Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xC_x0v81KYG8X4IkDsk5TvqzEYY.cer
File:                     xC_x0v81KYG8X4IkDsk5TvqzEYY.cer (raw, json)
Hash identifier:          mKWftxcuqdumbx3+bn1JYedOeRZgkhtSsSPy2y94fxg=
Subject key identifier:   C4:2F:F1:D2:FF:35:29:81:BC:5F:82:24:0E:C9:39:4E:FA:B3:11:86
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CD10
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91814E9/FE57C2BC083011EBBFE4C732C4F9AE02/xC_x0v81KYG8X4IkDsk5TvqzEYY.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91814E9/FE57C2BC083011EBBFE4C732C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 27 Nov 2023 16:15:41 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    IP: 203.4.192.0/21

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 14:50:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118032 (0x1cd10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov 27 16:15:41 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A91814E9/serialNumber=C42FF1D2FF352981BC5F82240EC9394EFAB31186
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ca:6f:86:3f:a2:77:f5:7c:4d:82:72:0a:dd:
                    c3:01:3a:2e:09:39:0d:8f:a3:0f:05:4e:59:f7:7f:
                    07:6c:2e:c4:f0:c1:ba:e6:ac:3d:39:a4:53:2b:91:
                    8c:e7:db:af:83:3a:2e:1f:2f:5f:39:2d:53:2e:a9:
                    45:44:60:69:94:8c:c1:1e:0f:e0:cc:ce:ed:6e:11:
                    8b:ae:00:70:59:c0:b3:02:a1:f5:a5:cf:a8:0a:ce:
                    ea:0b:f0:75:c0:65:28:b4:31:29:17:f3:ea:e3:f1:
                    bf:22:f9:ff:50:32:9f:ac:3d:55:09:f5:c5:3f:fe:
                    56:08:63:2e:fc:f4:32:b2:45:9d:b2:5c:05:51:86:
                    45:01:ca:aa:41:49:24:df:01:65:39:ec:7c:13:b0:
                    3b:e7:cb:a1:ad:51:d8:04:0d:75:0a:a5:21:d0:bb:
                    e4:d2:55:d7:37:8a:3e:88:93:2c:af:0f:3b:84:e4:
                    0c:0f:53:08:65:dc:1f:2d:c7:a2:09:bd:f7:f0:a6:
                    32:7a:09:33:a7:c8:40:50:ac:4a:7b:6d:6f:5d:20:
                    36:94:fc:e0:0a:bd:71:eb:e8:c0:d5:34:6e:0d:40:
                    7a:25:b7:12:46:d8:5d:4b:2c:50:7c:59:26:f4:58:
                    20:3a:b7:dd:1c:16:53:d3:cb:e2:ac:0f:ab:c7:c7:
                    ba:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:2F:F1:D2:FF:35:29:81:BC:5F:82:24:0E:C9:39:4E:FA:B3:11:86
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91814E9/FE57C2BC083011EBBFE4C732C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91814E9/FE57C2BC083011EBBFE4C732C4F9AE02/xC_x0v81KYG8X4IkDsk5TvqzEYY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.4.192.0/21

    Signature Algorithm: sha256WithRSAEncryption
         d1:81:60:37:cc:3f:48:f0:62:af:46:18:f8:1d:57:a9:1e:2b:
         65:ee:74:8b:57:a8:56:d8:6f:c7:6f:c8:28:b3:bd:19:6a:04:
         97:88:ea:7b:0b:71:bb:47:03:7d:ca:45:b5:8b:26:b1:2d:c3:
         69:40:c5:55:ab:15:61:23:7d:0a:d9:bf:13:ca:bf:80:30:7e:
         32:63:8b:33:5d:1e:42:df:f6:d3:84:cf:b6:2d:7d:70:52:07:
         c6:c5:e6:12:66:8a:32:0e:6e:f8:1e:c6:66:34:6d:ba:c0:cc:
         74:12:32:ad:1f:e0:07:b6:e4:a9:43:b9:4c:90:03:3a:d2:b0:
         4d:46:e1:8b:a6:b6:15:ff:bb:33:06:58:56:4e:ff:d9:8b:47:
         62:33:a8:e9:97:c5:b7:40:85:4a:e7:0b:e5:29:08:17:c7:47:
         5e:60:ba:f6:ff:a7:e7:ca:16:81:be:a5:59:bc:9b:68:57:d5:
         0a:fe:45:96:4a:44:15:c5:aa:89:a9:38:59:07:d6:c1:80:6a:
         81:43:78:1a:2f:ff:03:22:58:a9:13:86:ba:a9:97:4d:98:3a:
         8c:a4:03:62:03:51:e8:88:db:50:0b:13:7b:12:c8:e3:98:c0:
         67:2e:70:c5:77:d7:8b:a6:f9:6d:4d:76:38:24:7b:35:5c:78:
         a8:0e:48:f9
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAc0QMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEyNzE2MTU0MVoXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxODE0RTkxMTAvBgNVBAUTKEM0MkZGMUQyRkYzNTI5ODFCQzVGODIy
NDBFQzkzOTRFRkFCMzExODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDPym+GP6J39XxNgnIK3cMBOi4JOQ2Pow8FTln3fwdsLsTwwbrmrD05pFMrkYzn
26+DOi4fL185LVMuqUVEYGmUjMEeD+DMzu1uEYuuAHBZwLMCofWlz6gKzuoL8HXA
ZSi0MSkX8+rj8b8i+f9QMp+sPVUJ9cU//lYIYy789DKyRZ2yXAVRhkUByqpBSSTf
AWU57HwTsDvny6GtUdgEDXUKpSHQu+TSVdc3ij6IkyyvDzuE5AwPUwhl3B8tx6IJ
vffwpjJ6CTOnyEBQrEp7bW9dIDaU/OAKvXHr6MDVNG4NQHoltxJG2F1LLFB8WSb0
WCA6t90cFlPTy+KsD6vHx7oHAgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQUxC/x0v81
KYG8X4IkDsk5TvqzEYYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTgxNEU5L0ZFNTdDMkJDMDgzMDExRUJCRkU0QzczMkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4MTRFOS9GRTU3QzJCQzA4MzAxMUVCQkZFNEM3MzJDNEY5QUUwMi94Q194MHY4
MUtZRzhYNElrRHNrNVR2cXpFWVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBAPLBMAwDQYJKoZIhvcNAQELBQADggEBANGBYDfMP0jwYq9GGPgd
V6keK2XudItXqFbYb8dvyCizvRlqBJeI6nsLcbtHA33KRbWLJrEtw2lAxVWrFWEj
fQrZvxPKv4AwfjJjizNdHkLf9tOEz7YtfXBSB8bF5hJmijIObvgexmY0bbrAzHQS
Mq0f4Ae25KlDuUyQAzrSsE1G4YumthX/uzMGWFZO/9mLR2IzqOmXxbdAhUrnC+Up
CBfHR15guvb/p+fKFoG+pVm8m2hX1Qr+RZZKRBXFqompOFkH1sGAaoFDeBov/wMi
WKkThrqpl02YOoykA2IDUeiI21ALE3sSyOOYwGcucMV314um+W1NdjgkezVceKgO
SPk=
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:08:35 2024 by rpki-client on console-ams.rpki-client.org