Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yjLVEUYqtCYYqI26BYaa_r6g5Ro.cer
File:                     yjLVEUYqtCYYqI26BYaa_r6g5Ro.cer (raw, json)
Hash identifier:          JtdWFo7umR8CDcm64CFVnNE2gBWsv8lAI1gThLiL1oY=
Subject key identifier:   CA:32:D5:11:46:2A:B4:26:18:A8:8D:BA:05:86:9A:FE:BE:A0:E5:1A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       020051
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91F89C1/13ED6802808611EBB4C6D116C4F9AE02/yjLVEUYqtCYYqI26BYaa_r6g5Ro.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91F89C1/13ED6802808611EBB4C6D116C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 15 Jul 2024 22:49:59 +0000
Certificate not after:    Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources:    AS: 132321
                          IP: 150.191.0.0/16

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 131153 (0x20051)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul 15 22:49:59 2024 GMT
            Not After : Sep 30 00:00:00 2025 GMT
        Subject: CN=A91F89C1/serialNumber=CA32D511462AB42618A88DBA05869AFEBEA0E51A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:49:8c:76:55:45:b9:55:a5:a7:b7:26:1c:5c:
                    7c:f0:45:10:f8:4d:ab:50:da:44:5d:70:23:98:96:
                    38:d1:34:cc:f7:75:60:f2:dc:6d:f7:67:dc:c6:bb:
                    e6:1d:89:d0:1d:92:de:e0:8e:ef:87:b0:41:e9:92:
                    d2:5b:32:7f:d4:a4:81:0f:03:03:b5:23:f0:0e:e4:
                    5a:dd:cb:0c:24:08:42:bd:83:c5:15:08:3e:8b:6f:
                    e0:b3:9d:63:46:f5:8f:e7:78:2b:5e:95:f1:42:27:
                    80:90:a8:1f:f8:a9:2b:64:57:5b:6e:33:ed:ce:df:
                    4b:3f:f6:65:13:eb:65:d5:9b:35:ac:d6:c2:fc:fe:
                    7e:76:4e:87:e7:28:f3:34:ac:6e:94:be:96:03:90:
                    09:5b:cf:e1:12:93:59:85:01:94:87:8e:0f:fe:d9:
                    0c:07:6b:72:a6:22:5f:45:7c:e1:e2:6a:05:35:2b:
                    1c:45:3a:6d:58:91:28:9d:b0:6a:f3:b2:b0:e5:3b:
                    8e:79:ea:4c:13:5e:d6:3e:cc:db:80:0b:84:e9:ef:
                    2b:71:5d:ba:85:17:02:fd:cf:02:0a:63:fe:0a:bc:
                    8b:e0:02:c1:15:9b:be:60:e1:5c:d2:19:cb:b7:5c:
                    69:53:89:f9:61:f9:02:68:d5:87:5f:34:b6:27:03:
                    b9:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:32:D5:11:46:2A:B4:26:18:A8:8D:BA:05:86:9A:FE:BE:A0:E5:1A
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F89C1/13ED6802808611EBB4C6D116C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F89C1/13ED6802808611EBB4C6D116C4F9AE02/yjLVEUYqtCYYqI26BYaa_r6g5Ro.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  132321

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.191.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         88:5d:f4:a4:59:fd:d3:28:bd:5f:6d:00:06:bf:22:bd:e4:9d:
         67:b0:38:54:52:e6:9c:00:89:a4:b3:c2:ee:60:58:dd:a6:84:
         37:be:dd:f6:f8:9b:a1:40:7f:c6:6d:84:9d:74:8f:77:cf:5f:
         81:09:02:2a:4f:01:07:24:eb:4a:73:48:fc:54:3f:37:fc:fb:
         20:37:c3:11:a1:27:cc:18:29:f5:df:1e:32:9c:ff:ae:60:8d:
         14:22:09:80:4b:e9:db:d0:c5:5e:7d:7c:1e:36:00:6f:40:d0:
         28:1c:1e:7c:b5:aa:98:a7:4d:a7:23:db:fe:5b:5f:40:7c:21:
         3f:53:ab:64:47:26:da:a5:f9:28:9c:62:6a:fa:3b:4c:d4:7c:
         b0:7a:d7:0b:cb:71:9d:b8:16:c2:7a:f5:04:37:7a:5d:6d:ac:
         6d:f8:a8:20:37:fd:d4:c9:1c:39:b4:5c:f4:e5:fa:2b:8e:3f:
         21:a2:01:5b:2d:20:27:62:79:6a:88:9f:ab:b1:61:77:a2:00:
         08:16:4e:d1:5c:7a:55:6a:fe:68:39:3a:04:7b:37:7d:e1:fa:
         ec:19:8d:c2:e0:20:1a:70:09:a6:35:42:9d:a4:83:3f:4e:a2:
         2d:00:5f:1d:e7:90:6b:4f:c0:4f:7b:ea:25:76:ef:bd:10:fe:
         ef:8c:e1:3f
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgIDAgBRMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDcxNTIyNDk1OVoXDTI1MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRjg5QzExMTAvBgNVBAUTKENBMzJENTExNDYyQUI0MjYxOEE4OERC
QTA1ODY5QUZFQkVBMEU1MUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQClSYx2VUW5VaWntyYcXHzwRRD4TatQ2kRdcCOYljjRNMz3dWDy3G33Z9zGu+Yd
idAdkt7gju+HsEHpktJbMn/UpIEPAwO1I/AO5FrdywwkCEK9g8UVCD6Lb+CznWNG
9Y/neCtelfFCJ4CQqB/4qStkV1tuM+3O30s/9mUT62XVmzWs1sL8/n52TofnKPM0
rG6UvpYDkAlbz+ESk1mFAZSHjg/+2QwHa3KmIl9FfOHiagU1KxxFOm1YkSidsGrz
srDlO4556kwTXtY+zNuAC4Tp7ytxXbqFFwL9zwIKY/4KvIvgAsEVm75g4VzSGcu3
XGlTiflh+QJo1YdfNLYnA7lHAgMBAAGjggMOMIIDCjAdBgNVHQ4EFgQUyjLVEUYq
tCYYqI26BYaa/r6g5RowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUY4OUMxLzEzRUQ2ODAyODA4NjExRUJCNEM2RDExNkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGODlDMS8xM0VENjgwMjgwODYxMUVCQjRDNkQxMTZDNEY5QUUwMi95akxWRVVZ
cXRDWVlxSTI2QllhYV9yNmc1Um8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgThMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAlr8wDQYJKoZI
hvcNAQELBQADggEBAIhd9KRZ/dMovV9tAAa/Ir3knWewOFRS5pwAiaSzwu5gWN2m
hDe+3fb4m6FAf8ZthJ10j3fPX4EJAipPAQck60pzSPxUPzf8+yA3wxGhJ8wYKfXf
HjKc/65gjRQiCYBL6dvQxV59fB42AG9A0CgcHny1qpinTacj2/5bX0B8IT9Tq2RH
Jtql+SicYmr6O0zUfLB61wvLcZ24FsJ69QQ3el1trG34qCA3/dTJHDm0XPTl+iuO
PyGiAVstICdieWqIn6uxYXeiAAgWTtFcelVq/mg5OgR7N33h+uwZjcLgIBpwCaY1
Qp2kgz9Ooi0AXx3nkGtPwE976iV2770Q/u+M4T8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:00:14 2024 by rpki-client on console-ams.rpki-client.org