Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/GhajkdMlFwt7hcS_x4VaF300e24.cer
File:                     GhajkdMlFwt7hcS_x4VaF300e24.cer (raw, json)
Hash identifier:          M+E/mTrhLHIc4lM9tnAU/ClJU5ozre7J4AX3FJ5KtMM=
Subject key identifier:   1A:16:A3:91:D3:25:17:0B:7B:85:C4:BF:C7:85:5A:17:7D:34:7B:6E
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       7EBD
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A913B510/1882D0E65D8111F091226E31C4F9AE02/GhajkdMlFwt7hcS_x4VaF300e24.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A913B510/1882D0E65D8111F091226E31C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 14 Jul 2026 13:04:41 +0000
Certificate not after:    Thu 30 Sep 2027 00:00:00 +0000
Subordinate resources:    IP: 160.30.16.0/23
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 19:50:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32445 (0x7ebd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Jul 14 13:04:41 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=A913B510, serialNumber=1A16A391D325170B7B85C4BFC7855A177D347B6E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:19:9d:6b:39:b7:f1:6b:af:0c:64:30:ee:5e:
                    a9:5b:14:41:b1:e8:69:c5:03:b2:72:44:b5:c4:26:
                    6c:61:81:8a:bf:04:65:bd:0b:58:eb:0b:e3:88:b2:
                    ea:28:00:1a:ca:3d:b0:fa:f0:77:0f:44:87:9f:2a:
                    0c:95:ad:e5:81:00:3f:9f:d5:4c:bc:ac:cf:cb:79:
                    3d:5e:3d:fa:f9:96:da:e7:04:64:fd:41:0c:a3:bc:
                    be:d1:c6:8b:b6:71:29:4e:50:0c:a1:a2:bc:82:2d:
                    7d:80:4a:0d:e1:02:d8:be:4a:00:04:d2:5d:37:88:
                    8c:6c:9c:8b:92:90:7c:f1:83:dd:8a:e2:f0:5c:cd:
                    6b:82:84:bd:cc:3e:0e:ef:55:b6:4b:1f:13:1c:2c:
                    75:ee:4a:c4:aa:aa:13:8e:e4:d2:90:41:6b:3d:16:
                    56:7e:aa:44:75:07:96:2f:af:81:7b:b9:d2:48:82:
                    d5:97:d3:26:a3:36:a2:76:c8:aa:47:c0:0e:2c:8f:
                    b0:8d:f6:02:c0:90:96:63:c9:5d:07:22:db:70:f3:
                    b2:14:26:21:24:f7:2f:d7:57:8f:c5:43:21:dd:50:
                    a6:1a:6e:17:7d:73:6e:72:8d:9a:6c:41:e8:13:72:
                    b5:e3:fa:8e:13:80:6a:a1:fc:9e:16:60:82:f1:c9:
                    fb:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:16:A3:91:D3:25:17:0B:7B:85:C4:BF:C7:85:5A:17:7D:34:7B:6E
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913B510/1882D0E65D8111F091226E31C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913B510/1882D0E65D8111F091226E31C4F9AE02/GhajkdMlFwt7hcS_x4VaF300e24.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.30.16.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5a:ac:94:8d:74:fb:3d:14:a9:86:c7:b7:74:dc:78:bb:78:0d:
         9f:9a:ae:9c:4c:76:77:df:a0:51:ee:a1:4d:55:15:e8:55:40:
         f4:f7:29:49:db:dd:d4:7f:aa:2a:97:6d:40:9e:a2:6e:c4:22:
         35:ee:76:f1:25:22:36:42:87:63:bf:ac:3d:bf:e0:ef:ed:22:
         cc:24:c4:cd:84:96:e5:3b:20:57:12:0c:3e:93:03:5f:d6:13:
         08:e6:cd:16:a5:ab:5c:93:67:41:31:52:91:7a:5d:5c:b2:fe:
         52:af:9b:44:cb:d1:38:e2:38:b3:ac:b0:56:24:3d:7e:cf:3e:
         65:0e:0d:57:c9:c4:63:48:93:3c:8b:5b:cb:8e:18:d1:0d:34:
         b8:9f:c6:6d:4a:dc:71:66:46:c8:1f:76:65:77:da:eb:87:b5:
         0a:fe:2f:4b:a7:ca:e9:c7:66:27:f1:df:4a:54:8a:f4:cc:fc:
         ba:f2:8b:e2:e8:9f:13:ec:95:5a:16:88:6b:85:6d:f5:54:3f:
         4c:24:e0:09:ca:86:f6:1b:15:ca:1e:ca:7f:47:e2:db:7f:01:
         2b:ff:77:67:b8:8e:67:c2:4a:ff:25:46:ce:8a:d5:bd:b9:ad:
         2b:a3:88:72:bf:07:7a:d2:50:b9:24:2f:d5:04:90:a9:fb:93:
         6a:6d:fc:39
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICfr0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjYwNzE0MTMwNDQxWhcNMjcwOTMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEzQjUxMDExMC8GA1UEBRMoMUExNkEzOTFEMzI1MTcwQjdCODVDNEJG
Qzc4NTVBMTc3RDM0N0I2RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMoZnWs5t/FrrwxkMO5eqVsUQbHoacUDsnJEtcQmbGGBir8EZb0LWOsL44iy6igA
Gso9sPrwdw9Eh58qDJWt5YEAP5/VTLysz8t5PV49+vmW2ucEZP1BDKO8vtHGi7Zx
KU5QDKGivIItfYBKDeEC2L5KAATSXTeIjGyci5KQfPGD3Yri8FzNa4KEvcw+Du9V
tksfExwsde5KxKqqE47k0pBBaz0WVn6qRHUHli+vgXu50kiC1ZfTJqM2onbIqkfA
DiyPsI32AsCQlmPJXQci23DzshQmIST3L9dXj8VDId1QphpuF31zbnKNmmxB6BNy
teP6jhOAaqH8nhZggvHJ+78CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQaFqOR0yUX
C3uFxL/HhVoXfTR7bjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0I1MTAvMTg4MkQwRTY1RDgxMTFGMDkxMjI2RTMxQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNCNTEwLzE4ODJEMEU2NUQ4MTExRjA5MTIyNkUzMUM0RjlBRTAyL0doYWprZE1s
Rnd0N2hjU194NFZhRjMwMGUyNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaAeEDANBgkqhkiG9w0BAQsFAAOCAQEAWqyUjXT7PRSphse3dNx4
u3gNn5qunEx2d9+gUe6hTVUV6FVA9PcpSdvd1H+qKpdtQJ6ibsQiNe528SUiNkKH
Y7+sPb/g7+0izCTEzYSW5TsgVxIMPpMDX9YTCObNFqWrXJNnQTFSkXpdXLL+Uq+b
RMvROOI4s6ywViQ9fs8+ZQ4NV8nEY0iTPItby44Y0Q00uJ/GbUrccWZGyB92ZXfa
64e1Cv4vS6fK6cdmJ/HfSlSK9Mz8uvKL4uifE+yVWhaIa4Vt9VQ/TCTgCcqG9hsV
yh7Kf0fi238BK/93Z7iOZ8JK/yVGzorVvbmtK6OIcr8HetJQuSQv1QSQqfuTam38
OQ==
-----END CERTIFICATE-----
Generated at Sat Jul 18 02:17:21 2026 by rpki-client