Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t6pTc4MhTWSOYzvMQg071oYWeP0.cer
File:                     t6pTc4MhTWSOYzvMQg071oYWeP0.cer (raw, json)
Hash identifier:          4F2Tb3y6A1kScSAXIciEvOTuw2BVucY9ucE7Usad1DU=
Subject key identifier:   B7:AA:53:73:83:21:4D:64:8E:63:3B:CC:42:0D:3B:D6:86:16:78:FD
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01DE0B
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C3083/A0CF059A2E6011E7B7473E70C4F9AE02/t6pTc4MhTWSOYzvMQg071oYWeP0.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C3083/A0CF059A2E6011E7B7473E70C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 08 Feb 2024 16:40:56 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 133395
                          AS: 136151
                          AS: 137478
                          AS: 137483 -- 137484
                          AS: 139764
                          IP: 103.81.204.0/22
                          IP: 202.144.200.0/22
                          IP: 2400:7cc0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 122379 (0x1de0b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb  8 16:40:56 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A91C3083/serialNumber=B7AA537383214D648E633BCC420D3BD6861678FD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:71:d2:85:e8:cf:82:9d:b0:39:0c:32:a6:19:
                    33:66:86:bd:c8:81:b1:aa:0f:da:9c:39:bb:9a:00:
                    24:af:50:01:a6:00:2c:3a:60:4a:5b:09:83:a3:ce:
                    9c:1b:e8:b9:f7:48:b5:41:90:a4:16:d8:ec:16:59:
                    9e:cc:96:a4:57:73:3a:8e:fb:82:a5:5b:53:bb:2e:
                    22:e0:98:2c:88:d4:1d:69:c2:7d:89:dd:53:79:2e:
                    cc:47:a8:ac:13:92:3b:0a:04:f4:a4:b6:e2:91:77:
                    26:3c:57:bd:f4:11:34:11:f4:90:76:99:73:6d:4e:
                    a7:e5:e3:15:0b:88:d6:3a:31:80:92:e1:13:01:82:
                    ae:f2:39:3b:a9:8e:ce:88:d9:e6:ce:db:d6:9a:c0:
                    ec:ed:01:91:73:b2:52:05:99:39:29:b6:5c:de:0a:
                    4a:f8:e9:5e:9f:c3:ab:a8:c8:55:30:0d:68:59:7d:
                    d6:da:7f:73:60:ab:d7:cf:be:d2:97:c1:6f:1e:69:
                    d6:46:4a:51:b4:69:3c:a0:1e:24:c7:02:57:b7:00:
                    9b:3d:76:43:ce:d6:4a:f1:25:c9:4f:2a:a1:fd:27:
                    62:b9:b8:87:f9:61:c2:fc:96:00:5a:3c:d3:c3:38:
                    f0:e3:c3:d6:19:59:a9:0c:0f:0b:28:72:38:ff:52:
                    87:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:AA:53:73:83:21:4D:64:8E:63:3B:CC:42:0D:3B:D6:86:16:78:FD
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C3083/A0CF059A2E6011E7B7473E70C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C3083/A0CF059A2E6011E7B7473E70C4F9AE02/t6pTc4MhTWSOYzvMQg071oYWeP0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  133395
                  136151
                  137478
                  137483-137484
                  139764

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.81.204.0/22
                  202.144.200.0/22
                IPv6:
                  2400:7cc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         2b:65:eb:c2:22:4a:16:0b:94:cc:e9:a8:f7:86:41:cc:4b:b4:
         f3:14:d9:e6:d0:03:af:c9:b5:13:d1:06:06:1d:3f:d8:cd:fa:
         21:df:55:56:67:6b:17:0a:b5:10:f3:36:d9:f5:f9:95:4d:a7:
         dd:87:45:b3:b1:86:0b:e8:d9:2c:5f:31:8f:7f:77:27:77:bd:
         70:b9:7b:c2:7e:fa:be:73:fa:63:94:24:4f:bc:a8:47:65:ce:
         ce:93:25:b9:bb:aa:4c:a4:65:7b:90:36:90:ac:04:fa:ab:f1:
         db:07:c5:ef:b6:87:32:59:ad:10:df:dd:cb:f9:0a:9e:b1:51:
         bb:de:61:75:90:7a:a4:ab:da:50:18:0f:00:04:ae:06:cd:ba:
         d0:2e:29:5b:bb:b5:5f:7d:81:0a:f0:44:ed:2e:c1:d8:09:ae:
         de:26:23:29:30:9e:e1:67:52:bc:28:14:cd:23:e9:72:ed:1f:
         51:aa:76:a3:23:dc:38:49:7d:20:14:00:4d:b0:e0:4e:23:45:
         dc:8d:89:ad:56:93:36:c7:e4:29:a0:7a:6d:4e:f6:25:6a:38:
         37:74:a7:54:1a:bc:1a:8f:54:10:88:ec:19:07:34:23:bf:6a:
         5f:bd:cd:d0:c6:2b:22:e1:15:ae:12:96:6b:4a:0d:4e:ac:c8:
         72:ab:c0:49
-----BEGIN CERTIFICATE-----
MIIGSjCCBTKgAwIBAgIDAd4LMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIwODE2NDA1NloXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzMwODMxMTAvBgNVBAUTKEI3QUE1MzczODMyMTRENjQ4RTYzM0JD
QzQyMEQzQkQ2ODYxNjc4RkQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+cdKF6M+CnbA5DDKmGTNmhr3IgbGqD9qcObuaACSvUAGmACw6YEpbCYOjzpwb
6Ln3SLVBkKQW2OwWWZ7MlqRXczqO+4KlW1O7LiLgmCyI1B1pwn2J3VN5LsxHqKwT
kjsKBPSktuKRdyY8V730ETQR9JB2mXNtTqfl4xULiNY6MYCS4RMBgq7yOTupjs6I
2ebO29aawOztAZFzslIFmTkptlzeCkr46V6fw6uoyFUwDWhZfdbaf3Ngq9fPvtKX
wW8eadZGSlG0aTygHiTHAle3AJs9dkPO1krxJclPKqH9J2K5uIf5YcL8lgBaPNPD
OPDjw9YZWakMDwsocjj/UodJAgMBAAGjggM/MIIDOzAdBgNVHQ4EFgQUt6pTc4Mh
TWSOYzvMQg071oYWeP0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUMzMDgzL0EwQ0YwNTlBMkU2MDExRTdCNzQ3M0U3MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDMzA4My9BMENGMDU5QTJFNjAxMUU3Qjc0NzNFNzBDNEY5QUUwMi90NnBUYzRN
aFRXU09ZenZNUWcwNzFvWVdlUDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQgBAf8EJjAk
oCIwIAIDAgkTAgMCE9cCAwIZBjAKAgMCGQsCAwIZDAIDAiH0MDQGCCsGAQUFBwEH
AQH/BCUwIzASBAIAATAMAwQCZ1HMAwQCypDIMA0EAgACMAcDBQAkAHzAMA0GCSqG
SIb3DQEBCwUAA4IBAQArZevCIkoWC5TM6aj3hkHMS7TzFNnm0AOvybUT0QYGHT/Y
zfoh31VWZ2sXCrUQ8zbZ9fmVTafdh0WzsYYL6NksXzGPf3cnd71wuXvCfvq+c/pj
lCRPvKhHZc7OkyW5u6pMpGV7kDaQrAT6q/HbB8XvtocyWa0Q393L+QqesVG73mF1
kHqkq9pQGA8ABK4GzbrQLilbu7VffYEK8ETtLsHYCa7eJiMpMJ7hZ1K8KBTNI+ly
7R9RqnajI9w4SX0gFABNsOBOI0XcjYmtVpM2x+QpoHptTvYlajg3dKdUGrwaj1QQ
iOwZBzQjv2pfvc3Qxisi4RWuEpZrSg1OrMhyq8BJ
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:02:43 2024 by rpki-client on console-fra.rpki-client.org