Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrUk5ZWlMOEsE6ohHC7ya2ndnJs.cer
File:                     qrUk5ZWlMOEsE6ohHC7ya2ndnJs.cer (raw, json)
Hash identifier:          Hb1CWpecAS4r1H8V+eHMOQ7h+1aMovz1u5m0JvVQDUk=
Subject key identifier:   AA:B5:24:E5:95:A5:30:E1:2C:13:AA:21:1C:2E:F2:6B:69:DD:9C:9B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C14F
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91E4EF7/C46FD7741B8F11E7AC4C7229C4F9AE02/qrUk5ZWlMOEsE6ohHC7ya2ndnJs.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91E4EF7/C46FD7741B8F11E7AC4C7229C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 02 Oct 2023 00:05:38 +0000
Certificate not after:    Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 133326
                          AS: 137512
                          AS: 137960
                          IP: 103.38.120.0/22
                          IP: 2401:8a80::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 115023 (0x1c14f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Oct  2 00:05:38 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=A91E4EF7/serialNumber=AAB524E595A530E12C13AA211C2EF26B69DD9C9B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:6d:2d:95:5c:73:77:45:09:39:72:91:64:14:
                    d9:b0:0d:ce:c7:8e:6c:4a:94:9b:c0:e1:a6:b1:90:
                    d8:8c:0d:8e:12:48:6b:32:4b:a7:a3:3c:82:5d:59:
                    d7:73:57:ef:13:0d:fb:5a:f6:54:a4:a6:1e:7d:2a:
                    10:08:57:01:3b:b4:02:e9:e1:b3:3d:6b:06:e5:c0:
                    31:47:af:2b:29:eb:b6:29:95:cb:f6:8d:85:48:00:
                    37:c0:d4:27:50:c4:a5:b3:06:9d:83:59:00:b1:60:
                    a4:a9:2c:ea:39:d4:51:c7:41:a0:ae:cf:8b:d9:09:
                    ac:f2:b8:f5:34:2b:92:fe:7b:36:6b:5f:30:46:18:
                    7a:d2:c4:5a:b0:54:59:77:00:63:38:8c:4c:c3:75:
                    0d:4b:54:60:a0:06:a9:61:c6:c2:da:39:bb:7b:2f:
                    52:90:94:ce:3e:2a:5e:ae:e2:7c:07:44:f1:ae:dc:
                    1c:d5:bb:e2:ae:ae:18:14:33:c4:b7:6a:e3:5e:b6:
                    ff:93:b8:c1:57:36:91:fe:ac:a8:a5:a0:2f:0e:a7:
                    19:3a:57:44:05:9a:41:5a:d2:c0:ed:41:3b:0b:76:
                    d9:6b:bf:f5:93:48:18:3b:2a:ce:4e:5c:58:58:09:
                    e1:2b:f7:37:16:8b:93:d2:31:df:bb:c4:71:69:6c:
                    5b:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:B5:24:E5:95:A5:30:E1:2C:13:AA:21:1C:2E:F2:6B:69:DD:9C:9B
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E4EF7/C46FD7741B8F11E7AC4C7229C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E4EF7/C46FD7741B8F11E7AC4C7229C4F9AE02/qrUk5ZWlMOEsE6ohHC7ya2ndnJs.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  133326
                  137512
                  137960

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.38.120.0/22
                IPv6:
                  2401:8a80::/32

    Signature Algorithm: sha256WithRSAEncryption
         67:c1:f2:d0:33:2b:cd:99:72:b7:c9:1c:1e:98:5c:b1:78:9b:
         8b:dc:e4:00:95:4e:57:b9:9f:6d:be:25:e6:8a:34:2d:52:3f:
         5a:4c:cb:74:3b:58:a2:69:c3:45:0e:b5:04:87:02:ce:fa:9d:
         3e:07:8c:43:72:55:f7:40:75:f7:f0:dc:7e:22:f3:3f:15:20:
         3d:ad:7b:40:de:35:01:60:e0:29:9f:0e:91:c6:dd:e8:b8:4a:
         95:eb:f7:9b:1f:6c:4d:1e:48:0d:f7:36:89:12:07:30:76:c7:
         cf:27:ab:b3:2f:82:81:ae:8f:9e:33:c6:b8:64:c2:96:90:d1:
         06:91:69:27:28:3a:f9:4d:86:f2:e9:8c:d8:79:b1:95:54:50:
         b5:fa:39:c2:22:ea:1b:3a:97:ea:0a:f4:0e:dc:5e:e8:d0:b8:
         34:07:11:85:61:e1:2b:84:99:4a:32:fa:26:cc:54:02:85:43:
         7b:3e:66:9e:fe:02:69:92:99:e5:37:47:cc:ca:24:0a:0f:d7:
         22:02:21:e6:ae:66:c3:f2:b0:a4:88:c0:6b:14:54:d9:2a:c8:
         18:11:b4:3d:9a:07:3d:06:ec:ae:27:b6:a3:fa:a6:c9:2f:df:
         f7:6c:7e:f9:6c:5f:0f:54:f0:ff:0a:5a:1d:b2:69:be:cb:83:
         0b:26:84:0c
-----BEGIN CERTIFICATE-----
MIIGMzCCBRugAwIBAgIDAcFPMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTAwMjAwMDUzOFoXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTRFRjcxMTAvBgNVBAUTKEFBQjUyNEU1OTVBNTMwRTEyQzEzQUEy
MTFDMkVGMjZCNjlERDlDOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD1bS2VXHN3RQk5cpFkFNmwDc7HjmxKlJvA4aaxkNiMDY4SSGsyS6ejPIJdWddz
V+8TDfta9lSkph59KhAIVwE7tALp4bM9awblwDFHrysp67Yplcv2jYVIADfA1CdQ
xKWzBp2DWQCxYKSpLOo51FHHQaCuz4vZCazyuPU0K5L+ezZrXzBGGHrSxFqwVFl3
AGM4jEzDdQ1LVGCgBqlhxsLaObt7L1KQlM4+Kl6u4nwHRPGu3BzVu+KurhgUM8S3
auNetv+TuMFXNpH+rKiloC8Opxk6V0QFmkFa0sDtQTsLdtlrv/WTSBg7Ks5OXFhY
CeEr9zcWi5PSMd+7xHFpbFsjAgMBAAGjggMoMIIDJDAdBgNVHQ4EFgQUqrUk5ZWl
MOEsE6ohHC7ya2ndnJswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU0RUY3L0M0NkZENzc0MUI4RjExRTdBQzRDNzIyOUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFNEVGNy9DNDZGRDc3NDFCOEYxMUU3QUM0QzcyMjlDNEY5QUUwMi9xclVrNVpX
bE1PRXNFNm9oSEM3eWEybmRuSnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQgBAf8EFTAT
oBEwDwIDAgjOAgMCGSgCAwIa6DAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgME
AmcmeDANBAIAAjAHAwUAJAGKgDANBgkqhkiG9w0BAQsFAAOCAQEAZ8Hy0DMrzZly
t8kcHphcsXibi9zkAJVOV7mfbb4l5oo0LVI/WkzLdDtYomnDRQ61BIcCzvqdPgeM
Q3JV90B19/DcfiLzPxUgPa17QN41AWDgKZ8Okcbd6LhKlev3mx9sTR5IDfc2iRIH
MHbHzyersy+Cga6PnjPGuGTClpDRBpFpJyg6+U2G8umM2HmxlVRQtfo5wiLqGzqX
6gr0Dtxe6NC4NAcRhWHhK4SZSjL6JsxUAoVDez5mnv4CaZKZ5TdHzMokCg/XIgIh
5q5mw/KwpIjAaxRU2SrIGBG0PZoHPQbsrie2o/qmyS/f92x++WxfD1Tw/wpaHbJp
vsuDCyaEDA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:47:28 2024 by rpki-client on console-ams.rpki-client.org