Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sRd7K0wt-LMG0UpkMAcob4nWnMA.cer
File:                     sRd7K0wt-LMG0UpkMAcob4nWnMA.cer (raw, json)
Hash identifier:          66WTFlAQPLUGReQV8srsIu8LdRpiGk63JKoDauct+3s=
Subject key identifier:   B1:17:7B:2B:4C:2D:F8:B3:06:D1:4A:64:30:07:28:6F:89:D6:9C:C0
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CB2B
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A915DA5A/44E770B203EE11EABCA1A16EC4F9AE02/sRd7K0wt-LMG0UpkMAcob4nWnMA.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A915DA5A/44E770B203EE11EABCA1A16EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 15 Nov 2023 15:09:33 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    AS: 139716
                          IP: 103.143.254.0/23
                          IP: 2001:df7:b080::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 06:56:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117547 (0x1cb2b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov 15 15:09:33 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A915DA5A/serialNumber=B1177B2B4C2DF8B306D14A643007286F89D69CC0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:71:07:9f:40:2b:bf:21:3c:47:e1:ab:e2:c6:
                    f9:8f:d0:1d:d8:2c:e8:c2:77:21:75:bb:c2:68:f3:
                    45:3f:43:9d:ed:87:ef:aa:60:12:89:4a:73:a3:a7:
                    bc:ec:f3:78:1b:b1:51:57:f6:70:df:67:88:ed:64:
                    af:57:62:fb:67:cd:1e:66:14:54:c7:c3:26:29:66:
                    26:01:cd:1f:37:89:dd:cb:91:e6:3b:9a:35:58:4c:
                    b2:03:5e:f7:6a:67:6b:12:35:24:b3:d1:a2:2e:ea:
                    b7:94:fa:6f:da:17:81:19:3d:31:ad:7a:66:7c:7e:
                    f4:34:37:98:b4:be:45:e9:c5:bb:04:f3:9d:36:3f:
                    18:e3:8c:cb:db:59:ea:84:34:45:5b:c9:9e:8c:df:
                    46:3e:06:19:2f:37:e6:96:14:1a:fe:f7:70:1f:ca:
                    c0:4f:44:5f:0b:3f:e7:15:95:43:95:bf:6a:f5:d7:
                    26:ab:17:48:6c:f3:95:f5:7f:60:23:f4:4d:30:b8:
                    df:f6:f9:2b:bd:72:6f:9c:3e:68:85:ec:da:21:47:
                    97:c4:e3:da:13:5c:b7:e0:6d:4f:81:9a:9c:1e:9c:
                    a6:b3:1c:f0:a0:90:71:3b:fc:aa:44:b0:8a:00:27:
                    8c:ad:e1:3b:c9:0a:28:b0:85:b2:55:3e:d2:b4:e5:
                    fe:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:17:7B:2B:4C:2D:F8:B3:06:D1:4A:64:30:07:28:6F:89:D6:9C:C0
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A915DA5A/44E770B203EE11EABCA1A16EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A915DA5A/44E770B203EE11EABCA1A16EC4F9AE02/sRd7K0wt-LMG0UpkMAcob4nWnMA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  139716

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.143.254.0/23
                IPv6:
                  2001:df7:b080::/48

    Signature Algorithm: sha256WithRSAEncryption
         95:0a:e9:a3:4a:ee:cb:de:e6:80:67:3c:1a:ee:2f:3a:28:77:
         65:c2:6d:14:7f:13:14:06:75:a6:82:3e:41:3d:ee:6c:ff:3f:
         11:b0:00:2e:c1:ef:59:66:8d:77:cc:c3:7b:0b:61:af:dc:a1:
         b5:6f:39:b4:6b:d1:2c:d8:2b:0f:b4:fd:7a:74:c4:28:04:a8:
         8d:c0:50:f6:3a:be:84:f9:71:38:61:5d:44:46:16:16:80:d0:
         f4:e3:74:25:82:9d:5e:55:fe:ef:6e:7a:82:7b:52:56:4e:70:
         d5:1b:bf:44:7e:72:c6:21:66:9e:79:55:ea:61:75:3e:ff:48:
         65:c2:6d:bd:11:f1:c8:c6:50:67:e8:8e:35:a3:e4:32:e0:9d:
         0c:e5:28:39:5a:e3:e3:90:df:e6:7b:a6:24:4d:6c:bd:50:9d:
         ad:8b:f7:9c:8a:91:2e:ae:fb:a2:c2:82:73:50:9b:9f:37:00:
         0d:8c:ca:48:72:23:e5:89:40:70:a6:1f:ff:70:2d:84:c2:37:
         4b:17:a4:4b:fd:c1:3b:28:c4:44:8c:b5:1d:ca:de:cc:3e:a9:
         41:5c:ca:18:00:f6:2c:b0:cf:d0:8d:c1:7f:0b:53:f9:d0:7a:
         ad:1a:48:bf:32:66:ac:57:25:76:2c:fe:f7:16:6a:cf:de:b5:
         9f:7a:20:c3
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAcsrMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTExNTE1MDkzM1oXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNURBNUExMTAvBgNVBAUTKEIxMTc3QjJCNEMyREY4QjMwNkQxNEE2
NDMwMDcyODZGODlENjlDQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCcQefQCu/ITxH4avixvmP0B3YLOjCdyF1u8Jo80U/Q53th++qYBKJSnOjp7zs
83gbsVFX9nDfZ4jtZK9XYvtnzR5mFFTHwyYpZiYBzR83id3LkeY7mjVYTLIDXvdq
Z2sSNSSz0aIu6reU+m/aF4EZPTGtemZ8fvQ0N5i0vkXpxbsE8502PxjjjMvbWeqE
NEVbyZ6M30Y+BhkvN+aWFBr+93AfysBPRF8LP+cVlUOVv2r11yarF0hs85X1f2Aj
9E0wuN/2+Su9cm+cPmiF7NohR5fE49oTXLfgbU+BmpwenKazHPCgkHE7/KpEsIoA
J4yt4TvJCiiwhbJVPtK05f59AgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUsRd7K0wt
+LMG0UpkMAcob4nWnMAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTVEQTVBLzQ0RTc3MEIyMDNFRTExRUFCQ0ExQTE2RUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1REE1QS80NEU3NzBCMjAzRUUxMUVBQkNBMUExNkVDNEY5QUUwMi9zUmQ3SzB3
dC1MTUcwVXBrTUFjb2I0blduTUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiHEMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ4/+MA8EAgAC
MAkDBwAgAQ33sIAwDQYJKoZIhvcNAQELBQADggEBAJUK6aNK7sve5oBnPBruLzoo
d2XCbRR/ExQGdaaCPkE97mz/PxGwAC7B71lmjXfMw3sLYa/cobVvObRr0SzYKw+0
/Xp0xCgEqI3AUPY6voT5cThhXURGFhaA0PTjdCWCnV5V/u9ueoJ7UlZOcNUbv0R+
csYhZp55VephdT7/SGXCbb0R8cjGUGfojjWj5DLgnQzlKDla4+OQ3+Z7piRNbL1Q
na2L95yKkS6u+6LCgnNQm583AA2MykhyI+WJQHCmH/9wLYTCN0sXpEv9wTsoxESM
tR3K3sw+qUFcyhgA9iywz9CNwX8LU/nQeq0aSL8yZqxXJXYs/vcWas/etZ96IMM=
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:40:55 2024 by rpki-client on console-fra.rpki-client.org