Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zRhBtsW-98R4Lmf2Y_PBl0YZk4M.cer
File:                     zRhBtsW-98R4Lmf2Y_PBl0YZk4M.cer (raw, json)
Hash identifier:          EdpYieOujXZnu1XWxbgDJjtfqwk7PMpG37HuG1RHvj4=
Subject key identifier:   CD:18:41:B6:C5:BE:F7:C4:78:2E:67:F6:63:F3:C1:97:46:19:93:83
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01FB0C
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A911710E/C93E178A01B511EE89F6EB78C4F9AE02/zRhBtsW-98R4Lmf2Y_PBl0YZk4M.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A911710E/C93E178A01B511EE89F6EB78C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 25 Jun 2024 12:34:08 +0000
Certificate not after:    Sun 31 Aug 2025 00:00:00 +0000
Subordinate resources:    AS: 7720
                          AS: 139247
                          AS: 151364
                          IP: 103.213.4.0/23
                          IP: 2401:5a0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 02 Dec 2024 22:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 129804 (0x1fb0c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jun 25 12:34:08 2024 GMT
            Not After : Aug 31 00:00:00 2025 GMT
        Subject: CN=A911710E/serialNumber=CD1841B6C5BEF7C4782E67F663F3C19746199383
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:b8:ef:8e:1f:f8:8a:90:7d:6d:7a:d4:51:de:
                    5b:32:34:a6:9d:30:bf:e7:87:9f:c0:fd:49:f9:b5:
                    85:e0:55:ab:4e:99:bf:ed:0f:dd:67:b4:54:3f:25:
                    e3:41:be:65:61:73:f4:37:25:d7:ef:ff:7d:fc:de:
                    74:e2:ce:66:bf:d7:e2:54:5c:3c:8b:1f:b2:86:b1:
                    8e:b8:50:ce:b0:35:74:d5:79:1c:0b:ec:71:af:fb:
                    d8:4d:5e:ca:70:bd:cb:d6:9d:fe:b1:0a:f8:c7:46:
                    0e:98:36:ef:ae:c5:08:f3:7a:9c:da:c4:46:52:81:
                    f3:b7:aa:98:2c:59:ad:27:ff:cf:9f:ee:c9:a2:6c:
                    47:45:24:70:c2:ac:3f:cb:dd:7a:c7:c3:d2:ce:65:
                    63:32:79:1f:70:6f:d5:3b:12:2a:15:eb:54:1e:80:
                    98:df:e7:74:77:2d:a8:76:23:01:8c:8c:27:34:d1:
                    55:22:1c:7d:d8:df:6d:4f:7b:30:41:26:3f:0e:bb:
                    49:7a:e2:a2:25:6d:c9:c9:b0:f1:45:a6:55:8a:5d:
                    f6:76:29:8d:3a:57:86:fe:41:01:f1:3c:5f:8f:47:
                    28:0f:62:ba:b1:16:19:18:74:2d:bf:52:e1:67:64:
                    30:61:c5:62:b9:44:95:50:5d:7e:c6:5e:42:e0:5c:
                    44:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:18:41:B6:C5:BE:F7:C4:78:2E:67:F6:63:F3:C1:97:46:19:93:83
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911710E/C93E178A01B511EE89F6EB78C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911710E/C93E178A01B511EE89F6EB78C4F9AE02/zRhBtsW-98R4Lmf2Y_PBl0YZk4M.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  7720
                  139247
                  151364

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.213.4.0/23
                IPv6:
                  2401:5a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         53:96:2c:eb:b8:aa:f7:6d:bb:b1:d7:8a:e3:b1:88:d8:fc:b2:
         0e:6c:48:9c:95:13:d3:06:54:49:e2:bd:1a:16:bc:c6:18:90:
         6a:a6:46:a5:b0:54:ee:4f:0f:41:b4:a2:fc:8a:09:05:d4:49:
         0d:fd:f2:fd:90:3c:92:4c:de:f7:d1:4a:bd:2e:59:83:79:20:
         5a:2a:a5:83:b9:53:c1:be:1b:8e:5b:ac:15:7d:0b:9f:b7:8f:
         4e:d7:1d:98:d5:28:df:91:f5:76:32:d2:de:f7:20:2c:bf:2b:
         80:45:aa:27:3b:ce:1d:a8:d1:68:c0:6d:4c:c7:6f:ca:91:76:
         08:73:27:a3:17:ba:3d:bb:27:f7:25:ee:6f:41:04:50:26:2c:
         44:f0:1f:76:08:72:e6:9b:7f:ec:91:78:74:5a:14:ca:73:56:
         7f:73:27:4a:33:cb:8a:1e:03:99:2c:87:cd:3b:04:47:3f:b1:
         88:6e:26:9b:c6:2d:35:71:2c:ee:04:d7:a4:a3:90:5c:48:76:
         4a:38:a8:bf:d7:5a:50:d7:7c:34:61:c9:cb:8c:bc:bb:d2:86:
         03:6f:6e:24:f2:c6:f3:e3:81:3f:5e:64:9b:9f:37:f8:15:38:
         95:ef:0f:08:5c:17:8a:f6:46:e5:5c:fb:b1:8a:56:31:78:80:
         43:52:16:4a
-----BEGIN CERTIFICATE-----
MIIGMjCCBRqgAwIBAgIDAfsMMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDYyNTEyMzQwOFoXDTI1MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTcxMEUxMTAvBgNVBAUTKENEMTg0MUI2QzVCRUY3QzQ3ODJFNjdG
NjYzRjNDMTk3NDYxOTkzODMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDwuO+OH/iKkH1tetRR3lsyNKadML/nh5/A/Un5tYXgVatOmb/tD91ntFQ/JeNB
vmVhc/Q3Jdfv/3383nTizma/1+JUXDyLH7KGsY64UM6wNXTVeRwL7HGv+9hNXspw
vcvWnf6xCvjHRg6YNu+uxQjzepzaxEZSgfO3qpgsWa0n/8+f7smibEdFJHDCrD/L
3XrHw9LOZWMyeR9wb9U7EioV61QegJjf53R3Lah2IwGMjCc00VUiHH3Y321PezBB
Jj8Ou0l64qIlbcnJsPFFplWKXfZ2KY06V4b+QQHxPF+PRygPYrqxFhkYdC2/UuFn
ZDBhxWK5RJVQXX7GXkLgXETlAgMBAAGjggMnMIIDIzAdBgNVHQ4EFgQUzRhBtsW+
98R4Lmf2Y/PBl0YZk4MwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTE3MTBFL0M5M0UxNzhBMDFCNTExRUU4OUY2RUI3OEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExNzEwRS9DOTNFMTc4QTAxQjUxMUVFODlGNkVCNzhDNEY5QUUwMi96UmhCdHNX
LTk4UjRMbWYyWV9QQmwwWVprNE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIwYIKwYBBQUHAQgBAf8EFDAS
oBAwDgICHigCAwIf7wIDAk9EMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQB
Z9UEMA0EAgACMAcDBQAkAQWgMA0GCSqGSIb3DQEBCwUAA4IBAQBTlizruKr3bbux
14rjsYjY/LIObEiclRPTBlRJ4r0aFrzGGJBqpkalsFTuTw9BtKL8igkF1EkN/fL9
kDySTN730Uq9LlmDeSBaKqWDuVPBvhuOW6wVfQuft49O1x2Y1SjfkfV2MtLe9yAs
vyuARaonO84dqNFowG1Mx2/KkXYIcyejF7o9uyf3Je5vQQRQJixE8B92CHLmm3/s
kXh0WhTKc1Z/cydKM8uKHgOZLIfNOwRHP7GIbiabxi01cSzuBNeko5BcSHZKOKi/
11pQ13w0YcnLjLy70oYDb24k8sbz44E/XmSbnzf4FTiV7w8IXBeK9kblXPuxilYx
eIBDUhZK
-----END CERTIFICATE-----
Generated at Mon Nov 25 23:57:16 2024 by rpki-client on console-ams.rpki-client.org