Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vtASVxhUXB5QgDHT_1-26Chqf9g.cer
File:                     vtASVxhUXB5QgDHT_1-26Chqf9g.cer (raw, json)
Hash identifier:          koOWpAAQiyZ6sh9dU93dQdsWHqAoDxmXpVXmmDofc9k=
Subject key identifier:   BE:D0:12:57:18:54:5C:1E:50:80:31:D3:FF:5F:B6:E8:28:6A:7F:D8
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C7D8
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91E72DE/8DE4E4C03B6D11EDB2B3B34EC4F9AE02/vtASVxhUXB5QgDHT_1-26Chqf9g.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91E72DE/8DE4E4C03B6D11EDB2B3B34EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 01 Nov 2023 02:52:26 +0000
Certificate not after:    Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 150326
                          IP: 103.12.182.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 18:03:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 116696 (0x1c7d8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov  1 02:52:26 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=A91E72DE/serialNumber=BED0125718545C1E508031D3FF5FB6E8286A7FD8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:92:50:ec:18:07:bd:81:1a:d9:cb:87:fa:2e:
                    b2:85:76:eb:8f:cd:98:b1:3e:57:55:92:f3:bb:39:
                    f0:a4:02:2c:db:9a:c4:3e:7b:7f:20:f6:d3:eb:cf:
                    d0:e3:0d:29:d3:5d:84:9f:96:07:85:27:93:56:7e:
                    44:b6:2b:09:a1:86:64:70:16:d9:29:f8:c3:40:36:
                    30:a2:3c:5d:cd:6f:43:d3:d0:91:df:d0:d8:c0:ee:
                    36:76:35:42:90:26:8a:24:4b:4d:b9:d1:1b:3f:d9:
                    40:37:34:f8:57:0c:ce:78:5d:f3:68:57:73:aa:07:
                    aa:06:b1:b0:05:4b:64:45:c1:08:c2:ae:d5:22:ab:
                    83:73:1b:37:68:e0:77:a8:e0:62:9c:d4:94:a2:64:
                    d1:ca:c1:9a:bb:96:42:6a:1c:8d:7a:df:a8:56:b4:
                    a3:e3:3b:ca:3d:cf:70:b1:64:d7:38:24:fb:ff:81:
                    a3:40:16:65:22:f7:4d:46:fc:d3:f6:ed:6f:86:68:
                    1b:59:16:8e:86:c4:10:68:83:1e:bf:37:69:49:54:
                    17:c4:7c:66:71:80:c1:3c:eb:84:67:50:c6:cf:4a:
                    e5:71:81:d9:ed:35:c1:04:ab:11:b7:d8:4e:98:0c:
                    ea:5b:ca:9a:f1:d4:6e:c1:8c:f1:45:05:33:d6:5d:
                    7c:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:D0:12:57:18:54:5C:1E:50:80:31:D3:FF:5F:B6:E8:28:6A:7F:D8
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E72DE/8DE4E4C03B6D11EDB2B3B34EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E72DE/8DE4E4C03B6D11EDB2B3B34EC4F9AE02/vtASVxhUXB5QgDHT_1-26Chqf9g.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  150326

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.12.182.0/23

    Signature Algorithm: sha256WithRSAEncryption
         57:19:ae:20:5c:70:45:63:22:62:02:3e:ae:19:e3:af:58:9b:
         e9:9d:f0:b9:7b:d8:29:2a:eb:4e:b6:04:0a:bc:a4:9a:0f:61:
         86:90:92:fa:0c:94:83:90:69:e7:7c:46:87:07:ac:1c:4f:4a:
         83:b7:d7:ac:b0:4a:18:d2:52:06:bc:5b:75:4e:66:ee:3e:5f:
         ef:0a:53:d1:6a:68:c9:a7:ff:77:53:14:4e:98:38:5d:fb:3a:
         c9:7a:c6:98:b3:9e:34:56:9f:6e:d5:4b:6c:c0:88:33:5b:6e:
         72:dc:53:6d:01:4e:93:fc:53:6a:9a:11:37:33:37:5d:2a:b9:
         e4:48:58:a0:8a:87:60:81:12:ad:f1:e1:77:d1:2f:70:34:1b:
         d2:80:54:61:b8:a3:d8:bd:c6:a5:d4:84:51:d1:49:d9:3e:9d:
         df:14:c6:df:fa:f3:55:f5:d8:31:f7:e3:b9:c5:5d:6a:53:e3:
         05:6e:c8:54:a7:3a:ae:3b:a0:af:d7:e9:eb:8d:75:44:20:36:
         7a:a5:38:5e:11:82:d9:7a:b2:9a:3e:20:54:eb:9d:7d:3a:d0:
         86:d9:05:4b:e7:b3:9a:42:1a:13:9d:26:5f:c4:8e:31:cd:f5:
         71:45:73:81:78:cf:a6:bf:cc:3a:b0:c0:30:e1:8f:22:26:de:
         c0:4c:d4:f1
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAcfYMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEwMTAyNTIyNloXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTcyREUxMTAvBgNVBAUTKEJFRDAxMjU3MTg1NDVDMUU1MDgwMzFE
M0ZGNUZCNkU4Mjg2QTdGRDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCzklDsGAe9gRrZy4f6LrKFduuPzZixPldVkvO7OfCkAizbmsQ+e38g9tPrz9Dj
DSnTXYSflgeFJ5NWfkS2KwmhhmRwFtkp+MNANjCiPF3Nb0PT0JHf0NjA7jZ2NUKQ
JookS0250Rs/2UA3NPhXDM54XfNoV3OqB6oGsbAFS2RFwQjCrtUiq4NzGzdo4Heo
4GKc1JSiZNHKwZq7lkJqHI1636hWtKPjO8o9z3CxZNc4JPv/gaNAFmUi901G/NP2
7W+GaBtZFo6GxBBogx6/N2lJVBfEfGZxgME864RnUMbPSuVxgdntNcEEqxG32E6Y
DOpbyprx1G7BjPFFBTPWXXyxAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUvtASVxhU
XB5QgDHT/1+26Chqf9gwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU3MkRFLzhERTRFNEMwM0I2RDExRURCMkIzQjM0RUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFNzJERS84REU0RTRDMDNCNkQxMUVEQjJCM0IzNEVDNEY5QUUwMi92dEFTVnho
VVhCNVFnREhUXzEtMjZDaHFmOWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAks2MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZwy2MA0GCSqG
SIb3DQEBCwUAA4IBAQBXGa4gXHBFYyJiAj6uGeOvWJvpnfC5e9gpKutOtgQKvKSa
D2GGkJL6DJSDkGnnfEaHB6wcT0qDt9essEoY0lIGvFt1TmbuPl/vClPRamjJp/93
UxROmDhd+zrJesaYs540Vp9u1UtswIgzW25y3FNtAU6T/FNqmhE3MzddKrnkSFig
iodggRKt8eF30S9wNBvSgFRhuKPYvcal1IRR0UnZPp3fFMbf+vNV9dgx9+O5xV1q
U+MFbshUpzquO6Cv1+nrjXVEIDZ6pTheEYLZerKaPiBU6519OtCG2QVL57OaQhoT
nSZfxI4xzfVxRXOBeM+mv8w6sMAw4Y8iJt7ATNTx
-----END CERTIFICATE-----
Generated at Thu Mar 28 18:55:31 2024 by rpki-client on console-ams.rpki-client.org