Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LyZbDIAkcwlJJokKhRJOIbEJ2jw.cer
File:                     LyZbDIAkcwlJJokKhRJOIbEJ2jw.cer (raw, json)
Hash identifier:          EDUvRlDn0SiWhZpxspzK+IojfBeKvHtC7pBWetQ2JRc=
Subject key identifier:   2F:26:5B:0C:80:24:73:09:49:26:89:0A:85:12:4E:21:B1:09:DA:3C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       02BD91
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91203EB/F3622E74976911EBABC77486C4F9AE02/LyZbDIAkcwlJJokKhRJOIbEJ2jw.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91203EB/F3622E74976911EBABC77486C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 16 Jun 2026 12:32:48 +0000
Certificate not after:    Fri 30 Jul 2027 00:00:00 +0000
Subordinate resources:    IP: 114.141.120.0/21
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 15 Jul 2026 17:10:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 179601 (0x2bd91)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jun 16 12:32:48 2026 GMT
            Not After : Jul 30 00:00:00 2027 GMT
        Subject: CN=A91203EB, serialNumber=2F265B0C802473094926890A85124E21B109DA3C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:2d:6b:cb:2f:cc:19:0d:ae:cf:43:c5:35:ef:
                    74:05:1e:be:02:0c:df:f7:ce:f5:3d:a7:c4:c4:04:
                    56:e5:40:24:89:0c:df:ef:8a:24:7f:eb:02:3a:77:
                    64:b6:f9:dd:e0:03:d4:d9:f5:ab:3f:db:70:1c:46:
                    62:eb:c7:d7:de:56:c3:07:2a:70:ce:a5:5b:11:f9:
                    41:f6:b8:92:1c:bd:21:ba:5b:4e:be:e2:c3:9c:39:
                    27:77:10:8e:17:85:cf:fc:64:c9:c5:a5:14:0e:29:
                    9b:5d:57:4d:c4:bf:0c:f5:33:f5:d6:6a:09:f0:8b:
                    cc:25:59:4e:af:cb:bb:34:5d:a5:19:19:d1:52:20:
                    e2:c7:f0:2f:42:97:b0:69:01:92:fc:e5:de:92:b4:
                    fb:e6:85:c8:f1:00:eb:95:a3:30:e1:27:c9:32:fe:
                    5b:d0:91:f7:74:1e:60:11:e6:3a:1b:9a:2a:45:4d:
                    21:51:2f:94:5e:8f:03:eb:72:68:87:cc:32:f6:fa:
                    f6:38:28:63:bb:27:a1:81:3e:26:32:fb:6a:9b:9a:
                    a1:b0:47:6c:71:2b:49:6c:54:7f:9c:3a:24:33:1a:
                    04:bc:ec:16:6b:0a:81:a7:33:e0:84:cd:a3:60:55:
                    51:fc:45:10:31:4f:fa:87:36:4d:84:0b:a7:b7:35:
                    0f:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:26:5B:0C:80:24:73:09:49:26:89:0A:85:12:4E:21:B1:09:DA:3C
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91203EB/F3622E74976911EBABC77486C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91203EB/F3622E74976911EBABC77486C4F9AE02/LyZbDIAkcwlJJokKhRJOIbEJ2jw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  114.141.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         62:c9:4f:e4:32:17:6a:7f:d7:32:f0:77:6d:47:98:9a:23:c7:
         72:d3:64:9b:0d:86:cb:bc:51:9b:7c:8e:53:5d:c4:c5:55:d5:
         1c:2c:d4:23:86:4e:c0:f6:e7:f6:6d:dd:b9:c8:e2:8b:e6:44:
         15:be:f6:38:39:60:2b:91:f2:6a:13:2f:24:e5:50:59:de:34:
         2b:6e:14:79:de:b6:b9:c0:4b:86:38:f8:51:7b:c1:a5:44:47:
         41:cb:36:6d:e4:63:38:0f:41:84:0a:35:36:39:9e:f4:bf:0f:
         36:6b:6e:66:4e:92:db:6a:3d:9a:23:cf:39:17:52:62:e9:e5:
         c2:4d:02:c4:a9:36:34:c8:58:76:5a:b0:86:d5:65:76:4b:7e:
         04:29:bb:7d:55:30:c0:f7:0b:6d:26:b1:9d:b2:f1:50:0a:2d:
         27:fe:9a:2e:36:d4:03:9f:df:8a:0a:5e:67:21:d9:76:88:dd:
         90:c2:30:69:2e:9d:cc:8c:13:73:f4:b0:18:8d:20:1e:95:66:
         b9:6a:fa:c2:a3:c1:0e:ba:2d:da:8f:72:be:e8:24:c5:e8:10:
         43:28:54:ba:f0:ca:aa:25:18:53:18:ac:d3:30:2e:1a:1e:a1:
         5a:26:bb:40:dc:3e:a5:67:9d:84:99:a0:7d:89:e3:06:28:dd:
         c3:ec:9e:01
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAr2RMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDYxNjEyMzI0OFoXDTI3MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjAzRUIxMTAvBgNVBAUTKDJGMjY1QjBDODAyNDczMDk0OTI2ODkw
QTg1MTI0RTIxQjEwOURBM0MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDmLWvLL8wZDa7PQ8U173QFHr4CDN/3zvU9p8TEBFblQCSJDN/viiR/6wI6d2S2
+d3gA9TZ9as/23AcRmLrx9feVsMHKnDOpVsR+UH2uJIcvSG6W06+4sOcOSd3EI4X
hc/8ZMnFpRQOKZtdV03Evwz1M/XWagnwi8wlWU6vy7s0XaUZGdFSIOLH8C9Cl7Bp
AZL85d6StPvmhcjxAOuVozDhJ8ky/lvQkfd0HmAR5jobmipFTSFRL5RejwPrcmiH
zDL2+vY4KGO7J6GBPiYy+2qbmqGwR2xxK0lsVH+cOiQzGgS87BZrCoGnM+CEzaNg
VVH8RRAxT/qHNk2EC6e3NQ9BAgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQULyZbDIAk
cwlJJokKhRJOIbEJ2jwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTIwM0VCL0YzNjIyRTc0OTc2OTExRUJBQkM3NzQ4NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyMDNFQi9GMzYyMkU3NDk3NjkxMUVCQUJDNzc0ODZDNEY5QUUwMi9MeVpiRElB
a2N3bEpKb2tLaFJKT0liRUoyancubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBANyjXgwDQYJKoZIhvcNAQELBQADggEBAGLJT+QyF2p/1zLwd21H
mJojx3LTZJsNhsu8UZt8jlNdxMVV1Rws1COGTsD25/Zt3bnI4ovmRBW+9jg5YCuR
8moTLyTlUFneNCtuFHnetrnAS4Y4+FF7waVER0HLNm3kYzgPQYQKNTY5nvS/DzZr
bmZOkttqPZojzzkXUmLp5cJNAsSpNjTIWHZasIbVZXZLfgQpu31VMMD3C20msZ2y
8VAKLSf+mi421AOf34oKXmch2XaI3ZDCMGkuncyME3P0sBiNIB6VZrlq+sKjwQ66
LdqPcr7oJMXoEEMoVLrwyqolGFMYrNMwLhoeoVomu0DcPqVnnYSZoH2J4wYo3cPs
ngE=
-----END CERTIFICATE-----
Generated at Wed Jul 8 18:30:07 2026 by rpki-client