Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lCJM-heqoN5UOrYQifwdOdGZDj4.cer
File:                     lCJM-heqoN5UOrYQifwdOdGZDj4.cer (raw, json)
Hash identifier:          SavosXAbvWuYwPtgHSQH7dUu6n1SfLnYLvmaxVesXzU=
Subject key identifier:   94:22:4C:FA:17:AA:A0:DE:54:3A:B6:10:89:FC:1D:39:D1:99:0E:3E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       02C1BC
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A918B936/4ED22FD2F0CD11E5A4432E74C4F9AE02/lCJM-heqoN5UOrYQifwdOdGZDj4.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A918B936/4ED22FD2F0CD11E5A4432E74C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 01 Jul 2026 13:50:09 +0000
Certificate not after:    Tue 31 Aug 2027 00:00:00 +0000
Subordinate resources:    IP: 43.255.40.0/22
                          IP: 103.254.144.0/22
                          IP: 202.6.244.0/22
                          IP: 203.209.144.0/20
                          IP: 223.252.112.0/20
                          IP: 2001:df0:6800::/48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Jul 2026 02:50:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 180668 (0x2c1bc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul  1 13:50:09 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=A918B936, serialNumber=94224CFA17AAA0DE543AB61089FC1D39D1990E3E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:f6:9a:c7:15:f5:5c:7d:a6:be:10:8d:a0:f0:
                    1d:12:a1:ab:46:93:94:ff:f9:79:46:d9:85:6b:01:
                    98:83:2f:50:99:9d:e3:64:8a:36:fe:62:06:87:ac:
                    7c:19:db:6e:02:bf:48:a6:e7:8b:3f:38:a6:ae:af:
                    85:6c:23:71:a0:45:02:3a:b6:8a:59:77:50:c2:60:
                    3e:38:ab:1f:f3:df:3c:81:15:85:82:0c:d9:9f:68:
                    da:ad:5d:3e:70:fe:76:cc:e9:7f:bb:0a:10:42:52:
                    05:a8:c5:d3:40:ee:92:74:f8:ec:1f:57:cb:bf:eb:
                    08:ad:92:e8:2e:f7:d6:0d:4c:e8:7c:ba:25:c0:6f:
                    be:22:7c:81:8a:c9:45:5a:3c:9c:91:2a:31:42:7f:
                    1a:d3:e4:8a:a1:80:ae:fb:99:7d:2e:b1:d6:ea:dd:
                    8b:2a:1e:e1:75:d9:7a:1f:3c:e9:44:9c:19:25:90:
                    f6:75:0a:81:48:b6:b8:d7:09:64:8a:5a:6f:33:57:
                    49:a3:56:0e:a6:69:78:0c:65:33:bd:e5:24:e6:8d:
                    14:58:55:ff:f2:d6:cc:54:34:50:d0:fc:40:a0:08:
                    c0:6a:f2:6d:f9:a5:0d:2f:35:fc:22:d8:ce:4d:0e:
                    62:96:e5:c9:c4:8c:fc:7b:2f:f8:1a:f9:d2:9f:7d:
                    da:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:22:4C:FA:17:AA:A0:DE:54:3A:B6:10:89:FC:1D:39:D1:99:0E:3E
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918B936/4ED22FD2F0CD11E5A4432E74C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918B936/4ED22FD2F0CD11E5A4432E74C4F9AE02/lCJM-heqoN5UOrYQifwdOdGZDj4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.255.40.0/22
                  103.254.144.0/22
                  202.6.244.0/22
                  203.209.144.0/20
                  223.252.112.0/20
                IPv6:
                  2001:df0:6800::/48

    Signature Algorithm: sha256WithRSAEncryption
         4c:e5:33:66:71:80:01:80:ff:ee:07:2d:34:51:c4:f1:aa:a9:
         fa:e9:6e:ae:21:08:97:a0:f3:c5:a5:4c:85:87:a5:5c:44:32:
         d1:26:3f:b3:d2:69:0c:f0:02:31:e3:d7:97:e5:ac:47:8c:3b:
         aa:85:bd:33:8d:cd:12:54:a8:c8:6d:a4:08:9d:fc:c6:46:f2:
         12:60:42:20:26:de:7f:70:28:5a:12:b6:0f:6c:65:a4:25:c8:
         0f:9a:ce:dd:58:8b:60:cf:c2:c8:90:41:ef:41:ed:65:f4:2c:
         10:a2:a6:ce:7c:52:b9:3a:6c:09:d1:a9:cf:6e:c2:c9:e1:15:
         f1:31:05:84:0c:3b:bc:23:9e:24:4a:93:d6:58:e4:e0:f7:a3:
         d2:12:3a:13:81:6a:27:89:18:8b:88:36:c6:cb:92:c5:7f:ca:
         d4:93:e9:b3:91:64:1c:1d:67:5d:ca:ae:87:28:d3:cb:e5:e8:
         a5:1f:00:db:68:ac:1b:56:83:3e:a2:f2:7b:d8:6f:a5:e6:fe:
         71:0b:8f:94:5e:34:23:17:c7:8a:14:b0:86:34:76:f2:1a:28:
         aa:d4:a4:8b:80:ed:cb:68:40:27:83:30:20:cf:41:14:c8:02:
         95:c3:a7:81:36:43:3e:59:08:f3:66:61:59:32:52:ee:97:4d:
         6b:cc:45:51
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgIDAsG8MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDcwMTEzNTAwOVoXDTI3MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOEI5MzYxMTAvBgNVBAUTKDk0MjI0Q0ZBMTdBQUEwREU1NDNBQjYx
MDg5RkMxRDM5RDE5OTBFM0UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDU9prHFfVcfaa+EI2g8B0SoatGk5T/+XlG2YVrAZiDL1CZneNkijb+YgaHrHwZ
224Cv0im54s/OKaur4VsI3GgRQI6topZd1DCYD44qx/z3zyBFYWCDNmfaNqtXT5w
/nbM6X+7ChBCUgWoxdNA7pJ0+OwfV8u/6witkugu99YNTOh8uiXAb74ifIGKyUVa
PJyRKjFCfxrT5IqhgK77mX0usdbq3YsqHuF12XofPOlEnBklkPZ1CoFItrjXCWSK
Wm8zV0mjVg6maXgMZTO95STmjRRYVf/y1sxUNFDQ/ECgCMBq8m35pQ0vNfwi2M5N
DmKW5cnEjPx7L/ga+dKffdrLAgMBAAGjggMcMIIDGDAdBgNVHQ4EFgQUlCJM+heq
oN5UOrYQifwdOdGZDj4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThCOTM2LzRFRDIyRkQyRjBDRDExRTVBNDQzMkU3NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4QjkzNi80RUQyMkZEMkYwQ0QxMUU1QTQ0MzJFNzRDNEY5QUUwMi9sQ0pNLWhl
cW9ONVVPcllRaWZ3ZE9kR1pEajQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8EOTA3
MCQEAgABMB4DBAIr/ygDBAJn/pADBALKBvQDBATL0ZADBATf/HAwDwQCAAIwCQMH
ACABDfBoADANBgkqhkiG9w0BAQsFAAOCAQEATOUzZnGAAYD/7gctNFHE8aqp+ulu
riEIl6DzxaVMhYelXEQy0SY/s9JpDPACMePXl+WsR4w7qoW9M43NElSoyG2kCJ38
xkbyEmBCICbef3AoWhK2D2xlpCXID5rO3ViLYM/CyJBB70HtZfQsEKKmznxSuTps
CdGpz27CyeEV8TEFhAw7vCOeJEqT1ljk4Pej0hI6E4FqJ4kYi4g2xsuSxX/K1JPp
s5FkHB1nXcquhyjTy+XopR8A22isG1aDPqLye9hvpeb+cQuPlF40IxfHihSwhjR2
8hooqtSki4Dty2hAJ4MwIM9BFMgClcOngTZDPlkI82ZhWTJS7pdNa8xFUQ==
-----END CERTIFICATE-----
Generated at Sat Jul 18 07:08:16 2026 by rpki-client