Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wT2PgrPTzkdGU1QOU2XEyQiUwD0.cer
File:                     wT2PgrPTzkdGU1QOU2XEyQiUwD0.cer (raw, json)
Hash identifier:          Tv3zcxkiN6vYyPuLbUAQ5F3VtAgJDuW9Ly8KmyANjn0=
Subject key identifier:   C1:3D:8F:82:B3:D3:CE:47:46:53:54:0E:53:65:C4:C9:08:94:C0:3D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01FFAC
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A913DA3E/42268748734411EBA8E4DA5FC4F9AE02/wT2PgrPTzkdGU1QOU2XEyQiUwD0.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A913DA3E/42268748734411EBA8E4DA5FC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 12 Jul 2024 13:59:42 +0000
Certificate not after:    Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources:    AS: 64012
                          IP: 103.193.168.0/22

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 130988 (0x1ffac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul 12 13:59:42 2024 GMT
            Not After : Sep 30 00:00:00 2025 GMT
        Subject: CN=A913DA3E/serialNumber=C13D8F82B3D3CE474653540E5365C4C90894C03D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:e1:05:61:91:07:ea:d0:3c:da:89:2f:2e:34:
                    60:c5:9f:44:d4:ef:e4:56:7b:84:2c:52:21:e9:eb:
                    67:13:36:ea:7e:f6:1b:85:d1:f3:94:25:ea:36:ff:
                    f9:5f:35:3e:36:1d:b7:b5:cd:0e:53:5e:54:40:66:
                    75:1c:8a:f9:74:52:98:e7:90:e2:80:40:39:47:41:
                    e7:85:97:22:5c:0b:89:48:60:e9:77:cf:b9:90:31:
                    85:39:63:b3:6c:b9:68:c0:cf:51:e8:8c:f6:13:4d:
                    2a:f6:4c:57:92:6f:80:3a:2a:66:48:30:0c:2f:b6:
                    68:b3:48:21:08:a6:53:e3:c2:80:2b:dc:38:2e:49:
                    36:71:bd:cf:89:56:e5:52:ce:89:f3:d1:d9:4d:a4:
                    be:a7:ec:27:75:46:9d:a2:3c:0f:ca:6c:34:42:fa:
                    1b:92:cc:df:29:ed:13:84:9d:69:f3:61:ff:fb:66:
                    17:ff:7c:66:4f:27:7a:05:9a:a2:b3:88:66:2e:b3:
                    2e:9b:7f:9d:8c:3a:35:79:c0:31:f2:ab:09:a7:3c:
                    b7:a7:71:09:d3:5e:53:f0:f1:7d:15:db:7d:66:2d:
                    20:20:d5:ae:77:af:74:3e:cf:2b:8f:94:1d:ce:f2:
                    50:fc:bf:63:50:e5:49:29:1a:23:68:fe:ea:33:2a:
                    c8:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:3D:8F:82:B3:D3:CE:47:46:53:54:0E:53:65:C4:C9:08:94:C0:3D
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913DA3E/42268748734411EBA8E4DA5FC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913DA3E/42268748734411EBA8E4DA5FC4F9AE02/wT2PgrPTzkdGU1QOU2XEyQiUwD0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  64012

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.193.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4f:d7:8c:2d:62:8d:be:d1:0e:02:b8:4c:e3:ac:19:d6:32:ba:
         52:83:a2:9a:97:b6:91:52:a5:b3:d5:45:01:cc:28:ec:e4:ec:
         d0:7e:c6:82:27:40:28:22:fe:5f:da:21:33:8c:88:ae:ba:ac:
         c7:98:b6:01:32:fa:ff:0c:2b:e4:32:18:d4:f7:41:d6:fe:dd:
         ef:9c:e5:d8:c1:6c:24:cb:d8:36:62:71:4e:b1:1d:0f:be:e0:
         a8:b5:b1:11:fa:a9:b9:e0:f9:9a:29:6c:33:b8:3c:1e:0f:6a:
         78:84:4f:b6:6a:34:97:1f:54:ec:4d:94:2a:9c:11:81:e1:12:
         73:5e:86:b4:05:fc:b8:a1:bc:f7:59:ad:7a:48:b9:0e:8b:12:
         f2:1b:50:b3:f9:76:e3:b9:33:b1:18:db:96:3e:90:44:cf:4d:
         a5:96:52:7c:b4:a0:cf:a3:71:72:e1:d0:39:e2:32:b4:0a:84:
         2d:1d:83:51:15:dc:46:f5:6b:cf:cf:a0:7a:2f:05:a5:99:8b:
         c3:00:af:1a:d8:07:8a:b2:a0:43:1d:ff:7a:10:cb:97:75:04:
         84:49:cf:50:03:66:1d:79:45:11:52:8f:0e:f0:d1:b6:40:0d:
         da:2a:e2:76:0f:dd:eb:2d:49:a2:0e:34:c6:0f:d8:38:bb:44:
         5c:3d:65:13
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAf+sMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDcxMjEzNTk0MloXDTI1MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0RBM0UxMTAvBgNVBAUTKEMxM0Q4RjgyQjNEM0NFNDc0NjUzNTQw
RTUzNjVDNEM5MDg5NEMwM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC94QVhkQfq0DzaiS8uNGDFn0TU7+RWe4QsUiHp62cTNup+9huF0fOUJeo2//lf
NT42Hbe1zQ5TXlRAZnUcivl0UpjnkOKAQDlHQeeFlyJcC4lIYOl3z7mQMYU5Y7Ns
uWjAz1HojPYTTSr2TFeSb4A6KmZIMAwvtmizSCEIplPjwoAr3DguSTZxvc+JVuVS
zonz0dlNpL6n7Cd1Rp2iPA/KbDRC+huSzN8p7ROEnWnzYf/7Zhf/fGZPJ3oFmqKz
iGYusy6bf52MOjV5wDHyqwmnPLencQnTXlPw8X0V231mLSAg1a53r3Q+zyuPlB3O
8lD8v2NQ5UkpGiNo/uozKsgpAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUwT2PgrPT
zkdGU1QOU2XEyQiUwD0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNEQTNFLzQyMjY4NzQ4NzM0NDExRUJBOEU0REE1RkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzREEzRS80MjI2ODc0ODczNDQxMUVCQThFNERBNUZDNEY5QUUwMi93VDJQZ3JQ
VHprZEdVMVFPVTJYRXlRaVV3RDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAPoMMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ8GoMA0GCSqG
SIb3DQEBCwUAA4IBAQBP14wtYo2+0Q4CuEzjrBnWMrpSg6Kal7aRUqWz1UUBzCjs
5OzQfsaCJ0AoIv5f2iEzjIiuuqzHmLYBMvr/DCvkMhjU90HW/t3vnOXYwWwky9g2
YnFOsR0PvuCotbER+qm54PmaKWwzuDweD2p4hE+2ajSXH1TsTZQqnBGB4RJzXoa0
Bfy4obz3Wa16SLkOixLyG1Cz+XbjuTOxGNuWPpBEz02lllJ8tKDPo3Fy4dA54jK0
CoQtHYNRFdxG9WvPz6B6LwWlmYvDAK8a2AeKsqBDHf96EMuXdQSESc9QA2YdeUUR
Uo8O8NG2QA3aKuJ2D93rLUmiDjTGD9g4u0RcPWUT
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:00:11 2024 by rpki-client on console-ams.rpki-client.org