Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sUsu5cXtc2q3NrJVNYZ1mvzew-I.cer
File:                     sUsu5cXtc2q3NrJVNYZ1mvzew-I.cer (raw, json)
Hash identifier:          bqURUu5i8qMo3P5Fzu7CQmomFhS8pThyL3wl2OJYNjc=
Subject key identifier:   B1:4B:2E:E5:C5:ED:73:6A:B7:36:B2:55:35:86:75:9A:FC:DE:C3:E2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01B546
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A913BF1E/DBB2BF666E6F11E9AA017C33C4F9AE02/sUsu5cXtc2q3NrJVNYZ1mvzew-I.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A913BF1E/DBB2BF666E6F11E9AA017C33C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sun 06 Aug 2023 13:28:18 +0000
Certificate not after:    Thu 31 Oct 2024 00:00:00 +0000
Subordinate resources:    AS: 134562
                          IP: 103.120.164.0/22
                          IP: 2403:5a40::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 06:56:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 111942 (0x1b546)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Aug  6 13:28:18 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=A913BF1E/serialNumber=B14B2EE5C5ED736AB736B2553586759AFCDEC3E2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:f1:36:bf:5d:64:d8:7c:ed:c4:36:5a:5b:02:
                    86:04:d2:20:32:df:a0:c1:ca:3d:1f:8e:6f:16:a7:
                    35:09:96:12:bb:ea:40:0a:4e:6e:16:c3:94:2b:5f:
                    a7:e4:4d:22:bb:40:f3:7a:d7:c9:33:d0:18:07:7d:
                    c2:25:8c:a5:fa:06:bb:a4:df:e2:bc:fa:5d:9e:d3:
                    c4:20:f0:93:82:33:87:ef:83:8e:07:6d:14:5c:14:
                    a2:4d:a4:58:e6:13:16:b2:38:40:3b:28:53:18:38:
                    20:c6:00:0b:82:67:05:52:35:79:1e:4e:d1:9b:d5:
                    b4:11:ad:72:ce:d4:4f:1a:6b:e7:15:06:e7:d8:70:
                    cc:30:d4:ce:91:e0:86:6b:11:94:34:31:9c:aa:d1:
                    bf:b5:96:88:d1:b3:72:38:21:4f:67:98:fe:9b:dc:
                    e5:a1:bd:3d:86:ee:db:dc:d6:6e:90:24:97:30:d3:
                    0a:2a:9b:92:a6:10:1f:50:55:13:b6:13:73:6e:a3:
                    ee:a1:72:7e:3d:57:13:3a:b5:e8:c6:59:80:68:e1:
                    9d:02:d2:85:e1:37:36:4a:d1:77:a6:e8:d6:a7:25:
                    63:49:4e:45:f3:e0:4d:c3:ab:dd:cf:54:29:f7:f0:
                    94:7c:0d:a4:3a:ef:27:23:4b:37:16:ea:e7:bd:93:
                    2e:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:4B:2E:E5:C5:ED:73:6A:B7:36:B2:55:35:86:75:9A:FC:DE:C3:E2
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913BF1E/DBB2BF666E6F11E9AA017C33C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913BF1E/DBB2BF666E6F11E9AA017C33C4F9AE02/sUsu5cXtc2q3NrJVNYZ1mvzew-I.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  134562

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.120.164.0/22
                IPv6:
                  2403:5a40::/32

    Signature Algorithm: sha256WithRSAEncryption
         c4:c9:23:5c:b6:e5:f1:72:26:be:08:76:de:05:f3:96:9c:f3:
         53:fd:c9:eb:c8:f4:15:0a:21:4a:db:64:dd:bf:38:0e:50:ca:
         a9:c0:d9:37:92:aa:79:23:3f:b6:27:25:03:65:29:df:cf:c8:
         68:10:7c:20:94:85:a1:43:b8:4e:68:4f:20:83:c2:ca:47:c4:
         c8:6b:76:f6:e3:70:0e:e8:ef:25:d6:e0:11:aa:3c:10:e6:6c:
         f7:c2:0a:15:e6:7b:d6:c1:23:d0:d7:36:e5:e1:c0:96:69:04:
         04:30:8d:b5:3f:25:f2:3c:7e:d4:51:b8:63:34:f4:bb:e5:33:
         7f:ce:9c:c8:02:5f:55:c8:7f:3e:dd:96:07:b5:09:ce:34:f5:
         c2:1d:33:37:90:62:38:4c:f7:9f:4d:d9:1c:5f:ee:5a:7b:ff:
         cf:57:d1:8a:6e:c4:66:81:c5:8e:88:58:35:9b:b2:a9:db:e9:
         2c:44:58:7f:e7:f7:3b:ae:38:89:06:b3:6a:2b:73:6c:71:ab:
         7d:0c:11:73:5c:1f:aa:2d:66:77:5f:e6:2b:27:1b:49:93:17:
         1a:3f:e7:37:af:15:4d:30:d6:38:fc:ff:48:82:4e:37:08:23:
         e6:43:a8:6c:e6:e7:c1:a2:54:01:93:0c:10:1f:33:3a:5f:13:
         a9:06:fb:79
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAbVGMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDgwNjEzMjgxOFoXDTI0MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0JGMUUxMTAvBgNVBAUTKEIxNEIyRUU1QzVFRDczNkFCNzM2QjI1
NTM1ODY3NTlBRkNERUMzRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCl8Ta/XWTYfO3ENlpbAoYE0iAy36DByj0fjm8WpzUJlhK76kAKTm4Ww5QrX6fk
TSK7QPN618kz0BgHfcIljKX6Bruk3+K8+l2e08Qg8JOCM4fvg44HbRRcFKJNpFjm
ExayOEA7KFMYOCDGAAuCZwVSNXkeTtGb1bQRrXLO1E8aa+cVBufYcMww1M6R4IZr
EZQ0MZyq0b+1lojRs3I4IU9nmP6b3OWhvT2G7tvc1m6QJJcw0woqm5KmEB9QVRO2
E3Nuo+6hcn49VxM6tejGWYBo4Z0C0oXhNzZK0Xem6NanJWNJTkXz4E3Dq93PVCn3
8JR8DaQ67ycjSzcW6ue9ky6lAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUsUsu5cXt
c2q3NrJVNYZ1mvzew+IwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNCRjFFL0RCQjJCRjY2NkU2RjExRTlBQTAxN0MzM0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzQkYxRS9EQkIyQkY2NjZFNkYxMUU5QUEwMTdDMzNDNEY5QUUwMi9zVXN1NWNY
dGMycTNOckpWTllaMW12emV3LUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg2iMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ3ikMA0EAgAC
MAcDBQAkA1pAMA0GCSqGSIb3DQEBCwUAA4IBAQDEySNctuXxcia+CHbeBfOWnPNT
/cnryPQVCiFK22TdvzgOUMqpwNk3kqp5Iz+2JyUDZSnfz8hoEHwglIWhQ7hOaE8g
g8LKR8TIa3b243AO6O8l1uARqjwQ5mz3wgoV5nvWwSPQ1zbl4cCWaQQEMI21PyXy
PH7UUbhjNPS75TN/zpzIAl9VyH8+3ZYHtQnONPXCHTM3kGI4TPefTdkcX+5ae//P
V9GKbsRmgcWOiFg1m7Kp2+ksRFh/5/c7rjiJBrNqK3Nscat9DBFzXB+qLWZ3X+Yr
JxtJkxcaP+c3rxVNMNY4/P9Igk43CCPmQ6hs5ufBolQBkwwQHzM6XxOpBvt5
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:40:55 2024 by rpki-client on console-fra.rpki-client.org