Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t8YR8C9cLY2MZsJZ0js5x4mqAQc.cer
File:                     t8YR8C9cLY2MZsJZ0js5x4mqAQc.cer (raw, json)
Hash identifier:          YCfU1jIBkShSUIfWPUnKoKrPTnSHtX4r49OM8LVmnjQ=
Subject key identifier:   B7:C6:11:F0:2F:5C:2D:8D:8C:66:C2:59:D2:3B:39:C7:89:AA:01:07
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CFEB
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9147016/378836E2563D11EC95F3DC16C4F9AE02/t8YR8C9cLY2MZsJZ0js5x4mqAQc.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9147016/378836E2563D11EC95F3DC16C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 05 Dec 2023 14:43:11 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    AS: 24054
                          AS: 45946

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 14:50:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118763 (0x1cfeb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec  5 14:43:11 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A9147016/serialNumber=B7C611F02F5C2D8D8C66C259D23B39C789AA0107
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:be:bd:b1:a0:6f:a7:45:1b:48:36:be:ac:68:
                    72:a8:53:7e:a6:f8:83:1e:18:d6:8a:11:d9:a2:6b:
                    63:6c:94:01:71:35:88:ce:f9:f1:b0:62:da:b1:04:
                    80:88:b9:29:a5:2a:1a:d9:ce:4c:6b:fe:66:49:b6:
                    04:61:c1:b9:b0:48:db:47:e3:e2:39:2d:e3:5b:04:
                    cd:94:8a:69:46:51:7b:c4:18:81:7b:21:39:b2:8d:
                    b5:36:80:6a:39:44:2c:c3:db:56:87:cd:c7:21:89:
                    ad:74:79:d6:8d:a2:d5:74:63:90:f1:04:08:02:37:
                    f8:a4:58:90:8a:b4:50:c9:10:85:71:5d:13:b7:a1:
                    5d:5c:b1:25:d7:7a:b9:ae:d4:82:c9:4f:b6:69:4b:
                    03:ed:3d:7a:89:4d:4a:13:99:08:20:62:36:59:06:
                    3e:01:91:46:d2:c6:69:03:09:5b:23:73:91:25:ee:
                    80:06:c6:f3:a2:ea:1c:1e:01:6a:84:8a:64:53:3f:
                    23:40:66:22:cc:c7:68:56:3e:63:b5:ad:44:92:f4:
                    8e:df:a6:99:90:d7:19:76:9b:38:8f:79:34:f2:43:
                    91:03:5c:9c:be:a1:64:29:32:5a:32:e6:86:ea:ec:
                    b1:4e:2e:ba:d1:50:5a:22:ce:fa:b1:29:56:39:79:
                    e1:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:C6:11:F0:2F:5C:2D:8D:8C:66:C2:59:D2:3B:39:C7:89:AA:01:07
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9147016/378836E2563D11EC95F3DC16C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9147016/378836E2563D11EC95F3DC16C4F9AE02/t8YR8C9cLY2MZsJZ0js5x4mqAQc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  24054
                  45946

    Signature Algorithm: sha256WithRSAEncryption
         c8:68:94:29:9e:fb:e3:95:66:e2:3a:9d:f8:b9:6d:a5:99:da:
         5e:65:b8:55:0c:3e:ff:45:c6:bd:81:b7:39:25:8a:54:cf:44:
         2b:08:85:f5:49:40:79:17:95:fb:17:8c:72:91:be:dd:20:c3:
         fd:b6:92:6b:ef:9b:12:23:39:0e:1b:19:8b:e5:0b:62:ea:e8:
         53:04:12:e9:33:0e:67:bc:5f:cd:ae:1e:11:d2:6e:45:1c:c9:
         50:10:92:46:6d:23:f5:c3:9f:2a:5b:d2:46:13:e7:63:0c:4f:
         e8:cb:b1:56:cc:44:8a:39:8f:3c:7b:1b:2a:2b:fa:1c:09:fd:
         ea:8b:90:12:1e:9c:be:e7:04:21:bb:f1:de:8b:93:c1:71:ec:
         24:12:73:f5:61:4b:72:b9:d2:93:d6:64:33:de:69:08:2a:c0:
         ff:c0:6c:a0:4b:de:89:aa:7b:84:76:5d:8f:d0:e7:78:aa:c0:
         0c:31:25:8b:78:23:54:0d:c3:05:31:f6:29:84:0d:fb:e7:0f:
         12:a4:c3:7f:51:ed:06:19:71:fa:f9:ef:8d:03:ae:1e:70:66:
         c5:63:0d:ff:95:43:36:4d:da:0e:b7:87:6c:66:df:c1:cb:e2:
         c8:63:dd:7a:68:07:40:ea:09:d5:f2:d5:35:88:25:b0:52:38:
         74:09:36:d5
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgIDAc/rMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIwNTE0NDMxMVoXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNDcwMTYxMTAvBgNVBAUTKEI3QzYxMUYwMkY1QzJEOEQ4QzY2QzI1
OUQyM0IzOUM3ODlBQTAxMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3vr2xoG+nRRtINr6saHKoU36m+IMeGNaKEdmia2NslAFxNYjO+fGwYtqxBICI
uSmlKhrZzkxr/mZJtgRhwbmwSNtH4+I5LeNbBM2UimlGUXvEGIF7ITmyjbU2gGo5
RCzD21aHzcchia10edaNotV0Y5DxBAgCN/ikWJCKtFDJEIVxXRO3oV1csSXXermu
1ILJT7ZpSwPtPXqJTUoTmQggYjZZBj4BkUbSxmkDCVsjc5El7oAGxvOi6hweAWqE
imRTPyNAZiLMx2hWPmO1rUSS9I7fppmQ1xl2mziPeTTyQ5EDXJy+oWQpMloy5obq
7LFOLrrRUFoizvqxKVY5eeGhAgMBAAGjggLyMIIC7jAdBgNVHQ4EFgQUt8YR8C9c
LY2MZsJZ0js5x4mqAQcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTQ3MDE2LzM3ODgzNkUyNTYzRDExRUM5NUYzREMxNkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0NzAxNi8zNzg4MzZFMjU2M0QxMUVDOTVGM0RDMTZDNEY5QUUwMi90OFlSOEM5
Y0xZMk1ac0paMGpzNXg0bXFBUWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQgBAf8EDzAN
oAswCQICXfYCAwCzejANBgkqhkiG9w0BAQsFAAOCAQEAyGiUKZ7745Vm4jqd+Llt
pZnaXmW4VQw+/0XGvYG3OSWKVM9EKwiF9UlAeReV+xeMcpG+3SDD/baSa++bEiM5
DhsZi+ULYuroUwQS6TMOZ7xfza4eEdJuRRzJUBCSRm0j9cOfKlvSRhPnYwxP6Mux
VsxEijmPPHsbKiv6HAn96ouQEh6cvucEIbvx3ouTwXHsJBJz9WFLcrnSk9ZkM95p
CCrA/8BsoEveiap7hHZdj9DneKrADDEli3gjVA3DBTH2KYQN++cPEqTDf1HtBhlx
+vnvjQOuHnBmxWMN/5VDNk3aDreHbGbfwcviyGPdemgHQOoJ1fLVNYglsFI4dAk2
1Q==
-----END CERTIFICATE-----
Generated at Fri Mar 29 15:36:06 2024 by rpki-client on console-fra.rpki-client.org