Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypVZFPmLL8kWpFEtpyq3WhHFK9A.cer
File:                     ypVZFPmLL8kWpFEtpyq3WhHFK9A.cer (raw, json)
Hash identifier:          t+xZa3qjL25ocwXU0qnmVbLigPb2sL0+wz2itRLIWVc=
Subject key identifier:   CA:95:59:14:F9:8B:2F:C9:16:A4:51:2D:A7:2A:B7:5A:11:C5:2B:D0
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E45B
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/ypVZFPmLL8kWpFEtpyq3WhHFK9A.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 13 Mar 2024 17:34:43 +0000
Certificate not after:    Wed 28 May 2025 00:00:00 +0000
Subordinate resources:    AS: 38473
                          IP: 202.20.102.0 -- 202.20.104.255
                          IP: 2001:df0:77::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123995 (0x1e45b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar 13 17:34:43 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=A9193037/serialNumber=CA955914F98B2FC916A4512DA72AB75A11C52BD0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:d2:59:a4:d2:c9:ef:dd:29:a3:92:51:a8:c1:
                    05:cb:ab:31:13:d1:ca:10:0e:28:00:5b:ce:e8:74:
                    3c:39:b1:6e:30:27:42:21:56:02:32:5b:1c:2c:32:
                    3f:a0:0c:e8:68:37:9c:f5:fa:5f:fc:df:c5:19:b7:
                    cf:22:fb:ec:5a:19:de:5c:27:46:c7:60:28:12:42:
                    48:d4:e1:8c:ec:54:b9:84:ba:df:2b:57:cc:43:60:
                    bf:ce:84:b3:9c:07:bc:a1:53:a5:f3:b0:90:f2:ec:
                    3a:52:fe:83:f0:ba:9f:3a:ed:40:d5:79:b5:9e:3e:
                    20:47:a7:ec:56:6f:f6:8b:31:b4:64:9e:1e:5a:f5:
                    87:2d:6a:04:e6:f1:e7:c7:4f:61:59:2d:09:b5:cc:
                    ba:4d:a3:64:cf:00:52:86:7b:80:ce:ee:2f:f9:f6:
                    09:36:b9:7a:9d:b6:97:91:15:d9:ae:81:56:09:69:
                    ef:ec:3f:08:b6:9e:1e:dd:53:f5:7b:76:d2:7b:59:
                    05:8a:26:93:36:31:a6:1d:f1:86:8e:b1:a2:df:fe:
                    95:e5:b6:45:fd:51:f3:41:34:7d:c5:88:66:01:65:
                    5b:c2:3a:8c:d8:61:ec:fe:3b:04:3b:f8:4f:84:69:
                    00:26:2f:62:43:ce:9e:b2:41:c2:e7:4e:dc:ce:81:
                    47:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:95:59:14:F9:8B:2F:C9:16:A4:51:2D:A7:2A:B7:5A:11:C5:2B:D0
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/ypVZFPmLL8kWpFEtpyq3WhHFK9A.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  38473

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.20.102.0-202.20.104.255
                IPv6:
                  2001:df0:77::/48

    Signature Algorithm: sha256WithRSAEncryption
         0b:f8:88:13:3d:2b:cc:1c:1f:40:40:2b:12:ca:9f:d4:11:cb:
         b0:91:28:1c:a5:0f:df:fe:8c:da:34:52:41:56:99:f3:83:23:
         56:a4:d5:3b:a1:b9:24:70:e4:9c:e0:36:bc:6b:8c:56:ba:6c:
         00:b2:dc:50:37:27:68:7e:7f:e7:3d:ce:b7:af:05:e7:22:03:
         a2:b0:05:b3:5e:02:f8:0c:89:0f:a1:d2:1d:9e:28:96:63:2b:
         65:b1:3f:e9:ce:38:4d:20:66:bb:9b:ac:22:d5:13:92:ce:cd:
         bd:92:de:f8:e7:b7:d5:a6:56:be:f5:85:35:8c:6a:e3:a8:93:
         c5:de:1f:7b:b8:5c:70:5f:26:62:05:85:47:bd:11:a1:25:d1:
         b9:98:45:7e:0d:89:23:00:4c:5e:09:14:53:5c:87:19:46:34:
         68:a4:d5:84:ad:fe:d0:6e:70:b8:db:6d:f0:d5:e5:f3:06:5a:
         10:c4:99:11:d3:7d:f2:d0:41:59:88:63:94:e3:25:41:16:9f:
         db:c0:9f:e6:cd:f9:46:60:d2:32:cc:3a:2e:b7:91:9c:c3:58:
         77:a7:b6:78:64:a2:e4:ad:10:b9:af:f3:19:d9:da:60:ff:4e:
         f8:b0:5a:d0:3f:46:fe:39:fd:f9:34:92:d3:03:f6:df:90:5a:
         9a:12:66:ac
-----BEGIN CERTIFICATE-----
MIIGMzCCBRugAwIBAgIDAeRbMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMxMzE3MzQ0M1oXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTMwMzcxMTAvBgNVBAUTKENBOTU1OTE0Rjk4QjJGQzkxNkE0NTEy
REE3MkFCNzVBMTFDNTJCRDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDA0lmk0snv3SmjklGowQXLqzET0coQDigAW87odDw5sW4wJ0IhVgIyWxwsMj+g
DOhoN5z1+l/838UZt88i++xaGd5cJ0bHYCgSQkjU4YzsVLmEut8rV8xDYL/OhLOc
B7yhU6XzsJDy7DpS/oPwup867UDVebWePiBHp+xWb/aLMbRknh5a9YctagTm8efH
T2FZLQm1zLpNo2TPAFKGe4DO7i/59gk2uXqdtpeRFdmugVYJae/sPwi2nh7dU/V7
dtJ7WQWKJpM2MaYd8YaOsaLf/pXltkX9UfNBNH3FiGYBZVvCOozYYez+OwQ7+E+E
aQAmL2JDzp6yQcLnTtzOgUdbAgMBAAGjggMoMIIDJDAdBgNVHQ4EFgQUypVZFPmL
L8kWpFEtpyq3WhHFK9AwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTkzMDM3Lzk0MEU0NkI0QUFCQzExRUFCMTA2QzE3NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5MzAzNy85NDBFNDZCNEFBQkMxMUVBQjEwNkMxNzZDNEY5QUUwMi95cFZaRlBt
TEw4a1dwRkV0cHlxM1doSEZLOUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAJZJMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAHKFGYDBADK
FGgwDwQCAAIwCQMHACABDfAAdzANBgkqhkiG9w0BAQsFAAOCAQEAC/iIEz0rzBwf
QEArEsqf1BHLsJEoHKUP3/6M2jRSQVaZ84MjVqTVO6G5JHDknOA2vGuMVrpsALLc
UDcnaH5/5z3Ot68F5yIDorAFs14C+AyJD6HSHZ4olmMrZbE/6c44TSBmu5usItUT
ks7NvZLe+Oe31aZWvvWFNYxq46iTxd4fe7hccF8mYgWFR70RoSXRuZhFfg2JIwBM
XgkUU1yHGUY0aKTVhK3+0G5wuNtt8NXl8wZaEMSZEdN98tBBWYhjlOMlQRaf28Cf
5s35RmDSMsw6LreRnMNYd6e2eGSi5K0Qua/zGdnaYP9O+LBa0D9G/jn9+TSS0wP2
35BamhJmrA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:02:47 2024 by rpki-client on console-fra.rpki-client.org