Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tI5Ac7gQvPnHlIGcgP3nHVPy3iw.cer
File:                     tI5Ac7gQvPnHlIGcgP3nHVPy3iw.cer (raw, json)
Hash identifier:          E7wtAJTa3SqPYFXgRKZp1e2XhT78KZcw2SUxVresGYw=
Subject key identifier:   B4:8E:40:73:B8:10:BC:F9:C7:94:81:9C:80:FD:E7:1D:53:F2:DE:2C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01EB8E
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9160C95/DE2FF1F4BAC711EBAF2E6813C4F9AE02/tI5Ac7gQvPnHlIGcgP3nHVPy3iw.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9160C95/DE2FF1F4BAC711EBAF2E6813C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 15 Apr 2024 16:23:25 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 132207
                          IP: 103.7.56.0/22
                          IP: 150.107.28.0/22

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 125838 (0x1eb8e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Apr 15 16:23:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=A9160C95/serialNumber=B48E4073B810BCF9C794819C80FDE71D53F2DE2C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:f8:b7:17:eb:20:ef:05:d3:11:cd:35:33:b5:
                    10:48:5d:3b:3c:44:04:79:b7:fb:36:36:76:10:a0:
                    42:20:1c:47:09:12:91:1b:b6:47:ea:04:11:c5:a0:
                    01:23:70:5a:dd:f4:37:48:5c:d4:d3:a8:79:31:62:
                    ec:17:4f:c4:78:4f:3b:45:e1:0a:68:15:dc:2f:17:
                    a9:6f:d3:b3:81:8c:0a:d0:c1:66:05:f6:86:c9:4d:
                    44:c0:ad:03:43:05:2a:e2:92:9c:93:21:cf:b4:78:
                    24:a0:f5:e6:0b:5c:05:73:f0:20:43:f9:6b:2e:ac:
                    3e:6e:70:0b:2f:02:e7:11:1f:4a:5b:5f:5a:ae:7d:
                    f5:09:7c:e6:81:10:f7:91:0d:ad:cf:1d:97:cd:da:
                    e8:b3:ef:39:ca:6e:e2:fa:42:a8:51:88:c1:9f:46:
                    27:cb:9c:81:06:16:52:a6:99:74:f3:07:01:ef:c4:
                    29:24:45:ab:2c:41:33:5a:af:b8:ca:5f:35:ad:a7:
                    75:05:dd:a4:07:f2:6f:39:da:ef:3f:77:d6:00:f4:
                    7f:57:a2:2b:36:71:e6:a8:a7:2c:22:c9:2f:1f:77:
                    cd:82:66:dc:69:76:3c:57:05:17:c9:ed:f4:55:d6:
                    b3:74:c5:78:9c:dd:6a:9a:fe:b5:a8:d0:8e:40:6f:
                    7e:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:8E:40:73:B8:10:BC:F9:C7:94:81:9C:80:FD:E7:1D:53:F2:DE:2C
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9160C95/DE2FF1F4BAC711EBAF2E6813C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9160C95/DE2FF1F4BAC711EBAF2E6813C4F9AE02/tI5Ac7gQvPnHlIGcgP3nHVPy3iw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  132207

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.7.56.0/22
                  150.107.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9c:3e:ab:56:c4:0b:af:1d:78:b9:85:ba:e6:2c:90:08:ac:27:
         e2:e7:e8:16:8a:23:91:74:01:2f:cc:05:17:bc:65:aa:fc:60:
         08:2d:c0:f7:d6:2d:50:17:8c:78:dc:67:63:54:28:f7:a1:0d:
         a3:f1:a9:c8:ab:e8:b1:01:e0:78:bf:b8:a3:44:09:81:09:84:
         e3:97:ba:a0:38:af:91:45:66:e0:48:92:bf:f3:14:67:59:2b:
         14:76:f2:9b:0f:98:e6:46:7d:7d:2f:8a:34:7c:c6:3d:a7:8b:
         1b:ba:ea:0d:60:13:b1:2a:c3:17:cf:b1:27:e0:fc:c1:25:24:
         81:75:43:bc:e9:00:ef:f3:59:1a:02:fc:5b:ba:4f:d5:ec:0c:
         4e:b7:7a:c5:6f:fc:34:2b:13:86:47:15:8e:11:b1:9a:47:a7:
         62:f8:f8:e4:b1:9c:e3:7e:0d:74:fe:26:88:61:bc:43:e2:1f:
         98:58:ae:c3:d8:66:a8:7c:e2:2c:da:eb:3c:c0:3a:68:6c:e6:
         e5:b6:a8:ca:d4:b1:25:57:c8:15:60:f9:d6:45:94:39:fc:ec:
         d6:ea:a3:7b:ff:b7:5e:2c:e4:83:a8:c9:57:8a:e0:de:55:f4:
         5e:2e:47:2d:b3:bf:0a:1a:c4:0e:35:98:83:4c:70:64:d4:97:
         0a:5f:39:ff
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgIDAeuOMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQxNTE2MjMyNVoXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNjBDOTUxMTAvBgNVBAUTKEI0OEU0MDczQjgxMEJDRjlDNzk0ODE5
QzgwRkRFNzFENTNGMkRFMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC++LcX6yDvBdMRzTUztRBIXTs8RAR5t/s2NnYQoEIgHEcJEpEbtkfqBBHFoAEj
cFrd9DdIXNTTqHkxYuwXT8R4TztF4QpoFdwvF6lv07OBjArQwWYF9obJTUTArQND
BSrikpyTIc+0eCSg9eYLXAVz8CBD+WsurD5ucAsvAucRH0pbX1quffUJfOaBEPeR
Da3PHZfN2uiz7znKbuL6QqhRiMGfRifLnIEGFlKmmXTzBwHvxCkkRassQTNar7jK
XzWtp3UF3aQH8m852u8/d9YA9H9Xois2ceaopywiyS8fd82CZtxpdjxXBRfJ7fRV
1rN0xXic3Wqa/rWo0I5Ab36HAgMBAAGjggMVMIIDETAdBgNVHQ4EFgQUtI5Ac7gQ
vPnHlIGcgP3nHVPy3iwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTYwQzk1L0RFMkZGMUY0QkFDNzExRUJBRjJFNjgxM0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2MEM5NS9ERTJGRjFGNEJBQzcxMUVCQUYyRTY4MTNDNEY5QUUwMi90STVBYzdn
UXZQbkhsSUdjZ1AzbkhWUHkzaXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgRvMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCZwc4AwQClmsc
MA0GCSqGSIb3DQEBCwUAA4IBAQCcPqtWxAuvHXi5hbrmLJAIrCfi5+gWiiORdAEv
zAUXvGWq/GAILcD31i1QF4x43GdjVCj3oQ2j8anIq+ixAeB4v7ijRAmBCYTjl7qg
OK+RRWbgSJK/8xRnWSsUdvKbD5jmRn19L4o0fMY9p4sbuuoNYBOxKsMXz7En4PzB
JSSBdUO86QDv81kaAvxbuk/V7AxOt3rFb/w0KxOGRxWOEbGaR6di+PjksZzjfg10
/iaIYbxD4h+YWK7D2GaofOIs2us8wDpobObltqjK1LElV8gVYPnWRZQ5/OzW6qN7
/7deLOSDqMlXiuDeVfReLkcts78KGsQONZiDTHBk1JcKXzn/
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:15:52 2024 by rpki-client on console-ams.rpki-client.org