Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Flg8U6kZ2dK-ZgrFQMeBfUu0KB4.cer
File: Flg8U6kZ2dK-ZgrFQMeBfUu0KB4.cer (raw, json)
Hash identifier: kd1m5km5wwk4vylQjhUjbxWsAI4Q4IP1hbJCECVeXHY=
Subject key identifier: 16:58:3C:53:A9:19:D9:D2:BE:66:0A:C5:40:C7:81:7D:4B:B4:28:1E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0252E5
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/497c5f27-1bf0-4e9e-b9da-37aa0a12d732/3/16583C53A919D9D2BE660AC540C7817D4BB4281E.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/497c5f27-1bf0-4e9e-b9da-37aa0a12d732/3/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Wed 02 Jul 2025 19:29:35 +0000
Certificate not after: Thu 28 May 2026 00:00:00 +0000
Subordinate resources: AS: 7719
AS: 151817
IP: 103.208.84.0/22
IP: 2404:3d80::/32
Validation: Failed, certificate revoked on Thu 03 Jul 2025 03:56:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152293 (0x252e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 2 19:29:35 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=A91115900000, serialNumber=16583C53A919D9D2BE660AC540C7817D4BB4281E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3b:83:ee:f6:98:0d:8e:02:f1:d6:84:5d:fd:
dd:18:aa:ef:c2:2f:e1:8b:c8:6e:6a:3a:2d:37:e0:
50:41:5d:39:80:1c:b5:6f:0f:65:ca:c2:72:d4:38:
ee:f1:bb:b7:a0:89:da:25:0b:31:76:5f:fa:aa:02:
c8:a5:c7:a8:bb:ba:a8:48:1d:c6:01:d2:e2:06:4f:
eb:18:bc:24:2e:15:ca:d1:6c:13:86:15:1d:58:b0:
00:86:ee:33:29:da:e5:fa:d2:84:1c:0f:cb:b2:01:
ca:47:dc:50:dd:df:5f:36:29:51:c0:d9:5a:aa:e3:
36:b1:6f:22:e3:c9:3f:d2:60:7f:c6:c3:1e:e3:26:
64:c9:f7:ba:fa:2d:a5:57:52:78:37:82:bb:ae:c6:
52:8a:00:fd:42:a4:82:9e:65:5b:77:f5:1e:e6:48:
bf:42:e9:ba:d3:81:70:03:4a:be:44:94:3e:7c:ea:
59:7b:0c:02:23:56:51:3e:56:de:07:37:43:1b:7b:
fa:6c:5c:9c:9f:a6:f5:53:46:1a:f2:3e:61:b7:3b:
b8:55:ee:cb:43:f9:7f:c5:3e:04:7a:4e:ca:1b:f1:
a8:18:cb:87:95:73:c8:ab:6f:9f:57:1f:b4:1b:72:
95:3e:8a:00:44:3f:f1:e1:c4:63:dc:68:d2:0b:1d:
19:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:58:3C:53:A9:19:D9:D2:BE:66:0A:C5:40:C7:81:7D:4B:B4:28:1E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/497c5f27-1bf0-4e9e-b9da-37aa0a12d732/3/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/497c5f27-1bf0-4e9e-b9da-37aa0a12d732/3/16583C53A919D9D2BE660AC540C7817D4BB4281E.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
7719
151817
sbgp-ipAddrBlock: critical
IPv4:
103.208.84.0/22
IPv6:
2404:3d80::/32
Signature Algorithm: sha256WithRSAEncryption
71:83:70:77:2f:56:2e:2e:68:fe:f9:ff:4f:9a:2d:74:21:78:
8f:85:56:a4:d6:a7:e4:fb:1b:3a:25:a8:4e:fd:0c:a6:f8:78:
eb:55:4a:62:d6:4b:00:18:8e:44:5c:5a:29:04:14:0f:ab:f2:
2b:52:66:f7:4d:69:a9:31:75:09:1c:42:53:f2:df:b6:0a:59:
67:ba:e0:65:d1:e2:b1:c1:a0:ed:b5:62:ce:7c:fb:9d:0f:ef:
e1:da:45:b6:25:c1:64:16:ad:60:c2:70:fc:bc:b2:34:95:a4:
d5:f5:ae:5b:84:3d:34:98:2a:d7:47:b4:90:9a:db:23:72:85:
4c:1b:70:66:ef:bb:58:2d:f4:ac:1b:15:fe:3c:e1:57:91:c2:
aa:10:28:ad:a7:35:e4:fe:2f:f1:3d:b6:b3:1b:d3:58:5f:20:
a3:ff:fd:e1:a8:aa:5d:43:08:e6:42:07:fd:ce:d1:04:5f:0c:
7f:30:24:ed:89:2e:19:89:ce:7a:16:53:c5:0e:96:71:f5:a2:
d2:4f:af:17:ee:2c:c7:f3:37:32:15:94:e7:a7:25:a0:8d:bf:
d5:5a:de:28:69:4f:16:5e:80:3b:85:91:87:5a:6d:c0:83:5e:
6a:4a:57:64:39:a4:09:e3:49:0f:40:b2:64:42:cd:fc:64:fe:
69:0e:bf:f1
-----BEGIN CERTIFICATE-----
MIIGSDCCBTCgAwIBAgIDAlLlMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDcwMjE5MjkzNVoXDTI2MDUyODAwMDAwMFowSjEVMBMG
A1UEAxMMQTkxMTE1OTAwMDAwMTEwLwYDVQQFEygxNjU4M0M1M0E5MTlEOUQyQkU2
NjBBQzU0MEM3ODE3RDRCQjQyODFFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtzuD7vaYDY4C8daEXf3dGKrvwi/hi8huajotN+BQQV05gBy1bw9lysJy
1Dju8bu3oInaJQsxdl/6qgLIpceou7qoSB3GAdLiBk/rGLwkLhXK0WwThhUdWLAA
hu4zKdrl+tKEHA/LsgHKR9xQ3d9fNilRwNlaquM2sW8i48k/0mB/xsMe4yZkyfe6
+i2lV1J4N4K7rsZSigD9QqSCnmVbd/Ue5ki/Qum604FwA0q+RJQ+fOpZewwCI1ZR
PlbeBzdDG3v6bFycn6b1U0Ya8j5htzu4Ve7LQ/l/xT4Eek7KG/GoGMuHlXPIq2+f
Vx+0G3KVPooARD/x4cRj3GjSCx0ZxQIDAQABo4IDOTCCAzUwHQYDVR0OBBYEFBZY
PFOpGdnSvmYKxUDHgX1LtCgeMB8GA1UdIwQYMBaAFA5lpPX9NrW9aOs8kjQIl4yQ
eqefMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1
ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9EbVdrOWYwMnRiMW82enlTTkFpWGpK
QjZwNTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3RTExRTdBOTZBMzk1
MjFBNEY0RkI0L0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1OC5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMIIBPwYIKwYBBQUHAQsEggExMIIBLTBfBggr
BgEFBQcwBYZTcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS80OTdjNWYyNy0xYmYwLTRlOWUtYjlkYS0zN2FhMGExMmQ3MzIvMy8wgYsG
CCsGAQUFBzAKhn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5LzQ5N2M1ZjI3LTFiZjAtNGU5ZS1iOWRhLTM3YWEwYTEyZDczMi8zLzE2
NTgzQzUzQTkxOUQ5RDJCRTY2MEFDNTQwQzc4MTdENEJCNDI4MUUubWZ0MDwGCCsG
AQUFBzANhjBodHRwczovL3JyZHAucGFhcy5ycGtpLnJpcGUubmV0L25vdGlmaWNh
dGlvbi54bWwwHgYIKwYBBQUHAQgBAf8EDzANoAswCQICHicCAwJRCTAuBggrBgEF
BQcBBwEB/wQfMB0wDAQCAAEwBgMEAmfQVDANBAIAAjAHAwUAJAQ9gDANBgkqhkiG
9w0BAQsFAAOCAQEAcYNwdy9WLi5o/vn/T5otdCF4j4VWpNan5PsbOiWoTv0Mpvh4
61VKYtZLABiORFxaKQQUD6vyK1Jm901pqTF1CRxCU/LftgpZZ7rgZdHiscGg7bVi
znz7nQ/v4dpFtiXBZBatYMJw/LyyNJWk1fWuW4Q9NJgq10e0kJrbI3KFTBtwZu+7
WC30rBsV/jzhV5HCqhAorac15P4v8T22sxvTWF8go//94aiqXUMI5kIH/c7RBF8M
fzAk7YkuGYnOehZTxQ6WcfWi0k+vF+4sx/M3MhWU56cloI2/1VreKGlPFl6AO4WR
h1ptwINeakpXZDmkCeNJD0CyZELN/GT+aQ6/8Q==
-----END CERTIFICATE-----
Generated at Sat Jul 26 07:35:01 2025 by rpki-client