Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rYW34Ys6FvU-kpOKM07Guz64tjA.cer
File:                     rYW34Ys6FvU-kpOKM07Guz64tjA.cer (raw, json)
Hash identifier:          ejN433eITVN/QZ9F4GJy3NuJhsk2rliTeNTxb0iTEH4=
Subject key identifier:   AD:85:B7:E1:8B:3A:16:F5:3E:92:93:8A:33:4E:C6:BB:3E:B8:B6:30
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01DE2C
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A913FBB2/0E2705441A8611EEA0AA8716C4F9AE02/rYW34Ys6FvU-kpOKM07Guz64tjA.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A913FBB2/0E2705441A8611EEA0AA8716C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 09 Feb 2024 06:01:14 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    IP: 103.73.186.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 122412 (0x1de2c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb  9 06:01:14 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A913FBB2/serialNumber=AD85B7E18B3A16F53E92938A334EC6BB3EB8B630
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:a5:37:50:33:f1:45:6d:2c:4b:37:d9:45:e2:
                    59:92:a9:2d:82:85:55:82:70:b8:f4:9c:63:ee:32:
                    15:f8:0f:b9:62:1e:b5:4c:41:e4:d6:4b:89:d1:cc:
                    0b:c6:49:d5:24:b0:cb:d6:d5:94:4b:71:ad:b4:40:
                    d6:44:26:36:e0:59:90:b1:8f:f2:51:58:24:03:01:
                    70:fd:25:a8:c8:64:3f:15:e4:79:6b:a4:42:4a:7b:
                    2d:f1:ee:60:50:4e:17:ad:cf:ea:dc:e2:d3:57:bc:
                    75:ee:85:8c:3e:f4:57:1b:65:76:5b:78:d9:3e:31:
                    83:85:b7:53:8d:9e:b3:18:ef:12:7e:a7:90:f7:61:
                    f1:1a:d5:46:18:08:ed:23:97:39:1c:71:a8:72:11:
                    e8:c4:cf:8a:e2:b2:a0:48:2b:64:6b:d9:aa:c4:fc:
                    2d:08:5a:99:bb:43:3e:47:6f:fe:85:ef:55:5d:93:
                    4d:43:fb:f4:65:71:18:30:8a:f4:e0:04:88:b1:61:
                    ac:45:64:41:99:15:30:9e:7d:05:81:d4:7f:0e:71:
                    c4:a1:f9:e2:b5:59:60:82:c0:9c:b2:63:82:cc:13:
                    9e:28:ef:7e:1a:34:44:2c:12:c1:34:f2:09:d9:06:
                    b2:b5:15:27:73:a0:9c:86:b3:2c:83:0c:ef:51:81:
                    f2:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:85:B7:E1:8B:3A:16:F5:3E:92:93:8A:33:4E:C6:BB:3E:B8:B6:30
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913FBB2/0E2705441A8611EEA0AA8716C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913FBB2/0E2705441A8611EEA0AA8716C4F9AE02/rYW34Ys6FvU-kpOKM07Guz64tjA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.73.186.0/23

    Signature Algorithm: sha256WithRSAEncryption
         25:cb:a3:a5:f0:20:e6:78:0a:16:80:2f:75:86:1d:31:25:76:
         01:47:2f:11:2c:0a:63:41:b0:bd:6b:38:c1:15:a0:b7:4d:e1:
         7e:fe:0c:d4:53:db:04:77:b0:01:a6:46:e4:5c:55:bb:c8:c9:
         09:73:bf:7e:7a:9c:68:ba:f7:69:22:62:6c:3a:61:fb:ce:ab:
         50:a2:5a:b3:d4:15:90:21:87:46:34:82:3c:48:f9:61:a3:80:
         88:a0:c8:53:6f:23:4a:9f:60:fe:f9:c2:da:68:06:24:42:f1:
         f5:08:0d:ed:9e:fc:8d:5c:21:8c:ff:8f:fb:1a:2c:c4:6b:d3:
         3c:39:05:f5:e1:c7:8a:3c:7d:71:53:8b:80:b0:2a:8f:24:7b:
         b0:fe:f2:5f:ef:1f:32:a9:44:59:5f:c8:b2:24:ae:d6:24:9c:
         5a:03:db:2a:1f:fa:95:d4:29:d1:77:c9:18:f1:7c:46:7f:cf:
         6b:3a:cf:45:ca:8c:5d:71:d2:c1:48:67:aa:1f:cc:4e:b3:ef:
         7e:ff:83:95:4a:3f:c3:a9:97:d7:7f:3e:e9:fd:3b:05:d7:83:
         9d:75:4e:d2:b7:06:31:b5:c3:74:c8:49:2e:c5:c8:75:23:c9:
         71:06:70:0f:78:e5:c4:2e:b7:e1:fa:31:2e:59:99:35:47:2d:
         cc:09:62:5e
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAd4sMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIwOTA2MDExNFoXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0ZCQjIxMTAvBgNVBAUTKEFEODVCN0UxOEIzQTE2RjUzRTkyOTM4
QTMzNEVDNkJCM0VCOEI2MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDfpTdQM/FFbSxLN9lF4lmSqS2ChVWCcLj0nGPuMhX4D7liHrVMQeTWS4nRzAvG
SdUksMvW1ZRLca20QNZEJjbgWZCxj/JRWCQDAXD9JajIZD8V5HlrpEJKey3x7mBQ
Thetz+rc4tNXvHXuhYw+9FcbZXZbeNk+MYOFt1ONnrMY7xJ+p5D3YfEa1UYYCO0j
lzkccahyEejEz4risqBIK2Rr2arE/C0IWpm7Qz5Hb/6F71Vdk01D+/RlcRgwivTg
BIixYaxFZEGZFTCefQWB1H8OccSh+eK1WWCCwJyyY4LME54o734aNEQsEsE08gnZ
BrK1FSdzoJyGsyyDDO9RgfLDAgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQUrYW34Ys6
FvU+kpOKM07Guz64tjAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNGQkIyLzBFMjcwNTQ0MUE4NjExRUVBMEFBODcxNkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzRkJCMi8wRTI3MDU0NDFBODYxMUVFQTBBQTg3MTZDNEY5QUUwMi9yWVczNFlz
NkZ2VS1rcE9LTTA3R3V6NjR0akEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBAFnSbowDQYJKoZIhvcNAQELBQADggEBACXLo6XwIOZ4ChaAL3WG
HTEldgFHLxEsCmNBsL1rOMEVoLdN4X7+DNRT2wR3sAGmRuRcVbvIyQlzv356nGi6
92kiYmw6YfvOq1CiWrPUFZAhh0Y0gjxI+WGjgIigyFNvI0qfYP75wtpoBiRC8fUI
De2e/I1cIYz/j/saLMRr0zw5BfXhx4o8fXFTi4CwKo8ke7D+8l/vHzKpRFlfyLIk
rtYknFoD2yof+pXUKdF3yRjxfEZ/z2s6z0XKjF1x0sFIZ6ofzE6z737/g5VKP8Op
l9d/Pun9OwXXg511TtK3BjG1w3TISS7FyHUjyXEGcA945cQut+H6MS5ZmTVHLcwJ
Yl4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:00:07 2024 by rpki-client on console-ams.rpki-client.org