Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer
File: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (raw, json)
Hash identifier: vp1tRoe4NsXHyQT0OHKIj2r+bs3aEldVk7YOXioMzPc=
Subject key identifier: AB:C6:FB:A4:B7:84:28:38:79:19:0D:C7:17:E3:4B:4C:D8:82:DA:08
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 462C
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 21 Mar 2025 14:52:19 +0000
Certificate not after: Thu 28 May 2026 00:00:00 +0000
Subordinate resources: IP: 196.1.1.0/24
IP: 196.1.109.0/24
IP: 196.1.113.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 14:50:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17964 (0x462c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Mar 21 14:52:19 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=A9172CE3, serialNumber=ABC6FBA4B784283879190DC717E34B4CD882DA08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c8:29:15:07:81:3d:39:24:2e:9b:2b:fc:66:
0c:b0:8f:c2:b8:40:a0:89:82:9d:c5:95:9e:0d:9e:
da:a1:e2:ef:f0:cf:26:13:0a:e0:63:16:d7:92:3d:
df:8e:f6:a3:eb:17:e6:1a:a9:3d:69:de:c5:ca:fb:
ae:a8:36:30:78:17:a5:56:14:ec:a7:0c:97:ef:cd:
82:8d:1d:fc:d2:5c:12:11:da:70:9a:43:c0:8e:3e:
5b:63:dd:2b:e7:e3:59:ea:ce:21:7d:c2:42:c6:ef:
8e:f9:c0:df:f6:1a:ba:69:30:59:eb:f5:eb:9e:85:
d5:29:ac:3d:57:29:34:1a:78:3f:82:95:c1:ca:db:
79:1b:ee:8b:2c:df:f0:dd:ac:d5:9c:0c:51:3e:3d:
2a:b0:97:c4:a7:52:c7:f7:f1:d4:8a:39:05:fa:90:
b9:8d:b2:7f:bc:81:0c:b2:2b:48:c1:98:eb:4d:2a:
20:b9:5a:8e:df:1e:42:b4:d0:b9:77:00:48:f4:1a:
56:91:11:24:d6:ea:c9:4c:f1:c8:20:e9:f1:20:5f:
5c:92:71:bb:73:89:1c:37:19:d7:b0:ae:5c:f8:8f:
a4:73:23:97:57:72:84:7f:c9:06:c1:ff:2d:7d:15:
a0:4d:a3:14:1d:40:ce:d3:92:d1:ff:a3:45:3b:1c:
4d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:C6:FB:A4:B7:84:28:38:79:19:0D:C7:17:E3:4B:4C:D8:82:DA:08
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.1.1.0/24
196.1.109.0/24
196.1.113.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:5f:91:39:28:75:35:6f:fe:38:fd:5f:36:5f:7d:21:79:21:
0d:23:1c:18:7f:aa:85:30:22:ce:af:0d:ff:36:67:f6:d9:86:
19:dd:24:7c:0b:7c:27:24:e4:79:ab:ad:d6:42:8a:8d:9f:6a:
80:60:41:5e:7b:69:57:17:ab:4c:01:89:3d:d6:e4:2a:a7:76:
2c:39:bb:84:4c:c7:ce:f4:59:ab:74:01:5b:1e:68:7b:4f:5b:
1e:9d:b3:4d:98:4a:73:fe:1b:b2:4c:48:8b:0b:51:58:ce:b8:
14:80:e8:2a:52:5c:2f:11:b9:e9:c2:08:53:6c:fc:6c:b8:46:
39:ef:26:7b:ec:09:d4:ca:37:a7:8f:46:bd:6c:17:8f:ae:79:
e8:27:c2:16:58:26:21:6e:57:ea:5c:11:6a:81:96:b3:8a:7c:
ba:a4:5c:fe:cf:83:39:8a:b6:b6:da:8f:61:d0:3c:3a:49:e3:
5e:82:42:1a:b9:aa:10:88:ac:0b:62:95:39:dd:37:7d:bf:a9:
8b:24:4b:bd:21:18:15:ac:a8:4e:0c:c1:34:49:6b:3e:f6:4b:
02:fb:55:43:b5:2a:3d:49:e1:84:d8:11:48:e8:54:23:ef:40:
14:e6:14:9f:a5:e2:34:8b:f0:3b:18:fc:20:91:62:db:36:ac:
56:80:bc:ac
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgICRiwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjUwMzIxMTQ1MjE5WhcNMjYwNTI4MDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE3MkNFMzExMC8GA1UEBRMoQUJDNkZCQTRCNzg0MjgzODc5MTkwREM3
MTdFMzRCNENEODgyREEwODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AK7IKRUHgT05JC6bK/xmDLCPwrhAoImCncWVng2e2qHi7/DPJhMK4GMW15I93472
o+sX5hqpPWnexcr7rqg2MHgXpVYU7KcMl+/Ngo0d/NJcEhHacJpDwI4+W2PdK+fj
WerOIX3CQsbvjvnA3/YaumkwWev1656F1SmsPVcpNBp4P4KVwcrbeRvuiyzf8N2s
1ZwMUT49KrCXxKdSx/fx1Io5BfqQuY2yf7yBDLIrSMGY600qILlajt8eQrTQuXcA
SPQaVpERJNbqyUzxyCDp8SBfXJJxu3OJHDcZ17CuXPiPpHMjl1dyhH/JBsH/LX0V
oE2jFB1AztOS0f+jRTscTX0CAwEAAaOCAv8wggL7MB0GA1UdDgQWBBSrxvukt4Qo
OHkZDccX40tM2ILaCDAfBgNVHSMEGDAWgBQ0j5ubkqcsz9NvPHDzVnVzPMjqIjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2
MTFFMkE2MkY4NzdDNzJGRDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJ
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzJDRTMvNUQ3ODk5RjQ0MDU5MTFFQ0EwQUZBQTREQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTcyQ0UzLzVENzg5OUY0NDA1OTExRUNBMEFGQUE0REM0RjlBRTAyL3E4YjdwTGVF
S0RoNUdRM0hGLU5MVE5pQzJnZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQcMBow
GAQCAAEwEgMEAMQBAQMEAMQBbQMEAMQBcTANBgkqhkiG9w0BAQsFAAOCAQEAq1+R
OSh1NW/+OP1fNl99IXkhDSMcGH+qhTAizq8N/zZn9tmGGd0kfAt8JyTkeaut1kKK
jZ9qgGBBXntpVxerTAGJPdbkKqd2LDm7hEzHzvRZq3QBWx5oe09bHp2zTZhKc/4b
skxIiwtRWM64FIDoKlJcLxG56cIIU2z8bLhGOe8me+wJ1Mo3p49GvWwXj6556CfC
FlgmIW5X6lwRaoGWs4p8uqRc/s+DOYq2ttqPYdA8OknjXoJCGrmqEIisC2KVOd03
fb+piyRLvSEYFayoTgzBNElrPvZLAvtVQ7UqPUnhhNgRSOhUI+9AFOYUn6XiNIvw
Oxj8IJFi2zasVoC8rA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 19:12:55 2025 by rpki-client