Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hAGMCD0Qo55_aFxBrhZjcMbXesQ.cer
File:                     hAGMCD0Qo55_aFxBrhZjcMbXesQ.cer (raw, json)
Hash identifier:          2i9j8aLAk8t8ayFCFF/B22TgtOu0XlwD8IxSgU9Pq4E=
Subject key identifier:   84:01:8C:08:3D:10:A3:9E:7F:68:5C:41:AE:16:63:70:C6:D7:7A:C4
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       02C04E
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91505AB/05243AC64C2811E7968AD211C4F9AE02/hAGMCD0Qo55_aFxBrhZjcMbXesQ.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91505AB/05243AC64C2811E7968AD211C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 29 Jun 2026 13:13:05 +0000
Certificate not after:    Tue 31 Aug 2027 00:00:00 +0000
Subordinate resources:    AS: 133450
                          IP: 103.94.128.0/22
                          IP: 2401:3fc0::/32
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 12 Jul 2026 05:54:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 180302 (0x2c04e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jun 29 13:13:05 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=A91505AB, serialNumber=84018C083D10A39E7F685C41AE166370C6D77AC4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:f4:01:08:1b:67:a5:43:2a:10:a3:a2:cd:51:
                    b0:77:0f:89:7f:dd:56:3f:6c:38:71:cd:54:0e:84:
                    45:60:9a:c3:f3:a3:06:37:ec:a7:73:85:03:29:d4:
                    64:d9:ce:47:67:ef:5a:47:69:d3:69:71:91:e1:e0:
                    46:f0:24:1d:a9:fb:30:c4:7f:e6:c3:37:a0:ec:09:
                    40:5b:b8:61:57:65:93:7f:5c:d5:c2:7b:ac:b1:31:
                    52:a5:a9:bf:94:29:5d:49:2b:25:ef:89:e4:9e:a2:
                    ae:6d:50:52:80:5e:cc:9e:4c:32:42:d2:f2:f8:91:
                    b7:7e:8d:5f:3e:71:b3:2e:0f:ac:08:c2:39:41:bf:
                    7d:aa:ae:d8:39:0b:b8:24:18:6f:8d:50:2a:09:99:
                    ed:ea:6b:38:50:2f:a8:3f:0a:03:bd:4f:6b:4d:d1:
                    39:ca:2e:45:51:d4:dc:a7:ac:77:19:9a:f8:ae:6f:
                    91:bf:2f:02:c6:ad:f1:0f:1d:4f:59:82:e4:5e:5f:
                    49:0b:5b:5e:9e:da:45:98:0c:0b:67:52:c5:0f:14:
                    dd:6c:4e:8a:e1:79:51:8a:cc:f2:71:61:4f:85:dc:
                    7a:21:3d:7a:f0:64:42:34:5e:3e:90:5a:43:ae:1c:
                    bd:88:38:56:59:14:d7:34:fe:51:60:bb:de:ab:9f:
                    2c:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:01:8C:08:3D:10:A3:9E:7F:68:5C:41:AE:16:63:70:C6:D7:7A:C4
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91505AB/05243AC64C2811E7968AD211C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91505AB/05243AC64C2811E7968AD211C4F9AE02/hAGMCD0Qo55_aFxBrhZjcMbXesQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  133450

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.94.128.0/22
                IPv6:
                  2401:3fc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         60:14:6b:5e:1b:2d:78:e1:4e:84:c7:ba:4d:76:06:93:50:c5:
         06:1d:45:d2:24:a6:df:ed:71:03:67:56:5e:cc:d7:a5:16:59:
         90:13:6c:96:d0:aa:fe:e5:43:5c:a3:97:32:e0:91:2f:25:50:
         e0:9c:ce:cf:68:af:f8:1a:54:a4:32:75:84:d4:b6:35:9b:f3:
         bd:5b:e8:79:d6:d0:1e:4c:7e:96:32:fe:d6:9e:81:f7:bc:61:
         6b:3c:90:2e:9e:a2:e8:9e:8c:e1:d8:07:54:1c:85:78:32:10:
         54:d7:25:0d:05:8c:11:d3:2a:38:e2:15:ed:94:3a:d3:2e:df:
         e3:9f:9e:71:bd:3a:b2:b7:03:cd:ea:6b:e7:24:ab:10:01:24:
         c5:a8:7a:25:55:f3:96:12:b1:49:be:e4:66:95:62:9f:d1:90:
         bd:c7:59:0d:e6:91:18:ff:ec:29:6c:cf:01:03:0c:4f:da:fe:
         fe:fa:7f:11:2e:30:64:9f:8b:08:ca:f7:c1:9f:2b:41:76:8d:
         c9:22:1a:07:57:04:7d:bb:49:9e:f0:61:27:ef:46:db:48:f9:
         b9:15:f9:a1:68:a1:b4:0e:b3:2f:12:b9:92:1a:53:cb:62:42:
         7b:fc:b7:c9:ee:dc:80:87:d3:cc:62:16:e5:37:72:b8:93:ac:
         de:ca:da:9f
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAsBOMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDYyOTEzMTMwNVoXDTI3MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTA1QUIxMTAvBgNVBAUTKDg0MDE4QzA4M0QxMEEzOUU3RjY4NUM0
MUFFMTY2MzcwQzZENzdBQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDH9AEIG2elQyoQo6LNUbB3D4l/3VY/bDhxzVQOhEVgmsPzowY37KdzhQMp1GTZ
zkdn71pHadNpcZHh4EbwJB2p+zDEf+bDN6DsCUBbuGFXZZN/XNXCe6yxMVKlqb+U
KV1JKyXvieSeoq5tUFKAXsyeTDJC0vL4kbd+jV8+cbMuD6wIwjlBv32qrtg5C7gk
GG+NUCoJme3qazhQL6g/CgO9T2tN0TnKLkVR1NynrHcZmviub5G/LwLGrfEPHU9Z
guReX0kLW16e2kWYDAtnUsUPFN1sTorheVGKzPJxYU+F3HohPXrwZEI0Xj6QWkOu
HL2IOFZZFNc0/lFgu96rnyyHAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUhAGMCD0Q
o55/aFxBrhZjcMbXesQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTUwNUFCLzA1MjQzQUM2NEMyODExRTc5NjhBRDIxMUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1MDVBQi8wNTI0M0FDNjRDMjgxMUU3OTY4QUQyMTFDNEY5QUUwMi9oQUdNQ0Qw
UW81NV9hRnhCcmhaamNNYlhlc1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAglKMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ16AMA0EAgAC
MAcDBQAkAT/AMA0GCSqGSIb3DQEBCwUAA4IBAQBgFGteGy144U6Ex7pNdgaTUMUG
HUXSJKbf7XEDZ1ZezNelFlmQE2yW0Kr+5UNco5cy4JEvJVDgnM7PaK/4GlSkMnWE
1LY1m/O9W+h51tAeTH6WMv7WnoH3vGFrPJAunqLonozh2AdUHIV4MhBU1yUNBYwR
0yo44hXtlDrTLt/jn55xvTqytwPN6mvnJKsQASTFqHolVfOWErFJvuRmlWKf0ZC9
x1kN5pEY/+wpbM8BAwxP2v7++n8RLjBkn4sIyvfBnytBdo3JIhoHVwR9u0me8GEn
70bbSPm5FfmhaKG0DrMvErmSGlPLYkJ7/LfJ7tyAh9PMYhblN3K4k6zeytqf
-----END CERTIFICATE-----
Generated at Sun Jul 5 07:53:27 2026 by rpki-client