT2gAwIBAgIDAdCYMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIwNzIyMTYyNloXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTI0NTQxMTAvBgNVBAUTKEFCNjI2MkJDN0QwMkVDMUFENDhCNzFE
QTk4QjczRDIyQTM2MkRBRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCVMLfXMv0p657rgGmOcSs8hL6Ky+fQzEqPc1YM/s+KmQoG2UiVQP/3gB63xTz+
oi3UQ6s7HFdtyR9bfpssqgHp5EjhUajdTOLrJHJilT5l3pxnDhGwd7RLaG5s5RmB
XMoDLU9CN5ZhlytprAJu3s1IMoDboI7t+KYq72QxeExXblVJW/bVqSJV1FlVSyVw
gJX2x/AGIbd+NBO6Ku/42ce/j/rFXn+K5z3sIJjwAdh9PKvBq0HMabgkyYWYuRTt
OwTnB/g1yAjrmHRTaoT6KVhOkKHat7TJkca5tVLWx/R3CqP3OV2Gk2MBStJSH11Y
2DIqbhK2AuqyzYEtNn912Dy5AgMBAAGjggNKMIIDRjAdBgNVHQ4EFgQUq2JivH0C
7BrUi3HamLc9IqNi2vAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUUyNDU0L0Q0QzMwQjQyMUQ4NzExRTJBMTk4MjJFMDA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFMjQ1NC9ENEMzMEI0MjFEODcxMUUyQTE5ODIyRTAwOEIwMkNEMi9xMkppdkgw
QzdCclVpM0hhbUxjOUlxTmkydkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQgBAf8EEzAR
oA8wDQICHXgCAkTnAgMA248wUgYIKwYBBQUHAQcBAf8EQzBBMDAEAgABMCoDBAJn
XdwDBAZvfUADBAZ4HUADBAZ5OsADBAJ7/YgDBAXKRaADBAXSBGAwDQQCAAIwBwMF
ACQFMgAwDQYJKoZIhvcNAQELBQADggEBAB2CnfoopDogHjIIw74W2o56+c7JBORz
69TxN3FOMzCaA0W/NJH+usOuEoF12LtC100Fe1JB8su0SZ7O0cneCWW4sptVErYy
pjSEJHty0RcIhwYOia17167z7Vs25BcmyLb7qzBL04eDOCNArYOJtaSLj+swyvAt
qexlvqaCNemGj4XrV7355HDrOkl1nd4lW56ecbBlm/+5f2GTo+SQ1v4PAiIWgXLN
jx+9V7xEQE2qp+c7HxoeAo2fkOs9sdRQ6XWT5RJHvxr7uXvRDEiVRUwZdZHSsjgV
wqHPXIVXJQIlkWdmsOoU82zGRITYjPOYkIQ4eMvmEU9nRCA/WGIcIiA=
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:17:02 2024 by rpki-client on console-ams.rpki-client.org