Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vBRJ7peREatw2N-Y2rpOJrprxls.cer
File:                     vBRJ7peREatw2N-Y2rpOJrprxls.cer (raw, json)
Hash identifier:          cNyGgH4YmQ5Gj+O8UmnOK/24QyOFdTVCtkLMIWIwIUU=
Subject key identifier:   BC:14:49:EE:97:91:11:AB:70:D8:DF:98:DA:BA:4E:26:BA:6B:C6:5B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C07F
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91CCA34/6FAA367833B211EBA88A0A6FC4F9AE02/vBRJ7peREatw2N-Y2rpOJrprxls.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91CCA34/6FAA367833B211EBA88A0A6FC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 28 Sep 2023 20:09:02 +0000
Certificate not after:    Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 138339
                          IP: 103.130.148.0/22
                          IP: 2403:bc40::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 13:06:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 114815 (0x1c07f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Sep 28 20:09:02 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=A91CCA34/serialNumber=BC1449EE979111AB70D8DF98DABA4E26BA6BC65B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:df:0f:58:d4:03:38:e1:67:a9:f5:a6:cb:6a:
                    56:cd:b3:f4:cb:d6:49:82:31:d3:d0:ea:75:f5:6f:
                    b1:af:2d:f5:c5:f0:f7:fb:d7:cf:52:07:99:14:8e:
                    14:47:ce:ab:df:34:01:7c:91:8a:fc:55:1f:fe:88:
                    b4:c6:e8:69:45:e2:cb:de:69:c8:04:fe:6c:0b:9d:
                    f0:b7:5f:1c:78:e9:fc:e9:e6:80:17:98:18:1a:bd:
                    a2:cb:8b:c2:11:46:bc:e6:23:e0:92:8f:42:07:d7:
                    af:b5:aa:36:4b:11:34:16:73:45:18:15:d8:dd:b1:
                    3d:62:4c:b4:ed:7d:e1:c3:5b:df:41:f7:44:71:26:
                    bd:d4:8e:64:b5:19:fa:cc:94:f9:db:18:bd:7f:bf:
                    25:55:32:7b:dc:3e:2f:7a:70:53:d2:21:00:f4:eb:
                    c9:10:81:c8:8d:45:2d:5a:3c:f1:1e:3c:5a:6d:9c:
                    44:cb:3c:b3:6d:c5:97:f8:13:2f:5d:15:6e:69:5c:
                    9a:c3:0c:d1:6a:f4:63:b1:c0:ee:27:e9:7f:c7:42:
                    b8:fd:79:a7:40:f8:94:2d:a8:53:bd:7c:1d:04:e8:
                    ff:9c:05:bc:0a:1d:2d:8c:21:13:27:91:ae:f4:44:
                    59:b3:b9:85:3a:39:61:e4:9d:e4:03:81:60:5e:2d:
                    97:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:14:49:EE:97:91:11:AB:70:D8:DF:98:DA:BA:4E:26:BA:6B:C6:5B
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CCA34/6FAA367833B211EBA88A0A6FC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CCA34/6FAA367833B211EBA88A0A6FC4F9AE02/vBRJ7peREatw2N-Y2rpOJrprxls.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  138339

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.130.148.0/22
                IPv6:
                  2403:bc40::/32

    Signature Algorithm: sha256WithRSAEncryption
         43:89:61:0a:b8:b2:d0:6f:2e:f1:d8:d5:42:e9:aa:8b:59:13:
         00:b1:9b:34:c9:26:af:ab:bf:d0:fd:93:14:9f:b4:f7:a0:a9:
         ca:c9:ae:3a:6e:eb:89:24:1b:70:87:97:27:4c:37:05:7b:72:
         36:e8:5b:e0:21:17:67:3a:7c:1b:94:71:3c:2b:71:59:c0:d3:
         e4:89:a2:04:38:87:d0:58:2b:2b:09:74:61:16:4b:9c:17:bd:
         af:13:74:ab:df:00:b7:3b:56:7e:e4:5e:7b:0f:22:aa:9b:b8:
         6a:52:73:db:36:2b:30:95:3c:8d:37:c1:cb:a2:66:f7:2d:33:
         61:19:b3:47:c1:d4:09:f9:07:28:25:d7:cd:e2:2a:c2:40:4f:
         d6:20:2b:e1:e7:e2:d7:96:82:42:e2:7d:ae:aa:99:ae:a5:48:
         cf:9a:b4:2b:2d:a8:cc:35:f8:74:7a:70:43:fe:b2:45:bd:2f:
         16:5f:a7:58:cc:e7:11:9a:39:65:36:27:32:1b:82:4d:49:4a:
         56:44:1d:d0:1b:10:d3:e1:57:cb:e6:f7:a3:79:e3:28:1e:4f:
         b2:57:50:fc:fc:b1:6d:cc:95:10:b9:e5:dd:86:7e:9b:95:99:
         2a:21:38:16:58:5f:bf:bd:38:4e:97:17:0a:c0:e1:71:39:23:
         c8:52:c2:a1
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAcB/MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDkyODIwMDkwMloXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQ0NBMzQxMTAvBgNVBAUTKEJDMTQ0OUVFOTc5MTExQUI3MEQ4REY5
OERBQkE0RTI2QkE2QkM2NUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+3w9Y1AM44Wep9abLalbNs/TL1kmCMdPQ6nX1b7GvLfXF8Pf7189SB5kUjhRH
zqvfNAF8kYr8VR/+iLTG6GlF4sveacgE/mwLnfC3Xxx46fzp5oAXmBgavaLLi8IR
RrzmI+CSj0IH16+1qjZLETQWc0UYFdjdsT1iTLTtfeHDW99B90RxJr3UjmS1GfrM
lPnbGL1/vyVVMnvcPi96cFPSIQD068kQgciNRS1aPPEePFptnETLPLNtxZf4Ey9d
FW5pXJrDDNFq9GOxwO4n6X/HQrj9eadA+JQtqFO9fB0E6P+cBbwKHS2MIRMnka70
RFmzuYU6OWHkneQDgWBeLZeJAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUvBRJ7peR
Eatw2N+Y2rpOJrprxlswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNDQTM0LzZGQUEzNjc4MzNCMjExRUJBODhBMEE2RkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDQ0EzNC82RkFBMzY3ODMzQjIxMUVCQTg4QTBBNkZDNEY5QUUwMi92QlJKN3Bl
UkVhdHcyTi1ZMnJwT0pycHJ4bHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhxjMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ4KUMA0EAgAC
MAcDBQAkA7xAMA0GCSqGSIb3DQEBCwUAA4IBAQBDiWEKuLLQby7x2NVC6aqLWRMA
sZs0ySavq7/Q/ZMUn7T3oKnKya46buuJJBtwh5cnTDcFe3I26FvgIRdnOnwblHE8
K3FZwNPkiaIEOIfQWCsrCXRhFkucF72vE3Sr3wC3O1Z+5F57DyKqm7hqUnPbNisw
lTyNN8HLomb3LTNhGbNHwdQJ+QcoJdfN4irCQE/WICvh5+LXloJC4n2uqpmupUjP
mrQrLajMNfh0enBD/rJFvS8WX6dYzOcRmjllNicyG4JNSUpWRB3QGxDT4VfL5vej
eeMoHk+yV1D8/LFtzJUQueXdhn6blZkqITgWWF+/vThOlxcKwOFxOSPIUsKh
-----END CERTIFICATE-----
Generated at Thu Mar 28 14:08:17 2024 by rpki-client on console-fra.rpki-client.org