Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Q_dCP5PWuglpQFn7I974Uo0mSZ0.cer
File:                     Q_dCP5PWuglpQFn7I974Uo0mSZ0.cer (raw, json)
Hash identifier:          6L7Q6xtQ0+liIci8gjIn5iXmDQ1yhx7ejxV4dyu/nRE=
Subject key identifier:   43:F7:42:3F:93:D6:BA:09:69:40:59:FB:23:DE:F8:52:8D:26:49:9D
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       7D6A
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9186D9F/A936E4402E0411EF86F29D79C4F9AE02/Q_dCP5PWuglpQFn7I974Uo0mSZ0.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9186D9F/A936E4402E0411EF86F29D79C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 22 Jun 2026 13:41:21 +0000
Certificate not after:    Tue 31 Aug 2027 00:00:00 +0000
Subordinate resources:    IP: 160.22.42.0/24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 19:50:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32106 (0x7d6a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Jun 22 13:41:21 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=A9186D9F, serialNumber=43F7423F93D6BA09694059FB23DEF8528D26499D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:b4:0c:d0:be:fc:4d:12:4f:ce:b7:06:32:30:
                    c7:fd:07:51:22:3d:9a:2e:e6:42:a2:3b:8d:e0:b0:
                    27:76:bf:38:89:4b:45:61:97:11:35:bd:a1:82:79:
                    b8:44:b8:58:ab:ff:88:bf:40:f3:b9:1d:7d:72:5a:
                    8d:00:e2:d2:f8:8f:14:f8:ba:aa:77:8a:5f:5a:00:
                    80:e2:ce:8b:0c:90:d2:a6:51:50:bb:7a:11:f8:b9:
                    ea:06:33:d7:f2:b1:8a:01:b4:fc:f6:95:41:a0:16:
                    e4:ad:da:90:04:58:35:e9:ac:f9:4e:28:6a:e3:2b:
                    c2:1c:c1:20:56:7b:f8:08:c8:ad:8c:87:82:55:a4:
                    a1:55:ab:8d:dd:2f:a4:b4:db:50:97:01:7f:ce:61:
                    7d:8a:6f:48:5d:c4:29:4d:0a:a7:14:70:88:17:01:
                    c0:7a:98:bd:4a:5f:45:34:dd:a8:8b:d3:97:7a:9f:
                    b2:1a:ff:f8:8e:c6:b8:89:91:79:b5:54:2e:08:a2:
                    7b:4a:63:c0:da:77:4b:b8:06:61:a9:26:0a:df:5c:
                    f3:52:20:30:f1:be:c2:53:f9:f7:aa:76:52:5c:d0:
                    96:bb:f1:f0:0b:f9:4f:84:8e:10:25:6e:a4:ff:2d:
                    61:d9:18:83:cd:36:b5:1f:28:94:7a:e5:66:18:fb:
                    a1:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:F7:42:3F:93:D6:BA:09:69:40:59:FB:23:DE:F8:52:8D:26:49:9D
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9186D9F/A936E4402E0411EF86F29D79C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9186D9F/A936E4402E0411EF86F29D79C4F9AE02/Q_dCP5PWuglpQFn7I974Uo0mSZ0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.22.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:92:9f:29:1a:e0:b0:e4:f2:13:1e:f1:c9:1b:68:4a:e7:74:
         38:24:e2:b0:c1:95:69:27:bf:80:75:86:24:dc:90:ab:a4:93:
         20:1d:fe:6e:99:8f:44:f3:6f:b1:de:e0:41:63:52:fa:3e:ab:
         f0:61:0e:f1:5d:7b:64:cb:0f:d2:43:ab:42:d7:b1:e3:16:50:
         e7:e6:cb:73:90:46:37:a0:cc:d4:b2:4e:f2:97:05:c2:5c:40:
         43:8d:2e:30:e2:f4:43:00:62:11:77:c1:06:49:5f:d8:43:a1:
         c4:0d:e0:1b:11:81:3a:2b:76:77:25:b6:ce:ba:a7:12:4c:c2:
         5f:fc:14:41:33:04:4e:d5:d3:96:4f:7f:40:32:8b:a2:cf:06:
         c2:2a:14:3b:b7:88:eb:64:a7:63:43:51:df:9a:9d:79:88:fb:
         04:fe:e9:92:95:d9:af:fd:ae:a1:65:a2:89:c2:fc:19:7b:3e:
         8f:4e:25:af:57:41:1c:2a:10:39:fd:39:d3:14:b6:07:37:80:
         49:72:1a:69:9f:69:a1:b6:08:2f:0f:0b:1c:50:21:5b:1a:6e:
         f9:4f:be:0b:23:d2:26:44:8d:4e:9a:99:47:c0:c6:aa:fe:ca:
         71:1d:98:eb:ce:40:ca:da:d3:e4:21:19:e2:49:ff:a1:ba:fd:
         61:6d:09:38
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICfWowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjYwNjIyMTM0MTIxWhcNMjcwODMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE4NkQ5RjExMC8GA1UEBRMoNDNGNzQyM0Y5M0Q2QkEwOTY5NDA1OUZC
MjNERUY4NTI4RDI2NDk5RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMe0DNC+/E0ST863BjIwx/0HUSI9mi7mQqI7jeCwJ3a/OIlLRWGXETW9oYJ5uES4
WKv/iL9A87kdfXJajQDi0viPFPi6qneKX1oAgOLOiwyQ0qZRULt6Efi56gYz1/Kx
igG0/PaVQaAW5K3akARYNems+U4oauMrwhzBIFZ7+AjIrYyHglWkoVWrjd0vpLTb
UJcBf85hfYpvSF3EKU0KpxRwiBcBwHqYvUpfRTTdqIvTl3qfshr/+I7GuImRebVU
Lgiie0pjwNp3S7gGYakmCt9c81IgMPG+wlP596p2UlzQlrvx8Av5T4SOECVupP8t
YdkYg802tR8olHrlZhj7oZ0CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRD90I/k9a6
CWlAWfsj3vhSjSZJnTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZEOUYvQTkzNkU0NDAyRTA0MTFFRjg2RjI5RDc5QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTg2RDlGL0E5MzZFNDQwMkUwNDExRUY4NkYyOUQ3OUM0RjlBRTAyL1FfZENQNVBX
dWdscFFGbjdJOTc0VW8wbVNaMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKAWKjANBgkqhkiG9w0BAQsFAAOCAQEAVJKfKRrgsOTyEx7xyRto
Sud0OCTisMGVaSe/gHWGJNyQq6STIB3+bpmPRPNvsd7gQWNS+j6r8GEO8V17ZMsP
0kOrQtex4xZQ5+bLc5BGN6DM1LJO8pcFwlxAQ40uMOL0QwBiEXfBBklf2EOhxA3g
GxGBOit2dyW2zrqnEkzCX/wUQTMETtXTlk9/QDKLos8GwioUO7eI62SnY0NR35qd
eYj7BP7pkpXZr/2uoWWiicL8GXs+j04lr1dBHCoQOf050xS2BzeASXIaaZ9pobYI
Lw8LHFAhWxpu+U++CyPSJkSNTpqZR8DGqv7KcR2Y685AytrT5CEZ4kn/obr9YW0J
OA==
-----END CERTIFICATE-----
Generated at Sat Jul 18 02:17:35 2026 by rpki-client