Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Yt3ChdqLPiCesA6qNnGEXaps8oY.cer
File: Yt3ChdqLPiCesA6qNnGEXaps8oY.cer (raw, json)
Hash identifier: 2qG+o04rbeXUmH3z7b0fmoCbm16lITkJ1WGxOheKUew=
Subject key identifier: 62:DD:C2:85:DA:8B:3E:20:9E:B0:0E:AA:36:71:84:5D:AA:6C:F2:86
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 7945
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91CE5A6/AAB33E4C5B3F11EE8F1D3D6EC4F9AE02/Yt3ChdqLPiCesA6qNnGEXaps8oY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91CE5A6/AAB33E4C5B3F11EE8F1D3D6EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 01 Apr 2026 09:12:53 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 129.127.0.0/16
IP: 130.220.0.0/16
IP: 192.43.226.0 -- 192.43.229.255
IP: 192.160.71.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 13 Apr 2026 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31045 (0x7945)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Apr 1 09:12:53 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A91CE5A6, serialNumber=62DDC285DA8B3E209EB00EAA3671845DAA6CF286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:4d:70:68:e3:1e:96:74:b1:95:e5:34:d6:cb:
2d:9b:3e:de:86:8c:41:5a:42:b7:83:98:d4:8b:73:
32:23:6b:ae:eb:cc:46:9b:e0:f7:fe:e8:c3:e1:d1:
58:83:02:e8:f1:65:88:ad:76:55:29:5b:2a:dc:4c:
01:49:94:cf:bd:7e:e5:a6:5c:ba:1d:a7:d0:2b:47:
9d:9c:d1:29:06:7c:70:c8:10:9b:89:4f:a1:30:09:
98:c0:bb:34:e0:bb:67:fb:cc:7e:9e:95:8a:7c:23:
58:3d:ce:27:74:47:60:16:7c:97:af:b8:db:ce:16:
76:69:71:cc:19:5a:58:e3:19:7d:a7:ea:1c:0d:ae:
a1:06:a9:97:9f:07:ae:3e:90:9d:81:d7:f4:eb:b2:
04:e2:09:e9:c9:09:24:c6:b7:67:89:cd:b3:b7:b3:
a2:92:1c:5f:11:60:a8:c3:de:b4:22:70:be:ae:a9:
22:38:b5:ca:80:26:ff:26:99:78:0a:77:92:6c:84:
77:b8:a3:18:9d:75:ea:99:9b:2f:13:f6:da:0d:74:
06:84:77:16:45:f4:94:89:38:dd:5e:82:27:b9:0d:
3a:eb:29:68:bd:26:1a:34:fa:69:3f:a5:76:69:85:
c7:68:30:ff:9d:1e:d1:cc:5c:2c:4a:41:25:94:b9:
2c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:DD:C2:85:DA:8B:3E:20:9E:B0:0E:AA:36:71:84:5D:AA:6C:F2:86
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CE5A6/AAB33E4C5B3F11EE8F1D3D6EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CE5A6/AAB33E4C5B3F11EE8F1D3D6EC4F9AE02/Yt3ChdqLPiCesA6qNnGEXaps8oY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.127.0.0/16
130.220.0.0/16
192.43.226.0-192.43.229.255
192.160.71.0/24
Signature Algorithm: sha256WithRSAEncryption
79:64:8d:21:c3:ca:86:7d:ef:06:6b:fd:70:82:b8:a3:e2:4f:
1e:b0:c6:7b:55:d4:a4:7b:07:ac:40:42:1d:f7:79:60:62:0b:
45:10:74:2b:7c:2d:84:b7:29:aa:48:d2:b9:f6:09:09:d1:e2:
b1:51:b3:28:c9:a1:57:d8:f6:c1:d1:1e:6c:f2:99:38:26:f7:
96:7f:6f:d2:6f:aa:68:d4:a7:24:80:d1:d6:d7:b4:7b:b0:ff:
77:68:aa:8a:9f:3f:2c:c9:54:c8:12:83:f2:61:52:07:97:fb:
1b:7c:4c:3e:38:c0:a7:ef:b1:90:4e:68:3d:8d:42:3a:65:51:
6f:91:50:ec:89:61:d7:4c:26:69:ba:13:f0:47:1e:b6:ca:87:
92:2b:1b:da:3e:5e:ba:85:e7:e0:53:cb:c2:98:a5:57:3e:0d:
40:05:4a:be:78:0b:b9:ff:6f:a5:34:0c:af:32:33:86:fb:be:
1c:c7:1c:12:64:03:a0:be:94:f7:78:c7:5b:9a:23:f7:9e:11:
11:90:05:17:1f:1c:14:2c:f0:f2:36:c1:fd:54:65:c6:f7:e8:
75:04:2e:47:33:64:59:83:cf:6a:1f:1f:23:fe:8d:79:20:e3:
95:99:8c:82:c8:8b:d2:ae:b0:6a:4a:91:eb:fa:dc:10:83:82:
e3:a0:da:60
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgICeUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjYwNDAxMDkxMjUzWhcNMjYwNzAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDRTVBNjExMC8GA1UEBRMoNjJEREMyODVEQThCM0UyMDlFQjAwRUFB
MzY3MTg0NURBQTZDRjI4NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
APBNcGjjHpZ0sZXlNNbLLZs+3oaMQVpCt4OY1ItzMiNrruvMRpvg9/7ow+HRWIMC
6PFliK12VSlbKtxMAUmUz71+5aZcuh2n0CtHnZzRKQZ8cMgQm4lPoTAJmMC7NOC7
Z/vMfp6VinwjWD3OJ3RHYBZ8l6+4284WdmlxzBlaWOMZfafqHA2uoQapl58Hrj6Q
nYHX9OuyBOIJ6ckJJMa3Z4nNs7ezopIcXxFgqMPetCJwvq6pIji1yoAm/yaZeAp3
kmyEd7ijGJ116pmbLxP22g10BoR3FkX0lIk43V6CJ7kNOuspaL0mGjT6aT+ldmmF
x2gw/50e0cxcLEpBJZS5LOUCAwEAAaOCAwswggMHMB0GA1UdDgQWBBRi3cKF2os+
IJ6wDqo2cYRdqmzyhjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0U1QTYvQUFCMzNFNEM1QjNGMTFFRThGMUQzRDZFQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNFNUE2L0FBQjMzRTRDNUIzRjExRUU4RjFEM0Q2RUM0RjlBRTAyL1l0M0NoZHFM
UGlDZXNBNnFObkdFWGFwczhvWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA3BggrBgEFBQcBBwEB/wQoMCYw
JAQCAAEwHgMDAIF/AwMAgtwwDAMEAcAr4gMEAcAr5AMEAMCgRzANBgkqhkiG9w0B
AQsFAAOCAQEAeWSNIcPKhn3vBmv9cIK4o+JPHrDGe1XUpHsHrEBCHfd5YGILRRB0
K3wthLcpqkjSufYJCdHisVGzKMmhV9j2wdEebPKZOCb3ln9v0m+qaNSnJIDR1te0
e7D/d2iqip8/LMlUyBKD8mFSB5f7G3xMPjjAp++xkE5oPY1COmVRb5FQ7Ilh10wm
aboT8EcetsqHkisb2j5euoXn4FPLwpilVz4NQAVKvngLuf9vpTQMrzIzhvu+HMcc
EmQDoL6U93jHW5oj954REZAFFx8cFCzw8jbB/VRlxvfodQQuRzNkWYPPah8fI/6N
eSDjlZmMgsiL0q6wakqR6/rcEIOC46DaYA==
-----END CERTIFICATE-----
Generated at Mon Apr 6 04:48:27 2026 by rpki-client