Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EH3ibRfjGgSJBuyrWYNP_rFIEQ8.cer
File:                     EH3ibRfjGgSJBuyrWYNP_rFIEQ8.cer (raw, json)
Hash identifier:          yihkvpZdRqJkCVA5BC2Q/L3LQHDbeZFyGczTHjJmaIA=
Subject key identifier:   10:7D:E2:6D:17:E3:1A:04:89:06:EC:AB:59:83:4F:FE:B1:48:11:0F
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       7D56
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C9B37/34CD08CE3CA311F08A495C2FC4F9AE02/EH3ibRfjGgSJBuyrWYNP_rFIEQ8.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C9B37/34CD08CE3CA311F08A495C2FC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sat 20 Jun 2026 14:04:58 +0000
Certificate not after:    Tue 31 Aug 2027 00:00:00 +0000
Subordinate resources:    IP: 165.99.138.0/23
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 19:50:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32086 (0x7d56)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Jun 20 14:04:58 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=A91C9B37, serialNumber=107DE26D17E31A048906ECAB59834FFEB148110F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:39:8f:de:78:06:dc:4c:ec:7d:a2:c5:08:93:
                    f5:40:4a:a3:2b:e6:5f:a0:95:43:f5:f4:c1:db:a9:
                    24:85:d5:20:30:c5:a3:9c:19:05:d7:2f:4f:1c:7f:
                    86:23:7a:21:24:64:06:c3:ff:71:71:5b:ad:f6:57:
                    db:57:04:cb:33:a8:b2:c8:97:0d:0b:2e:a0:75:91:
                    09:1c:d3:70:98:f8:92:d9:ae:51:9f:3e:a5:c5:ec:
                    2e:e4:6b:45:0f:17:ed:dd:30:1a:ca:ac:65:ab:1f:
                    c1:5b:6f:8e:1e:33:38:fe:02:d3:41:59:c5:cc:b6:
                    f9:d5:85:69:22:d0:7a:61:6b:b0:10:71:40:bd:3a:
                    d4:01:ae:fc:5b:3d:29:87:b4:73:e2:f8:b7:58:1c:
                    53:27:f5:14:23:f9:33:b7:9d:8e:cf:74:0c:d4:be:
                    0b:72:7b:1d:08:91:e2:a4:50:79:1e:15:c9:6a:6f:
                    11:89:d8:1d:33:56:e4:9f:69:6d:0b:a9:1c:13:36:
                    d3:47:66:07:47:f3:8a:75:c4:d7:74:12:36:59:6e:
                    3e:93:a4:e1:69:aa:9d:0e:af:d6:f3:37:7c:8e:d4:
                    48:bf:b0:3e:15:ca:9e:e8:f2:62:ce:e3:dd:f9:3a:
                    f2:68:f0:47:c8:eb:69:ad:47:8b:88:73:c9:6d:5d:
                    54:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:7D:E2:6D:17:E3:1A:04:89:06:EC:AB:59:83:4F:FE:B1:48:11:0F
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C9B37/34CD08CE3CA311F08A495C2FC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C9B37/34CD08CE3CA311F08A495C2FC4F9AE02/EH3ibRfjGgSJBuyrWYNP_rFIEQ8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.99.138.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7a:c6:91:8f:79:4d:5d:a5:1d:43:3c:9c:3a:77:4d:c3:4d:c5:
         63:06:66:93:8e:27:ee:7d:43:ad:71:0b:c1:73:e5:9d:f5:0b:
         28:9b:fd:e5:ac:8d:6e:e9:dc:9a:19:9d:ad:15:e6:bd:a1:bb:
         9a:5a:9b:2b:53:36:8c:22:55:ac:51:fa:cc:20:c6:5d:e1:8a:
         bb:ac:68:42:cd:d7:5a:c5:97:48:87:07:88:7e:58:f0:fe:5b:
         b6:0f:bb:19:e8:79:99:84:d3:84:94:43:7d:05:e0:b0:78:9a:
         4f:68:a0:2b:f6:90:ad:08:70:d0:f7:a0:f4:c3:2c:46:79:ce:
         23:46:00:e8:60:4f:18:7d:0e:a6:84:ef:ad:a2:f3:ed:9c:96:
         68:27:9f:24:fd:a6:96:fd:02:2e:31:e3:c4:fb:8f:ad:5f:de:
         7e:f2:ff:9a:73:21:37:b1:61:0d:45:b9:27:33:94:5d:b6:d2:
         75:d9:16:10:58:ee:a7:c5:23:be:c2:9b:05:16:a8:ec:73:e2:
         d4:f3:2b:22:29:3b:89:a8:b5:21:b9:35:5e:15:14:b5:c9:eb:
         fe:3c:ff:8c:f7:57:08:2f:be:41:45:f5:fa:6d:b5:c9:0b:94:
         79:cf:c6:61:9b:fb:32:53:f2:9c:fe:19:c5:b6:5f:08:b5:d0:
         b2:1a:03:40
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICfVYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjYwNjIwMTQwNDU4WhcNMjcwODMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDOUIzNzExMC8GA1UEBRMoMTA3REUyNkQxN0UzMUEwNDg5MDZFQ0FC
NTk4MzRGRkVCMTQ4MTEwRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMs5j954BtxM7H2ixQiT9UBKoyvmX6CVQ/X0wdupJIXVIDDFo5wZBdcvTxx/hiN6
ISRkBsP/cXFbrfZX21cEyzOossiXDQsuoHWRCRzTcJj4ktmuUZ8+pcXsLuRrRQ8X
7d0wGsqsZasfwVtvjh4zOP4C00FZxcy2+dWFaSLQemFrsBBxQL061AGu/Fs9KYe0
c+L4t1gcUyf1FCP5M7edjs90DNS+C3J7HQiR4qRQeR4VyWpvEYnYHTNW5J9pbQup
HBM200dmB0fzinXE13QSNlluPpOk4WmqnQ6v1vM3fI7USL+wPhXKnujyYs7j3fk6
8mjwR8jraa1Hi4hzyW1dVPMCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQQfeJtF+Ma
BIkG7KtZg0/+sUgRDzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzlCMzcvMzRDRDA4Q0UzQ0EzMTFGMDhBNDk1QzJGQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM5QjM3LzM0Q0QwOENFM0NBMzExRjA4QTQ5NUMyRkM0RjlBRTAyL0VIM2liUmZq
R2dTSkJ1eXJXWU5QX3JGSUVROC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaVjijANBgkqhkiG9w0BAQsFAAOCAQEAesaRj3lNXaUdQzycOndN
w03FYwZmk44n7n1DrXELwXPlnfULKJv95ayNbuncmhmdrRXmvaG7mlqbK1M2jCJV
rFH6zCDGXeGKu6xoQs3XWsWXSIcHiH5Y8P5btg+7Geh5mYTThJRDfQXgsHiaT2ig
K/aQrQhw0Peg9MMsRnnOI0YA6GBPGH0OpoTvraLz7ZyWaCefJP2mlv0CLjHjxPuP
rV/efvL/mnMhN7FhDUW5JzOUXbbSddkWEFjup8UjvsKbBRao7HPi1PMrIik7iai1
Ibk1XhUUtcnr/jz/jPdXCC++QUX1+m21yQuUec/GYZv7MlPynP4ZxbZfCLXQshoD
QA==
-----END CERTIFICATE-----
Generated at Sat Jul 18 02:19:52 2026 by rpki-client