Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Q_dCP5PWuglpQFn7I974Uo0mSZ0.cer
File:                     Q_dCP5PWuglpQFn7I974Uo0mSZ0.cer (raw, json)
Hash identifier:          /9CdBBfLlm2ZXGphcdDzSQ2qcApHLLLayc9VaSMovfE=
Subject key identifier:   43:F7:42:3F:93:D6:BA:09:69:40:59:FB:23:DE:F8:52:8D:26:49:9D
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       6801
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9186D9F/A936E4402E0411EF86F29D79C4F9AE02/Q_dCP5PWuglpQFn7I974Uo0mSZ0.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9186D9F/A936E4402E0411EF86F29D79C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 10 Jul 2025 17:35:41 +0000
Certificate not after:    Mon 31 Aug 2026 00:00:00 +0000
Subordinate resources:    IP: 160.22.42.0/24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 27 Jul 2025 14:50:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26625 (0x6801)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Jul 10 17:35:41 2025 GMT
            Not After : Aug 31 00:00:00 2026 GMT
        Subject: CN=A9186D9F, serialNumber=43F7423F93D6BA09694059FB23DEF8528D26499D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:b4:0c:d0:be:fc:4d:12:4f:ce:b7:06:32:30:
                    c7:fd:07:51:22:3d:9a:2e:e6:42:a2:3b:8d:e0:b0:
                    27:76:bf:38:89:4b:45:61:97:11:35:bd:a1:82:79:
                    b8:44:b8:58:ab:ff:88:bf:40:f3:b9:1d:7d:72:5a:
                    8d:00:e2:d2:f8:8f:14:f8:ba:aa:77:8a:5f:5a:00:
                    80:e2:ce:8b:0c:90:d2:a6:51:50:bb:7a:11:f8:b9:
                    ea:06:33:d7:f2:b1:8a:01:b4:fc:f6:95:41:a0:16:
                    e4:ad:da:90:04:58:35:e9:ac:f9:4e:28:6a:e3:2b:
                    c2:1c:c1:20:56:7b:f8:08:c8:ad:8c:87:82:55:a4:
                    a1:55:ab:8d:dd:2f:a4:b4:db:50:97:01:7f:ce:61:
                    7d:8a:6f:48:5d:c4:29:4d:0a:a7:14:70:88:17:01:
                    c0:7a:98:bd:4a:5f:45:34:dd:a8:8b:d3:97:7a:9f:
                    b2:1a:ff:f8:8e:c6:b8:89:91:79:b5:54:2e:08:a2:
                    7b:4a:63:c0:da:77:4b:b8:06:61:a9:26:0a:df:5c:
                    f3:52:20:30:f1:be:c2:53:f9:f7:aa:76:52:5c:d0:
                    96:bb:f1:f0:0b:f9:4f:84:8e:10:25:6e:a4:ff:2d:
                    61:d9:18:83:cd:36:b5:1f:28:94:7a:e5:66:18:fb:
                    a1:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:F7:42:3F:93:D6:BA:09:69:40:59:FB:23:DE:F8:52:8D:26:49:9D
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9186D9F/A936E4402E0411EF86F29D79C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9186D9F/A936E4402E0411EF86F29D79C4F9AE02/Q_dCP5PWuglpQFn7I974Uo0mSZ0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.22.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:e3:03:6b:f7:37:40:32:a8:95:11:af:85:9a:bf:12:00:ee:
         9b:66:11:26:21:a2:a1:a6:9d:34:a1:9b:96:05:0f:24:02:53:
         84:15:01:05:2e:98:20:bc:a5:a1:4c:b7:60:36:e6:a7:3e:dd:
         8c:8d:7f:7a:82:3e:e7:3c:6f:85:5c:e6:3f:c4:ba:fd:50:30:
         b6:71:18:30:9e:af:49:03:af:48:68:3e:c4:2a:77:b1:4b:b0:
         68:b7:e0:7b:5f:33:87:15:80:20:79:a8:e8:33:3e:16:72:08:
         52:d4:21:b0:c7:0e:69:c7:c2:f2:7f:ba:e9:29:39:f9:29:31:
         2a:0b:c2:1f:a4:fb:63:34:e5:96:d4:a3:96:c1:57:7b:10:33:
         8d:df:85:0f:7e:9e:82:dc:4b:8b:b9:c8:b6:bf:9f:d4:ba:27:
         2f:b1:0d:41:39:d3:45:d0:66:ee:1e:1c:00:c9:2f:d6:bc:bd:
         3a:5e:a7:1a:d3:f5:04:40:45:d4:22:d8:38:be:47:12:79:41:
         ff:fd:db:87:33:53:95:ea:c9:db:40:06:ca:a7:a2:8e:a8:3a:
         b5:6d:4b:8a:bf:0c:82:db:13:a8:99:a5:eb:e8:81:2a:ad:0f:
         53:c9:06:67:a4:00:1b:f8:2c:36:ee:ae:86:b3:33:53:0e:84:
         5c:9f:3f:04
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICaAEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNzEwMTczNTQxWhcNMjYwODMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE4NkQ5RjExMC8GA1UEBRMoNDNGNzQyM0Y5M0Q2QkEwOTY5NDA1OUZC
MjNERUY4NTI4RDI2NDk5RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMe0DNC+/E0ST863BjIwx/0HUSI9mi7mQqI7jeCwJ3a/OIlLRWGXETW9oYJ5uES4
WKv/iL9A87kdfXJajQDi0viPFPi6qneKX1oAgOLOiwyQ0qZRULt6Efi56gYz1/Kx
igG0/PaVQaAW5K3akARYNems+U4oauMrwhzBIFZ7+AjIrYyHglWkoVWrjd0vpLTb
UJcBf85hfYpvSF3EKU0KpxRwiBcBwHqYvUpfRTTdqIvTl3qfshr/+I7GuImRebVU
Lgiie0pjwNp3S7gGYakmCt9c81IgMPG+wlP596p2UlzQlrvx8Av5T4SOECVupP8t
YdkYg802tR8olHrlZhj7oZ0CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRD90I/k9a6
CWlAWfsj3vhSjSZJnTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZEOUYvQTkzNkU0NDAyRTA0MTFFRjg2RjI5RDc5QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTg2RDlGL0E5MzZFNDQwMkUwNDExRUY4NkYyOUQ3OUM0RjlBRTAyL1FfZENQNVBX
dWdscFFGbjdJOTc0VW8wbVNaMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKAWKjANBgkqhkiG9w0BAQsFAAOCAQEAMOMDa/c3QDKolRGvhZq/
EgDum2YRJiGioaadNKGblgUPJAJThBUBBS6YILyloUy3YDbmpz7djI1/eoI+5zxv
hVzmP8S6/VAwtnEYMJ6vSQOvSGg+xCp3sUuwaLfge18zhxWAIHmo6DM+FnIIUtQh
sMcOacfC8n+66Sk5+SkxKgvCH6T7YzTlltSjlsFXexAzjd+FD36egtxLi7nItr+f
1LonL7ENQTnTRdBm7h4cAMkv1ry9Ol6nGtP1BEBF1CLYOL5HEnlB//3bhzNTlerJ
20AGyqeijqg6tW1Lir8MgtsTqJml6+iBKq0PU8kGZ6QAG/gsNu6uhrMzUw6EXJ8/
BA==
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:13:55 2025 by rpki-client