Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer
File:                     R-lr-DG7PMQ7TweEJj5ylYddVRY.cer (raw, json)
Hash identifier:          sku6OG8PcLRR5IyX0UGagOgDHivPFVGQFPX5vgBB+aA=
Subject key identifier:   47:E9:6B:F8:31:BB:3C:C4:3B:4F:07:84:26:3E:72:95:87:5D:55:16
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       7D4B
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 19 Jun 2026 06:54:59 +0000
Certificate not after:    Tue 31 Aug 2027 00:00:00 +0000
Subordinate resources:    IP: 165.99.40.0/23
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 19:50:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32075 (0x7d4b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Jun 19 06:54:59 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=A91C4204, serialNumber=47E96BF831BB3CC43B4F0784263E7295875D5516
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:a6:db:75:a3:76:ef:7d:30:59:92:2e:ee:14:
                    51:b1:8c:6d:55:cb:52:be:dd:b9:65:52:31:0f:51:
                    e6:37:55:a8:ee:f5:06:3c:bd:a4:bd:6d:ed:e2:80:
                    53:37:46:57:9a:70:2c:8f:91:50:8e:9f:9e:fb:5c:
                    e9:d5:16:67:b0:a2:13:2c:c0:1f:dc:b0:f6:7a:03:
                    e1:28:a4:cd:55:c7:98:32:0e:60:ec:a8:79:d6:fc:
                    95:a3:57:f3:74:7d:41:4c:85:d7:d0:63:a3:8a:5c:
                    41:11:69:41:5f:ac:24:3e:b1:0a:92:0f:0b:c1:6d:
                    ab:6d:20:de:97:80:32:df:b2:bd:02:8c:ba:7c:84:
                    f7:a0:f1:78:58:11:43:95:b2:9e:00:58:23:35:50:
                    b7:10:6c:f7:fd:c8:43:d6:9e:af:8a:ef:0a:25:70:
                    7a:b6:ba:83:f1:09:20:79:75:e5:09:21:d8:3f:ac:
                    3d:94:f3:00:32:1d:1e:05:e0:a1:1c:0e:a3:a9:0c:
                    73:70:54:34:01:f8:db:66:9f:c9:11:2c:d0:28:93:
                    a5:13:aa:5b:8a:2f:40:e5:0a:e4:2e:a8:fe:01:bd:
                    9a:91:57:20:63:ef:ba:37:35:fd:95:c9:7d:7b:fe:
                    a0:dd:e0:1a:60:87:0e:c5:44:ad:38:08:41:8e:d2:
                    c9:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:E9:6B:F8:31:BB:3C:C4:3B:4F:07:84:26:3E:72:95:87:5D:55:16
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.99.40.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9a:fd:32:06:86:b3:95:b7:1e:f7:d6:fe:4a:a2:b1:84:6b:55:
         2b:d5:6b:58:f6:c6:48:57:09:3a:60:3a:9f:41:57:32:4a:36:
         3f:9e:d5:c3:f8:5b:14:52:d1:4a:21:e3:f5:85:82:de:01:c3:
         8c:7c:4f:5c:55:7f:3a:53:71:9a:52:02:b4:6c:ff:c8:d7:65:
         a2:5f:60:70:b2:89:35:3f:f5:f7:ee:bd:0e:a4:6c:c5:92:f0:
         2c:75:24:a1:ee:1a:25:02:18:64:4e:ef:e8:23:e4:91:6e:68:
         4b:37:4c:2e:52:9e:66:45:ce:61:cf:ac:1c:ff:42:c5:07:8c:
         23:97:ea:25:2f:4c:9b:a2:35:c2:7d:6d:0c:83:ce:76:d6:8e:
         82:76:cc:6d:eb:83:07:8e:f7:c7:ba:f0:04:9d:7c:db:31:d0:
         93:45:d9:0c:af:32:f1:2e:c6:ed:68:d4:36:d0:ca:27:e7:8f:
         08:4d:8c:c2:ee:07:86:89:69:a7:e6:c3:f4:8f:26:37:f6:28:
         cb:a0:fb:e0:e5:e2:f3:03:aa:28:f2:b7:dd:24:5e:e6:44:96:
         fe:3e:ae:50:45:ac:81:70:e3:80:7a:3a:c0:b1:51:9b:8a:2a:
         f7:ff:cc:a7:56:57:f5:80:58:75:7c:99:67:3c:99:f6:65:0d:
         58:2b:cc:94
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICfUswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjYwNjE5MDY1NDU5WhcNMjcwODMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDNDIwNDExMC8GA1UEBRMoNDdFOTZCRjgzMUJCM0NDNDNCNEYwNzg0
MjYzRTcyOTU4NzVENTUxNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMum23Wjdu99MFmSLu4UUbGMbVXLUr7duWVSMQ9R5jdVqO71Bjy9pL1t7eKAUzdG
V5pwLI+RUI6fnvtc6dUWZ7CiEyzAH9yw9noD4SikzVXHmDIOYOyoedb8laNX83R9
QUyF19Bjo4pcQRFpQV+sJD6xCpIPC8Ftq20g3peAMt+yvQKMunyE96DxeFgRQ5Wy
ngBYIzVQtxBs9/3IQ9aer4rvCiVwera6g/EJIHl15Qkh2D+sPZTzADIdHgXgoRwO
o6kMc3BUNAH422afyREs0CiTpROqW4ovQOUK5C6o/gG9mpFXIGPvujc1/ZXJfXv+
oN3gGmCHDsVErTgIQY7SyTECAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRH6Wv4Mbs8
xDtPB4QmPnKVh11VFjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzQyMDQvNDQxQjUwNTIzMDA5MTFGMEEwQUE3RDNEQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM0MjA0LzQ0MUI1MDUyMzAwOTExRjBBMEFBN0QzREM0RjlBRTAyL1ItbHItREc3
UE1RN1R3ZUVKajV5bFlkZFZSWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaVjKDANBgkqhkiG9w0BAQsFAAOCAQEAmv0yBoazlbce99b+SqKx
hGtVK9VrWPbGSFcJOmA6n0FXMko2P57Vw/hbFFLRSiHj9YWC3gHDjHxPXFV/OlNx
mlICtGz/yNdlol9gcLKJNT/19+69DqRsxZLwLHUkoe4aJQIYZE7v6CPkkW5oSzdM
LlKeZkXOYc+sHP9CxQeMI5fqJS9Mm6I1wn1tDIPOdtaOgnbMbeuDB473x7rwBJ18
2zHQk0XZDK8y8S7G7WjUNtDKJ+ePCE2Mwu4Hholpp+bD9I8mN/Yoy6D74OXi8wOq
KPK33SRe5kSW/j6uUEWsgXDjgHo6wLFRm4oq9//Mp1ZX9YBYdXyZZzyZ9mUNWCvM
lA==
-----END CERTIFICATE-----
Generated at Sat Jul 18 02:18:03 2026 by rpki-client