Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u6vT8W4QD9nJXUdIhOTanLb6do0.cer
File:                     u6vT8W4QD9nJXUdIhOTanLb6do0.cer (raw, json)
Hash identifier:          NKhuUFtzPqmvG/ULcGyM+/TP9RhoLvA1NDfHW9YjPaM=
Subject key identifier:   BB:AB:D3:F1:6E:10:0F:D9:C9:5D:47:48:84:E4:DA:9C:B6:FA:76:8D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C98E
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91886E3/1247B860669211ED82BE7133C4F9AE02/u6vT8W4QD9nJXUdIhOTanLb6do0.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91886E3/1247B860669211ED82BE7133C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 07 Nov 2023 16:58:27 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    IP: 103.21.220.0/23
                          IP: 2400:b820::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 12:32:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117134 (0x1c98e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov  7 16:58:27 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A91886E3/serialNumber=BBABD3F16E100FD9C95D474884E4DA9CB6FA768D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:5a:3f:af:13:9f:54:9b:cd:5a:59:24:75:ff:
                    09:28:5a:4b:64:e0:f5:42:f4:c0:16:22:2a:f7:b8:
                    d7:fe:74:70:7c:31:00:73:05:36:0c:26:d4:15:f3:
                    25:98:6f:1a:e5:ba:17:8e:16:d2:19:de:2d:65:73:
                    d4:1e:6d:45:55:fd:cf:d9:b6:98:7e:9f:54:93:78:
                    5b:15:96:15:18:fc:6e:1f:82:ce:34:74:f1:ea:75:
                    0c:14:83:5f:4a:73:08:cb:c3:3f:c7:29:05:f7:5f:
                    c9:55:55:01:c6:d4:54:c2:5d:5c:82:b3:32:9f:1b:
                    e5:40:05:e1:90:ef:9d:6d:ff:2a:33:a5:d2:da:e1:
                    99:02:c4:09:16:37:a5:05:1c:cd:f0:cc:fb:af:ed:
                    d4:47:1a:8c:36:4c:b5:c5:f7:ca:d2:fe:23:cb:7e:
                    83:7c:2e:65:49:70:67:d4:1e:f6:15:ee:be:96:c8:
                    ac:5f:7b:54:5f:18:6e:31:48:fa:38:01:23:b8:bf:
                    c0:69:e3:63:62:c0:5c:c6:1e:d6:9f:04:69:64:12:
                    47:94:e5:75:f7:39:c5:3b:cd:65:fd:ff:50:a4:6f:
                    09:d3:b6:54:6f:dc:3b:39:0b:db:cc:44:8b:36:80:
                    d0:23:5c:20:06:69:49:c7:6e:dc:d0:e3:ff:0c:eb:
                    83:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:AB:D3:F1:6E:10:0F:D9:C9:5D:47:48:84:E4:DA:9C:B6:FA:76:8D
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91886E3/1247B860669211ED82BE7133C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91886E3/1247B860669211ED82BE7133C4F9AE02/u6vT8W4QD9nJXUdIhOTanLb6do0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.21.220.0/23
                IPv6:
                  2400:b820::/32

    Signature Algorithm: sha256WithRSAEncryption
         58:63:d3:90:eb:e1:f6:69:00:1e:79:7e:11:55:fe:b1:c1:13:
         b4:d8:72:aa:c5:7f:92:ae:80:ee:f3:bd:92:39:09:37:2a:f9:
         be:7c:93:42:8f:17:0a:a4:ad:c1:f8:d1:a7:ed:3e:60:1d:30:
         ae:1b:68:85:18:98:17:8e:73:a6:4d:6e:e6:2b:88:3f:c3:3c:
         d1:e8:47:76:4e:0d:e0:f3:16:77:ba:6b:65:36:5c:c9:6e:00:
         3a:71:b3:0b:e5:2a:a1:fa:f5:e7:df:a9:38:b6:16:65:04:b0:
         d4:ff:13:0f:06:cb:72:7c:1f:05:26:3d:90:2d:82:aa:9e:0a:
         52:9f:a6:44:db:3a:54:60:8a:19:6f:d3:3b:bb:c5:1b:c1:f0:
         54:ec:b4:4c:fb:83:a7:0b:08:1c:fd:21:8b:f0:2d:c0:ea:67:
         40:e1:70:f0:ee:b4:43:8d:38:21:90:c7:8e:ed:0d:c5:28:44:
         1b:af:1e:6d:12:21:d7:7c:88:ef:b8:d4:e5:fb:93:90:e4:c8:
         e9:4a:11:25:2f:32:20:c1:3b:69:dd:02:ae:a1:8e:17:5e:38:
         2e:09:a9:75:49:60:1d:37:6b:f0:80:ec:15:8e:19:b1:0c:ab:
         75:8d:28:c7:53:42:da:c5:9b:6d:69:e6:f2:4b:98:7e:9b:89:
         49:45:0b:7a
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgIDAcmOMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEwNzE2NTgyN1oXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxODg2RTMxMTAvBgNVBAUTKEJCQUJEM0YxNkUxMDBGRDlDOTVENDc0
ODg0RTREQTlDQjZGQTc2OEQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC4Wj+vE59Um81aWSR1/wkoWktk4PVC9MAWIir3uNf+dHB8MQBzBTYMJtQV8yWY
bxrluheOFtIZ3i1lc9QebUVV/c/Ztph+n1STeFsVlhUY/G4fgs40dPHqdQwUg19K
cwjLwz/HKQX3X8lVVQHG1FTCXVyCszKfG+VABeGQ751t/yozpdLa4ZkCxAkWN6UF
HM3wzPuv7dRHGow2TLXF98rS/iPLfoN8LmVJcGfUHvYV7r6WyKxfe1RfGG4xSPo4
ASO4v8Bp42NiwFzGHtafBGlkEkeU5XX3OcU7zWX9/1CkbwnTtlRv3Ds5C9vMRIs2
gNAjXCAGaUnHbtzQ4/8M64MvAgMBAAGjggMCMIIC/jAdBgNVHQ4EFgQUu6vT8W4Q
D9nJXUdIhOTanLb6do0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTg4NkUzLzEyNDdCODYwNjY5MjExRUQ4MkJFNzEzM0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4ODZFMy8xMjQ3Qjg2MDY2OTIxMUVEODJCRTcxMzNDNEY5QUUwMi91NnZUOFc0
UUQ5bkpYVWRJaE9UYW5MYjZkbzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8EHzAd
MAwEAgABMAYDBAFnFdwwDQQCAAIwBwMFACQAuCAwDQYJKoZIhvcNAQELBQADggEB
AFhj05Dr4fZpAB55fhFV/rHBE7TYcqrFf5KugO7zvZI5CTcq+b58k0KPFwqkrcH4
0aftPmAdMK4baIUYmBeOc6ZNbuYriD/DPNHoR3ZODeDzFne6a2U2XMluADpxswvl
KqH69effqTi2FmUEsNT/Ew8Gy3J8HwUmPZAtgqqeClKfpkTbOlRgihlv0zu7xRvB
8FTstEz7g6cLCBz9IYvwLcDqZ0DhcPDutEONOCGQx47tDcUoRBuvHm0SIdd8iO+4
1OX7k5DkyOlKESUvMiDBO2ndAq6hjhdeOC4JqXVJYB03a/CA7BWOGbEMq3WNKMdT
QtrFm21p5vJLmH6biUlFC3o=
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:34:25 2024 by rpki-client on console-ams.rpki-client.org