Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPprur_RmXzI8dIP5qVXTe6bMlY.cer
File:                     xPprur_RmXzI8dIP5qVXTe6bMlY.cer (raw, json)
Hash identifier:          4fGTwnLmXkcBtRFcqdaqpkmWj1Z2IMb+ioBY0Hv+jX8=
Subject key identifier:   C4:FA:6B:BA:BF:D1:99:7C:C8:F1:D2:0F:E6:A5:57:4D:EE:9B:32:56
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       020385
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9187532/9A66EB9EF64811EDAA671E17C4F9AE02/xPprur_RmXzI8dIP5qVXTe6bMlY.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9187532/9A66EB9EF64811EDAA671E17C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 31 Jul 2024 05:17:35 +0000
Certificate not after:    Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources:    AS: 135548
                          IP: 103.65.22.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 04 Dec 2024 01:13:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 131973 (0x20385)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul 31 05:17:35 2024 GMT
            Not After : Sep 30 00:00:00 2025 GMT
        Subject: CN=A9187532/serialNumber=C4FA6BBABFD1997CC8F1D20FE6A5574DEE9B3256
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:f5:c1:5c:ea:df:df:3e:29:41:5b:04:b4:45:
                    29:95:a2:89:85:b7:f4:0a:0b:b1:0c:62:2b:2d:86:
                    28:37:69:a3:2e:aa:c5:6b:a6:02:1e:75:f0:a5:44:
                    ee:8d:0a:07:09:25:07:d7:60:9e:90:92:98:9b:3a:
                    e2:ea:5b:07:67:c3:e2:a0:31:d7:81:1d:3c:a9:45:
                    7e:3e:61:90:32:93:65:8d:36:89:c1:ec:d8:a2:f4:
                    15:66:39:19:6b:72:b3:14:de:88:53:5a:fe:c7:e3:
                    57:62:7e:75:ad:36:a1:d0:8a:ef:db:c3:37:fb:08:
                    e2:12:2d:1f:5d:37:ee:5a:d5:e0:c5:52:3f:1e:45:
                    a8:74:af:05:73:9e:4e:e3:1a:71:f7:c3:92:cd:ac:
                    bc:b5:34:01:4d:55:a4:fe:43:73:54:d4:90:bb:c2:
                    d2:19:93:60:c6:4d:f9:eb:4b:03:75:98:e3:7c:c1:
                    47:96:4e:11:a8:a5:00:15:23:fe:ee:a6:b5:63:c3:
                    c2:ff:35:1d:47:bc:42:42:14:3c:be:a4:d6:07:e7:
                    05:67:80:3c:2b:0e:d4:87:a8:f8:52:de:fa:fd:69:
                    62:19:a8:4e:7d:da:58:b5:f9:09:1d:e9:40:c4:df:
                    bf:1b:05:e3:fc:4d:c2:34:c4:cc:31:1f:aa:b2:9f:
                    9e:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:FA:6B:BA:BF:D1:99:7C:C8:F1:D2:0F:E6:A5:57:4D:EE:9B:32:56
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9187532/9A66EB9EF64811EDAA671E17C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9187532/9A66EB9EF64811EDAA671E17C4F9AE02/xPprur_RmXzI8dIP5qVXTe6bMlY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  135548

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.65.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:60:bb:a6:6c:11:83:bd:25:fa:43:f0:24:5f:93:7c:1a:67:
         4c:4e:58:e7:e8:1d:ea:ed:0a:98:9c:87:b4:77:75:6c:31:03:
         c7:03:f1:dd:2d:50:be:20:46:7b:3e:a1:ad:4c:35:b3:7b:32:
         fc:87:c7:70:34:43:2e:2c:92:a5:a0:ee:5f:26:3d:50:5a:79:
         e1:80:0b:39:fb:57:72:af:70:0c:a9:d8:c8:57:47:bf:57:b4:
         1f:b3:ce:63:d7:ce:bc:b5:02:f2:37:2e:73:06:c1:6d:79:31:
         4c:ea:eb:20:a5:f4:67:ba:a8:1f:9a:8d:e9:56:92:57:61:5e:
         e7:22:06:09:d9:75:a3:dd:68:dc:c2:a5:c4:a3:4c:00:ff:d9:
         b5:a7:c6:e2:9e:14:cd:9e:0e:6e:3b:75:75:47:f8:c9:eb:8e:
         f0:b7:8f:8a:f8:26:92:ee:91:fc:e2:7c:61:89:a5:c2:09:53:
         da:f2:de:c6:14:a2:a9:39:ef:92:fd:9f:99:0f:27:a5:00:a9:
         f5:5b:dc:e7:3b:09:cb:7a:b0:00:b3:cb:4e:44:0a:61:c1:19:
         cd:01:2b:b4:75:e3:26:3a:7e:63:72:a9:6c:a9:0d:7f:b8:73:
         45:38:0c:11:f8:19:d2:a1:1d:3b:33:cb:51:35:96:76:fc:10:
         ac:db:ea:67
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAgOFMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDczMTA1MTczNVoXDTI1MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxODc1MzIxMTAvBgNVBAUTKEM0RkE2QkJBQkZEMTk5N0NDOEYxRDIw
RkU2QTU1NzRERUU5QjMyNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDN9cFc6t/fPilBWwS0RSmVoomFt/QKC7EMYisthig3aaMuqsVrpgIedfClRO6N
CgcJJQfXYJ6QkpibOuLqWwdnw+KgMdeBHTypRX4+YZAyk2WNNonB7Nii9BVmORlr
crMU3ohTWv7H41difnWtNqHQiu/bwzf7COISLR9dN+5a1eDFUj8eRah0rwVznk7j
GnH3w5LNrLy1NAFNVaT+Q3NU1JC7wtIZk2DGTfnrSwN1mON8wUeWThGopQAVI/7u
prVjw8L/NR1HvEJCFDy+pNYH5wVngDwrDtSHqPhS3vr9aWIZqE592li1+Qkd6UDE
378bBeP8TcI0xMwxH6qyn54NAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUxPprur/R
mXzI8dIP5qVXTe6bMlYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTg3NTMyLzlBNjZFQjlFRjY0ODExRURBQTY3MUUxN0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4NzUzMi85QTY2RUI5RUY2NDgxMUVEQUE2NzFFMTdDNEY5QUUwMi94UHBydXJf
Um1Yekk4ZElQNXFWWFRlNmJNbFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhF8MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ0EWMA0GCSqG
SIb3DQEBCwUAA4IBAQBqYLumbBGDvSX6Q/AkX5N8GmdMTljn6B3q7QqYnIe0d3Vs
MQPHA/HdLVC+IEZ7PqGtTDWzezL8h8dwNEMuLJKloO5fJj1QWnnhgAs5+1dyr3AM
qdjIV0e/V7Qfs85j1868tQLyNy5zBsFteTFM6usgpfRnuqgfmo3pVpJXYV7nIgYJ
2XWj3WjcwqXEo0wA/9m1p8binhTNng5uO3V1R/jJ647wt4+K+CaS7pH84nxhiaXC
CVPa8t7GFKKpOe+S/Z+ZDyelAKn1W9znOwnLerAAs8tORAphwRnNASu0deMmOn5j
cqlsqQ1/uHNFOAwR+BnSoR07M8tRNZZ2/BCs2+pn
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:22:15 2024 by rpki-client on console-fra.rpki-client.org