Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KumFgVoQ3W0EUj_IHY2v1ya-eBY.cer
File:                     KumFgVoQ3W0EUj_IHY2v1ya-eBY.cer (raw, json)
Hash identifier:          H5fzB81pH8CXoWMhdqzH0usbECskwoW13LFz5hAakQA=
Subject key identifier:   2A:E9:85:81:5A:10:DD:6D:04:52:3F:C8:1D:8D:AF:D7:26:BE:78:16
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       7E9A
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A911F536/9A86DBD0C99A11EFB4CEEF1EC4F9AE02/KumFgVoQ3W0EUj_IHY2v1ya-eBY.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A911F536/9A86DBD0C99A11EFB4CEEF1EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 10 Jul 2026 12:31:52 +0000
Certificate not after:    Thu 30 Sep 2027 00:00:00 +0000
Subordinate resources:    IP: 160.22.213.0/24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 19:50:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32410 (0x7e9a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Jul 10 12:31:52 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=A911F536, serialNumber=2AE985815A10DD6D04523FC81D8DAFD726BE7816
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:4e:2c:4f:d7:42:f2:14:ec:10:8d:81:31:6e:
                    20:d9:2e:dd:a4:65:22:ed:0e:c4:d8:27:3a:48:75:
                    22:09:07:1a:58:71:dc:ea:76:37:d6:d5:07:fb:5a:
                    dd:69:b7:59:d9:4d:6e:af:8e:70:11:9a:61:2f:b0:
                    e7:8b:40:42:ed:37:95:68:30:92:e9:27:ad:89:e3:
                    89:56:a0:64:38:01:7b:94:bf:14:5f:51:6a:58:7d:
                    87:1f:4d:92:63:ea:48:55:c1:52:ec:0b:03:ee:e5:
                    e8:1e:84:30:17:e2:b3:22:99:3e:46:e2:bd:81:24:
                    4d:41:58:99:9f:07:b2:43:8a:ab:a2:8b:5a:da:65:
                    9f:d9:e1:e7:bb:53:e8:bf:8f:85:f4:5c:b6:cc:d5:
                    4a:d1:2c:a1:92:4b:7d:55:e7:1b:6d:19:9c:7e:cc:
                    72:6d:0d:84:f0:e7:2e:b1:2b:4f:d6:fb:17:ca:29:
                    a9:d7:4c:60:e9:c5:c8:bf:90:17:2f:59:26:05:cc:
                    cb:03:f5:b7:a4:0d:13:1d:ff:ee:46:36:79:a9:ce:
                    a6:2f:85:89:17:1d:75:e8:67:dc:e8:9c:81:f6:46:
                    13:a0:ad:62:e1:81:1d:be:bc:99:1f:0d:b2:15:c7:
                    74:69:59:c2:ad:aa:20:95:c3:24:fd:78:77:1d:73:
                    95:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:E9:85:81:5A:10:DD:6D:04:52:3F:C8:1D:8D:AF:D7:26:BE:78:16
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911F536/9A86DBD0C99A11EFB4CEEF1EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911F536/9A86DBD0C99A11EFB4CEEF1EC4F9AE02/KumFgVoQ3W0EUj_IHY2v1ya-eBY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.22.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:31:c5:4b:37:25:02:4f:fe:45:59:3c:dd:14:0f:31:65:5d:
         8b:62:40:74:0d:98:eb:7b:57:db:a5:e2:71:ff:68:a5:3c:98:
         45:c6:4f:60:04:f3:0d:e1:47:6e:03:95:f9:70:45:de:aa:f2:
         1a:9c:b5:ee:c4:8f:94:f6:e9:de:0f:26:0d:7a:ce:2d:df:e2:
         8f:bd:5f:85:f6:37:7e:a4:79:6b:c1:47:83:1d:33:49:c1:e8:
         60:7d:91:84:bb:e5:a6:1a:eb:79:c6:bf:31:ad:0c:d4:b6:36:
         76:16:29:07:88:9c:63:1c:1a:83:3a:20:b6:d6:ca:f7:52:33:
         b2:2d:29:1e:b9:53:81:68:b6:5d:ea:46:8c:32:5b:d5:64:72:
         74:37:4d:fd:fe:50:2c:fc:cc:55:2b:19:0a:96:b6:5b:e4:ef:
         f0:92:7c:d1:e5:17:ce:c0:31:6d:8c:10:16:e0:6b:0c:91:7c:
         cb:03:06:33:19:bb:58:56:46:a8:c3:fd:9f:b4:5a:f9:2c:31:
         2b:b6:aa:97:e0:a0:5b:d9:09:43:3e:c4:6e:9e:b3:f8:a4:16:
         fd:f1:fe:7f:6a:60:ee:5a:55:fc:db:95:23:f3:f5:62:3a:98:
         d7:b6:29:cd:5f:8e:b3:52:00:07:10:57:c2:61:2f:40:84:31:
         87:dd:f4:4f
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICfpowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjYwNzEwMTIzMTUyWhcNMjcwOTMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTExRjUzNjExMC8GA1UEBRMoMkFFOTg1ODE1QTEwREQ2RDA0NTIzRkM4
MUQ4REFGRDcyNkJFNzgxNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMBOLE/XQvIU7BCNgTFuINku3aRlIu0OxNgnOkh1IgkHGlhx3Op2N9bVB/ta3Wm3
WdlNbq+OcBGaYS+w54tAQu03lWgwkuknrYnjiVagZDgBe5S/FF9Ralh9hx9NkmPq
SFXBUuwLA+7l6B6EMBfisyKZPkbivYEkTUFYmZ8HskOKq6KLWtpln9nh57tT6L+P
hfRctszVStEsoZJLfVXnG20ZnH7Mcm0NhPDnLrErT9b7F8opqddMYOnFyL+QFy9Z
JgXMywP1t6QNEx3/7kY2eanOpi+FiRcddehn3OicgfZGE6CtYuGBHb68mR8NshXH
dGlZwq2qIJXDJP14dx1zleMCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQq6YWBWhDd
bQRSP8gdja/XJr54FjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUY1MzYvOUE4NkRCRDBDOTlBMTFFRkI0Q0VFRjFFQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTFGNTM2LzlBODZEQkQwQzk5QTExRUZCNENFRUYxRUM0RjlBRTAyL0t1bUZnVm9R
M1cwRVVqX0lIWTJ2MXlhLWVCWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKAW1TANBgkqhkiG9w0BAQsFAAOCAQEAbDHFSzclAk/+RVk83RQP
MWVdi2JAdA2Y63tX26Xicf9opTyYRcZPYATzDeFHbgOV+XBF3qryGpy17sSPlPbp
3g8mDXrOLd/ij71fhfY3fqR5a8FHgx0zScHoYH2RhLvlphrreca/Ma0M1LY2dhYp
B4icYxwagzogttbK91Izsi0pHrlTgWi2XepGjDJb1WRydDdN/f5QLPzMVSsZCpa2
W+Tv8JJ80eUXzsAxbYwQFuBrDJF8ywMGMxm7WFZGqMP9n7Ra+SwxK7aql+CgW9kJ
Qz7Ebp6z+KQW/fH+f2pg7lpV/NuVI/P1YjqY17YpzV+Os1IABxBXwmEvQIQxh930
Tw==
-----END CERTIFICATE-----
Generated at Sat Jul 18 02:17:33 2026 by rpki-client