Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yjLVEUYqtCYYqI26BYaa_r6g5Ro.cer
File:                     yjLVEUYqtCYYqI26BYaa_r6g5Ro.cer (raw, json)
Hash identifier:          qOdGgL87R6e0RlX3KebcCX6GGK/dPhIgraUpVqypLBA=
Subject key identifier:   CA:32:D5:11:46:2A:B4:26:18:A8:8D:BA:05:86:9A:FE:BE:A0:E5:1A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01B09E
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91F89C1/13ED6802808611EBB4C6D116C4F9AE02/yjLVEUYqtCYYqI26BYaa_r6g5Ro.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91F89C1/13ED6802808611EBB4C6D116C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 17 Jul 2023 21:54:36 +0000
Certificate not after:    Mon 30 Sep 2024 00:00:00 +0000
Subordinate resources:    AS: 132321
                          IP: 150.191.0.0/16

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 09:37:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 110750 (0x1b09e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul 17 21:54:36 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=A91F89C1/serialNumber=CA32D511462AB42618A88DBA05869AFEBEA0E51A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:49:8c:76:55:45:b9:55:a5:a7:b7:26:1c:5c:
                    7c:f0:45:10:f8:4d:ab:50:da:44:5d:70:23:98:96:
                    38:d1:34:cc:f7:75:60:f2:dc:6d:f7:67:dc:c6:bb:
                    e6:1d:89:d0:1d:92:de:e0:8e:ef:87:b0:41:e9:92:
                    d2:5b:32:7f:d4:a4:81:0f:03:03:b5:23:f0:0e:e4:
                    5a:dd:cb:0c:24:08:42:bd:83:c5:15:08:3e:8b:6f:
                    e0:b3:9d:63:46:f5:8f:e7:78:2b:5e:95:f1:42:27:
                    80:90:a8:1f:f8:a9:2b:64:57:5b:6e:33:ed:ce:df:
                    4b:3f:f6:65:13:eb:65:d5:9b:35:ac:d6:c2:fc:fe:
                    7e:76:4e:87:e7:28:f3:34:ac:6e:94:be:96:03:90:
                    09:5b:cf:e1:12:93:59:85:01:94:87:8e:0f:fe:d9:
                    0c:07:6b:72:a6:22:5f:45:7c:e1:e2:6a:05:35:2b:
                    1c:45:3a:6d:58:91:28:9d:b0:6a:f3:b2:b0:e5:3b:
                    8e:79:ea:4c:13:5e:d6:3e:cc:db:80:0b:84:e9:ef:
                    2b:71:5d:ba:85:17:02:fd:cf:02:0a:63:fe:0a:bc:
                    8b:e0:02:c1:15:9b:be:60:e1:5c:d2:19:cb:b7:5c:
                    69:53:89:f9:61:f9:02:68:d5:87:5f:34:b6:27:03:
                    b9:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:32:D5:11:46:2A:B4:26:18:A8:8D:BA:05:86:9A:FE:BE:A0:E5:1A
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F89C1/13ED6802808611EBB4C6D116C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F89C1/13ED6802808611EBB4C6D116C4F9AE02/yjLVEUYqtCYYqI26BYaa_r6g5Ro.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  132321

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.191.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         02:32:b4:63:bd:ee:7e:5b:f2:8d:99:a4:d4:9b:9f:fa:9b:cd:
         02:46:2f:c1:66:3b:89:40:87:b8:22:59:d7:a3:22:6d:3c:b8:
         b7:17:d8:41:9c:60:a6:13:6d:2e:84:12:6b:b8:5d:56:cd:83:
         36:b3:f6:33:32:0e:5b:ec:dc:1f:67:32:5e:3b:b4:f8:31:e3:
         a7:7a:76:09:91:67:6a:df:3a:15:ad:1d:8f:5b:30:9d:e5:ed:
         fb:59:27:e7:43:06:6b:67:11:30:53:a5:65:a2:c2:f2:5c:fe:
         f5:56:71:df:48:d7:8c:19:aa:b6:d5:b1:a3:41:c0:c7:f2:db:
         cb:6d:08:ee:cc:3a:0c:17:ac:0e:91:90:dc:09:a6:c7:01:a8:
         9b:50:14:b7:33:97:f4:ca:e4:e8:24:c5:f8:38:77:5b:bf:38:
         50:93:39:f3:2d:28:07:62:a3:d2:76:22:91:c4:7c:89:fb:20:
         b7:17:a2:72:bc:ee:2d:aa:8b:ee:36:80:cf:64:4a:af:aa:fa:
         0e:f6:4f:2c:d5:8b:63:e5:d4:88:70:1c:4d:b8:41:b8:b9:12:
         b3:d1:8a:6b:85:68:11:67:43:14:d7:4f:b6:f3:ce:3e:53:68:
         e1:4b:19:11:24:e2:61:cb:41:ca:83:3a:04:d5:a8:3f:d5:a3:
         dc:7b:46:a3
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgIDAbCeMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDcxNzIxNTQzNloXDTI0MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRjg5QzExMTAvBgNVBAUTKENBMzJENTExNDYyQUI0MjYxOEE4OERC
QTA1ODY5QUZFQkVBMEU1MUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQClSYx2VUW5VaWntyYcXHzwRRD4TatQ2kRdcCOYljjRNMz3dWDy3G33Z9zGu+Yd
idAdkt7gju+HsEHpktJbMn/UpIEPAwO1I/AO5FrdywwkCEK9g8UVCD6Lb+CznWNG
9Y/neCtelfFCJ4CQqB/4qStkV1tuM+3O30s/9mUT62XVmzWs1sL8/n52TofnKPM0
rG6UvpYDkAlbz+ESk1mFAZSHjg/+2QwHa3KmIl9FfOHiagU1KxxFOm1YkSidsGrz
srDlO4556kwTXtY+zNuAC4Tp7ytxXbqFFwL9zwIKY/4KvIvgAsEVm75g4VzSGcu3
XGlTiflh+QJo1YdfNLYnA7lHAgMBAAGjggMOMIIDCjAdBgNVHQ4EFgQUyjLVEUYq
tCYYqI26BYaa/r6g5RowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUY4OUMxLzEzRUQ2ODAyODA4NjExRUJCNEM2RDExNkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGODlDMS8xM0VENjgwMjgwODYxMUVCQjRDNkQxMTZDNEY5QUUwMi95akxWRVVZ
cXRDWVlxSTI2QllhYV9yNmc1Um8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgThMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAlr8wDQYJKoZI
hvcNAQELBQADggEBAAIytGO97n5b8o2ZpNSbn/qbzQJGL8FmO4lAh7giWdejIm08
uLcX2EGcYKYTbS6EEmu4XVbNgzaz9jMyDlvs3B9nMl47tPgx46d6dgmRZ2rfOhWt
HY9bMJ3l7ftZJ+dDBmtnETBTpWWiwvJc/vVWcd9I14wZqrbVsaNBwMfy28ttCO7M
OgwXrA6RkNwJpscBqJtQFLczl/TK5Ogkxfg4d1u/OFCTOfMtKAdio9J2IpHEfIn7
ILcXonK87i2qi+42gM9kSq+q+g72TyzVi2Pl1IhwHE24Qbi5ErPRimuFaBFnQxTX
T7bzzj5TaOFLGREk4mHLQcqDOgTVqD/Vo9x7RqM=
-----END CERTIFICATE-----
Generated at Thu Mar 28 10:52:01 2024 by rpki-client on console-ams.rpki-client.org