Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XwBNV-s29CZy5m8wBfZGm2KJFxs.cer
File:                     XwBNV-s29CZy5m8wBfZGm2KJFxs.cer (raw, json)
Hash identifier:          3wvw2hkwDhxtK/OC/EG/1A1om9LrA6iWsb/UxyC4zJk=
Subject key identifier:   5F:00:4D:57:EB:36:F4:26:72:E6:6F:30:05:F6:46:9B:62:89:17:1B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       02C0DA
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C1025/956F662C9D8411EF817E1420C4F9AE02/XwBNV-s29CZy5m8wBfZGm2KJFxs.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C1025/956F662C9D8411EF817E1420C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 30 Jun 2026 14:31:23 +0000
Certificate not after:    Fri 30 Oct 2026 00:00:00 +0000
Subordinate resources:    AS: 153167
                          IP: 2401:b3a0::/32
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 15 Jul 2026 17:46:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 180442 (0x2c0da)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jun 30 14:31:23 2026 GMT
            Not After : Oct 30 00:00:00 2026 GMT
        Subject: CN=A91C1025, serialNumber=5F004D57EB36F42672E66F3005F6469B6289171B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:24:36:e3:6d:42:ee:e3:de:af:9b:13:43:b6:
                    4d:b5:f0:10:0c:9f:c6:71:57:0f:7e:8a:41:46:d9:
                    5a:5c:25:93:17:09:f3:a1:35:01:48:02:08:7f:43:
                    58:af:9c:a8:39:59:a5:a2:d1:ca:8c:0f:e2:42:ae:
                    de:5b:d2:4b:4e:e6:6d:40:d8:50:89:49:f7:2a:66:
                    9b:57:28:dd:3e:4b:66:fc:69:6d:a2:24:48:7a:5a:
                    52:eb:c6:00:bd:0c:4f:3a:4d:de:41:88:af:d4:59:
                    2d:1d:ff:b7:10:be:5d:e9:d6:5c:d5:65:79:b2:05:
                    f3:16:a3:4d:90:8d:6e:82:31:0a:24:d2:7d:03:30:
                    e0:44:89:3a:00:e6:28:9c:93:d5:5b:2a:cd:8b:5b:
                    c8:1c:ab:30:d2:15:0f:63:ca:55:da:26:c6:c3:1e:
                    37:51:c4:a9:ee:08:96:9a:fd:2e:e8:ca:bd:20:55:
                    94:b3:1c:f5:a5:5d:99:0e:65:c5:a4:eb:18:da:87:
                    e1:ff:13:18:f9:1a:55:df:b8:e4:b6:11:dd:25:aa:
                    10:53:40:98:ee:6f:35:c2:7c:33:d2:d3:1a:fb:6c:
                    78:03:a4:0e:dd:c8:b6:28:c6:e1:3d:aa:82:96:d8:
                    50:a2:d6:0d:6b:a0:cf:56:2c:79:f2:c4:e7:6c:57:
                    63:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:00:4D:57:EB:36:F4:26:72:E6:6F:30:05:F6:46:9B:62:89:17:1B
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C1025/956F662C9D8411EF817E1420C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C1025/956F662C9D8411EF817E1420C4F9AE02/XwBNV-s29CZy5m8wBfZGm2KJFxs.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  153167

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:b3a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         0d:61:2a:8d:04:67:ca:e7:06:ab:62:61:16:7c:74:8d:bc:e8:
         08:b5:17:30:0f:b0:7e:88:a5:e9:ae:2a:d3:dc:71:82:51:92:
         b2:c9:1a:b6:b9:4b:20:1f:aa:6f:7d:46:e8:63:5f:b7:28:ac:
         31:3b:e7:80:25:60:2c:65:bd:c9:4a:d8:06:24:56:55:68:1c:
         6e:21:4f:80:5d:7f:59:e5:e2:9e:0a:e3:58:85:ad:3b:a3:00:
         93:27:82:9c:8e:65:24:c5:af:0c:3a:01:12:21:10:47:06:a0:
         3f:ce:b5:61:96:5f:b3:29:5e:5b:e7:f5:73:da:0e:d2:98:97:
         ce:ac:0c:5b:f0:3f:26:98:e2:00:b0:92:8c:6a:49:fc:b7:72:
         e2:f0:f3:79:87:f3:f7:ac:cd:5f:38:6a:96:f2:3e:2e:1a:b4:
         34:d4:04:60:b7:f3:1d:9f:39:17:29:7b:c8:cd:cb:d0:cb:6e:
         2a:e5:78:d1:27:bd:a2:d7:e2:47:9c:1f:ca:73:a3:25:be:12:
         92:fb:e9:28:60:3d:e9:6c:0c:dd:cf:00:c9:be:4c:41:c9:a8:
         9f:40:e5:e1:c3:44:3c:f4:7e:a5:12:34:fa:1c:cb:1b:44:db:
         5e:5d:18:6e:33:38:1f:21:be:a2:f2:ac:b1:6e:51:dd:6c:ee:
         6f:06:fc:e1
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIDAsDaMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDYzMDE0MzEyM1oXDTI2MTAzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzEwMjUxMTAvBgNVBAUTKDVGMDA0RDU3RUIzNkY0MjY3MkU2NkYz
MDA1RjY0NjlCNjI4OTE3MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDjJDbjbULu496vmxNDtk218BAMn8ZxVw9+ikFG2VpcJZMXCfOhNQFIAgh/Q1iv
nKg5WaWi0cqMD+JCrt5b0ktO5m1A2FCJSfcqZptXKN0+S2b8aW2iJEh6WlLrxgC9
DE86Td5BiK/UWS0d/7cQvl3p1lzVZXmyBfMWo02QjW6CMQok0n0DMOBEiToA5iic
k9VbKs2LW8gcqzDSFQ9jylXaJsbDHjdRxKnuCJaa/S7oyr0gVZSzHPWlXZkOZcWk
6xjah+H/Exj5GlXfuOS2Ed0lqhBTQJjubzXCfDPS0xr7bHgDpA7dyLYoxuE9qoKW
2FCi1g1roM9WLHnyxOdsV2PxAgMBAAGjggMQMIIDDDAdBgNVHQ4EFgQUXwBNV+s2
9CZy5m8wBfZGm2KJFxswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUMxMDI1Lzk1NkY2NjJDOUQ4NDExRUY4MTdFMTQyMEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDMTAyNS85NTZGNjYyQzlEODQxMUVGODE3RTE0MjBDNEY5QUUwMi9Yd0JOVi1z
MjlDWnk1bTh3QmZaR20yS0pGeHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlZPMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAGzoDANBgkq
hkiG9w0BAQsFAAOCAQEADWEqjQRnyucGq2JhFnx0jbzoCLUXMA+wfoil6a4q09xx
glGSsskatrlLIB+qb31G6GNftyisMTvngCVgLGW9yUrYBiRWVWgcbiFPgF1/WeXi
ngrjWIWtO6MAkyeCnI5lJMWvDDoBEiEQRwagP861YZZfsyleW+f1c9oO0piXzqwM
W/A/JpjiALCSjGpJ/Ldy4vDzeYfz96zNXzhqlvI+Lhq0NNQEYLfzHZ85Fyl7yM3L
0MtuKuV40Se9otfiR5wfynOjJb4SkvvpKGA96WwM3c8Ayb5MQcmon0Dl4cNEPPR+
pRI0+hzLG0TbXl0YbjM4HyG+ovKssW5R3Wzubwb84Q==
-----END CERTIFICATE-----
Generated at Wed Jul 8 21:03:45 2026 by rpki-client