Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ybuS-salUy5CNVZ1HQ6nKJHm3no.cer
File:                     ybuS-salUy5CNVZ1HQ6nKJHm3no.cer (raw, json)
Hash identifier:          cu8fAyzzEiAwr7s7yBN4DoonExQ/MM++SAbXKejX3YQ=
Subject key identifier:   C9:BB:92:FA:C6:A5:53:2E:42:35:56:75:1D:0E:A7:28:91:E6:DE:7A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01B72C
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A917AD0E/142820B20D5B11EBAD51CE36C4F9AE02/ybuS-salUy5CNVZ1HQ6nKJHm3no.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A917AD0E/142820B20D5B11EBAD51CE36C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 16 Aug 2023 15:22:45 +0000
Certificate not after:    Thu 31 Oct 2024 00:00:00 +0000
Subordinate resources:    AS: 137950
                          IP: 103.118.16.0/23
                          IP: 2001:df5:c100::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 13:06:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 112428 (0x1b72c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Aug 16 15:22:45 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=A917AD0E/serialNumber=C9BB92FAC6A5532E423556751D0EA72891E6DE7A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:b4:1a:eb:5f:6d:30:54:5e:b7:43:dc:86:b4:
                    4f:d4:a4:d5:85:7a:b7:5d:31:e3:bc:59:f4:70:73:
                    1c:83:67:b0:5d:ac:79:9a:4f:60:0c:a4:33:1e:78:
                    a4:0e:be:9a:52:5e:e9:df:11:b5:b8:26:ab:91:3b:
                    9f:83:2d:3d:8b:e7:5a:1d:78:4e:20:4c:39:ec:5a:
                    eb:4a:86:4d:e2:67:5f:61:3a:25:35:14:04:b1:42:
                    61:10:c9:97:4e:ba:08:dc:25:ca:06:18:37:9c:62:
                    03:4c:13:90:81:91:3c:ae:ca:ff:33:6a:3e:22:41:
                    23:7f:ea:0a:d6:c7:5e:b4:04:51:4c:4b:49:4a:6a:
                    b6:e1:cb:9b:90:92:3d:e7:91:09:e1:3e:68:15:5e:
                    de:7d:53:3c:11:7d:80:76:fc:d3:bb:d9:41:f1:78:
                    2c:c2:50:0e:ff:d9:c9:2b:e4:95:d0:1e:99:f9:47:
                    d0:d3:24:69:bd:5e:64:8b:8c:e6:89:12:b1:71:d2:
                    ce:ae:b9:43:bd:a6:1f:34:42:cf:b6:07:d0:e2:ee:
                    04:5d:3d:48:b9:37:56:11:a1:84:cd:67:a9:10:70:
                    e4:4a:0e:e7:70:87:63:41:1b:86:b2:94:b9:34:de:
                    9c:02:cb:a6:9b:b2:0c:6f:43:ce:6d:35:69:ac:90:
                    8a:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:BB:92:FA:C6:A5:53:2E:42:35:56:75:1D:0E:A7:28:91:E6:DE:7A
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917AD0E/142820B20D5B11EBAD51CE36C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917AD0E/142820B20D5B11EBAD51CE36C4F9AE02/ybuS-salUy5CNVZ1HQ6nKJHm3no.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  137950

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.118.16.0/23
                IPv6:
                  2001:df5:c100::/48

    Signature Algorithm: sha256WithRSAEncryption
         01:0b:dd:81:31:a3:e7:30:ac:61:5e:04:97:e3:b1:7b:f6:87:
         62:04:7e:9d:2f:79:d4:c0:b7:a5:4f:96:27:80:ca:5d:f9:5a:
         16:d5:62:72:ec:76:d5:65:fe:bd:cd:1e:fd:2a:f8:2a:38:c8:
         a9:a1:bf:d7:af:33:c5:51:f6:68:b7:18:64:70:17:3b:8f:97:
         94:31:f8:8c:0c:e6:64:cc:a1:f1:7b:29:30:04:e1:9d:08:20:
         62:f2:e5:20:cb:3b:83:8e:9e:95:62:96:a7:20:84:83:66:4e:
         ce:93:70:0a:c1:1b:b9:d3:b2:79:33:72:de:d0:44:50:00:e0:
         0a:30:3d:07:41:12:97:2e:0b:c8:ad:4b:08:c3:55:29:3d:71:
         03:9a:6f:93:e0:cf:70:32:fd:ca:4f:41:a1:3a:08:95:83:e6:
         6a:93:05:a1:88:82:3e:7e:be:ab:41:ff:59:a8:2c:7c:1f:23:
         c4:6a:cb:29:c9:4e:5a:d3:e1:17:d6:f2:14:25:21:d8:e0:07:
         e0:7e:1a:17:e4:fe:26:00:49:8a:be:e0:52:a2:90:75:9c:77:
         e4:9f:55:b0:bc:c3:4e:77:32:5d:4b:63:5e:b4:df:c5:55:be:
         ca:7a:aa:d7:79:a6:26:5e:8d:a6:fe:1b:6b:27:65:a8:34:18:
         78:39:d5:e5
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAbcsMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDgxNjE1MjI0NVoXDTI0MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxN0FEMEUxMTAvBgNVBAUTKEM5QkI5MkZBQzZBNTUzMkU0MjM1NTY3
NTFEMEVBNzI4OTFFNkRFN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDUtBrrX20wVF63Q9yGtE/UpNWFerddMeO8WfRwcxyDZ7BdrHmaT2AMpDMeeKQO
vppSXunfEbW4JquRO5+DLT2L51odeE4gTDnsWutKhk3iZ19hOiU1FASxQmEQyZdO
ugjcJcoGGDecYgNME5CBkTyuyv8zaj4iQSN/6grWx160BFFMS0lKarbhy5uQkj3n
kQnhPmgVXt59UzwRfYB2/NO72UHxeCzCUA7/2ckr5JXQHpn5R9DTJGm9XmSLjOaJ
ErFx0s6uuUO9ph80Qs+2B9Di7gRdPUi5N1YRoYTNZ6kQcORKDudwh2NBG4aylLk0
3pwCy6absgxvQ85tNWmskIpJAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUybuS+sal
Uy5CNVZ1HQ6nKJHm3nowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTdBRDBFLzE0MjgyMEIyMEQ1QjExRUJBRDUxQ0UzNkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3QUQwRS8xNDI4MjBCMjBENUIxMUVCQUQ1MUNFMzZDNEY5QUUwMi95YnVTLXNh
bFV5NUNOVloxSFE2bktKSG0zbm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhreMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ3YQMA8EAgAC
MAkDBwAgAQ31wQAwDQYJKoZIhvcNAQELBQADggEBAAEL3YExo+cwrGFeBJfjsXv2
h2IEfp0vedTAt6VPlieAyl35WhbVYnLsdtVl/r3NHv0q+Co4yKmhv9evM8VR9mi3
GGRwFzuPl5Qx+IwM5mTMofF7KTAE4Z0IIGLy5SDLO4OOnpVilqcghINmTs6TcArB
G7nTsnkzct7QRFAA4AowPQdBEpcuC8itSwjDVSk9cQOab5Pgz3Ay/cpPQaE6CJWD
5mqTBaGIgj5+vqtB/1moLHwfI8RqyynJTlrT4RfW8hQlIdjgB+B+Ghfk/iYASYq+
4FKikHWcd+SfVbC8w053Ml1LY16038VVvsp6qtd5piZejab+G2snZag0GHg51eU=
-----END CERTIFICATE-----
Generated at Thu Mar 28 14:08:19 2024 by rpki-client on console-fra.rpki-client.org