Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBNlbNepj73iI3_FMUyf9-jxoJ4.cer
File:                     tBNlbNepj73iI3_FMUyf9-jxoJ4.cer (raw, json)
Hash identifier:          0mh8P1CPVXPNZSj0DhUpTQ0daexr9WMh6Vmqq39drQA=
Subject key identifier:   B4:13:65:6C:D7:A9:8F:BD:E2:23:7F:C5:31:4C:9F:F7:E8:F1:A0:9E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D34C
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91A5252/CD163BCA54A211EBBF621E1EC4F9AE02/tBNlbNepj73iI3_FMUyf9-jxoJ4.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91A5252/CD163BCA54A211EBBF621E1EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 20 Dec 2023 19:05:45 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 141430
                          IP: 103.159.80.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 119628 (0x1d34c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec 20 19:05:45 2023 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A91A5252/serialNumber=B413656CD7A98FBDE2237FC5314C9FF7E8F1A09E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ff:a1:b7:d9:6f:60:2a:7d:7b:1b:8b:3c:6a:
                    60:06:5c:e8:68:f9:88:4f:29:6b:0e:8f:83:a3:48:
                    99:f5:72:aa:87:6a:b6:45:68:8d:9c:22:4f:b6:37:
                    02:87:c8:b1:e6:ca:3b:a2:f3:dc:75:aa:63:e6:37:
                    1a:f6:61:6f:53:bc:7c:10:da:74:35:12:3a:24:6e:
                    49:13:9b:80:49:e9:24:41:1a:65:e1:3b:8c:02:ae:
                    e4:c5:03:ee:69:0c:67:b1:72:29:88:85:28:2d:d2:
                    40:fb:38:40:04:95:c6:d1:99:52:7f:dd:b0:97:f3:
                    a1:fb:49:a3:95:a3:73:c0:a6:f3:1b:87:d9:c5:ec:
                    ef:24:8d:b8:53:9e:e5:b1:78:ec:93:87:38:ea:42:
                    4a:ac:e2:60:bf:d3:54:c9:58:3f:e0:6d:47:c4:00:
                    8e:7c:bf:5e:e6:1a:84:40:a0:23:ff:66:b2:96:1c:
                    a0:a8:81:61:4e:3f:40:d3:12:49:c8:49:35:5c:42:
                    d8:7d:82:f3:8b:32:bf:36:c8:70:d7:83:db:1b:e2:
                    af:dd:3c:bb:99:f2:18:21:f1:b4:b6:d0:50:3d:32:
                    9b:21:4d:f2:a0:45:13:f5:ac:61:21:c5:30:ff:c9:
                    6c:6b:b1:f4:3c:e0:40:7e:d4:3b:42:a1:c5:f2:0d:
                    bd:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:13:65:6C:D7:A9:8F:BD:E2:23:7F:C5:31:4C:9F:F7:E8:F1:A0:9E
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A5252/CD163BCA54A211EBBF621E1EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A5252/CD163BCA54A211EBBF621E1EC4F9AE02/tBNlbNepj73iI3_FMUyf9-jxoJ4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  141430

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.159.80.0/23

    Signature Algorithm: sha256WithRSAEncryption
         40:d8:e1:68:3b:85:bd:5e:4f:86:38:89:28:1c:7e:3d:5b:b3:
         9f:a5:25:c3:12:04:17:e0:26:a5:9c:13:ec:bf:50:bb:f6:73:
         67:7f:40:d4:87:1f:5d:4a:e4:c3:e3:ca:67:6e:2f:a2:f5:55:
         a1:70:1e:ec:a0:74:4f:ab:c0:24:df:a4:c1:3d:4d:a0:c4:74:
         17:c5:18:26:be:87:74:70:49:91:fd:f2:53:b9:29:48:9d:52:
         49:3f:5a:82:cf:77:74:58:20:e4:5b:c5:e8:ae:41:7f:05:7a:
         68:ab:84:82:e8:b5:9b:eb:7f:cd:7c:64:c6:c6:d2:34:e5:4d:
         c1:d8:7e:48:50:62:72:aa:b4:7b:2a:98:25:4b:f2:9b:be:0a:
         6f:10:6b:52:48:49:b0:f7:97:04:89:53:d1:d1:c4:3e:b3:d3:
         4c:00:7c:93:73:d8:4f:b4:86:3e:a8:05:e0:da:2b:87:c0:13:
         ce:1f:ef:95:09:ec:bb:fa:33:67:1c:f2:49:80:ab:e9:c4:c9:
         0c:61:03:05:ca:ab:5b:dc:1e:4b:c1:b0:e4:e0:fd:0f:db:17:
         0e:41:16:23:97:74:ef:1e:5f:72:bd:f9:6a:e2:7b:3c:b7:e2:
         c0:98:1b:f6:2a:70:6f:76:90:3f:2f:84:d9:61:af:66:76:5b:
         e5:e0:f8:ef
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAdNMMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIyMDE5MDU0NVoXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTUyNTIxMTAvBgNVBAUTKEI0MTM2NTZDRDdBOThGQkRFMjIzN0ZD
NTMxNEM5RkY3RThGMUEwOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCh/6G32W9gKn17G4s8amAGXOho+YhPKWsOj4OjSJn1cqqHarZFaI2cIk+2NwKH
yLHmyjui89x1qmPmNxr2YW9TvHwQ2nQ1EjokbkkTm4BJ6SRBGmXhO4wCruTFA+5p
DGexcimIhSgt0kD7OEAElcbRmVJ/3bCX86H7SaOVo3PApvMbh9nF7O8kjbhTnuWx
eOyThzjqQkqs4mC/01TJWD/gbUfEAI58v17mGoRAoCP/ZrKWHKCogWFOP0DTEknI
STVcQth9gvOLMr82yHDXg9sb4q/dPLuZ8hgh8bS20FA9MpshTfKgRRP1rGEhxTD/
yWxrsfQ84EB+1DtCocXyDb0tAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUtBNlbNep
j73iI3/FMUyf9+jxoJ4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE1MjUyL0NEMTYzQkNBNTRBMjExRUJCRjYyMUUxRUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBNTI1Mi9DRDE2M0JDQTU0QTIxMUVCQkY2MjFFMUVDNEY5QUUwMi90Qk5sYk5l
cGo3M2lJM19GTVV5ZjktanhvSjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAih2MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ59QMA0GCSqG
SIb3DQEBCwUAA4IBAQBA2OFoO4W9Xk+GOIkoHH49W7OfpSXDEgQX4CalnBPsv1C7
9nNnf0DUhx9dSuTD48pnbi+i9VWhcB7soHRPq8Ak36TBPU2gxHQXxRgmvod0cEmR
/fJTuSlInVJJP1qCz3d0WCDkW8XorkF/BXpoq4SC6LWb63/NfGTGxtI05U3B2H5I
UGJyqrR7KpglS/KbvgpvEGtSSEmw95cEiVPR0cQ+s9NMAHyTc9hPtIY+qAXg2iuH
wBPOH++VCey7+jNnHPJJgKvpxMkMYQMFyqtb3B5LwbDk4P0P2xcOQRYjl3TvHl9y
vflq4ns8t+LAmBv2KnBvdpA/L4TZYa9mdlvl4Pjv
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:47:29 2024 by rpki-client on console-ams.rpki-client.org