Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sY6ktIaEpn3qATi6uiMwbQADzcw.cer
File:                     sY6ktIaEpn3qATi6uiMwbQADzcw.cer (raw, json)
Hash identifier:          7zdB5EuwDkqIN2MwSPS+jH6AAlzJsu6nIvLKcthkmuI=
Subject key identifier:   B1:8E:A4:B4:86:84:A6:7D:EA:01:38:BA:BA:23:30:6D:00:03:CD:CC
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CFB0
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A913EE77/C400BB5C56D111EAA94E7E5DC4F9AE02/sY6ktIaEpn3qATi6uiMwbQADzcw.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A913EE77/C400BB5C56D111EAA94E7E5DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 04 Dec 2023 20:30:07 +0000
Certificate not after:    Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 140222
                          IP: 103.144.104.0/23
                          IP: 2001:df1:bc80::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 09:37:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118704 (0x1cfb0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec  4 20:30:07 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=A913EE77/serialNumber=B18EA4B48684A67DEA0138BABA23306D0003CDCC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:10:13:10:78:42:1c:82:46:8f:cd:50:8e:63:
                    e3:96:86:4c:6e:1e:ea:d5:63:b3:f2:12:6c:25:93:
                    30:b8:3f:07:65:9d:89:21:a2:0e:f2:8e:1a:c1:47:
                    57:7a:7f:66:35:0e:66:a7:1e:3c:9c:1b:8e:26:6a:
                    13:6e:42:70:9c:e3:29:7e:56:55:0b:2b:89:d8:7b:
                    1c:8e:05:40:ae:d7:e9:04:4d:fa:3a:0a:ff:14:e0:
                    23:9f:69:64:59:60:60:e3:6f:86:fb:40:4f:b6:47:
                    69:d8:b7:55:2f:53:20:e5:1c:d7:94:88:e2:e4:40:
                    af:e9:f5:b3:a9:8e:51:39:a3:92:a9:11:cf:87:bd:
                    89:ac:9c:f7:f5:38:d6:3c:3e:73:6b:f8:bd:a6:45:
                    d4:89:bb:6a:db:71:49:41:ee:31:b9:6b:ae:72:32:
                    b0:0b:bf:9b:ec:cf:e4:42:63:fe:c5:ab:c7:3d:64:
                    ed:50:f9:64:e1:ce:fb:26:e8:92:fd:00:32:18:b9:
                    d2:ac:27:e5:20:f4:7f:27:f0:c6:6a:0b:a9:64:f3:
                    29:14:67:6f:a3:94:db:06:1c:16:36:4d:75:8f:b8:
                    95:f7:79:a6:a5:59:96:10:a3:98:21:80:41:d8:53:
                    41:e4:8e:5f:f0:0f:99:3f:ad:8f:b8:ec:93:8c:37:
                    0a:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:8E:A4:B4:86:84:A6:7D:EA:01:38:BA:BA:23:30:6D:00:03:CD:CC
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913EE77/C400BB5C56D111EAA94E7E5DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913EE77/C400BB5C56D111EAA94E7E5DC4F9AE02/sY6ktIaEpn3qATi6uiMwbQADzcw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  140222

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.144.104.0/23
                IPv6:
                  2001:df1:bc80::/48

    Signature Algorithm: sha256WithRSAEncryption
         0f:c4:ce:a3:3d:85:cf:40:34:d7:2d:61:80:13:aa:f0:a0:56:
         13:ab:0a:d7:55:0a:8e:24:f8:d1:7c:f4:ee:91:63:f6:b6:69:
         73:a9:66:7b:dd:20:eb:c5:25:8f:f2:06:f7:f5:cf:fb:d4:2d:
         33:ec:2d:2d:30:cb:d9:08:04:d9:9c:6c:72:66:a4:de:1b:66:
         7c:97:b4:cf:de:c4:1d:25:42:8c:84:3b:db:63:1d:ad:92:e9:
         ef:c1:5a:ed:d5:c1:a2:bc:e9:b2:c2:8c:b1:52:ec:35:72:42:
         b4:11:e5:74:0c:6d:92:bb:52:3c:be:09:e2:3e:82:fa:05:48:
         9a:77:78:56:f3:7a:e9:99:5e:f6:cb:ff:fc:80:01:02:6c:30:
         f2:c4:4d:55:d5:14:e7:79:8b:7c:ad:8d:f8:a4:f2:47:e7:d9:
         fc:b4:45:56:79:73:60:cf:89:3f:3d:eb:96:85:2e:d6:27:a9:
         fc:c8:3e:0d:f4:5b:82:75:07:b5:41:c6:90:f5:72:23:af:77:
         f1:cc:14:c9:f4:8c:93:a2:02:c0:ad:3d:5e:34:74:9e:f9:ed:
         04:54:eb:92:b6:3d:25:1e:ab:3e:b2:18:b1:d1:77:8e:d2:66:
         e4:4a:ff:8f:d8:29:b7:d5:75:0c:34:6b:91:f4:19:4e:73:0f:
         3a:cb:57:ec
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAc+wMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIwNDIwMzAwN1oXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0VFNzcxMTAvBgNVBAUTKEIxOEVBNEI0ODY4NEE2N0RFQTAxMzhC
QUJBMjMzMDZEMDAwM0NEQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC0EBMQeEIcgkaPzVCOY+OWhkxuHurVY7PyEmwlkzC4PwdlnYkhog7yjhrBR1d6
f2Y1DmanHjycG44mahNuQnCc4yl+VlULK4nYexyOBUCu1+kETfo6Cv8U4COfaWRZ
YGDjb4b7QE+2R2nYt1UvUyDlHNeUiOLkQK/p9bOpjlE5o5KpEc+HvYmsnPf1ONY8
PnNr+L2mRdSJu2rbcUlB7jG5a65yMrALv5vsz+RCY/7Fq8c9ZO1Q+WThzvsm6JL9
ADIYudKsJ+Ug9H8n8MZqC6lk8ykUZ2+jlNsGHBY2TXWPuJX3eaalWZYQo5ghgEHY
U0Hkjl/wD5k/rY+47JOMNwofAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUsY6ktIaE
pn3qATi6uiMwbQADzcwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNFRTc3L0M0MDBCQjVDNTZEMTExRUFBOTRFN0U1REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzRUU3Ny9DNDAwQkI1QzU2RDExMUVBQTk0RTdFNURDNEY5QUUwMi9zWTZrdElh
RXBuM3FBVGk2dWlNd2JRQUR6Y3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiO+MDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ5BoMA8EAgAC
MAkDBwAgAQ3xvIAwDQYJKoZIhvcNAQELBQADggEBAA/EzqM9hc9ANNctYYATqvCg
VhOrCtdVCo4k+NF89O6RY/a2aXOpZnvdIOvFJY/yBvf1z/vULTPsLS0wy9kIBNmc
bHJmpN4bZnyXtM/exB0lQoyEO9tjHa2S6e/BWu3VwaK86bLCjLFS7DVyQrQR5XQM
bZK7Ujy+CeI+gvoFSJp3eFbzeumZXvbL//yAAQJsMPLETVXVFOd5i3ytjfik8kfn
2fy0RVZ5c2DPiT8965aFLtYnqfzIPg30W4J1B7VBxpD1ciOvd/HMFMn0jJOiAsCt
PV40dJ757QRU65K2PSUeqz6yGLHRd47SZuRK/4/YKbfVdQw0a5H0GU5zDzrLV+w=
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:22:57 2024 by rpki-client on console-fra.rpki-client.org