Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xQo91YIWmexaCS_v5V5AfVvQy6U.cer
File:                     xQo91YIWmexaCS_v5V5AfVvQy6U.cer (raw, json)
Hash identifier:          HprZh2KvXaspqZ+vYVf1cXTZxMLhW3+t+4zRxL+hAJU=
Subject key identifier:   C5:0A:3D:D5:82:16:99:EC:5A:09:2F:EF:E5:5E:40:7D:5B:D0:CB:A5
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01F10F
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C2E41/8757518E1DA411E2B9219E9A08B02CD2/xQo91YIWmexaCS_v5V5AfVvQy6U.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C2E41/8757518E1DA411E2B9219E9A08B02CD2/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 10 May 2024 15:21:51 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 24030

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 127247 (0x1f10f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May 10 15:21:51 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=A91C2E41/serialNumber=C50A3DD5821699EC5A092FEFE55E407D5BD0CBA5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:3a:24:5c:00:07:fa:0e:8d:14:0c:ed:e6:e1:
                    b4:0f:00:1e:27:19:b6:e0:df:97:66:1f:58:ec:54:
                    15:4f:61:b9:85:0e:53:22:68:62:a6:8c:1d:48:dc:
                    52:e0:09:9a:1d:af:27:a8:93:7d:0f:b0:57:24:67:
                    01:42:66:8e:67:79:73:2c:d5:e4:9c:da:60:06:48:
                    cc:ce:e6:76:08:d6:d4:c4:d5:58:b3:6b:62:e9:ce:
                    c3:51:0b:08:4d:25:4c:9e:d0:f2:bb:7a:de:3b:5c:
                    1c:55:c1:10:20:13:22:99:10:b3:24:0a:2d:e9:f6:
                    dd:24:23:e8:7e:15:13:8e:cd:66:10:1c:28:92:66:
                    e8:a1:4c:24:36:b0:06:be:d8:0d:cb:f9:7b:e1:4c:
                    de:ab:7e:25:4d:2a:c2:95:2b:3e:d9:57:6a:be:ee:
                    2e:56:61:94:0d:2e:8c:c2:80:e3:c8:bf:ca:ff:1c:
                    21:36:e1:cd:16:df:62:c3:6b:c5:3d:92:e4:ea:0d:
                    5b:2a:54:16:cf:14:3d:2c:d3:30:5b:68:ba:3e:f7:
                    75:dd:61:78:6a:d1:05:e1:c2:fa:70:a9:2e:bf:4a:
                    1f:94:c2:f9:ad:f6:c9:32:3e:a5:23:6e:91:5c:18:
                    d5:48:66:db:4c:62:d7:ea:9f:e9:5c:90:b4:a3:3b:
                    11:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:0A:3D:D5:82:16:99:EC:5A:09:2F:EF:E5:5E:40:7D:5B:D0:CB:A5
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C2E41/8757518E1DA411E2B9219E9A08B02CD2/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C2E41/8757518E1DA411E2B9219E9A08B02CD2/xQo91YIWmexaCS_v5V5AfVvQy6U.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  24030

    Signature Algorithm: sha256WithRSAEncryption
         6e:65:2c:8e:31:e5:26:75:8b:56:71:09:aa:8c:53:b6:f7:9c:
         73:ef:3a:86:40:a3:af:05:dc:a8:1a:34:78:ad:64:54:2d:d8:
         d7:83:2a:d3:d8:f2:19:c6:0f:cd:ce:00:54:dc:f9:cb:87:ad:
         f2:c7:3f:b8:1b:ec:ba:ff:b1:9d:79:fc:2f:a0:32:7d:c2:58:
         bc:91:01:20:98:72:34:d0:cb:56:56:bd:37:a6:5f:0a:61:55:
         77:c2:e9:64:c2:4b:4d:9b:ac:bf:3e:93:d8:58:79:71:a9:ea:
         bf:a5:34:f1:e4:56:f7:40:6f:cf:83:f4:b4:30:6e:5c:bd:0a:
         02:78:aa:13:5c:79:40:76:c8:6f:03:1b:b3:e3:86:98:cc:7f:
         b6:99:47:dc:3a:15:8b:67:b5:dd:b2:b6:61:34:5b:13:cd:12:
         fc:33:6f:8d:69:3b:0b:1d:80:12:1a:19:f7:2d:60:aa:96:c9:
         6a:0b:14:aa:17:e5:5a:43:8a:19:43:a9:04:e4:8c:fc:4e:6a:
         06:e1:dd:44:43:85:cd:04:db:4d:22:ae:a6:fa:8e:72:74:5e:
         71:9b:c1:07:25:9b:dd:68:c8:a5:fc:3a:53:f1:30:5a:10:95:
         55:d3:64:79:e5:d5:3a:f3:7d:88:51:7c:1c:4a:86:86:13:e1:
         58:89:a3:ae
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIDAfEPMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDUxMDE1MjE1MVoXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzJFNDExMTAvBgNVBAUTKEM1MEEzREQ1ODIxNjk5RUM1QTA5MkZF
RkU1NUU0MDdENUJEMENCQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLOiRcAAf6Do0UDO3m4bQPAB4nGbbg35dmH1jsVBVPYbmFDlMiaGKmjB1I3FLg
CZodryeok30PsFckZwFCZo5neXMs1eSc2mAGSMzO5nYI1tTE1Viza2LpzsNRCwhN
JUye0PK7et47XBxVwRAgEyKZELMkCi3p9t0kI+h+FROOzWYQHCiSZuihTCQ2sAa+
2A3L+XvhTN6rfiVNKsKVKz7ZV2q+7i5WYZQNLozCgOPIv8r/HCE24c0W32LDa8U9
kuTqDVsqVBbPFD0s0zBbaLo+93XdYXhq0QXhwvpwqS6/Sh+Uwvmt9skyPqUjbpFc
GNVIZttMYtfqn+lckLSjOxFLAgMBAAGjggLtMIIC6TAdBgNVHQ4EFgQUxQo91YIW
mexaCS/v5V5AfVvQy6UwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUMyRTQxLzg3NTc1MThFMURBNDExRTJCOTIxOUU5QTA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDMkU0MS84NzU3NTE4RTFEQTQxMUUyQjkyMTlFOUEwOEIwMkNEMi94UW85MVlJ
V21leGFDU192NVY1QWZWdlF5NlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICXd4wDQYJKoZIhvcNAQELBQADggEBAG5lLI4x5SZ1i1ZxCaqMU7b3nHPv
OoZAo68F3KgaNHitZFQt2NeDKtPY8hnGD83OAFTc+cuHrfLHP7gb7Lr/sZ15/C+g
Mn3CWLyRASCYcjTQy1ZWvTemXwphVXfC6WTCS02brL8+k9hYeXGp6r+lNPHkVvdA
b8+D9LQwbly9CgJ4qhNceUB2yG8DG7PjhpjMf7aZR9w6FYtntd2ytmE0WxPNEvwz
b41pOwsdgBIaGfctYKqWyWoLFKoX5VpDihlDqQTkjPxOagbh3URDhc0E200irqb6
jnJ0XnGbwQclm91oyKX8OlPxMFoQlVXTZHnl1TrzfYhRfBxKhoYT4ViJo64=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:00:12 2024 by rpki-client on console-ams.rpki-client.org