Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s2MvNI2Zt8k-43IQ13M9KC8UWko.cer
File:                     s2MvNI2Zt8k-43IQ13M9KC8UWko.cer (raw, json)
Hash identifier:          6D14SqwIXXbSqojX+uUsGpOWVxJjmKotWrC25zCID8o=
Subject key identifier:   B3:63:2F:34:8D:99:B7:C9:3E:E3:72:10:D7:73:3D:28:2F:14:5A:4A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E20F
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A918E74A/B0682EE4C23B11ED91687921C4F9AE02/s2MvNI2Zt8k-43IQ13M9KC8UWko.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A918E74A/B0682EE4C23B11ED91687921C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 01 Mar 2024 19:54:28 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    IP: 103.80.10.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 09:37:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123407 (0x1e20f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar  1 19:54:28 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A918E74A/serialNumber=B3632F348D99B7C93EE37210D7733D282F145A4A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:f0:4c:ae:55:d9:cb:7c:a1:79:ac:13:7f:79:
                    5a:4e:f1:4c:b6:6d:d1:8a:e0:62:33:af:d1:b3:03:
                    e2:43:d7:f3:a3:1d:ec:11:55:b5:8d:85:52:aa:9b:
                    69:54:af:5a:3b:fb:fe:b2:97:f4:31:0e:06:12:f7:
                    53:97:6d:c4:5a:15:37:c5:a1:79:8d:80:f8:38:ce:
                    49:6b:bd:54:58:e5:0b:02:4f:40:d5:08:1d:46:aa:
                    09:a3:87:97:9f:a4:51:47:91:4c:6c:bb:35:e3:5c:
                    7e:94:8c:64:19:9b:81:0e:90:9c:4d:65:0e:65:4f:
                    2a:cb:e9:b9:25:59:57:7f:97:66:4f:f7:d3:41:76:
                    bf:72:f7:d1:20:3c:74:f6:97:0c:52:72:c1:4c:7a:
                    94:45:83:48:9a:8d:f7:a9:c9:b0:37:9c:8b:36:09:
                    e7:4c:6e:77:a4:b7:66:88:d4:93:81:bd:1b:fe:7b:
                    60:47:9b:aa:b5:f1:fe:19:d8:93:25:15:65:ac:db:
                    41:7e:30:7c:6b:d7:c8:21:ac:4d:58:09:26:e6:de:
                    3d:76:5c:02:c2:b6:e4:3e:92:90:78:3d:8a:36:ab:
                    0a:e3:44:dd:55:90:14:5d:f6:57:47:31:d3:b9:b7:
                    3e:22:4d:1b:da:f4:39:c9:5c:a4:0d:1c:c6:4b:ed:
                    8e:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:63:2F:34:8D:99:B7:C9:3E:E3:72:10:D7:73:3D:28:2F:14:5A:4A
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918E74A/B0682EE4C23B11ED91687921C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918E74A/B0682EE4C23B11ED91687921C4F9AE02/s2MvNI2Zt8k-43IQ13M9KC8UWko.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.80.10.0/23

    Signature Algorithm: sha256WithRSAEncryption
         be:20:45:f8:2b:ba:53:b1:36:c4:e7:9d:9b:b9:87:01:af:81:
         2f:ab:51:ed:ec:df:46:7b:76:cd:2a:e1:1d:c7:a4:29:89:34:
         a8:8a:eb:d6:40:ae:6f:0f:1f:54:07:8a:1d:a9:f2:eb:e3:f3:
         5e:27:60:74:fe:9d:b4:b1:20:87:f9:65:6b:da:f8:7b:32:cb:
         7a:81:40:1a:b2:db:05:55:4c:2f:71:e2:ed:97:cd:91:46:f1:
         70:71:18:ad:97:ae:d7:a2:dd:82:4d:89:02:b4:f8:16:54:ec:
         e4:ac:ca:cb:1b:12:ed:c0:6b:34:4e:ee:fc:28:ff:1d:b3:03:
         f5:77:da:ad:13:79:dc:cb:dd:4a:53:9d:4e:d5:dc:c3:ae:13:
         60:a7:9b:d7:71:8f:da:93:c9:c8:5d:61:80:a0:31:8b:d8:fb:
         73:b6:19:32:08:2f:71:92:c5:fe:45:d7:60:0c:a3:03:e0:96:
         e4:2e:ae:6a:cf:60:f2:d3:b0:40:96:09:3c:c9:7c:e1:11:3d:
         c9:b0:38:ec:18:80:c0:18:21:c0:00:6c:f8:3c:79:90:e6:d4:
         9d:c5:ac:1c:90:c2:f3:76:81:54:71:6b:70:77:2b:50:91:8e:
         47:76:9b:5e:3e:8e:70:fd:ef:eb:c2:a0:94:26:cd:4f:b4:d9:
         73:34:06:8c
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAeIPMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMwMTE5NTQyOFoXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOEU3NEExMTAvBgNVBAUTKEIzNjMyRjM0OEQ5OUI3QzkzRUUzNzIx
MEQ3NzMzRDI4MkYxNDVBNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+8EyuVdnLfKF5rBN/eVpO8Uy2bdGK4GIzr9GzA+JD1/OjHewRVbWNhVKqm2lU
r1o7+/6yl/QxDgYS91OXbcRaFTfFoXmNgPg4zklrvVRY5QsCT0DVCB1Gqgmjh5ef
pFFHkUxsuzXjXH6UjGQZm4EOkJxNZQ5lTyrL6bklWVd/l2ZP99NBdr9y99EgPHT2
lwxScsFMepRFg0iajfepybA3nIs2CedMbnekt2aI1JOBvRv+e2BHm6q18f4Z2JMl
FWWs20F+MHxr18ghrE1YCSbm3j12XALCtuQ+kpB4PYo2qwrjRN1VkBRd9ldHMdO5
tz4iTRva9DnJXKQNHMZL7Y6BAgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQUs2MvNI2Z
t8k+43IQ13M9KC8UWkowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFNzRBL0IwNjgyRUU0QzIzQjExRUQ5MTY4NzkyMUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4RTc0QS9CMDY4MkVFNEMyM0IxMUVEOTE2ODc5MjFDNEY5QUUwMi9zMk12Tkky
WnQ4ay00M0lRMTNNOUtDOFVXa28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBAFnUAowDQYJKoZIhvcNAQELBQADggEBAL4gRfgrulOxNsTnnZu5
hwGvgS+rUe3s30Z7ds0q4R3HpCmJNKiK69ZArm8PH1QHih2p8uvj814nYHT+nbSx
IIf5ZWva+Hsyy3qBQBqy2wVVTC9x4u2XzZFG8XBxGK2Xrtei3YJNiQK0+BZU7OSs
yssbEu3AazRO7vwo/x2zA/V32q0TedzL3UpTnU7V3MOuE2Cnm9dxj9qTychdYYCg
MYvY+3O2GTIIL3GSxf5F12AMowPgluQurmrPYPLTsECWCTzJfOERPcmwOOwYgMAY
IcAAbPg8eZDm1J3FrByQwvN2gVRxa3B3K1CRjkd2m14+jnD97+vCoJQmzU+02XM0
Bow=
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:22:56 2024 by rpki-client on console-fra.rpki-client.org