Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yk4HUSi1N46tOjNLzp3hFXc1nNo.cer
File:                     yk4HUSi1N46tOjNLzp3hFXc1nNo.cer (raw, json)
Hash identifier:          xoTusxhyqrcv6DLDzlr36ydo9GDYjT815uLwl6hYTq4=
Subject key identifier:   CA:4E:07:51:28:B5:37:8E:AD:3A:33:4B:CE:9D:E1:15:77:35:9C:DA
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D43C
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91CB5F3/73AFED862D2111EB83D99079C4F9AE02/yk4HUSi1N46tOjNLzp3hFXc1nNo.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91CB5F3/73AFED862D2111EB83D99079C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 26 Dec 2023 19:02:34 +0000
Certificate not after:    Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 7699

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 23:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 119868 (0x1d43c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec 26 19:02:34 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=A91CB5F3/serialNumber=CA4E075128B5378EAD3A334BCE9DE11577359CDA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:4c:dd:f1:f1:df:29:b2:9d:85:a3:47:ca:d7:
                    88:fb:99:7d:4c:b6:c5:15:a1:1e:01:d8:a0:b8:40:
                    17:7b:d9:20:26:bd:3f:c5:ea:ac:c7:2d:fc:d4:86:
                    ed:f6:51:9b:a4:ac:58:78:91:e5:c7:6a:9e:9a:5c:
                    bc:0f:a1:1e:96:69:08:8f:cb:0e:90:53:bc:37:42:
                    fd:61:c0:25:c6:45:55:c8:11:d7:af:d6:b3:77:e9:
                    1a:1c:6a:9f:bc:09:fb:21:4d:5d:23:ab:27:75:06:
                    ee:a7:3a:3d:4e:8f:cc:40:42:ed:16:ab:c7:8b:ff:
                    a5:81:9f:5b:e6:0b:49:86:03:2f:a1:d2:7b:7c:89:
                    30:da:80:c8:81:7f:81:98:2e:b8:b0:73:b5:0d:82:
                    d6:24:4d:43:92:79:8a:cc:22:32:b4:0e:16:d1:ee:
                    1d:d6:fb:46:34:6c:8f:05:bb:9d:f3:2a:52:fb:1f:
                    e6:6b:49:f0:e5:3b:a5:ee:12:8a:a0:fe:86:99:63:
                    4e:22:e3:1c:9b:43:d9:64:8f:1e:0f:a5:c9:da:d4:
                    c2:69:9a:e5:ac:73:2c:28:fb:6b:a5:a2:0b:45:fa:
                    b5:c3:8c:a6:ea:19:18:00:11:e7:92:f0:93:2b:cb:
                    a8:b1:af:e5:87:6a:8b:8e:e2:1a:77:14:5d:9c:4b:
                    d0:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:4E:07:51:28:B5:37:8E:AD:3A:33:4B:CE:9D:E1:15:77:35:9C:DA
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CB5F3/73AFED862D2111EB83D99079C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CB5F3/73AFED862D2111EB83D99079C4F9AE02/yk4HUSi1N46tOjNLzp3hFXc1nNo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  7699

    Signature Algorithm: sha256WithRSAEncryption
         a7:60:4b:20:b8:cd:b3:a7:e0:07:6b:a7:6c:84:71:c6:e0:0d:
         02:b1:df:31:7e:76:55:e6:bd:69:3c:4e:88:21:a2:f8:3e:35:
         3d:7f:df:7f:6a:d3:32:e6:59:ee:37:cf:ec:0a:3c:e0:16:c7:
         00:e1:12:b3:4a:46:b2:ab:3f:bd:86:1f:7f:de:aa:a9:de:95:
         c3:de:c7:68:96:07:3e:0e:f2:1f:46:a7:20:8c:36:7a:df:a3:
         6d:cb:54:76:4a:09:0b:0e:fa:1a:e2:64:3a:b3:b6:e8:a0:80:
         ef:30:a9:74:fd:43:99:c8:23:44:e3:77:8e:62:6b:40:39:05:
         71:b1:f1:82:ff:26:19:e1:98:cc:c9:4a:61:50:36:7f:c1:7c:
         85:c3:30:88:08:54:3d:bd:fb:0b:57:2a:fb:a8:94:56:2d:0a:
         05:72:c1:a9:36:a1:c2:8a:16:4c:18:99:ee:ef:e3:f8:f1:7c:
         17:7b:76:58:a3:0b:da:93:82:4b:49:cf:d6:34:6e:a7:5f:99:
         24:d1:5d:22:02:75:52:40:5e:3d:67:85:f7:d4:4b:e5:26:ed:
         c9:2a:60:f0:23:7e:bb:1e:e2:60:33:21:dc:8d:a5:4a:42:b2:
         c7:cf:f1:09:2f:4e:87:74:34:d7:86:7b:0b:b4:d9:f1:40:52:
         b3:9c:d8:30
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIDAdQ8MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIyNjE5MDIzNFoXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQ0I1RjMxMTAvBgNVBAUTKENBNEUwNzUxMjhCNTM3OEVBRDNBMzM0
QkNFOURFMTE1NzczNTlDREEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDTN3x8d8psp2Fo0fK14j7mX1MtsUVoR4B2KC4QBd72SAmvT/F6qzHLfzUhu32
UZukrFh4keXHap6aXLwPoR6WaQiPyw6QU7w3Qv1hwCXGRVXIEdev1rN36Rocap+8
CfshTV0jqyd1Bu6nOj1Oj8xAQu0Wq8eL/6WBn1vmC0mGAy+h0nt8iTDagMiBf4GY
Lriwc7UNgtYkTUOSeYrMIjK0DhbR7h3W+0Y0bI8Fu53zKlL7H+ZrSfDlO6XuEoqg
/oaZY04i4xybQ9lkjx4Ppcna1MJpmuWscywo+2ulogtF+rXDjKbqGRgAEeeS8JMr
y6ixr+WHaouO4hp3FF2cS9AbAgMBAAGjggLtMIIC6TAdBgNVHQ4EFgQUyk4HUSi1
N46tOjNLzp3hFXc1nNowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNCNUYzLzczQUZFRDg2MkQyMTExRUI4M0Q5OTA3OUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDQjVGMy83M0FGRUQ4NjJEMjExMUVCODNEOTkwNzlDNEY5QUUwMi95azRIVVNp
MU40NnRPak5MenAzaEZYYzFuTm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICHhMwDQYJKoZIhvcNAQELBQADggEBAKdgSyC4zbOn4Adrp2yEccbgDQKx
3zF+dlXmvWk8Toghovg+NT1/339q0zLmWe43z+wKPOAWxwDhErNKRrKrP72GH3/e
qqnelcPex2iWBz4O8h9GpyCMNnrfo23LVHZKCQsO+hriZDqztuiggO8wqXT9Q5nI
I0Tjd45ia0A5BXGx8YL/JhnhmMzJSmFQNn/BfIXDMIgIVD29+wtXKvuolFYtCgVy
wak2ocKKFkwYme7v4/jxfBd7dlijC9qTgktJz9Y0bqdfmSTRXSICdVJAXj1nhffU
S+Um7ckqYPAjfrse4mAzIdyNpUpCssfP8QkvTod0NNeGewu02fFAUrOc2DA=
-----END CERTIFICATE-----
Generated at Fri Mar 29 00:01:06 2024 by rpki-client on console-fra.rpki-client.org