Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer
File:                     yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer (raw, json)
Hash identifier:          F+TPiAOP2qeQ7fqeqNZGf6aRO2H7kNq8jca4qApC4mg=
Subject key identifier:   C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D886
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 15 Jan 2024 19:53:38 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 138627
                          IP: 103.203.220.0/22
                          IP: 123.253.152.0/22
                          IP: 150.195.208.0/20
                          IP: 202.75.240.0/21
                          IP: 2407:a80::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 15:22:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120966 (0x1d886)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan 15 19:53:38 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A91E4D3D/serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:10:06:dd:d4:30:5e:cc:ee:32:37:cb:50:1e:
                    4b:25:9b:43:80:cb:f5:fb:8f:3f:1c:18:7e:de:de:
                    b7:47:03:f8:1e:b0:70:a2:1c:94:ef:ae:fe:a4:d2:
                    b2:2e:b4:88:ba:68:11:4c:1a:b1:8d:73:d3:3c:6d:
                    ff:6e:16:87:a7:ab:85:9c:57:a9:ac:65:8e:f8:f6:
                    ec:16:5b:12:29:17:8f:7a:f4:ee:54:f8:64:dd:f2:
                    ce:7a:0a:f0:81:90:c6:31:83:19:b9:1b:59:d8:fa:
                    19:88:36:80:7b:1c:8e:74:85:62:25:b3:3d:d9:3d:
                    76:f7:f6:68:a6:75:84:dd:56:1a:44:b1:da:99:a6:
                    69:0d:d3:4e:4c:55:51:42:94:02:c1:79:45:85:45:
                    ed:0a:89:46:cb:bc:5a:26:4b:88:8b:df:04:e7:9b:
                    42:e8:0b:97:c3:a5:46:33:9b:7c:35:ee:d2:e8:d1:
                    bc:61:02:fc:32:c2:8b:cc:f4:dc:88:d8:cf:e3:78:
                    37:db:d7:7b:93:8f:7b:6c:b6:d9:0f:c6:07:f6:5f:
                    f1:96:c3:16:ca:64:2e:4b:d1:1e:79:90:85:e0:86:
                    bf:81:d5:0b:a9:d5:16:db:2b:83:38:27:df:df:6b:
                    56:c9:7b:7f:9c:1b:18:a2:d1:71:28:e1:91:6d:0a:
                    b5:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  138627

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.203.220.0/22
                  123.253.152.0/22
                  150.195.208.0/20
                  202.75.240.0/21
                IPv6:
                  2407:a80::/32

    Signature Algorithm: sha256WithRSAEncryption
         10:c7:e5:7d:58:f9:6a:fb:d3:c7:5c:c1:f3:c6:77:96:f3:0d:
         f2:f1:1d:58:b1:1b:d5:fb:72:d9:9e:82:bf:f5:4d:36:be:8b:
         97:59:5d:c0:05:59:ac:58:86:b3:9d:db:d8:9f:df:83:19:2e:
         f6:52:45:3d:50:c1:b7:88:51:bc:27:5c:4c:f3:bb:24:94:6c:
         ec:4d:40:28:50:d0:cc:9e:0a:d6:11:bc:74:5d:c5:76:1f:99:
         a6:34:1d:89:d6:30:26:cd:6f:15:57:67:35:6a:38:c1:50:26:
         00:d6:f8:91:35:7f:a1:67:c7:61:b7:c0:32:52:01:30:fb:b5:
         11:a8:ee:43:71:6b:24:04:78:77:1e:d3:1f:95:f3:ac:cf:67:
         58:29:fe:0d:37:3a:ef:61:b0:48:2e:77:8f:32:7a:29:8c:67:
         19:9a:22:85:5f:b2:80:6c:86:35:73:e2:cf:00:63:3f:34:46:
         1c:f5:1d:e0:fe:24:36:be:d9:1d:d9:a9:8d:d8:cb:c8:4b:80:
         1c:9e:f7:43:06:a7:fa:e7:e1:5b:05:51:ec:a5:0e:8d:6b:e6:
         34:09:21:4f:a5:d1:32:d0:6b:78:c9:22:0c:7b:14:b4:03:8d:
         c1:2a:13:b7:52:cb:e0:91:92:b6:e9:b2:ea:d4:38:6a:6e:b6:
         3f:1a:ff:4b
-----BEGIN CERTIFICATE-----
MIIGOzCCBSOgAwIBAgIDAdiGMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDExNTE5NTMzOFoXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTREM0QxMTAvBgNVBAUTKEM4MDcwRkQwNjFBODUxRkY4QUVERTBE
RTBDMzYwN0VFQjk4RkY3MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCkEAbd1DBezO4yN8tQHkslm0OAy/X7jz8cGH7e3rdHA/gesHCiHJTvrv6k0rIu
tIi6aBFMGrGNc9M8bf9uFoenq4WcV6msZY749uwWWxIpF4969O5U+GTd8s56CvCB
kMYxgxm5G1nY+hmINoB7HI50hWIlsz3ZPXb39mimdYTdVhpEsdqZpmkN005MVVFC
lALBeUWFRe0KiUbLvFomS4iL3wTnm0LoC5fDpUYzm3w17tLo0bxhAvwywovM9NyI
2M/jeDfb13uTj3tsttkPxgf2X/GWwxbKZC5L0R55kIXghr+B1Qup1RbbK4M4J9/f
a1bJe3+cGxii0XEo4ZFtCrW1AgMBAAGjggMwMIIDLDAdBgNVHQ4EFgQUyAcP0GGo
Uf+K7eDeDDYH7rmP9wEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU0RDNEL0IwMjAyRDMyRDhCOTExRUJBQkMxRjQ4NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFNEQzRC9CMDIwMkQzMkQ4QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi95QWNQMEdH
b1VmLUs3ZURlRERZSDdybVA5d0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAh2DMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCZ8vcAwQCe/2Y
AwQElsPQAwQDykvwMA0EAgACMAcDBQAkBwqAMA0GCSqGSIb3DQEBCwUAA4IBAQAQ
x+V9WPlq+9PHXMHzxneW8w3y8R1YsRvV+3LZnoK/9U02vouXWV3ABVmsWIazndvY
n9+DGS72UkU9UMG3iFG8J1xM87sklGzsTUAoUNDMngrWEbx0XcV2H5mmNB2J1jAm
zW8VV2c1ajjBUCYA1viRNX+hZ8dht8AyUgEw+7URqO5DcWskBHh3HtMflfOsz2dY
Kf4NNzrvYbBILnePMnopjGcZmiKFX7KAbIY1c+LPAGM/NEYc9R3g/iQ2vtkd2amN
2MvIS4AcnvdDBqf65+FbBVHspQ6Na+Y0CSFPpdEy0Gt4ySIMexS0A43BKhO3Usvg
kZK26bLq1DhqbrY/Gv9L
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:51:13 2024 by rpki-client on console-ams.rpki-client.org