Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iH99gQPB72hcBUJw7rC4CfdsboY.cer
File:                     iH99gQPB72hcBUJw7rC4CfdsboY.cer (raw, json)
Hash identifier:          BKhYsSpujqKekFhfD5xUzsLwfwxz5mtmJoaSQvFVWT4=
Subject key identifier:   88:7F:7D:81:03:C1:EF:68:5C:05:42:70:EE:B0:B8:09:F7:6C:6E:86
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       02BFF4
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91729D4/33485550725111F1A5B3D6038DA30FBC/iH99gQPB72hcBUJw7rC4CfdsboY.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91729D4/33485550725111F1A5B3D6038DA30FBC/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sat 27 Jun 2026 17:54:14 +0000
Certificate not after:    Thu 30 Sep 2027 00:00:00 +0000
Subordinate resources:    AS: 154725
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 12 Jul 2026 05:54:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 180212 (0x2bff4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jun 27 17:54:14 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=A91729D4, serialNumber=887F7D8103C1EF685C054270EEB0B809F76C6E86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:5e:1e:8b:57:f7:38:e3:7d:84:e7:a8:67:09:
                    56:f3:af:26:7b:55:62:16:73:3a:26:5b:47:8b:ee:
                    d3:8a:33:dd:05:75:e5:70:4f:7d:d7:45:b1:7b:bc:
                    9e:f5:44:7f:2f:4f:54:05:95:57:32:06:c4:94:c5:
                    a2:45:76:ac:ba:a3:e5:d5:d6:e4:08:2f:15:96:a1:
                    e0:cb:4b:fc:5b:1e:03:09:b2:53:8b:a6:51:31:33:
                    97:a3:21:2a:4b:2d:e0:23:dd:22:3a:7b:dc:a0:cf:
                    9e:b1:c1:92:ed:69:47:22:74:96:46:4c:6e:f2:ec:
                    5c:94:e5:0a:76:c8:0c:9a:eb:98:d8:8e:0c:74:96:
                    10:a7:6b:2b:2a:c4:35:ad:2d:22:7c:1d:07:31:b8:
                    44:65:6c:9a:71:c3:cd:74:6a:7c:ad:e1:39:d8:0c:
                    f7:71:96:c3:2a:44:83:68:a7:02:1f:01:93:ad:e9:
                    f0:51:df:78:bb:ec:e0:d3:8e:b7:66:fc:20:35:72:
                    ab:f9:41:cd:af:78:43:b7:ee:d5:4e:85:d6:27:9a:
                    8a:35:c9:ec:da:96:04:91:d0:74:b3:3a:93:99:1b:
                    37:d6:f8:94:1d:27:84:60:c0:ab:38:bb:b8:86:4a:
                    1c:3f:91:73:cf:af:44:bd:f0:14:a3:01:e8:9b:dd:
                    90:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:7F:7D:81:03:C1:EF:68:5C:05:42:70:EE:B0:B8:09:F7:6C:6E:86
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91729D4/33485550725111F1A5B3D6038DA30FBC/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91729D4/33485550725111F1A5B3D6038DA30FBC/iH99gQPB72hcBUJw7rC4CfdsboY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  154725

    Signature Algorithm: sha256WithRSAEncryption
         40:28:a4:2f:d6:63:ff:b8:f7:59:12:8a:98:c1:10:4a:11:e7:
         cd:e1:cb:37:28:dc:f0:da:ae:b9:e0:af:86:ab:ce:6d:63:40:
         88:e6:4f:11:4c:26:82:37:e5:d7:bc:79:b6:7c:e5:41:a2:d8:
         d6:7a:9e:ac:7a:af:1a:dd:e1:6e:54:03:80:6c:e4:b8:a0:19:
         70:5b:c1:90:47:4c:1a:a5:f8:46:cf:b4:94:59:58:ee:a2:cc:
         28:27:97:3c:a1:82:5b:ff:46:48:b8:49:ad:f4:2f:42:39:3a:
         11:4a:02:fb:ca:2d:1e:0a:5b:57:94:31:9d:a7:ee:ac:98:9e:
         97:fc:56:b6:65:c5:ff:f4:2a:e7:d0:c8:40:8f:ff:32:9d:f5:
         4d:d7:ad:29:6f:39:7b:a7:d1:2a:45:be:21:73:6d:24:1c:86:
         7c:b8:58:0e:e1:8d:bb:97:10:56:ee:72:81:9f:00:0e:dc:8e:
         88:fe:93:82:43:7e:ad:79:f6:49:5c:b3:c3:b6:7e:bb:0e:6b:
         06:b9:2b:62:01:5f:b0:5a:61:b0:ad:b9:05:91:b0:76:66:51:
         bc:a0:30:3d:e7:8e:e2:cd:b8:b7:40:3b:ee:80:87:0e:30:e1:
         65:9b:d8:85:78:84:4e:32:e9:00:38:ae:03:e6:5b:89:11:38:
         70:89:9c:19
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIDAr/0MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDYyNzE3NTQxNFoXDTI3MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNzI5RDQxMTAvBgNVBAUTKDg4N0Y3RDgxMDNDMUVGNjg1QzA1NDI3
MEVFQjBCODA5Rjc2QzZFODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDPXh6LV/c4432E56hnCVbzryZ7VWIWczomW0eL7tOKM90FdeVwT33XRbF7vJ71
RH8vT1QFlVcyBsSUxaJFdqy6o+XV1uQILxWWoeDLS/xbHgMJslOLplExM5ejISpL
LeAj3SI6e9ygz56xwZLtaUcidJZGTG7y7FyU5Qp2yAya65jYjgx0lhCnaysqxDWt
LSJ8HQcxuERlbJpxw810anyt4TnYDPdxlsMqRINopwIfAZOt6fBR33i77ODTjrdm
/CA1cqv5Qc2veEO37tVOhdYnmoo1yezalgSR0HSzOpOZGzfW+JQdJ4RgwKs4u7iG
Shw/kXPPr0S98BSjAeib3ZCzAgMBAAGjggLuMIIC6jAdBgNVHQ4EFgQUiH99gQPB
72hcBUJw7rC4CfdsboYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTcyOUQ0LzMzNDg1NTUwNzI1MTExRjFBNUIzRDYwMzhEQTMwRkJDLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3MjlENC8zMzQ4NTU1MDcyNTExMUYxQTVCM0Q2MDM4REEzMEZCQy9pSDk5Z1FQ
QjcyaGNCVUp3N3JDNENmZHNib1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlxlMA0GCSqGSIb3DQEBCwUAA4IBAQBAKKQv1mP/uPdZEoqYwRBKEefN
4cs3KNzw2q654K+Gq85tY0CI5k8RTCaCN+XXvHm2fOVBotjWep6seq8a3eFuVAOA
bOS4oBlwW8GQR0wapfhGz7SUWVjuoswoJ5c8oYJb/0ZIuEmt9C9COToRSgL7yi0e
CltXlDGdp+6smJ6X/Fa2ZcX/9Crn0MhAj/8ynfVN160pbzl7p9EqRb4hc20kHIZ8
uFgO4Y27lxBW7nKBnwAO3I6I/pOCQ36tefZJXLPDtn67DmsGuStiAV+wWmGwrbkF
kbB2ZlG8oDA9547izbi3QDvugIcOMOFlm9iFeIROMukAOK4D5luJEThwiZwZ
-----END CERTIFICATE-----
Generated at Sun Jul 5 07:50:02 2026 by rpki-client