Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wb-ibBt5Q4AIvB1zFYzIUb0SnBA.cer
File:                     wb-ibBt5Q4AIvB1zFYzIUb0SnBA.cer (raw, json)
Hash identifier:          gG+u1Eha3vL4dItyTjfLQOWuQO2Yxu7brGY7P83EZmA=
Subject key identifier:   C1:BF:A2:6C:1B:79:43:80:08:BC:1D:73:15:8C:C8:51:BD:12:9C:10
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01DE92
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A919F23D/7D891FFA553D11EBB5687F74C4F9AE02/wb-ibBt5Q4AIvB1zFYzIUb0SnBA.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A919F23D/7D891FFA553D11EBB5687F74C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 12 Feb 2024 19:19:17 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    IP: 103.247.164.0/22

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 122514 (0x1de92)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb 12 19:19:17 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A919F23D/serialNumber=C1BFA26C1B79438008BC1D73158CC851BD129C10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:7d:1d:af:b8:59:89:ef:b9:2c:e3:67:94:16:
                    a2:df:c7:39:19:9c:df:fa:d6:f4:06:22:f8:c7:c3:
                    65:cb:c6:a4:2b:e9:ec:08:a5:eb:dd:f8:ce:6f:c5:
                    61:b0:59:2a:cc:46:3c:a3:c5:52:78:a2:97:69:bf:
                    c1:37:ab:6d:1b:41:19:80:d6:82:df:67:0c:2a:30:
                    29:1b:c9:be:4e:56:ed:fe:63:e9:e7:2f:74:f9:83:
                    32:59:ae:12:6e:8c:0c:b6:dc:54:1f:97:e9:bf:f0:
                    8c:64:d9:fa:90:d1:4b:5b:c0:3a:86:6e:27:3f:e5:
                    d0:8a:53:19:f5:a5:66:2c:58:fb:a4:e2:49:05:cd:
                    ac:4f:24:6e:03:a1:26:84:b1:72:d7:9f:62:b7:e5:
                    9e:38:bc:9d:85:e3:45:25:94:1d:89:79:9c:7e:04:
                    c9:f2:29:e8:74:6f:c3:df:28:c2:b0:2d:44:52:6b:
                    08:ff:23:12:85:c4:52:9f:13:e6:ff:bc:97:e7:50:
                    69:c7:2e:28:72:3c:52:83:e4:95:a1:9a:7f:e0:0c:
                    9b:51:f8:99:95:e4:14:40:c6:10:c1:33:e9:b9:4b:
                    4e:8f:4c:44:70:c6:1b:c9:33:b0:05:5c:37:e1:b5:
                    1f:1e:7f:95:48:b0:08:b2:a4:6a:fe:fe:41:45:22:
                    e4:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:BF:A2:6C:1B:79:43:80:08:BC:1D:73:15:8C:C8:51:BD:12:9C:10
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919F23D/7D891FFA553D11EBB5687F74C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919F23D/7D891FFA553D11EBB5687F74C4F9AE02/wb-ibBt5Q4AIvB1zFYzIUb0SnBA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.247.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         32:4f:31:c6:5b:e1:09:f9:11:5c:c4:cf:e6:c1:81:de:63:b2:
         81:64:17:37:e2:51:bc:f0:68:a8:bf:b0:5f:47:aa:ab:21:a2:
         b6:d3:8a:fd:89:c2:28:65:e1:2a:29:c1:65:6e:15:e1:e0:4e:
         4f:bc:3f:1c:d9:17:89:d4:66:51:71:65:14:df:51:14:34:6c:
         30:c1:75:13:72:6f:f0:4e:b6:6f:60:75:0e:9e:ab:29:c4:23:
         95:41:54:4d:3a:60:02:3b:4d:d5:ba:8f:d1:19:ed:1c:18:6a:
         54:27:78:fc:a2:d9:4b:1b:a7:40:79:44:fe:ea:f1:97:c7:d2:
         66:55:ba:fe:c7:83:ba:1c:33:39:bb:7a:38:62:79:2d:84:c9:
         c3:e0:4a:49:f3:03:01:6e:6e:10:94:7f:a1:8f:0b:a1:03:3a:
         17:d6:92:3f:ef:8c:35:4e:2f:95:ce:28:84:64:30:d1:b7:96:
         89:f2:b3:07:80:a3:d7:3f:36:37:70:c9:2d:e6:86:22:7c:2d:
         28:cb:c4:44:a4:08:58:60:3d:50:2a:a3:9d:09:5a:96:ab:09:
         13:f1:4b:5a:9c:59:ce:78:4c:95:f6:3b:31:aa:26:ce:e8:44:
         76:cf:64:71:3e:a4:f3:5e:ca:54:7d:7e:85:08:b9:8f:e7:2b:
         24:72:15:f3
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAd6SMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIxMjE5MTkxN1oXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOUYyM0QxMTAvBgNVBAUTKEMxQkZBMjZDMUI3OTQzODAwOEJDMUQ3
MzE1OENDODUxQkQxMjlDMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/fR2vuFmJ77ks42eUFqLfxzkZnN/61vQGIvjHw2XLxqQr6ewIpevd+M5vxWGw
WSrMRjyjxVJ4opdpv8E3q20bQRmA1oLfZwwqMCkbyb5OVu3+Y+nnL3T5gzJZrhJu
jAy23FQfl+m/8Ixk2fqQ0UtbwDqGbic/5dCKUxn1pWYsWPuk4kkFzaxPJG4DoSaE
sXLXn2K35Z44vJ2F40UllB2JeZx+BMnyKeh0b8PfKMKwLURSawj/IxKFxFKfE+b/
vJfnUGnHLihyPFKD5JWhmn/gDJtR+JmV5BRAxhDBM+m5S06PTERwxhvJM7AFXDfh
tR8ef5VIsAiypGr+/kFFIuSZAgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQUwb+ibBt5
Q4AIvB1zFYzIUb0SnBAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTlGMjNELzdEODkxRkZBNTUzRDExRUJCNTY4N0Y3NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5RjIzRC83RDg5MUZGQTU1M0QxMUVCQjU2ODdGNzRDNEY5QUUwMi93Yi1pYkJ0
NVE0QUl2QjF6Rll6SVViMFNuQkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBAJn96QwDQYJKoZIhvcNAQELBQADggEBADJPMcZb4Qn5EVzEz+bB
gd5jsoFkFzfiUbzwaKi/sF9HqqshorbTiv2Jwihl4SopwWVuFeHgTk+8PxzZF4nU
ZlFxZRTfURQ0bDDBdRNyb/BOtm9gdQ6eqynEI5VBVE06YAI7TdW6j9EZ7RwYalQn
ePyi2Usbp0B5RP7q8ZfH0mZVuv7Hg7ocMzm7ejhieS2EycPgSknzAwFubhCUf6GP
C6EDOhfWkj/vjDVOL5XOKIRkMNG3lonysweAo9c/NjdwyS3mhiJ8LSjLxESkCFhg
PVAqo50JWparCRPxS1qcWc54TJX2OzGqJs7oRHbPZHE+pPNeylR9foUIuY/nKyRy
FfM=
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:02:45 2024 by rpki-client on console-fra.rpki-client.org