Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lvw9H4eVvunqoeuV0ppZyKQCc9M.cer
File:                     lvw9H4eVvunqoeuV0ppZyKQCc9M.cer (raw, json)
Hash identifier:          uJ9S6DwbDoVeCwMN8q2bche9q+Dxqr9eiPl+3ufDwbA=
Subject key identifier:   96:FC:3D:1F:87:95:BE:E9:EA:A1:EB:95:D2:9A:59:C8:A4:02:73:D3
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       0258A0
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91E8432/FB685B1E6C5011F08998074BC4F9AE02/lvw9H4eVvunqoeuV0ppZyKQCc9M.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91E8432/FB685B1E6C5011F08998074BC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 29 Jul 2025 07:52:37 +0000
Certificate not after:    Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources:    AS: 153952
                          IP: 202.1.20.0/23
Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 13 Aug 2025 04:46:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 153760 (0x258a0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul 29 07:52:37 2025 GMT
            Not After : Oct 31 00:00:00 2026 GMT
        Subject: CN=A91E8432, serialNumber=96FC3D1F8795BEE9EAA1EB95D29A59C8A40273D3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:f8:41:3e:4d:e5:25:d3:86:9f:2d:b0:a9:54:
                    30:44:fc:6c:73:94:bb:4e:6a:4a:51:6a:f8:68:69:
                    62:44:49:8e:4b:80:c3:44:ec:7c:e8:bd:66:23:e6:
                    8d:7d:b4:73:49:0c:3e:f2:ef:99:08:a0:d4:3b:e2:
                    76:46:99:ce:dd:36:ea:b9:86:b4:72:dc:e3:d2:32:
                    27:bb:96:46:f0:04:79:62:44:d8:81:a2:16:4c:e7:
                    7e:59:ed:80:14:aa:c2:9a:2f:cd:11:a8:f2:fc:ba:
                    9d:9c:e5:9d:3a:58:02:98:dd:c7:19:46:6f:c0:90:
                    7c:bd:c0:3f:f3:4b:9f:fa:ea:ce:9a:95:43:e3:a8:
                    1e:22:92:af:fa:3b:7c:33:20:81:2c:b6:c0:5e:da:
                    db:41:15:f8:43:9c:f4:52:0a:84:ae:7b:13:7b:98:
                    64:61:16:86:68:74:bb:bc:21:4c:a3:43:36:c2:58:
                    1e:f2:4d:e9:0c:18:e3:8c:b4:9d:87:64:4f:e8:3b:
                    e8:12:cf:08:1c:eb:c8:65:a8:48:51:c0:67:a1:6a:
                    33:1a:4e:98:39:93:9c:98:5d:96:69:19:ea:e1:f2:
                    df:0a:3f:4a:27:68:92:07:4c:4e:82:39:96:91:47:
                    16:18:c8:46:2e:f6:ed:e3:11:d5:77:01:f2:64:15:
                    50:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:FC:3D:1F:87:95:BE:E9:EA:A1:EB:95:D2:9A:59:C8:A4:02:73:D3
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E8432/FB685B1E6C5011F08998074BC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E8432/FB685B1E6C5011F08998074BC4F9AE02/lvw9H4eVvunqoeuV0ppZyKQCc9M.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  153952

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.1.20.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4d:11:3d:55:d1:ec:bc:6c:32:86:f2:af:5e:83:97:9e:44:bb:
         a7:c7:f2:69:62:13:73:82:69:c8:cc:21:25:98:00:f1:bf:98:
         82:fb:fc:dd:0c:e9:c7:1c:5b:3c:95:9a:31:13:14:31:c2:c6:
         89:9e:12:66:36:60:6b:24:2b:6e:bd:96:df:99:00:85:96:87:
         0f:97:44:a6:66:03:e1:04:2d:36:74:e0:b2:04:02:a3:26:a9:
         5b:a6:24:f8:12:bf:19:bd:1c:fc:99:5a:17:ee:99:71:97:48:
         30:41:29:8f:50:85:49:ab:3a:49:88:d5:66:71:b1:73:72:a5:
         47:fc:6b:89:a6:ff:fd:9c:b8:f0:57:b5:e3:48:7e:2e:1a:13:
         ea:ec:29:98:5c:df:97:99:77:99:2f:70:3f:6c:a3:66:71:f3:
         5a:60:d3:5d:e2:9d:ea:52:a6:a8:be:70:b3:50:96:07:5c:77:
         04:cf:bf:a3:45:83:11:cb:09:8b:65:0c:4c:97:41:df:a3:5d:
         a4:e0:23:c1:46:82:40:45:79:4b:8a:f0:33:e0:bf:66:a4:ea:
         72:eb:4c:d3:5a:54:4d:d9:9a:99:ed:13:7d:f1:23:d2:88:9e:
         ed:40:28:3f:4e:a2:01:ce:bc:37:f5:18:39:86:51:85:87:53:
         08:41:4d:4c
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAligMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDcyOTA3NTIzN1oXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTg0MzIxMTAvBgNVBAUTKDk2RkMzRDFGODc5NUJFRTlFQUExRUI5
NUQyOUE1OUM4QTQwMjczRDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDl+EE+TeUl04afLbCpVDBE/GxzlLtOakpRavhoaWJESY5LgMNE7HzovWYj5o19
tHNJDD7y75kIoNQ74nZGmc7dNuq5hrRy3OPSMie7lkbwBHliRNiBohZM535Z7YAU
qsKaL80RqPL8up2c5Z06WAKY3ccZRm/AkHy9wD/zS5/66s6alUPjqB4ikq/6O3wz
IIEstsBe2ttBFfhDnPRSCoSuexN7mGRhFoZodLu8IUyjQzbCWB7yTekMGOOMtJ2H
ZE/oO+gSzwgc68hlqEhRwGehajMaTpg5k5yYXZZpGerh8t8KP0onaJIHTE6COZaR
RxYYyEYu9u3jEdV3AfJkFVBxAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUlvw9H4eV
vunqoeuV0ppZyKQCc9MwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU4NDMyL0ZCNjg1QjFFNkM1MDExRjA4OTk4MDc0QkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFODQzMi9GQjY4NUIxRTZDNTAxMUYwODk5ODA3NEJDNEY5QUUwMi9sdnc5SDRl
VnZ1bnFvZXVWMHBwWnlLUUNjOU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAllgMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBygEUMA0GCSqG
SIb3DQEBCwUAA4IBAQBNET1V0ey8bDKG8q9eg5eeRLunx/JpYhNzgmnIzCElmADx
v5iC+/zdDOnHHFs8lZoxExQxwsaJnhJmNmBrJCtuvZbfmQCFlocPl0SmZgPhBC02
dOCyBAKjJqlbpiT4Er8ZvRz8mVoX7plxl0gwQSmPUIVJqzpJiNVmcbFzcqVH/GuJ
pv/9nLjwV7XjSH4uGhPq7CmYXN+XmXeZL3A/bKNmcfNaYNNd4p3qUqaovnCzUJYH
XHcEz7+jRYMRywmLZQxMl0Hfo12k4CPBRoJARXlLivAz4L9mpOpy60zTWlRN2ZqZ
7RN98SPSiJ7tQCg/TqIBzrw39Rg5hlGFh1MIQU1M
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:24:59 2025 by rpki-client