Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/15_gsJykSoRmkoOPxCvPQ9KjKtI.cer
File:                     15_gsJykSoRmkoOPxCvPQ9KjKtI.cer (raw, json)
Hash identifier:          aDD4RXidS3pb7ipf4TAJF14aCuKdeN/D2jFURZVk3dA=
Subject key identifier:   D7:9F:E0:B0:9C:A4:4A:84:66:92:83:8F:C4:2B:CF:43:D2:A3:2A:D2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       02556D
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9127DE3/4E1EEABAFC3711EFB1C07286C4F9AE02/15_gsJykSoRmkoOPxCvPQ9KjKtI.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9127DE3/4E1EEABAFC3711EFB1C07286C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 14 Jul 2025 12:56:14 +0000
Certificate not after:    Mon 31 Aug 2026 00:00:00 +0000
Subordinate resources:    AS: 133023
                          AS: 135027
                          IP: 103.219.62.0/23
                          IP: 103.251.134.0/23
                          IP: 2407:af00::/32
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 30 Jul 2025 00:40:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 152941 (0x2556d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul 14 12:56:14 2025 GMT
            Not After : Aug 31 00:00:00 2026 GMT
        Subject: CN=A9127DE3, serialNumber=D79FE0B09CA44A846692838FC42BCF43D2A32AD2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:50:01:6e:3b:02:ba:44:ce:a9:7b:d5:83:a7:
                    49:1a:d4:75:11:e0:52:3e:aa:28:58:4b:10:ee:04:
                    90:f4:84:31:64:05:3c:3a:20:d3:f6:b9:a0:2a:00:
                    f6:2a:a2:9b:e3:aa:70:3e:b3:9c:99:c7:96:d6:70:
                    b1:8f:0b:36:7c:aa:fa:96:6d:64:04:4d:f6:d0:26:
                    a1:ea:81:4a:a9:d8:74:9c:4e:8e:26:0c:98:fe:7f:
                    eb:20:c4:bd:0c:39:9d:21:a6:c1:04:25:0f:7d:13:
                    d5:5f:2e:53:53:e8:43:e6:f0:50:fa:d9:d1:8d:2c:
                    56:5e:00:e5:cf:d1:c1:99:e4:39:56:c3:25:7f:a1:
                    b8:e4:6e:d4:b3:b8:d1:73:db:40:0a:dc:2f:21:6f:
                    76:e3:ff:fa:d9:a8:c6:d6:4f:f1:25:7b:61:6f:c6:
                    ff:a9:b9:20:c5:bc:60:e0:32:b5:c9:39:44:b9:b4:
                    e7:8d:b0:6b:49:0f:64:8b:8f:f6:4a:91:86:8d:73:
                    77:20:5a:58:08:98:de:4f:2f:44:e5:f8:f1:22:fb:
                    21:e4:0d:75:d0:30:29:50:11:fc:3b:ad:11:e1:e4:
                    15:f1:7c:e2:f2:f8:02:2c:79:11:74:a7:a0:65:07:
                    c5:4f:f0:30:40:93:b6:d8:a9:fb:29:af:22:84:03:
                    28:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:9F:E0:B0:9C:A4:4A:84:66:92:83:8F:C4:2B:CF:43:D2:A3:2A:D2
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9127DE3/4E1EEABAFC3711EFB1C07286C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9127DE3/4E1EEABAFC3711EFB1C07286C4F9AE02/15_gsJykSoRmkoOPxCvPQ9KjKtI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  133023
                  135027

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.219.62.0/23
                  103.251.134.0/23
                IPv6:
                  2407:af00::/32

    Signature Algorithm: sha256WithRSAEncryption
         29:3a:57:4b:20:91:d4:2a:96:e6:dc:b9:b1:f2:10:6e:fa:fc:
         66:3a:aa:a6:f0:d6:0b:63:7c:5c:52:c6:1d:f3:c9:82:aa:24:
         0e:0e:38:60:2a:c0:d2:8f:6d:45:67:f0:60:62:8a:1c:8f:ec:
         9a:9b:52:2f:21:19:43:a6:94:c2:87:0f:cd:d7:e2:36:54:26:
         88:1c:d3:13:71:91:75:2f:3d:5b:af:ea:4d:8b:9a:a2:d5:dd:
         46:a1:21:04:58:fe:75:26:90:6c:24:7f:90:c6:9b:70:53:7c:
         7d:16:3a:51:ce:2c:69:5e:82:11:63:14:ba:9a:1f:66:e1:2b:
         d7:49:dd:47:f3:3a:36:bf:46:69:5e:8d:c9:6b:47:04:00:95:
         53:0d:83:82:83:09:2a:c9:45:7d:f4:00:88:f9:76:ca:bf:6e:
         c1:44:53:a7:3e:33:9b:a8:3a:6c:94:f9:1f:41:a3:64:bd:df:
         b1:f1:28:d0:b9:26:4e:6b:21:5e:34:77:7a:f1:13:f2:57:a6:
         4e:69:a4:50:04:0e:a8:c6:8a:79:62:e0:ed:c6:23:4a:55:3d:
         53:62:8f:f7:77:a0:20:74:03:67:4c:4f:98:87:ae:36:71:5c:
         b7:cd:7e:56:10:87:96:63:2f:c8:f7:9c:f7:ca:0a:26:f2:a5:
         f5:8b:5d:fa
-----BEGIN CERTIFICATE-----
MIIGNDCCBRygAwIBAgIDAlVtMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDcxNDEyNTYxNFoXDTI2MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjdERTMxMTAvBgNVBAUTKEQ3OUZFMEIwOUNBNDRBODQ2NjkyODM4
RkM0MkJDRjQzRDJBMzJBRDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCpUAFuOwK6RM6pe9WDp0ka1HUR4FI+qihYSxDuBJD0hDFkBTw6INP2uaAqAPYq
opvjqnA+s5yZx5bWcLGPCzZ8qvqWbWQETfbQJqHqgUqp2HScTo4mDJj+f+sgxL0M
OZ0hpsEEJQ99E9VfLlNT6EPm8FD62dGNLFZeAOXP0cGZ5DlWwyV/objkbtSzuNFz
20AK3C8hb3bj//rZqMbWT/Ele2Fvxv+puSDFvGDgMrXJOUS5tOeNsGtJD2SLj/ZK
kYaNc3cgWlgImN5PL0Tl+PEi+yHkDXXQMClQEfw7rRHh5BXxfOLy+AIseRF0p6Bl
B8VP8DBAk7bYqfspryKEAyjRAgMBAAGjggMpMIIDJTAdBgNVHQ4EFgQU15/gsJyk
SoRmkoOPxCvPQ9KjKtIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTI3REUzLzRFMUVFQUJBRkMzNzExRUZCMUMwNzI4NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyN0RFMy80RTFFRUFCQUZDMzcxMUVGQjFDMDcyODZDNEY5QUUwMi8xNV9nc0p5
a1NvUm1rb09QeEN2UFE5S2pLdEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDAgefAgMCD3MwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAFn2z4D
BAFn+4YwDQQCAAIwBwMFACQHrwAwDQYJKoZIhvcNAQELBQADggEBACk6V0sgkdQq
lubcubHyEG76/GY6qqbw1gtjfFxSxh3zyYKqJA4OOGAqwNKPbUVn8GBiihyP7Jqb
Ui8hGUOmlMKHD83X4jZUJogc0xNxkXUvPVuv6k2LmqLV3UahIQRY/nUmkGwkf5DG
m3BTfH0WOlHOLGleghFjFLqaH2bhK9dJ3UfzOja/RmlejclrRwQAlVMNg4KDCSrJ
RX30AIj5dsq/bsFEU6c+M5uoOmyU+R9Bo2S937HxKNC5Jk5rIV40d3rxE/JXpk5p
pFAEDqjGinli4O3GI0pVPVNij/d3oCB0A2dMT5iHrjZxXLfNflYQh5ZjL8j3nPfK
CibypfWLXfo=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:14:54 2025 by rpki-client