Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFYtxSbsguOOtsIo8wMNGLYkwVI.cer
File:                     zFYtxSbsguOOtsIo8wMNGLYkwVI.cer (raw, json)
Hash identifier:          usNNpS/ndjRamYU+pgQWVJInREpGv1F2HBBPEA79B0s=
Subject key identifier:   CC:56:2D:C5:26:EC:82:E3:8E:B6:C2:28:F3:03:0D:18:B6:24:C1:52
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01B1A8
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A917D048/D70811903E1111E7882A2B2EC4F9AE02/zFYtxSbsguOOtsIo8wMNGLYkwVI.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A917D048/D70811903E1111E7882A2B2EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 24 Jul 2023 02:57:24 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 24432
                          AS: 38069
                          AS: 56138
                          IP: 36.255.80.0/22
                          IP: 42.0.4.0/22
                          IP: 58.145.184.0/21
                          IP: 103.25.248.0/22
                          IP: 103.31.152.0/22
                          IP: 103.73.46.0/23
                          IP: 103.242.20.0/22
                          IP: 202.134.8.0/21
                          IP: 202.181.18.0/23
                          IP: 203.13.162.0/23
                          IP: 2404:1c40::/32
                          IP: 2406:2500::/32
                          IP: 2407:b100::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 14:50:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 111016 (0x1b1a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul 24 02:57:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=A917D048/serialNumber=CC562DC526EC82E38EB6C228F3030D18B624C152
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:55:5f:49:ef:14:31:4a:ab:11:74:93:3e:f7:
                    89:c6:75:7e:5b:40:61:c1:7c:f5:b9:48:11:cf:13:
                    6d:71:c3:a2:7c:7b:34:e5:e0:4c:4c:fb:57:df:8e:
                    e1:58:6a:2b:a0:96:66:36:7c:73:89:89:1e:0d:4c:
                    ee:82:82:f7:ca:44:11:ca:08:73:ad:63:f3:0b:56:
                    2e:02:b0:19:79:ef:06:01:4a:e9:ce:97:e0:4a:eb:
                    4d:bc:74:0a:80:f1:3a:44:6f:e1:81:84:03:27:fe:
                    ea:46:94:97:c6:d8:dd:aa:ee:ff:42:9c:7f:f2:ed:
                    de:a0:4c:f7:fc:24:43:d3:56:51:6c:a3:9d:ce:d4:
                    9b:39:44:a4:46:48:ab:5d:e5:4c:13:86:bc:e4:64:
                    79:12:a7:22:50:3e:c1:2f:4d:f5:6b:60:b5:ce:78:
                    17:42:48:83:cb:b5:f1:c1:35:ea:db:ec:e8:d7:ab:
                    06:b5:81:39:6e:8e:d9:e3:ed:f5:61:a0:33:61:a7:
                    6f:51:c4:9f:c2:7c:77:c9:fc:ff:dd:14:aa:fa:8d:
                    91:a5:70:f5:e3:dd:0b:68:40:f9:c2:29:eb:03:2d:
                    2c:ea:b4:cc:27:c8:d5:ea:5b:77:90:b3:f4:77:87:
                    ed:6f:57:16:7e:b8:df:26:3f:a7:1b:07:83:27:af:
                    5a:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:56:2D:C5:26:EC:82:E3:8E:B6:C2:28:F3:03:0D:18:B6:24:C1:52
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917D048/D70811903E1111E7882A2B2EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917D048/D70811903E1111E7882A2B2EC4F9AE02/zFYtxSbsguOOtsIo8wMNGLYkwVI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  24432
                  38069
                  56138

            sbgp-ipAddrBlock: critical
                IPv4:
                  36.255.80.0/22
                  42.0.4.0/22
                  58.145.184.0/21
                  103.25.248.0/22
                  103.31.152.0/22
                  103.73.46.0/23
                  103.242.20.0/22
                  202.134.8.0/21
                  202.181.18.0/23
                  203.13.162.0/23
                IPv6:
                  2404:1c40::/32
                  2406:2500::/32
                  2407:b100::/32

    Signature Algorithm: sha256WithRSAEncryption
         3a:7e:37:dc:11:91:24:ae:1e:aa:28:0c:14:69:c6:b6:3c:e3:
         e0:dc:6b:33:59:4d:67:3d:8b:2e:10:6f:9f:15:fc:92:ca:80:
         ea:d5:97:e8:52:b4:ea:c9:65:00:e1:4f:4a:93:6a:71:a0:f5:
         05:40:65:7e:2f:24:f4:cd:40:9e:98:ce:68:57:85:be:88:45:
         bd:8e:b4:61:52:a3:fd:0b:31:37:c0:4c:4b:34:bd:bd:aa:e6:
         3f:e3:8a:87:93:88:fa:b9:a8:47:e7:bd:c1:79:b1:71:09:22:
         ac:18:ed:7f:a1:46:9a:eb:25:20:71:1d:11:65:af:74:a9:bd:
         79:de:e7:74:3f:b7:c3:6d:63:02:95:ff:8d:72:57:ea:a3:1e:
         d8:55:54:6b:8f:54:3c:a0:53:ed:61:22:f4:e3:c1:1e:aa:fc:
         1a:33:c2:3b:80:4b:ea:5c:06:1c:be:4c:de:0d:17:6a:c9:a5:
         7c:e9:08:07:e3:f1:09:17:cd:99:21:83:eb:ef:9c:50:7a:8d:
         20:85:1b:bd:61:ac:b5:17:0d:39:c1:26:e8:0c:98:8b:3a:bb:
         32:7e:06:f6:91:73:b5:27:e2:86:b6:5a:ef:29:84:f0:40:a3:
         c7:eb:d6:61:08:17:f4:42:ee:51:62:40:c0:c3:70:c2:cb:85:
         65:ce:f5:ea
-----BEGIN CERTIFICATE-----
MIIGdjCCBV6gAwIBAgIDAbGoMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDcyNDAyNTcyNFoXDTI0MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxN0QwNDgxMTAvBgNVBAUTKENDNTYyREM1MjZFQzgyRTM4RUI2QzIy
OEYzMDMwRDE4QjYyNEMxNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2VV9J7xQxSqsRdJM+94nGdX5bQGHBfPW5SBHPE21xw6J8ezTl4ExM+1ffjuFY
aiuglmY2fHOJiR4NTO6CgvfKRBHKCHOtY/MLVi4CsBl57wYBSunOl+BK6028dAqA
8TpEb+GBhAMn/upGlJfG2N2q7v9CnH/y7d6gTPf8JEPTVlFso53O1Js5RKRGSKtd
5UwThrzkZHkSpyJQPsEvTfVrYLXOeBdCSIPLtfHBNerb7OjXqwa1gTlujtnj7fVh
oDNhp29RxJ/CfHfJ/P/dFKr6jZGlcPXj3QtoQPnCKesDLSzqtMwnyNXqW3eQs/R3
h+1vVxZ+uN8mP6cbB4Mnr1rPAgMBAAGjggNrMIIDZzAdBgNVHQ4EFgQUzFYtxSbs
guOOtsIo8wMNGLYkwVIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTdEMDQ4L0Q3MDgxMTkwM0UxMTExRTc4ODJBMkIyRUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3RDA0OC9ENzA4MTE5MDNFMTExMUU3ODgyQTJCMkVDNEY5QUUwMi96Rll0eFNi
c2d1T090c0lvOHdNTkdMWWt3VkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIwYIKwYBBQUHAQgBAf8EFDAS
oBAwDgICX3ACAwCUtQIDANtKMHIGCCsGAQUFBwEHAQH/BGMwYTBCBAIAATA8AwQC
JP9QAwQCKgAEAwQDOpG4AwQCZxn4AwQCZx+YAwQBZ0kuAwQCZ/IUAwQDyoYIAwQB
yrUSAwQByw2iMBsEAgACMBUDBQAkBBxAAwUAJAYlAAMFACQHsQAwDQYJKoZIhvcN
AQELBQADggEBADp+N9wRkSSuHqooDBRpxrY84+DcazNZTWc9iy4Qb58V/JLKgOrV
l+hStOrJZQDhT0qTanGg9QVAZX4vJPTNQJ6YzmhXhb6IRb2OtGFSo/0LMTfATEs0
vb2q5j/jioeTiPq5qEfnvcF5sXEJIqwY7X+hRprrJSBxHRFlr3SpvXne53Q/t8Nt
YwKV/41yV+qjHthVVGuPVDygU+1hIvTjwR6q/BozwjuAS+pcBhy+TN4NF2rJpXzp
CAfj8QkXzZkhg+vvnFB6jSCFG71hrLUXDTnBJugMmIs6uzJ+BvaRc7Un4oa2Wu8p
hPBAo8fr1mEIF/RC7lFiQMDDcMLLhWXO9eo=
-----END CERTIFICATE-----
Generated at Fri Mar 29 15:36:12 2024 by rpki-client on console-fra.rpki-client.org