Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1bTWxIC76WuryHIkhQJdTEX-x4o.cer
File:                     1bTWxIC76WuryHIkhQJdTEX-x4o.cer (raw, json)
Hash identifier:          lFtoa2VTikB2ecJOpY6eZwOSkSwLm3QhYPzYXYiHMS8=
Subject key identifier:   D5:B4:D6:C4:80:BB:E9:6B:AB:C8:72:24:85:02:5D:4C:45:FE:C7:8A
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       690B
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91907D3/38FB215C6C5911F0A3884E7AC4F9AE02/1bTWxIC76WuryHIkhQJdTEX-x4o.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91907D3/38FB215C6C5911F0A3884E7AC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 29 Jul 2025 08:51:36 +0000
Certificate not after:    Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources:    IP: 165.99.2.0/23
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26891 (0x690b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Jul 29 08:51:36 2025 GMT
            Not After : Jul 30 00:00:00 2026 GMT
        Subject: CN=A91907D3, serialNumber=D5B4D6C480BBE96BABC8722485025D4C45FEC78A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:87:73:54:66:3b:79:9a:6c:40:83:3a:05:e0:
                    ac:7a:60:2c:2c:fa:f0:d8:9e:4f:d0:24:d1:21:94:
                    e4:38:71:73:da:35:30:68:88:c7:34:94:37:18:38:
                    45:d8:37:b3:b8:41:51:9f:ac:4d:c4:03:5c:2b:e9:
                    6a:a5:f8:a5:2e:93:e5:97:f7:7d:aa:f5:b5:66:1f:
                    7b:2d:88:c5:24:75:54:a0:78:e4:c8:4d:0b:eb:66:
                    73:51:f0:9a:07:d2:2f:ad:5e:40:35:c2:49:d1:70:
                    ff:f2:31:48:2b:a8:1a:3e:ec:c5:cf:39:bc:76:cf:
                    a9:00:65:b8:bb:40:ec:86:08:02:01:de:3b:6a:d9:
                    9b:a9:89:47:4e:92:fa:a6:8d:d6:19:a8:e1:54:95:
                    a7:ec:7c:6d:79:de:a1:38:e6:d1:ee:e9:8a:b0:21:
                    2e:26:d9:37:38:91:d1:65:9f:8d:1e:4a:62:cc:c8:
                    c5:a9:dd:40:05:33:14:20:05:c4:91:5b:85:a3:ed:
                    f4:7a:dd:4e:7e:c1:fa:a5:fa:8c:8e:7b:e5:2c:3a:
                    a3:d6:06:b8:b0:bf:8e:f4:86:ae:be:1d:fa:ae:33:
                    e6:e9:da:28:00:54:53:e1:77:65:85:29:d3:e1:f7:
                    cd:ee:68:cf:fa:c0:2a:ea:87:95:6d:b9:86:c9:e7:
                    7a:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:B4:D6:C4:80:BB:E9:6B:AB:C8:72:24:85:02:5D:4C:45:FE:C7:8A
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91907D3/38FB215C6C5911F0A3884E7AC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91907D3/38FB215C6C5911F0A3884E7AC4F9AE02/1bTWxIC76WuryHIkhQJdTEX-x4o.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.99.2.0/23

    Signature Algorithm: sha256WithRSAEncryption
         90:30:90:e3:f5:dc:12:25:7b:e9:66:44:ad:27:9e:14:c5:9f:
         40:57:9f:b8:6e:17:34:dc:9b:92:c8:53:5d:59:23:e4:fd:df:
         4c:c7:a3:cc:18:45:a6:ef:3f:70:b6:46:e5:94:b5:40:66:8c:
         dd:91:be:87:b7:50:d2:90:d1:c1:7d:08:7d:bc:d8:c1:02:ca:
         c7:64:cf:cd:64:00:94:a3:e3:86:16:b2:2b:5b:b1:f9:3a:6a:
         63:0f:8e:b6:b1:2b:00:2a:a3:91:bb:53:6f:d4:0d:0b:78:50:
         0c:b2:41:20:36:0d:0d:3b:18:4d:dc:89:22:0f:7b:8d:4c:bd:
         d9:8e:92:e6:58:c7:d9:9a:bf:f7:38:81:01:2f:51:75:0a:49:
         c5:90:2c:54:c2:44:ac:48:b6:9b:3a:fc:97:51:97:e5:e8:8c:
         cb:e0:e4:3b:e8:fe:ce:6d:5e:5d:53:0c:8b:1c:28:95:a4:6b:
         02:0c:a3:b8:74:34:c0:86:31:06:e2:1e:dc:98:6d:ad:7e:44:
         b6:b5:40:f3:0b:3d:8b:75:9e:0f:24:57:b3:8f:7f:66:50:7b:
         77:e4:6f:b8:77:49:f1:b2:26:b1:3c:2a:93:fb:c9:59:49:27:
         27:bc:83:f5:d5:03:05:c9:05:3b:58:83:f9:99:90:40:e3:91:
         27:75:ce:5f
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICaQswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNzI5MDg1MTM2WhcNMjYwNzMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE5MDdEMzExMC8GA1UEBRMoRDVCNEQ2QzQ4MEJCRTk2QkFCQzg3MjI0
ODUwMjVENEM0NUZFQzc4QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMKHc1RmO3mabECDOgXgrHpgLCz68NieT9Ak0SGU5Dhxc9o1MGiIxzSUNxg4Rdg3
s7hBUZ+sTcQDXCvpaqX4pS6T5Zf3far1tWYfey2IxSR1VKB45MhNC+tmc1HwmgfS
L61eQDXCSdFw//IxSCuoGj7sxc85vHbPqQBluLtA7IYIAgHeO2rZm6mJR06S+qaN
1hmo4VSVp+x8bXneoTjm0e7pirAhLibZNziR0WWfjR5KYszIxandQAUzFCAFxJFb
haPt9HrdTn7B+qX6jI575Sw6o9YGuLC/jvSGrr4d+q4z5unaKABUU+F3ZYUp0+H3
ze5oz/rAKuqHlW25hsnneksCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTVtNbEgLvp
a6vIciSFAl1MRf7HijAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTA3RDMvMzhGQjIxNUM2QzU5MTFGMEEzODg0RTdBQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTkwN0QzLzM4RkIyMTVDNkM1OTExRjBBMzg4NEU3QUM0RjlBRTAyLzFiVFd4SUM3
Nld1cnlISWtoUUpkVEVYLXg0by5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaVjAjANBgkqhkiG9w0BAQsFAAOCAQEAkDCQ4/XcEiV76WZErSee
FMWfQFefuG4XNNybkshTXVkj5P3fTMejzBhFpu8/cLZG5ZS1QGaM3ZG+h7dQ0pDR
wX0IfbzYwQLKx2TPzWQAlKPjhhayK1ux+TpqYw+OtrErACqjkbtTb9QNC3hQDLJB
IDYNDTsYTdyJIg97jUy92Y6S5ljH2Zq/9ziBAS9RdQpJxZAsVMJErEi2mzr8l1GX
5eiMy+DkO+j+zm1eXVMMixwolaRrAgyjuHQ0wIYxBuIe3JhtrX5EtrVA8ws9i3We
DyRXs49/ZlB7d+RvuHdJ8bImsTwqk/vJWUknJ7yD9dUDBckFO1iD+ZmQQOORJ3XO
Xw==
-----END CERTIFICATE-----
Generated at Sun Aug 10 04:23:51 2025 by rpki-client