Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHxfJ4CoDTxmayv2kVPyBIS-7nE.cer
File:                     zHxfJ4CoDTxmayv2kVPyBIS-7nE.cer (raw, json)
Hash identifier:          WFKD6XStf0sKGtfWAO6rUpFMYCRB/aprZJf2IRQ/PA4=
Subject key identifier:   CC:7C:5F:27:80:A8:0D:3C:66:6B:2B:F6:91:53:F2:04:84:BE:EE:71
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E828
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91AAE63/5E966394CA0911ED81B6F63CC4F9AE02/zHxfJ4CoDTxmayv2kVPyBIS-7nE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91AAE63/5E966394CA0911ED81B6F63CC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 01 Apr 2024 06:52:57 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 139692
                          IP: 103.110.182.0/23
                          IP: 2001:df2:1a40::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 124968 (0x1e828)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Apr  1 06:52:57 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=A91AAE63/serialNumber=CC7C5F2780A80D3C666B2BF69153F20484BEEE71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:88:05:e3:5d:19:9f:be:f1:08:1c:07:8b:aa:
                    1b:a8:36:ab:66:a1:7c:36:48:5f:8d:70:4e:a6:ef:
                    8a:ca:f4:9d:51:67:f3:10:3f:07:40:1b:d1:e9:d8:
                    4a:d3:71:96:fb:42:de:6c:4c:15:4f:f8:2c:51:01:
                    b3:f6:01:e6:79:a3:12:7b:0a:c6:06:b9:fa:8c:7a:
                    3e:d9:b2:d0:f7:35:63:85:e4:7c:af:7f:3d:2f:0b:
                    f1:32:96:51:45:44:cc:f7:99:69:6f:7a:ad:1c:44:
                    f1:be:fc:4f:94:1c:fd:ac:20:b9:1c:0a:7c:02:b6:
                    e0:e4:58:94:11:ef:d5:fb:57:98:56:6d:27:c6:5f:
                    d7:ec:49:0d:1a:44:27:9d:81:f7:c1:da:d7:53:7d:
                    0b:12:74:bb:33:6b:dc:79:94:cf:65:9d:9f:28:6c:
                    b3:72:44:f8:21:f4:a8:49:b5:95:7f:78:d7:c0:a5:
                    46:5d:7f:46:6e:14:62:6d:27:4b:38:4e:97:d1:90:
                    dc:4b:1d:8b:50:8c:20:93:ad:0d:43:ce:0f:59:31:
                    a2:66:9e:a0:63:2e:c8:0c:ac:07:12:bf:7d:c6:ef:
                    c6:36:cf:72:d9:fd:de:26:14:83:03:5f:94:73:36:
                    90:d9:d9:4e:7b:67:e7:92:bc:7d:98:7c:e9:a5:1f:
                    87:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:7C:5F:27:80:A8:0D:3C:66:6B:2B:F6:91:53:F2:04:84:BE:EE:71
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91AAE63/5E966394CA0911ED81B6F63CC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91AAE63/5E966394CA0911ED81B6F63CC4F9AE02/zHxfJ4CoDTxmayv2kVPyBIS-7nE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  139692

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.110.182.0/23
                IPv6:
                  2001:df2:1a40::/48

    Signature Algorithm: sha256WithRSAEncryption
         45:7f:67:9f:c5:c5:64:82:c9:30:31:c0:ef:0d:3d:6d:fe:85:
         5f:00:48:32:8c:5a:ab:dd:c7:07:3a:f6:5b:fe:c6:72:c9:76:
         78:01:d8:13:92:ef:3a:15:9a:c3:11:ea:13:ab:ef:61:80:b1:
         a3:4e:cf:31:d6:5c:9c:6c:cc:b2:f9:f1:56:6d:0d:ac:85:82:
         57:55:be:71:14:38:37:4b:cd:12:98:f8:71:ab:ea:e5:59:c5:
         1a:56:ef:a1:45:d1:f7:ef:45:72:09:88:de:28:5c:3e:1b:cc:
         9e:5f:9e:d1:61:dd:b0:ae:1a:fb:c5:04:cd:1d:ab:6b:37:5c:
         f8:7a:1c:58:80:d6:0b:f9:ee:62:0e:3b:a1:f9:30:b4:90:6a:
         ec:a9:91:bd:b5:93:4e:11:14:ae:66:8a:2c:c2:8b:80:59:42:
         33:42:3d:14:6b:63:af:43:f2:84:0c:51:42:2b:d9:2e:a8:0a:
         67:fa:c8:b6:05:55:37:8c:97:33:65:c6:4e:44:29:c2:50:ae:
         cc:8d:58:fa:6b:07:15:bd:49:00:92:20:5e:20:f5:9c:ac:9d:
         ee:2e:7a:14:e5:c5:d8:06:92:da:6a:cc:f2:c5:a0:30:a7:6a:
         21:fe:4b:ef:c4:72:fe:77:0c:73:9b:e8:10:33:27:d4:f6:19:
         f2:25:b2:e1
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAegoMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQwMTA2NTI1N1oXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQUFFNjMxMTAvBgNVBAUTKENDN0M1RjI3ODBBODBEM0M2NjZCMkJG
NjkxNTNGMjA0ODRCRUVFNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCwiAXjXRmfvvEIHAeLqhuoNqtmoXw2SF+NcE6m74rK9J1RZ/MQPwdAG9Hp2ErT
cZb7Qt5sTBVP+CxRAbP2AeZ5oxJ7CsYGufqMej7ZstD3NWOF5Hyvfz0vC/EyllFF
RMz3mWlveq0cRPG+/E+UHP2sILkcCnwCtuDkWJQR79X7V5hWbSfGX9fsSQ0aRCed
gffB2tdTfQsSdLsza9x5lM9lnZ8obLNyRPgh9KhJtZV/eNfApUZdf0ZuFGJtJ0s4
TpfRkNxLHYtQjCCTrQ1Dzg9ZMaJmnqBjLsgMrAcSv33G78Y2z3LZ/d4mFIMDX5Rz
NpDZ2U57Z+eSvH2YfOmlH4d5AgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUzHxfJ4Co
DTxmayv2kVPyBIS+7nEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUFBRTYzLzVFOTY2Mzk0Q0EwOTExRUQ4MUI2RjYzQ0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBQUU2My81RTk2NjM5NENBMDkxMUVEODFCNkY2M0NDNEY5QUUwMi96SHhmSjRD
b0RUeG1heXYya1ZQeUJJUy03bkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiGsMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ262MA8EAgAC
MAkDBwAgAQ3yGkAwDQYJKoZIhvcNAQELBQADggEBAEV/Z5/FxWSCyTAxwO8NPW3+
hV8ASDKMWqvdxwc69lv+xnLJdngB2BOS7zoVmsMR6hOr72GAsaNOzzHWXJxszLL5
8VZtDayFgldVvnEUODdLzRKY+HGr6uVZxRpW76FF0ffvRXIJiN4oXD4bzJ5fntFh
3bCuGvvFBM0dq2s3XPh6HFiA1gv57mIOO6H5MLSQauypkb21k04RFK5miizCi4BZ
QjNCPRRrY69D8oQMUUIr2S6oCmf6yLYFVTeMlzNlxk5EKcJQrsyNWPprBxW9SQCS
IF4g9Zysne4uehTlxdgGktpqzPLFoDCnaiH+S+/Ecv53DHOb6BAzJ9T2GfIlsuE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:00:14 2024 by rpki-client on console-ams.rpki-client.org