Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ho7LZCXagzKIkuV7sN9kThrrc7M.cer
File:                     ho7LZCXagzKIkuV7sN9kThrrc7M.cer (raw, json)
Hash identifier:          ZpGFFn4zUxD9RTXeOyt8xbrVXcwYezEjCoWgYuusBp0=
Subject key identifier:   86:8E:CB:64:25:DA:83:32:88:92:E5:7B:B0:DF:64:4E:1A:EB:73:B3
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       0251D4
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/ho7LZCXagzKIkuV7sN9kThrrc7M.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 01 Jul 2025 02:00:49 +0000
Certificate not after:    Thu 30 Oct 2025 00:00:00 +0000
Subordinate resources:    IP: 2404:f980::/32
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 10 Jul 2025 03:15:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 152020 (0x251d4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul  1 02:00:49 2025 GMT
            Not After : Oct 30 00:00:00 2025 GMT
        Subject: CN=A91C9945, serialNumber=868ECB6425DA83328892E57BB0DF644E1AEB73B3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:03:50:b6:1f:3a:73:25:a9:1f:69:61:32:08:
                    b5:34:2e:8b:9f:30:c7:f0:63:b6:20:76:29:a6:ac:
                    69:59:9c:b7:63:a5:38:25:07:75:0c:cf:71:61:db:
                    db:e0:03:f4:76:40:be:ea:43:cf:6e:19:6f:db:35:
                    59:e3:35:fe:ba:d0:95:35:a6:6a:bd:0e:06:95:e5:
                    68:8f:73:3d:00:42:60:c3:43:3f:fb:31:2c:6f:5f:
                    f8:54:1f:ce:05:33:83:df:04:ba:67:ae:cd:2a:d3:
                    45:cb:21:a6:a3:e4:f6:e0:c6:7c:74:34:fe:28:3a:
                    b1:db:4e:96:a1:04:aa:e6:90:fc:4d:f2:e2:9d:bf:
                    8b:29:e2:b8:33:9e:23:ba:6a:d1:ec:5e:b0:df:bf:
                    3f:aa:92:8a:f2:8f:4e:ea:47:1e:72:7b:17:b3:9e:
                    7a:d1:71:cb:1b:a4:26:d5:d3:d0:68:35:39:dd:9e:
                    cb:0d:19:78:ed:bb:a4:e8:97:3c:83:a7:95:18:b9:
                    88:fd:69:ce:94:ff:3f:1d:c4:dc:13:18:0f:6e:d8:
                    0b:81:75:cb:4b:a5:ad:33:f8:31:c7:25:25:94:16:
                    7e:ef:91:5f:e2:91:15:ec:45:93:cd:b6:96:67:be:
                    37:a7:aa:9a:f7:7f:f2:ed:e4:aa:fb:07:8e:7e:00:
                    a9:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:8E:CB:64:25:DA:83:32:88:92:E5:7B:B0:DF:64:4E:1A:EB:73:B3
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/ho7LZCXagzKIkuV7sN9kThrrc7M.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:f980::/32

    Signature Algorithm: sha256WithRSAEncryption
         4c:c7:4f:3d:17:b9:e1:33:59:cc:a3:bd:3a:a0:51:54:9c:5d:
         15:ee:ec:53:69:f5:3b:c0:6f:dc:17:67:1d:2c:e6:0b:c2:62:
         7a:a9:32:c4:af:29:67:16:a0:1e:62:e0:98:74:c0:f1:10:9e:
         24:00:de:37:9d:fb:12:e5:d0:db:bc:d9:fb:ec:d9:46:22:fa:
         60:6a:3d:d2:be:32:bf:98:1d:cd:ac:e2:55:98:e0:4c:f4:bf:
         49:c4:1a:b9:eb:d8:8a:be:1d:0d:c4:d6:c7:1d:d1:cb:86:ac:
         67:52:38:56:16:47:a7:6f:aa:02:0e:47:97:a8:cd:e3:68:04:
         b5:61:c9:89:af:0a:d5:ad:e5:e9:e7:11:90:c6:c4:69:b4:c8:
         9c:5a:54:7e:99:5b:02:55:37:82:12:fb:e0:26:80:63:41:1b:
         32:c3:86:23:0f:3d:ef:8e:9c:56:b3:cb:2c:b7:85:56:11:c9:
         7e:b6:b6:34:4d:ea:18:90:10:20:13:f4:63:d0:23:79:67:92:
         8d:9f:54:ef:34:83:fa:64:e2:bb:68:e0:38:b6:67:15:f8:27:
         06:d2:7a:2c:62:ab:81:00:45:9a:7f:e2:5b:1d:75:79:ca:40:
         9f:04:95:83:22:5a:f8:e3:91:39:f4:bb:e8:0d:a2:88:67:71:
         5a:85:36:bb
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgIDAlHUMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDcwMTAyMDA0OVoXDTI1MTAzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzk5NDUxMTAvBgNVBAUTKDg2OEVDQjY0MjVEQTgzMzI4ODkyRTU3
QkIwREY2NDRFMUFFQjczQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2A1C2HzpzJakfaWEyCLU0LoufMMfwY7YgdimmrGlZnLdjpTglB3UMz3Fh29vg
A/R2QL7qQ89uGW/bNVnjNf660JU1pmq9DgaV5WiPcz0AQmDDQz/7MSxvX/hUH84F
M4PfBLpnrs0q00XLIaaj5Pbgxnx0NP4oOrHbTpahBKrmkPxN8uKdv4sp4rgzniO6
atHsXrDfvz+qkoryj07qRx5yexeznnrRccsbpCbV09BoNTndnssNGXjtu6TolzyD
p5UYuYj9ac6U/z8dxNwTGA9u2AuBdctLpa0z+DHHJSWUFn7vkV/ikRXsRZPNtpZn
vjenqpr3f/Lt5Kr7B45+AKl/AgMBAAGjggL0MIIC8DAdBgNVHQ4EFgQUho7LZCXa
gzKIkuV7sN9kThrrc7MwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM5OTQ1L0JDMDBDOEYyRjA5RTExRUNBRUU3M0UxOUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDOTk0NS9CQzAwQzhGMkYwOUUxMUVDQUVFNzNFMTlDNEY5QUUwMi9obzdMWkNY
YWd6S0lrdVY3c045a1RocnJjN00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8EETAP
MA0EAgACMAcDBQAkBPmAMA0GCSqGSIb3DQEBCwUAA4IBAQBMx089F7nhM1nMo706
oFFUnF0V7uxTafU7wG/cF2cdLOYLwmJ6qTLErylnFqAeYuCYdMDxEJ4kAN43nfsS
5dDbvNn77NlGIvpgaj3SvjK/mB3NrOJVmOBM9L9JxBq569iKvh0NxNbHHdHLhqxn
UjhWFkenb6oCDkeXqM3jaAS1YcmJrwrVreXp5xGQxsRptMicWlR+mVsCVTeCEvvg
JoBjQRsyw4YjDz3vjpxWs8sst4VWEcl+trY0TeoYkBAgE/Rj0CN5Z5KNn1TvNIP6
ZOK7aOA4tmcV+CcG0nosYquBAEWaf+JbHXV5ykCfBJWDIlr445E59LvoDaKIZ3Fa
hTa7
-----END CERTIFICATE-----
Generated at Thu Jul 3 05:20:33 2025 by rpki-client