Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kIoYD5SUlgetwBExSb6IKuqo6I8.cer
File:                     kIoYD5SUlgetwBExSb6IKuqo6I8.cer (raw, json)
Hash identifier:          PwFo7l5ipCPn8UGVWaV9GkDZR9wARngenbKfkr0n3Mk=
Subject key identifier:   90:8A:18:0F:94:94:96:07:AD:C0:11:31:49:BE:88:2A:EA:A8:E8:8F
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       02487D
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9173C63/4D11319CD85C11ED8181A22FC4F9AE02/kIoYD5SUlgetwBExSb6IKuqo6I8.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9173C63/4D11319CD85C11ED8181A22FC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sun 25 May 2025 14:44:59 +0000
Certificate not after:    Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 151080
                          IP: 103.131.100.0/23
                          IP: 2001:df2:4340::/48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 17 Jun 2025 01:34:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 149629 (0x2487d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May 25 14:44:59 2025 GMT
            Not After : Jul 30 00:00:00 2026 GMT
        Subject: CN=A9173C63, serialNumber=908A180F94949607ADC0113149BE882AEAA8E88F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:cc:df:cb:73:c7:3f:cb:e0:ce:24:56:c8:a5:
                    a1:58:7d:52:07:4b:89:57:e1:ff:fa:27:de:6f:f5:
                    a5:a5:f8:1e:29:5f:1c:85:d8:23:fd:34:cb:ad:ba:
                    e8:62:b6:fb:43:f8:1f:cc:3b:82:e2:f4:54:86:ab:
                    73:c0:76:37:e2:5c:b1:57:7d:63:9c:13:98:6b:1e:
                    f8:b9:c9:f8:85:5f:0f:7f:f8:fa:64:00:d4:fd:01:
                    12:de:34:60:56:6f:69:bf:7e:68:e7:3e:98:27:cf:
                    17:9b:7b:1c:63:93:30:36:7e:f6:18:fc:4c:f4:ec:
                    d4:7f:4b:10:94:41:49:98:72:69:8d:2f:03:ed:bd:
                    f6:24:05:eb:0e:8c:de:93:0b:da:80:e6:31:4d:99:
                    a6:3b:44:7f:57:56:47:00:3d:71:d0:36:9d:46:08:
                    61:5c:b0:04:54:46:6f:70:03:96:b0:f5:e2:ca:4f:
                    ba:95:b4:bf:3f:06:28:5e:32:56:d5:e0:44:85:5a:
                    d4:df:c7:2b:05:19:bb:0c:d8:67:10:d0:d7:da:de:
                    d5:07:1b:de:14:33:93:3e:93:a9:82:06:e6:5b:5c:
                    63:9f:7f:65:d6:be:3f:ad:f5:c7:04:23:f0:7f:1e:
                    ba:f8:3d:6f:d0:9c:54:75:ee:4d:85:6a:7b:be:c5:
                    7a:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:8A:18:0F:94:94:96:07:AD:C0:11:31:49:BE:88:2A:EA:A8:E8:8F
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9173C63/4D11319CD85C11ED8181A22FC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9173C63/4D11319CD85C11ED8181A22FC4F9AE02/kIoYD5SUlgetwBExSb6IKuqo6I8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  151080

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.131.100.0/23
                IPv6:
                  2001:df2:4340::/48

    Signature Algorithm: sha256WithRSAEncryption
         7f:f0:d7:ce:af:1a:b3:64:c5:21:9c:67:55:f1:5e:07:07:28:
         03:26:93:53:67:c8:90:0e:db:dc:cf:87:90:15:1f:5a:6d:a4:
         26:cd:47:6e:99:3b:37:ef:54:78:60:88:18:11:a9:65:d2:53:
         14:cc:74:f4:fa:42:2a:5a:41:df:75:3f:6f:1c:eb:39:bf:eb:
         7f:ba:cf:fa:bc:05:19:87:38:2b:1b:9c:f7:df:e0:d6:75:53:
         56:b4:c7:77:68:e6:f4:4f:25:1a:b5:c2:bf:e9:2c:d3:c8:71:
         0f:2e:84:1d:0f:29:bd:55:58:72:15:32:fa:47:15:24:85:75:
         d9:f2:31:08:9b:4d:81:be:bd:1f:e9:52:46:0c:3c:c8:d4:94:
         19:10:92:2c:b8:e4:1e:ae:c9:e4:d0:0d:9d:f0:5e:18:b5:ea:
         2e:b3:55:f7:0a:f9:6d:b2:e2:8a:0a:f5:d1:54:5f:d6:2b:66:
         29:2f:42:04:47:ec:9f:19:29:e0:df:36:94:c7:9c:37:ba:35:
         21:ba:37:dc:69:0e:d7:1f:db:45:44:f9:90:e8:77:03:9d:a9:
         a5:a6:06:ed:84:c5:3c:3d:37:7c:82:f8:0f:4b:ad:32:ac:9f:
         4a:5b:8d:fe:4a:48:fc:1f:8f:b5:a5:d2:4d:9d:34:aa:8a:cc:
         b7:49:46:bb
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAkh9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUyNTE0NDQ1OVoXDTI2MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNzNDNjMxMTAvBgNVBAUTKDkwOEExODBGOTQ5NDk2MDdBREMwMTEz
MTQ5QkU4ODJBRUFBOEU4OEYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDrzN/Lc8c/y+DOJFbIpaFYfVIHS4lX4f/6J95v9aWl+B4pXxyF2CP9NMutuuhi
tvtD+B/MO4Li9FSGq3PAdjfiXLFXfWOcE5hrHvi5yfiFXw9/+PpkANT9ARLeNGBW
b2m/fmjnPpgnzxebexxjkzA2fvYY/Ez07NR/SxCUQUmYcmmNLwPtvfYkBesOjN6T
C9qA5jFNmaY7RH9XVkcAPXHQNp1GCGFcsARURm9wA5aw9eLKT7qVtL8/BiheMlbV
4ESFWtTfxysFGbsM2GcQ0Nfa3tUHG94UM5M+k6mCBuZbXGOff2XWvj+t9ccEI/B/
Hrr4PW/QnFR17k2Fanu+xXrJAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUkIoYD5SU
lgetwBExSb6IKuqo6I8wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTczQzYzLzREMTEzMTlDRDg1QzExRUQ4MTgxQTIyRkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3M0M2My80RDExMzE5Q0Q4NUMxMUVEODE4MUEyMkZDNEY5QUUwMi9rSW9ZRDVT
VWxnZXR3QkV4U2I2SUt1cW82STgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAk4oMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ4NkMA8EAgAC
MAkDBwAgAQ3yQ0AwDQYJKoZIhvcNAQELBQADggEBAH/w186vGrNkxSGcZ1XxXgcH
KAMmk1NnyJAO29zPh5AVH1ptpCbNR26ZOzfvVHhgiBgRqWXSUxTMdPT6QipaQd91
P28c6zm/63+6z/q8BRmHOCsbnPff4NZ1U1a0x3do5vRPJRq1wr/pLNPIcQ8uhB0P
Kb1VWHIVMvpHFSSFddnyMQibTYG+vR/pUkYMPMjUlBkQkiy45B6uyeTQDZ3wXhi1
6i6zVfcK+W2y4ooK9dFUX9YrZikvQgRH7J8ZKeDfNpTHnDe6NSG6N9xpDtcf20VE
+ZDodwOdqaWmBu2ExTw9N3yC+A9LrTKsn0pbjf5KSPwfj7Wl0k2dNKqKzLdJRrs=
-----END CERTIFICATE-----
Generated at Tue Jun 10 04:05:45 2025 by rpki-client