Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sBO5crQspa2fahYr87XHT5M8HgU.cer
File:                     sBO5crQspa2fahYr87XHT5M8HgU.cer (raw, json)
Hash identifier:          KxqBD5YD2XAUmGPiRiTn259tPaf1duj0jA3Hp5SeHI8=
Subject key identifier:   B0:13:B9:72:B4:2C:A5:AD:9F:6A:16:2B:F3:B5:C7:4F:93:3C:1E:05
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       02BF9A
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91E2B66/53E8FBEADA5B11EB83BE371AC4F9AE02/sBO5crQspa2fahYr87XHT5M8HgU.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91E2B66/53E8FBEADA5B11EB83BE371AC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 25 Jun 2026 14:33:11 +0000
Certificate not after:    Tue 31 Aug 2027 00:00:00 +0000
Subordinate resources:    IP: 103.168.209.0/24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 13 Jul 2026 18:28:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 180122 (0x2bf9a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jun 25 14:33:11 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=A91E2B66, serialNumber=B013B972B42CA5AD9F6A162BF3B5C74F933C1E05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:ca:f8:c9:07:69:d2:ee:66:ff:7b:6c:a7:90:
                    6a:44:c7:6a:0d:bc:35:1c:b1:26:bb:5b:85:33:98:
                    fd:ed:00:2d:ba:1d:fb:32:90:08:87:8a:04:ff:50:
                    6f:a1:45:cf:13:d0:ff:6f:fa:ff:cd:f0:a2:bd:aa:
                    8a:49:56:98:8d:bd:dd:1c:d3:01:0b:63:c5:60:74:
                    63:42:56:11:3d:5c:93:3f:3b:56:06:a7:bd:f0:d1:
                    2d:46:1d:b6:b9:e4:08:86:05:6f:f8:5e:32:73:e7:
                    5f:01:51:ac:ef:59:6d:05:fc:78:8f:e4:30:1c:8a:
                    cb:95:88:34:ef:4c:88:66:a8:07:63:3f:67:ac:ba:
                    a0:d1:15:a7:32:6d:86:fc:88:63:23:25:f5:24:f2:
                    97:3c:f9:83:17:4a:77:0c:d6:65:39:52:f7:04:7a:
                    66:d6:75:ec:97:a4:90:84:fc:47:62:86:1a:e8:c8:
                    78:20:c8:35:11:9f:a8:ee:fb:89:c8:94:15:85:d8:
                    ab:f2:2c:35:b3:0c:5e:d6:ff:65:f7:c9:61:a1:df:
                    bf:fe:a6:1c:3e:26:23:7b:55:88:33:69:d8:c9:1c:
                    03:69:9b:92:e6:80:ca:a4:c0:72:0c:d0:94:a4:95:
                    06:2e:63:80:bc:86:eb:6d:94:dc:28:cd:5a:e8:a7:
                    41:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:13:B9:72:B4:2C:A5:AD:9F:6A:16:2B:F3:B5:C7:4F:93:3C:1E:05
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E2B66/53E8FBEADA5B11EB83BE371AC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E2B66/53E8FBEADA5B11EB83BE371AC4F9AE02/sBO5crQspa2fahYr87XHT5M8HgU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.168.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:da:73:1c:44:dc:9c:77:ff:8b:4f:7e:09:79:ef:36:5d:e2:
         c6:07:3a:a8:51:24:4a:a0:3f:77:af:08:6d:85:d7:84:ae:9b:
         48:64:eb:6e:5c:38:56:8c:75:a7:da:47:dd:1c:c5:85:68:af:
         94:75:43:06:c2:a4:42:76:b1:be:c3:d0:27:b0:bd:79:96:33:
         fa:24:3f:3f:40:c2:62:4e:30:14:fe:1e:03:10:bd:25:da:61:
         d2:8e:64:02:9a:9a:e3:82:35:3b:ea:d3:57:40:b2:9e:7c:7b:
         b3:47:45:e8:a2:1b:60:19:f1:ba:f6:be:58:0f:cc:31:97:59:
         67:4f:a9:bc:27:e7:13:8e:e6:f8:5b:10:72:18:aa:27:22:a5:
         1b:80:37:32:2d:8a:5b:a8:7d:eb:c8:2f:3f:27:09:a4:0e:b7:
         fa:00:07:5d:24:1d:be:81:ef:c8:31:7d:36:86:63:ab:d1:82:
         24:84:b9:6a:23:90:73:2a:c6:aa:b7:cf:b0:a9:e0:33:18:ee:
         81:00:14:46:4e:bf:5d:7e:13:b9:50:46:9e:03:3e:e5:c6:f6:
         2a:89:34:79:50:69:87:31:62:53:93:17:e2:52:1f:9b:41:12:
         fb:1d:f4:c2:7d:32:2c:9d:27:ce:2c:27:95:59:97:c5:43:e8:
         dc:b3:69:8e
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAr+aMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDYyNTE0MzMxMVoXDTI3MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTJCNjYxMTAvBgNVBAUTKEIwMTNCOTcyQjQyQ0E1QUQ5RjZBMTYy
QkYzQjVDNzRGOTMzQzFFMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/yvjJB2nS7mb/e2ynkGpEx2oNvDUcsSa7W4UzmP3tAC26HfsykAiHigT/UG+h
Rc8T0P9v+v/N8KK9qopJVpiNvd0c0wELY8VgdGNCVhE9XJM/O1YGp73w0S1GHba5
5AiGBW/4XjJz518BUazvWW0F/HiP5DAcisuViDTvTIhmqAdjP2esuqDRFacybYb8
iGMjJfUk8pc8+YMXSncM1mU5UvcEembWdeyXpJCE/EdihhroyHggyDURn6ju+4nI
lBWF2KvyLDWzDF7W/2X3yWGh37/+phw+JiN7VYgzadjJHANpm5LmgMqkwHIM0JSk
lQYuY4C8huttlNwozVrop0EjAgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQUsBO5crQs
pa2fahYr87XHT5M8HgUwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUUyQjY2LzUzRThGQkVBREE1QjExRUI4M0JFMzcxQUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFMkI2Ni81M0U4RkJFQURBNUIxMUVCODNCRTM3MUFDNEY5QUUwMi9zQk81Y3JR
c3BhMmZhaFlyODdYSFQ1TThIZ1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBABnqNEwDQYJKoZIhvcNAQELBQADggEBAFracxxE3Jx3/4tPfgl5
7zZd4sYHOqhRJEqgP3evCG2F14Sum0hk625cOFaMdafaR90cxYVor5R1QwbCpEJ2
sb7D0CewvXmWM/okPz9AwmJOMBT+HgMQvSXaYdKOZAKamuOCNTvq01dAsp58e7NH
ReiiG2AZ8br2vlgPzDGXWWdPqbwn5xOO5vhbEHIYqicipRuANzItiluofevILz8n
CaQOt/oAB10kHb6B78gxfTaGY6vRgiSEuWojkHMqxqq3z7Cp4DMY7oEAFEZOv11+
E7lQRp4DPuXG9iqJNHlQaYcxYlOTF+JSH5tBEvsd9MJ9MiydJ84sJ5VZl8VD6Nyz
aY4=
-----END CERTIFICATE-----
Generated at Mon Jul 6 19:14:19 2026 by rpki-client