Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pVTfPUcCf_r3y4oWbz4KEOMXeGc.cer
File:                     pVTfPUcCf_r3y4oWbz4KEOMXeGc.cer (raw, json)
Hash identifier:          Z8UcCcQJvfyyrAIBr2jVvthKYlFBP6l1qve2hd7QYE0=
Subject key identifier:   A5:54:DF:3D:47:02:7F:FA:F7:CB:8A:16:6F:3E:0A:10:E3:17:78:67
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       7E24
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A919AD11/FC5038483A8911EF9817B26AC4F9AE02/pVTfPUcCf_r3y4oWbz4KEOMXeGc.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A919AD11/FC5038483A8911EF9817B26AC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 03 Jul 2026 14:01:13 +0000
Certificate not after:    Thu 30 Sep 2027 00:00:00 +0000
Subordinate resources:    IP: 160.25.33.0/24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 19:50:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32292 (0x7e24)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Jul  3 14:01:13 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=A919AD11, serialNumber=A554DF3D47027FFAF7CB8A166F3E0A10E3177867
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:4b:59:cc:55:7e:8c:c6:8d:d6:c9:16:5f:4d:
                    29:cc:ac:7f:78:74:49:f4:55:07:28:90:59:bc:3d:
                    ff:9d:e1:67:1d:d8:c1:45:97:c9:9a:b7:c2:b9:b8:
                    d7:82:dc:83:45:96:ff:3c:9e:c4:dc:83:13:06:ca:
                    49:99:3c:52:42:a2:77:7f:c5:e8:84:33:6f:48:24:
                    37:0a:6d:69:41:46:d0:c1:11:84:89:42:cf:0b:99:
                    54:1f:d6:7b:78:6e:ac:e8:96:7c:92:8c:43:0b:e0:
                    ae:46:da:fe:d3:bd:91:85:d7:19:37:24:35:50:87:
                    12:5a:eb:4a:d8:77:8d:c3:86:0a:9c:59:54:19:b1:
                    ac:91:46:89:13:7b:17:b8:b5:d2:30:76:7a:62:87:
                    67:f3:0e:2a:0f:f5:c5:ce:45:04:0d:17:ec:db:f3:
                    a9:a9:3d:f1:ff:e0:e7:7b:3e:44:d0:21:07:37:69:
                    d1:f5:85:c6:84:aa:48:f6:0d:c0:ca:52:46:e3:4b:
                    69:50:1d:c9:4e:50:cf:2b:6b:5c:bc:3f:ad:da:4b:
                    04:41:63:6f:9b:71:17:0c:0a:c8:fe:68:87:ba:88:
                    f7:6d:fc:f2:9f:e2:ec:48:47:a7:1d:0a:7a:b3:5b:
                    99:75:d4:58:db:31:c3:fa:01:4f:b3:22:df:e4:a8:
                    c7:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:54:DF:3D:47:02:7F:FA:F7:CB:8A:16:6F:3E:0A:10:E3:17:78:67
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919AD11/FC5038483A8911EF9817B26AC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919AD11/FC5038483A8911EF9817B26AC4F9AE02/pVTfPUcCf_r3y4oWbz4KEOMXeGc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.25.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:70:9f:20:2d:ea:53:ca:4a:7f:f3:89:ca:37:5e:fd:fc:c2:
         93:69:f9:55:5b:ac:0a:22:85:9d:14:2b:d1:17:1e:8c:9c:1e:
         e7:09:49:aa:28:12:62:47:f7:00:0c:5b:59:31:1f:4b:ac:84:
         29:8f:4b:84:ce:8d:e1:8b:6c:28:03:a4:8f:fe:9e:18:36:de:
         96:59:57:93:85:73:55:76:c0:57:2d:51:ce:93:7d:cd:9d:01:
         19:0a:d8:5b:c5:40:72:6f:2f:a0:c2:28:60:cf:02:64:dc:b9:
         b8:e5:4d:07:c6:07:24:df:60:eb:c0:97:14:e5:18:7f:57:0b:
         68:98:bf:5b:31:7c:ae:e4:ec:11:8d:eb:2f:84:4b:16:d2:df:
         f2:2b:3c:f6:b0:95:00:23:91:75:87:00:5b:7e:82:6e:ae:c6:
         ff:b1:46:ba:3d:79:77:78:be:d2:4e:91:29:8c:49:df:24:1b:
         b2:7a:88:ec:dc:b8:a9:91:da:fd:6e:33:da:49:e1:1a:75:dd:
         59:7f:73:d4:e2:72:40:2f:8c:cd:b3:46:50:5a:5e:7f:13:26:
         b1:3f:17:d1:cd:9b:40:eb:6c:0d:32:8d:86:39:a6:18:c5:3e:
         3c:f3:15:45:72:70:fe:eb:75:cf:5e:1b:e2:01:be:da:99:0f:
         db:a3:24:d5
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICfiQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjYwNzAzMTQwMTEzWhcNMjcwOTMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE5QUQxMTExMC8GA1UEBRMoQTU1NERGM0Q0NzAyN0ZGQUY3Q0I4QTE2
NkYzRTBBMTBFMzE3Nzg2NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMRLWcxVfozGjdbJFl9NKcysf3h0SfRVByiQWbw9/53hZx3YwUWXyZq3wrm414Lc
g0WW/zyexNyDEwbKSZk8UkKid3/F6IQzb0gkNwptaUFG0MERhIlCzwuZVB/We3hu
rOiWfJKMQwvgrkba/tO9kYXXGTckNVCHElrrSth3jcOGCpxZVBmxrJFGiRN7F7i1
0jB2emKHZ/MOKg/1xc5FBA0X7Nvzqak98f/g53s+RNAhBzdp0fWFxoSqSPYNwMpS
RuNLaVAdyU5QzytrXLw/rdpLBEFjb5txFwwKyP5oh7qI92388p/i7EhHpx0KerNb
mXXUWNsxw/oBT7Mi3+Sox98CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBSlVN89RwJ/
+vfLihZvPgoQ4xd4ZzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUFEMTEvRkM1MDM4NDgzQTg5MTFFRjk4MTdCMjZBQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTlBRDExL0ZDNTAzODQ4M0E4OTExRUY5ODE3QjI2QUM0RjlBRTAyL3BWVGZQVWND
Zl9yM3k0b1diejRLRU9NWGVHYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKAZITANBgkqhkiG9w0BAQsFAAOCAQEAVHCfIC3qU8pKf/OJyjde
/fzCk2n5VVusCiKFnRQr0RcejJwe5wlJqigSYkf3AAxbWTEfS6yEKY9LhM6N4Yts
KAOkj/6eGDbelllXk4VzVXbAVy1RzpN9zZ0BGQrYW8VAcm8voMIoYM8CZNy5uOVN
B8YHJN9g68CXFOUYf1cLaJi/WzF8ruTsEY3rL4RLFtLf8is89rCVACORdYcAW36C
bq7G/7FGuj15d3i+0k6RKYxJ3yQbsnqI7Ny4qZHa/W4z2knhGnXdWX9z1OJyQC+M
zbNGUFpefxMmsT8X0c2bQOtsDTKNhjmmGMU+PPMVRXJw/ut1z14b4gG+2pkP26Mk
1Q==
-----END CERTIFICATE-----
Generated at Sat Jul 18 02:17:36 2026 by rpki-client