Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q30L1dKrXe4vHNaWuCm675d_eM4.cer
File:                     q30L1dKrXe4vHNaWuCm675d_eM4.cer (raw, json)
Hash identifier:          vUB3AHBD5/8Zyoju5NphFiIfhGoJcv1f3NpIXX67VzU=
Subject key identifier:   AB:7D:0B:D5:D2:AB:5D:EE:2F:1C:D6:96:B8:29:BA:EF:97:7F:78:CE
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D742
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9171A5B/17E10102993B11E79ABB8181C4F9AE02/q30L1dKrXe4vHNaWuCm675d_eM4.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9171A5B/17E10102993B11E79ABB8181C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 08 Jan 2024 16:13:59 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 17627
                          IP: 123.231.0.0/17
                          IP: 203.189.64.0/20
                          IP: 2405:4400::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120642 (0x1d742)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan  8 16:13:59 2024 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A9171A5B/serialNumber=AB7D0BD5D2AB5DEE2F1CD696B829BAEF977F78CE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:4e:57:dd:7e:b0:86:55:98:c6:2c:4d:5c:8f:
                    1a:77:ba:be:0c:01:3a:4e:bc:0b:6f:7f:8f:75:b7:
                    ba:fd:ee:a7:21:40:ee:16:ee:57:35:c1:a2:47:69:
                    b6:72:b5:11:75:c0:9a:3e:58:c7:0d:30:79:2a:8f:
                    69:b3:a6:c6:bf:74:90:00:1d:f7:92:d0:25:c4:64:
                    d5:35:98:40:ec:79:75:87:23:67:1d:1d:05:e1:d7:
                    b9:13:64:62:15:35:f8:be:46:ad:c6:27:24:5d:f5:
                    e4:ac:1e:a7:37:97:3e:e6:7a:17:3e:1a:71:3d:42:
                    5b:5b:90:8b:ce:ff:b9:d3:be:f6:b6:bf:51:2e:89:
                    b0:8d:31:df:b2:e0:8d:9e:51:0b:7f:c8:bd:3a:9f:
                    bd:88:eb:af:c9:70:6b:65:a1:29:12:3b:26:35:6a:
                    54:76:ba:e9:47:91:73:ba:f6:bd:06:8a:f1:ac:99:
                    54:0c:0d:4b:e4:c5:ce:8a:7e:c3:f3:4a:5e:27:6b:
                    17:33:20:33:1e:59:38:68:c8:b3:f2:4b:f2:ed:13:
                    46:d3:a7:83:32:5d:02:41:d0:4f:78:e6:01:db:9a:
                    10:85:79:d4:24:6f:07:46:d5:97:a4:b0:22:ab:f6:
                    5e:0a:a1:61:6d:1c:1c:c5:b8:08:66:5c:8f:6e:92:
                    98:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:7D:0B:D5:D2:AB:5D:EE:2F:1C:D6:96:B8:29:BA:EF:97:7F:78:CE
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9171A5B/17E10102993B11E79ABB8181C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9171A5B/17E10102993B11E79ABB8181C4F9AE02/q30L1dKrXe4vHNaWuCm675d_eM4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  17627

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.231.0.0/17
                  203.189.64.0/20
                IPv6:
                  2405:4400::/32

    Signature Algorithm: sha256WithRSAEncryption
         43:dc:0c:ce:48:10:93:f1:27:bd:31:06:98:4d:e1:20:bd:7a:
         b0:80:94:a6:a9:ce:88:e9:aa:f0:b3:cb:16:79:05:9f:c3:fa:
         6c:40:ac:b3:a9:bf:d5:2d:2b:ae:e8:c0:69:42:25:26:ce:3c:
         47:58:f6:26:a9:72:99:00:d9:8b:e2:b4:77:0b:18:c6:8a:bc:
         a2:ca:4e:68:c3:1f:e3:db:bd:d6:5e:c7:3c:30:d3:42:47:5a:
         fb:32:a8:05:98:07:e8:07:94:73:b3:b4:06:47:0d:c2:0e:ed:
         e0:e2:59:b3:29:c3:0d:15:7f:59:67:9a:fe:5c:a4:54:ad:93:
         cd:6e:72:24:f0:61:d8:4a:ee:3f:f0:48:79:3e:02:fe:7d:23:
         8c:8e:a2:74:47:53:2e:6e:9c:31:46:52:be:78:14:77:1d:aa:
         82:91:ce:b6:dc:5c:cd:bb:3b:89:ae:2e:ed:98:24:63:68:c0:
         e1:73:44:2d:20:54:29:a6:2a:43:84:62:0c:4a:17:19:cf:7d:
         fe:bb:80:4f:bf:70:b2:fa:ae:56:d2:9d:86:dc:12:c3:0a:a5:
         23:c2:e6:8c:b9:27:fc:c2:1e:99:66:1d:91:1e:92:f4:45:af:
         6f:9d:40:0e:4f:73:64:7e:02:e5:35:f3:4f:8f:32:41:2f:a7:
         50:13:a0:a5
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgIDAddCMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEwODE2MTM1OVoXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNzFBNUIxMTAvBgNVBAUTKEFCN0QwQkQ1RDJBQjVERUUyRjFDRDY5
NkI4MjlCQUVGOTc3Rjc4Q0UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+TlfdfrCGVZjGLE1cjxp3ur4MATpOvAtvf491t7r97qchQO4W7lc1waJHabZy
tRF1wJo+WMcNMHkqj2mzpsa/dJAAHfeS0CXEZNU1mEDseXWHI2cdHQXh17kTZGIV
Nfi+Rq3GJyRd9eSsHqc3lz7mehc+GnE9QltbkIvO/7nTvva2v1EuibCNMd+y4I2e
UQt/yL06n72I66/JcGtloSkSOyY1alR2uulHkXO69r0GivGsmVQMDUvkxc6KfsPz
Sl4naxczIDMeWThoyLPyS/LtE0bTp4MyXQJB0E945gHbmhCFedQkbwdG1ZeksCKr
9l4KoWFtHBzFuAhmXI9ukpg1AgMBAAGjggMjMIIDHzAdBgNVHQ4EFgQUq30L1dKr
Xe4vHNaWuCm675d/eM4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTcxQTVCLzE3RTEwMTAyOTkzQjExRTc5QUJCODE4MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3MUE1Qi8xN0UxMDEwMjk5M0IxMUU3OUFCQjgxODFDNEY5QUUwMi9xMzBMMWRL
clhlNHZITmFXdUNtNjc1ZF9lTTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICRNswNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAd75wADBATLvUAw
DQQCAAIwBwMFACQFRAAwDQYJKoZIhvcNAQELBQADggEBAEPcDM5IEJPxJ70xBphN
4SC9erCAlKapzojpqvCzyxZ5BZ/D+mxArLOpv9UtK67owGlCJSbOPEdY9iapcpkA
2YvitHcLGMaKvKLKTmjDH+PbvdZexzww00JHWvsyqAWYB+gHlHOztAZHDcIO7eDi
WbMpww0Vf1lnmv5cpFStk81uciTwYdhK7j/wSHk+Av59I4yOonRHUy5unDFGUr54
FHcdqoKRzrbcXM27O4muLu2YJGNowOFzRC0gVCmmKkOEYgxKFxnPff67gE+/cLL6
rlbSnYbcEsMKpSPC5oy5J/zCHplmHZEekvRFr2+dQA5Pc2R+AuU180+PMkEvp1AT
oKU=
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:02:40 2024 by rpki-client on console-fra.rpki-client.org