Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/woh5_sEM6SnBzy5bl4hvHX6hfFo.cer
File:                     woh5_sEM6SnBzy5bl4hvHX6hfFo.cer (raw, json)
Hash identifier:          7zodknNH9/W/ZsTjROKM8G6eYUpdBsZ34H5wbevS/4U=
Subject key identifier:   C2:88:79:FE:C1:0C:E9:29:C1:CF:2E:5B:97:88:6F:1D:7E:A1:7C:5A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E609
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91B6EB1/4C5F720831F311EAA0A96876C4F9AE02/woh5_sEM6SnBzy5bl4hvHX6hfFo.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91B6EB1/4C5F720831F311EAA0A96876C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 22 Mar 2024 20:04:12 +0000
Certificate not after:    Wed 28 May 2025 00:00:00 +0000
Subordinate resources:    AS: 136395
                          IP: 103.86.108.0/22
                          IP: 202.181.4.0/22
                          IP: 2400:bcc0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 124425 (0x1e609)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar 22 20:04:12 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=A91B6EB1/serialNumber=C28879FEC10CE929C1CF2E5B97886F1D7EA17C5A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:b5:33:3e:44:56:ac:d6:5e:06:2c:f3:04:29:
                    cc:ec:77:69:a7:67:51:fc:00:46:7a:1e:2e:7e:36:
                    d5:3d:0e:68:ec:b7:99:f3:9a:e9:ed:30:63:42:d1:
                    65:fe:8e:51:e9:1d:ed:fd:5d:44:09:e1:20:10:7a:
                    1e:e3:25:ad:ca:18:cb:f5:ca:b1:4e:31:e0:5a:79:
                    c6:e7:27:11:3c:80:7a:70:40:10:1d:35:d1:50:88:
                    27:cd:91:1e:57:44:1e:55:fc:67:83:a7:a6:c4:59:
                    17:78:cf:a6:19:35:67:ab:1a:ed:8b:49:e0:cc:27:
                    0a:86:e2:ae:94:b8:0d:d2:59:44:40:07:f3:5e:8a:
                    2b:f8:9e:12:04:ee:27:62:06:ed:b4:dc:7c:1b:d0:
                    34:3e:c9:f4:62:d9:78:49:55:cb:5a:b3:c8:3d:8b:
                    a4:00:a5:7b:20:ef:d4:84:99:f9:34:3c:52:65:79:
                    e1:1b:06:d1:38:31:59:79:0e:1a:3f:c9:4d:6a:7e:
                    e9:c3:fc:09:45:b7:6d:fc:9e:a1:e7:63:4c:ed:08:
                    44:c1:ae:2d:77:21:d6:ec:03:2f:7e:e2:e1:c5:4e:
                    8c:30:98:b4:48:13:49:2c:12:9e:cf:ba:49:b6:90:
                    52:d9:ab:25:f0:6d:9b:da:15:50:72:31:56:a0:e3:
                    04:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:88:79:FE:C1:0C:E9:29:C1:CF:2E:5B:97:88:6F:1D:7E:A1:7C:5A
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B6EB1/4C5F720831F311EAA0A96876C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B6EB1/4C5F720831F311EAA0A96876C4F9AE02/woh5_sEM6SnBzy5bl4hvHX6hfFo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  136395

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.86.108.0/22
                  202.181.4.0/22
                IPv6:
                  2400:bcc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         ae:d2:14:52:59:7f:45:fc:a2:16:9b:2e:74:e1:79:7f:7e:50:
         9e:40:8d:4d:14:74:6d:60:b6:0b:c6:3b:e8:80:de:24:ce:ac:
         c0:6e:29:ec:33:b9:c1:c8:4f:32:dc:5f:f5:a2:9c:f1:fc:b0:
         e0:1e:83:5f:b2:31:55:f7:c5:df:bd:77:5f:f4:13:56:ff:ea:
         1f:5f:da:90:6d:50:8c:e2:8f:99:2e:5c:12:43:83:7a:3b:f8:
         59:e0:43:77:f0:3c:c8:3f:66:b3:00:e3:0d:65:db:53:eb:ea:
         42:81:8e:d3:45:a8:29:a1:b0:e7:33:94:cf:b3:de:c3:2e:c1:
         58:ae:03:bb:7e:f9:dc:ab:7e:0d:14:f5:44:a4:57:42:4d:c0:
         13:91:91:66:ab:05:22:30:41:f3:55:7a:1e:ff:81:74:2b:df:
         ac:2e:1a:e5:6c:bc:b6:aa:ed:f0:49:43:70:6b:6e:6e:7f:07:
         3a:4e:f9:b1:58:60:e2:eb:02:94:5f:15:56:32:f8:41:69:e2:
         23:9c:53:41:a6:d9:06:6b:0a:38:e0:2e:2f:8b:c3:e6:08:0b:
         a0:de:31:a3:e8:f5:5d:b5:6a:e4:76:f6:34:1a:19:0e:ca:93:
         5e:e7:f4:f6:89:6d:0d:97:f2:a0:98:5a:70:62:26:75:51:4b:
         04:e4:57:43
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAeYJMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMyMjIwMDQxMloXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjZFQjExMTAvBgNVBAUTKEMyODg3OUZFQzEwQ0U5MjlDMUNGMkU1
Qjk3ODg2RjFEN0VBMTdDNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCwtTM+RFas1l4GLPMEKczsd2mnZ1H8AEZ6Hi5+NtU9Dmjst5nzmuntMGNC0WX+
jlHpHe39XUQJ4SAQeh7jJa3KGMv1yrFOMeBaecbnJxE8gHpwQBAdNdFQiCfNkR5X
RB5V/GeDp6bEWRd4z6YZNWerGu2LSeDMJwqG4q6UuA3SWURAB/Neiiv4nhIE7idi
Bu203Hwb0DQ+yfRi2XhJVctas8g9i6QApXsg79SEmfk0PFJleeEbBtE4MVl5Dho/
yU1qfunD/AlFt238nqHnY0ztCETBri13IdbsAy9+4uHFTowwmLRIE0ksEp7Pukm2
kFLZqyXwbZvaFVByMVag4wRFAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUwoh5/sEM
6SnBzy5bl4hvHX6hfFowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUI2RUIxLzRDNUY3MjA4MzFGMzExRUFBMEE5Njg3NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCNkVCMS80QzVGNzIwODMxRjMxMUVBQTBBOTY4NzZDNEY5QUUwMi93b2g1X3NF
TTZTbkJ6eTVibDRodkhYNmhmRm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhTLMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ1ZsAwQCyrUE
MA0EAgACMAcDBQAkALzAMA0GCSqGSIb3DQEBCwUAA4IBAQCu0hRSWX9F/KIWmy50
4Xl/flCeQI1NFHRtYLYLxjvogN4kzqzAbinsM7nByE8y3F/1opzx/LDgHoNfsjFV
98XfvXdf9BNW/+ofX9qQbVCM4o+ZLlwSQ4N6O/hZ4EN38DzIP2azAOMNZdtT6+pC
gY7TRagpobDnM5TPs97DLsFYrgO7fvncq34NFPVEpFdCTcATkZFmqwUiMEHzVXoe
/4F0K9+sLhrlbLy2qu3wSUNwa25ufwc6TvmxWGDi6wKUXxVWMvhBaeIjnFNBptkG
awo44C4vi8PmCAug3jGj6PVdtWrkdvY0GhkOypNe5/T2iW0Nl/KgmFpwYiZ1UUsE
5FdD
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:56 2024 by rpki-client on console-fra.rpki-client.org