Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cleSPWdwxWeJGbB8vPqK-LnFBT8.cer
File:                     cleSPWdwxWeJGbB8vPqK-LnFBT8.cer (raw, json)
Hash identifier:          iW3+s7LX3okWPGQ8AgBjXeXUCMifwFMgfeQ1S2gcUKc=
Subject key identifier:   72:57:92:3D:67:70:C5:67:89:19:B0:7C:BC:FA:8A:F8:B9:C5:05:3F
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       66AF
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C7175/E9A092B868FD11EFA9500187C4F9AE02/cleSPWdwxWeJGbB8vPqK-LnFBT8.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C7175/E9A092B868FD11EFA9500187C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 18 Jun 2025 06:24:12 +0000
Certificate not after:    Mon 01 Dec 2025 00:00:00 +0000
Subordinate resources:    IP: 160.30.234.0/24
                          IP: 165.101.26.0/24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 25 Jun 2025 06:24:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26287 (0x66af)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Jun 18 06:24:12 2025 GMT
            Not After : Dec  1 00:00:00 2025 GMT
        Subject: CN=A91C7175, serialNumber=7257923D6770C5678919B07CBCFA8AF8B9C5053F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:48:b0:b6:76:6c:84:7c:e9:a8:a4:7c:86:99:
                    fe:8d:73:d0:a7:8f:37:81:83:fb:a9:19:05:15:0a:
                    01:c2:b4:95:7d:79:03:4f:40:41:30:f3:cb:c7:76:
                    c2:63:f2:72:bc:e7:8e:6e:8b:06:e6:58:48:19:ef:
                    0d:26:20:0f:36:de:fe:5d:37:3e:2a:44:31:2f:7b:
                    83:e0:02:3e:5a:70:cd:1e:32:71:f9:37:d4:b7:a3:
                    09:8d:a7:38:28:5e:8c:99:6f:03:9f:c8:8a:c6:52:
                    97:aa:5b:19:f7:75:8a:8b:5f:e0:35:b7:53:ec:18:
                    53:c1:92:0e:6a:4e:45:e9:87:45:17:6f:ad:57:b6:
                    a7:36:b0:5d:a3:87:9d:7f:b2:cd:1c:0c:fe:67:38:
                    cd:c2:c2:63:31:8c:32:e4:79:cd:75:14:09:4a:74:
                    83:81:b7:9b:f8:43:28:ab:7a:36:27:fe:a9:04:f0:
                    a4:9a:57:5c:79:7c:d8:0e:d1:fc:fa:b6:ea:0c:3b:
                    eb:f9:cf:ab:7a:9a:88:8e:b2:c8:28:dc:96:e0:23:
                    b7:a4:3f:eb:78:f9:0b:34:a1:2b:8f:70:e2:3b:c8:
                    5d:50:01:04:d9:01:a1:77:23:48:de:d9:36:96:3f:
                    2d:c2:e5:9c:ce:5c:b9:68:12:19:e9:d8:fd:57:32:
                    62:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:57:92:3D:67:70:C5:67:89:19:B0:7C:BC:FA:8A:F8:B9:C5:05:3F
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C7175/E9A092B868FD11EFA9500187C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C7175/E9A092B868FD11EFA9500187C4F9AE02/cleSPWdwxWeJGbB8vPqK-LnFBT8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.30.234.0/24
                  165.101.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:98:38:78:8f:2c:b7:70:42:b3:07:ce:3b:81:da:6f:e6:02:
         03:e1:f3:48:60:7d:77:ed:c1:f7:15:16:15:0e:08:43:d7:16:
         91:33:ac:45:5c:91:c6:56:f1:30:fc:1c:df:e5:78:30:6a:7e:
         ea:40:75:3a:db:33:91:3a:c7:60:d1:80:e7:cd:81:bd:fb:f7:
         0d:dd:88:a8:47:5f:09:8c:b7:bb:84:d7:c9:ba:08:18:4b:e8:
         a5:3e:62:71:27:e8:64:cd:07:8d:6b:56:13:1c:06:ca:8d:9f:
         e4:9b:9f:63:48:84:19:2e:39:ea:15:1b:94:0d:22:6f:53:4d:
         d2:a0:5a:1f:aa:05:c5:31:46:3e:6c:33:60:d7:27:9a:de:80:
         e4:f9:10:65:b2:87:76:8e:86:4c:71:2d:de:e0:d7:a2:5f:48:
         75:4d:92:1f:b4:00:9c:6f:bb:d2:1a:ff:dc:19:c5:70:2e:8c:
         4b:cd:ba:e0:6e:75:90:fa:ad:a2:de:41:04:81:18:3d:4a:dc:
         25:55:25:0d:13:6e:62:73:a4:0e:e8:12:71:5a:0e:05:23:d8:
         14:ca:a0:c2:20:01:37:2a:72:8f:5d:6f:64:97:5d:3a:fc:f7:
         8a:79:3c:e5:ca:d6:1e:8d:72:fb:97:0c:1c:21:66:29:df:6f:
         fb:cf:bd:84
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgICZq8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNjE4MDYyNDEyWhcNMjUxMjAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDNzE3NTExMC8GA1UEBRMoNzI1NzkyM0Q2NzcwQzU2Nzg5MTlCMDdD
QkNGQThBRjhCOUM1MDUzRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AL5IsLZ2bIR86aikfIaZ/o1z0KePN4GD+6kZBRUKAcK0lX15A09AQTDzy8d2wmPy
crznjm6LBuZYSBnvDSYgDzbe/l03PipEMS97g+ACPlpwzR4ycfk31LejCY2nOChe
jJlvA5/IisZSl6pbGfd1iotf4DW3U+wYU8GSDmpORemHRRdvrVe2pzawXaOHnX+y
zRwM/mc4zcLCYzGMMuR5zXUUCUp0g4G3m/hDKKt6Nif+qQTwpJpXXHl82A7R/Pq2
6gw76/nPq3qaiI6yyCjcluAjt6Q/63j5CzShK49w4jvIXVABBNkBoXcjSN7ZNpY/
LcLlnM5cuWgSGenY/VcyYpMCAwEAAaOCAvkwggL1MB0GA1UdDgQWBBRyV5I9Z3DF
Z4kZsHy8+or4ucUFPzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzcxNzUvRTlBMDkyQjg2OEZEMTFFRkE5NTAwMTg3QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM3MTc1L0U5QTA5MkI4NjhGRDExRUZBOTUwMDE4N0M0RjlBRTAyL2NsZVNQV2R3
eFdlSkdiQjh2UHFLLUxuRkJUOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQWMBQw
EgQCAAEwDAMEAKAe6gMEAKVlGjANBgkqhkiG9w0BAQsFAAOCAQEAD5g4eI8st3BC
swfOO4Hab+YCA+HzSGB9d+3B9xUWFQ4IQ9cWkTOsRVyRxlbxMPwc3+V4MGp+6kB1
OtszkTrHYNGA582Bvfv3Dd2IqEdfCYy3u4TXyboIGEvopT5icSfoZM0HjWtWExwG
yo2f5JufY0iEGS456hUblA0ib1NN0qBaH6oFxTFGPmwzYNcnmt6A5PkQZbKHdo6G
THEt3uDXol9IdU2SH7QAnG+70hr/3BnFcC6MS8264G51kPqtot5BBIEYPUrcJVUl
DRNuYnOkDugScVoOBSPYFMqgwiABNypyj11vZJddOvz3ink85crWHo1y+5cMHCFm
Kd9v+8+9hA==
-----END CERTIFICATE-----
Generated at Wed Jun 18 08:59:01 2025 by rpki-client