Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qB0VXKQErkFFeBrwXrU6Ehni4GU.cer
File:                     qB0VXKQErkFFeBrwXrU6Ehni4GU.cer (raw, json)
Hash identifier:          WUHB681BcjhqNKei6FjBos6PCuX80O8qfHPzzwtAV/k=
Subject key identifier:   A8:1D:15:5C:A4:04:AE:41:45:78:1A:F0:5E:B5:3A:12:19:E2:E0:65
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01F4B9
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C31B7/FCC334CC1E6B11EFAC0E914EC4F9AE02/qB0VXKQErkFFeBrwXrU6Ehni4GU.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C31B7/FCC334CC1E6B11EFAC0E914EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 30 May 2024 10:04:29 +0000
Certificate not after:    Sun 31 Aug 2025 00:00:00 +0000
Subordinate resources:    AS: 152886
                          IP: 2001:df3:dbc0::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 128185 (0x1f4b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May 30 10:04:29 2024 GMT
            Not After : Aug 31 00:00:00 2025 GMT
        Subject: CN=A91C31B7/serialNumber=A81D155CA404AE4145781AF05EB53A1219E2E065
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:22:c2:36:ec:74:71:99:5c:c0:6e:ea:46:7e:
                    03:0c:68:be:23:07:6d:c0:af:25:88:99:55:40:75:
                    68:08:ff:9f:ef:cc:0b:35:03:e4:e7:64:01:83:ea:
                    1a:28:11:e8:6b:0a:d7:91:e5:27:9c:78:d3:9c:69:
                    11:a9:85:40:ff:a6:a9:ce:aa:56:ab:36:e8:b7:96:
                    62:0d:69:96:d5:44:6e:77:e4:f6:f5:12:54:4c:1b:
                    23:f2:03:01:61:22:93:09:a7:1d:ce:9f:c3:a6:9a:
                    94:cc:64:0e:89:d9:a7:99:53:c4:fc:ab:3f:bb:a3:
                    9b:ce:c5:c0:0d:63:fd:a9:52:28:9e:d3:74:f2:6a:
                    04:83:c0:8e:8f:e1:ed:3a:17:90:77:46:dd:54:78:
                    3d:dc:8a:03:a7:a4:15:67:65:1e:df:22:10:a3:e3:
                    2c:f3:61:d5:65:31:48:34:fc:77:3b:87:c0:aa:33:
                    81:ae:b4:24:cd:74:fe:6c:aa:2b:72:f7:38:91:eb:
                    e4:8e:ba:eb:04:66:58:c4:c8:8a:cb:e8:60:0b:42:
                    df:b6:2b:20:ff:0c:be:c9:57:a2:1e:e8:98:bb:e6:
                    40:db:8e:51:2e:aa:5e:d4:63:04:73:6b:4c:3f:4d:
                    34:1e:f0:f4:50:03:40:9f:99:54:b3:8a:f6:5c:ff:
                    93:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:1D:15:5C:A4:04:AE:41:45:78:1A:F0:5E:B5:3A:12:19:E2:E0:65
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C31B7/FCC334CC1E6B11EFAC0E914EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C31B7/FCC334CC1E6B11EFAC0E914EC4F9AE02/qB0VXKQErkFFeBrwXrU6Ehni4GU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  152886

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df3:dbc0::/48

    Signature Algorithm: sha256WithRSAEncryption
         b5:95:6b:d2:81:f8:f2:a9:94:69:7d:1f:82:4b:25:d7:fb:7e:
         bc:bb:7a:27:12:9a:aa:23:81:84:18:31:24:e9:8d:95:e9:a9:
         8f:05:13:7d:3a:19:f4:e9:01:2a:79:c2:1b:7b:40:ad:96:50:
         07:4b:cd:9a:eb:85:27:f2:94:da:2f:ac:4d:8e:f2:44:88:1f:
         f1:06:12:fc:5d:2c:5f:dc:ed:6b:08:b0:b8:fe:74:9a:a8:0b:
         a3:cd:1b:7d:6a:20:71:9d:f9:81:9a:b1:f5:63:9b:3e:10:eb:
         66:4f:8c:f4:56:d8:56:75:3c:7b:76:6d:47:b5:de:18:90:f5:
         60:62:42:ad:f5:e0:9b:43:98:0c:53:be:13:ea:9e:91:22:2f:
         f0:62:65:41:24:23:40:f4:95:f9:1a:f9:08:19:6b:57:8a:13:
         41:70:85:5c:46:52:86:ac:7c:eb:b3:d7:a4:da:96:51:72:2f:
         c2:47:c9:ba:69:eb:88:48:4e:43:50:b5:10:bb:96:04:b1:fd:
         05:94:66:7e:3e:f8:e0:5e:e9:2e:ed:2a:ff:ad:be:95:50:d2:
         b7:e5:da:7c:1a:56:f2:7c:96:20:8e:8e:25:45:95:6a:ce:df:
         db:02:6b:6f:7f:a4:e8:ee:3a:04:ba:28:d6:3e:28:c0:40:6d:
         a6:87:98:c9
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgIDAfS5MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDUzMDEwMDQyOVoXDTI1MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzMxQjcxMTAvBgNVBAUTKEE4MUQxNTVDQTQwNEFFNDE0NTc4MUFG
MDVFQjUzQTEyMTlFMkUwNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDNIsI27HRxmVzAbupGfgMMaL4jB23AryWImVVAdWgI/5/vzAs1A+TnZAGD6hoo
EehrCteR5SeceNOcaRGphUD/pqnOqlarNui3lmINaZbVRG535Pb1ElRMGyPyAwFh
IpMJpx3On8OmmpTMZA6J2aeZU8T8qz+7o5vOxcANY/2pUiie03TyagSDwI6P4e06
F5B3Rt1UeD3cigOnpBVnZR7fIhCj4yzzYdVlMUg0/Hc7h8CqM4GutCTNdP5sqity
9ziR6+SOuusEZljEyIrL6GALQt+2KyD/DL7JV6Ie6Ji75kDbjlEuql7UYwRza0w/
TTQe8PRQA0CfmVSzivZc/5MpAgMBAAGjggMSMIIDDjAdBgNVHQ4EFgQUqB0VXKQE
rkFFeBrwXrU6Ehni4GUwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUMzMUI3L0ZDQzMzNENDMUU2QjExRUZBQzBFOTE0RUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDMzFCNy9GQ0MzMzRDQzFFNkIxMUVGQUMwRTkxNEVDNEY5QUUwMi9xQjBWWEtR
RXJrRkZlQnJ3WHJVNkVobmk0R1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlU2MCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN89vAMA0G
CSqGSIb3DQEBCwUAA4IBAQC1lWvSgfjyqZRpfR+CSyXX+368u3onEpqqI4GEGDEk
6Y2V6amPBRN9Ohn06QEqecIbe0CtllAHS82a64Un8pTaL6xNjvJEiB/xBhL8XSxf
3O1rCLC4/nSaqAujzRt9aiBxnfmBmrH1Y5s+EOtmT4z0VthWdTx7dm1Htd4YkPVg
YkKt9eCbQ5gMU74T6p6RIi/wYmVBJCNA9JX5GvkIGWtXihNBcIVcRlKGrHzrs9ek
2pZRci/CR8m6aeuISE5DULUQu5YEsf0FlGZ+PvjgXuku7Sr/rb6VUNK35dp8Glby
fJYgjo4lRZVqzt/bAmtvf6To7joEuijWPijAQG2mh5jJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:25:03 2024 by rpki-client on console-fra.rpki-client.org