Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tAgYFca67ZihzJUKxvoQvGAFiQI.cer
File:                     tAgYFca67ZihzJUKxvoQvGAFiQI.cer (raw, json)
Hash identifier:          5kmvemuvuAyQRDZEiZlJ/eJpehY9qXY2QyHqQW8rWXs=
Subject key identifier:   B4:08:18:15:C6:BA:ED:98:A1:CC:95:0A:C6:FA:10:BC:60:05:89:02
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01EE54
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91A3F5D/10F94EF006AB11EF87BFA725C4F9AE02/tAgYFca67ZihzJUKxvoQvGAFiQI.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91A3F5D/10F94EF006AB11EF87BFA725C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 30 Apr 2024 04:35:33 +0000
Certificate not after:    Wed 30 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 103.23.172.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 16:30:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 126548 (0x1ee54)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Apr 30 04:35:33 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=A91A3F5D/serialNumber=B4081815C6BAED98A1CC950AC6FA10BC60058902
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:d6:d1:99:50:56:c6:f5:ce:c7:11:62:05:85:
                    6f:f3:48:4e:ba:0b:65:4e:48:fe:89:b6:48:9f:a9:
                    84:df:a0:f9:4f:54:05:0d:b2:f9:c4:98:9b:3f:04:
                    c7:3a:fd:ae:66:7d:d4:7a:98:df:ab:e3:f6:bb:ee:
                    59:0e:6a:77:48:cc:72:34:47:4a:c4:3a:f9:9e:7c:
                    c6:97:18:00:10:3d:eb:5b:ce:cc:c7:45:74:b0:73:
                    f1:11:97:3a:83:16:e2:b9:fa:4c:9e:97:e6:14:b4:
                    a0:bd:ab:15:3b:19:bd:44:35:54:6d:53:d5:31:b2:
                    3d:8c:47:16:c3:f7:78:78:42:71:70:d8:6a:e6:21:
                    86:56:d6:b1:05:45:74:1f:6c:14:c9:20:ec:63:83:
                    d0:d2:e1:19:8c:b9:4b:7e:14:ca:86:de:dc:db:de:
                    94:9c:13:8d:5e:77:00:27:e7:89:c3:55:3b:54:37:
                    6b:34:33:64:0e:19:81:39:16:83:01:bc:d0:5c:23:
                    55:eb:fe:0f:69:3f:19:64:b8:6a:91:d8:9f:e8:82:
                    e8:fb:ef:c0:79:e9:ec:16:29:9d:47:f8:5b:a3:6b:
                    4a:0f:b3:69:05:be:32:e7:bf:c1:d3:09:8e:aa:1a:
                    f8:53:be:91:77:24:c8:68:4b:b6:dd:45:f4:eb:26:
                    f1:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:08:18:15:C6:BA:ED:98:A1:CC:95:0A:C6:FA:10:BC:60:05:89:02
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A3F5D/10F94EF006AB11EF87BFA725C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A3F5D/10F94EF006AB11EF87BFA725C4F9AE02/tAgYFca67ZihzJUKxvoQvGAFiQI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.23.172.0/23

    Signature Algorithm: sha256WithRSAEncryption
         89:82:0d:f6:0b:c7:b9:3a:76:7a:90:2e:30:42:29:8e:71:e2:
         65:ba:c3:38:66:56:04:05:c1:f5:84:d3:ff:13:52:c4:c1:4e:
         7f:b2:1a:b0:63:52:ec:62:d0:1d:63:50:e6:b1:b0:c7:24:36:
         3b:39:2b:85:fe:22:b3:13:bc:98:50:15:50:17:a7:6d:3e:3e:
         ab:b2:f0:7a:ff:45:2b:29:9b:07:3e:e8:87:b2:93:1a:c7:86:
         4b:d0:33:53:f7:4d:56:4a:a4:97:ab:06:05:ad:82:a2:52:44:
         0d:db:c1:8e:63:74:25:85:da:86:03:03:ba:b7:e1:47:80:75:
         f2:95:a6:6f:a8:3f:c2:3a:0c:e6:15:0f:9c:84:39:8d:32:c0:
         dc:4d:7f:00:f1:d9:73:cc:5a:1c:9f:68:ae:c3:88:51:a0:8e:
         4e:04:92:c3:38:4b:2d:c1:48:70:ea:c7:ed:9c:34:06:8c:ed:
         7b:ed:0b:a8:99:9d:73:6b:2b:f4:ac:2d:0d:73:57:21:ae:87:
         b4:1b:47:f6:7f:ca:4d:c3:9c:08:fa:de:96:a6:5f:3b:4e:8f:
         01:47:3e:d7:35:7e:8e:71:1c:d5:f2:a1:72:fe:3b:e6:74:9b:
         59:80:80:17:a2:98:aa:09:23:f0:7e:aa:bb:d0:e4:8f:3c:51:
         a1:b5:4e:c8
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAe5UMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQzMDA0MzUzM1oXDTI1MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTNGNUQxMTAvBgNVBAUTKEI0MDgxODE1QzZCQUVEOThBMUNDOTUw
QUM2RkExMEJDNjAwNTg5MDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCk1tGZUFbG9c7HEWIFhW/zSE66C2VOSP6JtkifqYTfoPlPVAUNsvnEmJs/BMc6
/a5mfdR6mN+r4/a77lkOandIzHI0R0rEOvmefMaXGAAQPetbzszHRXSwc/ERlzqD
FuK5+kyel+YUtKC9qxU7Gb1ENVRtU9Uxsj2MRxbD93h4QnFw2GrmIYZW1rEFRXQf
bBTJIOxjg9DS4RmMuUt+FMqG3tzb3pScE41edwAn54nDVTtUN2s0M2QOGYE5FoMB
vNBcI1Xr/g9pPxlkuGqR2J/oguj778B56ewWKZ1H+Fuja0oPs2kFvjLnv8HTCY6q
GvhTvpF3JMhoS7bdRfTrJvGZAgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQUtAgYFca6
7ZihzJUKxvoQvGAFiQIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUEzRjVELzEwRjk0RUYwMDZBQjExRUY4N0JGQTcyNUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBM0Y1RC8xMEY5NEVGMDA2QUIxMUVGODdCRkE3MjVDNEY5QUUwMi90QWdZRmNh
NjdaaWh6SlVLeHZvUXZHQUZpUUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBAFnF6wwDQYJKoZIhvcNAQELBQADggEBAImCDfYLx7k6dnqQLjBC
KY5x4mW6wzhmVgQFwfWE0/8TUsTBTn+yGrBjUuxi0B1jUOaxsMckNjs5K4X+IrMT
vJhQFVAXp20+Pquy8Hr/RSspmwc+6IeykxrHhkvQM1P3TVZKpJerBgWtgqJSRA3b
wY5jdCWF2oYDA7q34UeAdfKVpm+oP8I6DOYVD5yEOY0ywNxNfwDx2XPMWhyfaK7D
iFGgjk4EksM4Sy3BSHDqx+2cNAaM7XvtC6iZnXNrK/SsLQ1zVyGuh7QbR/Z/yk3D
nAj63pamXztOjwFHPtc1fo5xHNXyoXL+O+Z0m1mAgBeimKoJI/B+qrvQ5I88UaG1
Tsg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:57:12 2024 by rpki-client on console-fra.rpki-client.org