Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lX5Qp1--UC844-2_P0qq5mWuFIs.cer
File:                     lX5Qp1--UC844-2_P0qq5mWuFIs.cer (raw, json)
Hash identifier:          jyiY2gYkWZG9QN06ls1HPN17HadHMd3q7NmhvI5FUO8=
Subject key identifier:   95:7E:50:A7:5F:BE:50:2F:38:E3:ED:BF:3F:4A:AA:E6:65:AE:14:8B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       02C25C
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/lX5Qp1--UC844-2_P0qq5mWuFIs.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 02 Jul 2026 14:52:40 +0000
Certificate not after:    Thu 30 Sep 2027 00:00:00 +0000
Subordinate resources:    AS: 153055
                          IP: 2401:afe0::/32
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 25 Jul 2026 02:50:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 180828 (0x2c25c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul  2 14:52:40 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=A91D0B0E, serialNumber=957E50A75FBE502F38E3EDBF3F4AAAE665AE148B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:6f:77:d6:ef:bd:5d:83:f2:8c:3b:7a:51:6c:
                    7c:94:1e:c6:2f:32:03:71:50:6f:5f:77:7a:74:87:
                    1b:fd:87:63:1b:30:66:a2:5b:12:3b:07:0b:ec:6e:
                    bd:3f:61:9a:d7:93:87:f3:de:e1:92:7b:d9:2b:65:
                    70:8a:49:a6:a1:ca:00:50:57:1d:cd:3b:85:31:c8:
                    ff:e8:29:e0:0c:51:6f:6c:2f:c4:a2:6c:a1:0f:78:
                    75:f0:49:b1:9a:5e:05:e0:e0:52:4c:7e:fc:af:aa:
                    29:ec:48:04:29:e0:82:ad:20:7d:e9:43:3b:5d:36:
                    23:3e:b2:7e:e8:a3:bb:c9:c1:c0:30:4e:e3:09:e3:
                    e4:ed:c9:04:20:50:a1:a7:7f:aa:33:06:d3:b6:99:
                    16:cb:f5:0d:7e:32:c5:4e:8a:f9:d4:34:1c:02:0d:
                    62:7d:26:9d:83:c2:b4:86:53:b7:43:22:04:61:9b:
                    bf:07:c7:c8:99:1d:08:a0:a9:25:df:c1:16:18:de:
                    05:97:18:c5:7c:2d:64:21:82:f9:25:75:20:a0:a3:
                    36:ad:6e:03:ad:9d:94:a0:f7:e4:bd:f8:34:37:b8:
                    13:30:4a:c5:57:53:87:2f:28:28:6e:18:c4:90:07:
                    a1:ed:b3:e2:b2:94:b2:a7:89:70:8a:18:b8:04:99:
                    a5:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:7E:50:A7:5F:BE:50:2F:38:E3:ED:BF:3F:4A:AA:E6:65:AE:14:8B
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/lX5Qp1--UC844-2_P0qq5mWuFIs.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  153055

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:afe0::/32

    Signature Algorithm: sha256WithRSAEncryption
         39:9c:e9:9c:2c:44:16:53:69:c4:5d:53:e2:c3:e5:b9:ea:45:
         34:5a:57:01:24:cb:62:22:23:08:24:34:48:e2:b0:c7:af:b5:
         57:a3:23:23:ae:02:78:4b:df:b4:11:b7:8c:ad:d3:77:6f:3f:
         fe:61:46:4b:30:f5:86:fa:85:bb:1e:11:f1:10:08:33:93:4f:
         c4:76:e8:0f:2b:bd:c3:fd:b2:97:9c:c5:0d:9e:38:02:e1:dd:
         f5:54:22:69:ce:b3:42:12:09:5e:e0:69:58:54:78:04:28:b9:
         05:50:2d:9f:e9:38:93:0e:1e:2a:bb:4c:18:cf:e7:42:1d:22:
         7f:84:d9:11:0f:46:71:ef:ed:47:ed:55:95:d1:c2:e6:a0:96:
         51:aa:3a:21:73:00:74:ef:66:02:9d:49:1d:f2:f4:a4:cc:b1:
         63:03:79:d0:ab:0b:f4:45:83:5e:d4:04:1c:e4:29:02:45:3f:
         60:51:3e:7f:f5:9e:88:66:d8:76:b5:94:13:bc:d9:c1:25:02:
         4d:2a:8f:57:63:a3:ff:fa:85:0f:d5:db:a9:74:be:3e:1e:d4:
         13:8b:b2:94:3b:a6:10:4c:04:d8:7b:3a:83:da:d9:ff:1e:b4:
         d2:5b:c6:38:c1:3e:c2:7f:6d:40:03:26:e3:09:07:42:8a:e5:
         8c:3f:13:70
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIDAsJcMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDcwMjE0NTI0MFoXDTI3MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDBCMEUxMTAvBgNVBAUTKDk1N0U1MEE3NUZCRTUwMkYzOEUzRURC
RjNGNEFBQUU2NjVBRTE0OEIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5b3fW771dg/KMO3pRbHyUHsYvMgNxUG9fd3p0hxv9h2MbMGaiWxI7Bwvsbr0/
YZrXk4fz3uGSe9krZXCKSaahygBQVx3NO4UxyP/oKeAMUW9sL8SibKEPeHXwSbGa
XgXg4FJMfvyvqinsSAQp4IKtIH3pQztdNiM+sn7oo7vJwcAwTuMJ4+TtyQQgUKGn
f6ozBtO2mRbL9Q1+MsVOivnUNBwCDWJ9Jp2DwrSGU7dDIgRhm78Hx8iZHQigqSXf
wRYY3gWXGMV8LWQhgvkldSCgozatbgOtnZSg9+S9+DQ3uBMwSsVXU4cvKChuGMSQ
B6Hts+KylLKniXCKGLgEmaUTAgMBAAGjggMQMIIDDDAdBgNVHQ4EFgQUlX5Qp1++
UC844+2/P0qq5mWuFIswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQwQjBFLzRFNkNCNEY2ODA2OTExRUY4ODdCNzAzQ0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEMEIwRS80RTZDQjRGNjgwNjkxMUVGODg3QjcwM0NDNEY5QUUwMi9sWDVRcDEt
LVVDODQ0LTJfUDBxcTVtV3VGSXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlXfMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAGv4DANBgkq
hkiG9w0BAQsFAAOCAQEAOZzpnCxEFlNpxF1T4sPluepFNFpXASTLYiIjCCQ0SOKw
x6+1V6MjI64CeEvftBG3jK3Td28//mFGSzD1hvqFux4R8RAIM5NPxHboDyu9w/2y
l5zFDZ44AuHd9VQiac6zQhIJXuBpWFR4BCi5BVAtn+k4kw4eKrtMGM/nQh0if4TZ
EQ9Gce/tR+1VldHC5qCWUao6IXMAdO9mAp1JHfL0pMyxYwN50KsL9EWDXtQEHOQp
AkU/YFE+f/WeiGbYdrWUE7zZwSUCTSqPV2Oj//qFD9XbqXS+Ph7UE4uylDumEEwE
2Hs6g9rZ/x600lvGOME+wn9tQAMm4wkHQorljD8TcA==
-----END CERTIFICATE-----
Generated at Sat Jul 18 08:21:17 2026 by rpki-client