Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
File: HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer (raw, json)
Hash identifier: xoDCjz5xrHQYYoEYsTCJcsb4v3RVjnKwNKSBK5o9hGw=
Subject key identifier: 1D:D1:B8:68:78:86:92:4C:46:13:11:60:50:EE:90:E9:D4:94:26:9E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0254D5
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 10 Jul 2025 13:08:04 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 9266
AS: 24219
AS: 24231
AS: 56273
IP: 103.36.152.0/22
IP: 103.65.216.0/22
IP: 103.225.108.0/22
IP: 202.1.116.0/22
IP: 203.5.244.0/24
IP: 203.8.204.0/24
IP: 203.10.124.0/24
IP: 203.12.116.0/24
IP: 203.14.106.0/24
IP: 203.14.193.0/24
IP: 203.18.151.0/24
IP: 203.19.52.0/24
IP: 203.19.220.0/23
IP: 203.20.110.0/23
IP: 203.21.22.0/24
IP: 203.22.169.0/24
IP: 203.23.50.0/24
IP: 203.23.71.0/24
IP: 203.24.174.0/23
IP: 203.25.68.0/22
IP: 203.25.123.0/24
IP: 203.25.158.0/24
IP: 203.26.157.0/24
IP: 203.26.171.0/24
IP: 203.26.226.0/23
IP: 203.29.21.0/24
IP: 203.29.127.0/24
IP: 203.30.78.0/24
IP: 203.31.214.0/24
IP: 203.32.44.0/23
IP: 203.32.47.0/24
IP: 203.32.190.0/23
IP: 203.33.28.0/24
IP: 203.33.58.0/23
IP: 203.33.108.0/23
IP: 203.33.142.0/24
IP: 203.34.167.0/24
IP: 203.55.194.0/23
IP: 203.56.251.0/24
IP: 203.62.147.0/24
IP: 2403:6400::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 27 Jul 2025 14:45:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152789 (0x254d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 10 13:08:04 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A911D848, serialNumber=1DD1B8687886924C4613116050EE90E9D494269E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:73:a9:77:15:1e:50:f9:f6:55:23:0b:96:aa:
a7:2a:66:2d:15:20:20:a1:a0:1c:0e:12:7e:92:d7:
5e:ac:ae:11:3f:62:05:bf:74:75:9c:dc:2e:9b:60:
14:09:da:a1:3f:66:40:29:1b:64:47:c8:70:18:31:
95:23:ee:4e:52:eb:c4:f9:61:6a:6c:2b:ce:6a:7e:
19:c6:03:4f:6c:74:00:26:55:93:46:5d:5a:f3:7c:
4a:3d:80:f4:40:6b:13:b6:11:a8:91:7f:ac:cc:c9:
6c:29:a9:91:00:f7:b8:4f:03:72:da:97:5a:00:b4:
73:02:ab:71:42:33:c8:ef:1f:71:03:a0:c6:de:cd:
86:c5:8f:a0:10:dd:b5:03:29:ee:42:e1:eb:99:94:
33:96:20:7a:61:66:ff:68:ca:a8:d6:37:25:74:80:
03:49:45:3f:45:24:b3:c6:c7:ba:22:d3:ae:bb:4d:
0a:a0:2e:e6:5f:91:43:4a:42:0e:c5:2f:de:b1:5f:
80:09:b5:67:12:1c:03:2b:f8:72:60:59:04:46:4d:
33:8f:91:33:e8:cf:ff:ed:33:32:c9:20:40:3c:f6:
47:89:cf:1a:57:4e:60:92:e2:bb:3e:2a:70:de:c7:
f1:1e:68:3f:8f:af:ed:b8:4e:c6:0c:a0:65:b0:3a:
35:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D1:B8:68:78:86:92:4C:46:13:11:60:50:EE:90:E9:D4:94:26:9E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9266
24219
24231
56273
sbgp-ipAddrBlock: critical
IPv4:
103.36.152.0/22
103.65.216.0/22
103.225.108.0/22
202.1.116.0/22
203.5.244.0/24
203.8.204.0/24
203.10.124.0/24
203.12.116.0/24
203.14.106.0/24
203.14.193.0/24
203.18.151.0/24
203.19.52.0/24
203.19.220.0/23
203.20.110.0/23
203.21.22.0/24
203.22.169.0/24
203.23.50.0/24
203.23.71.0/24
203.24.174.0/23
203.25.68.0/22
203.25.123.0/24
203.25.158.0/24
203.26.157.0/24
203.26.171.0/24
203.26.226.0/23
203.29.21.0/24
203.29.127.0/24
203.30.78.0/24
203.31.214.0/24
203.32.44.0/23
203.32.47.0/24
203.32.190.0/23
203.33.28.0/24
203.33.58.0/23
203.33.108.0/23
203.33.142.0/24
203.34.167.0/24
203.55.194.0/23
203.56.251.0/24
203.62.147.0/24
IPv6:
2403:6400::/32
Signature Algorithm: sha256WithRSAEncryption
2f:74:f4:ac:6a:65:3b:27:ff:c7:3f:ac:4f:cb:7f:bf:6a:56:
76:4f:a2:50:27:3c:0a:47:20:99:c3:6a:e1:65:58:0b:f0:70:
5b:d6:5c:d7:77:3c:bb:0e:89:8a:4d:2f:12:9b:2b:ce:1e:f5:
fb:46:2b:d4:a9:2b:19:4f:6e:57:4e:ea:91:cf:40:dc:89:a9:
eb:a8:68:9a:a5:56:cd:7c:c8:ad:2d:0d:cb:5d:17:5a:b7:d1:
cf:dc:3f:8b:0f:8b:a1:17:c4:61:e7:43:b9:51:5f:50:f1:4e:
d4:96:ec:0e:6b:68:dd:27:cf:76:dd:b1:77:d0:9f:73:6c:7a:
75:cb:ee:e9:08:10:f6:3e:6f:2d:be:64:c5:6b:12:fa:5c:09:
a5:e4:cd:a4:68:00:f4:02:f7:25:27:21:8c:96:d0:8e:9f:78:
79:c3:2b:45:57:5c:04:09:5b:3f:91:1f:53:c8:2a:68:5d:1e:
c2:ce:b5:f0:59:65:7f:bd:2f:e8:27:67:74:97:96:fc:17:c5:
3b:34:8c:f8:59:49:c2:31:b5:6f:b2:2b:d2:62:73:66:e6:43:
1d:49:fa:f0:5b:ee:c6:ca:c8:ab:fc:6d:65:75:5b:58:39:0a:
2e:22:40:01:9c:6b:5a:5c:10:19:8e:70:f7:25:6c:50:1e:9e:
3d:8d:10:44
-----BEGIN CERTIFICATE-----
MIIHJzCCBg+gAwIBAgIDAlTVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDcxMDEzMDgwNFoXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMUQ4NDgxMTAvBgNVBAUTKDFERDFCODY4Nzg4NjkyNEM0NjEzMTE2
MDUwRUU5MEU5RDQ5NDI2OUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDEc6l3FR5Q+fZVIwuWqqcqZi0VICChoBwOEn6S116srhE/YgW/dHWc3C6bYBQJ
2qE/ZkApG2RHyHAYMZUj7k5S68T5YWpsK85qfhnGA09sdAAmVZNGXVrzfEo9gPRA
axO2EaiRf6zMyWwpqZEA97hPA3Lal1oAtHMCq3FCM8jvH3EDoMbezYbFj6AQ3bUD
Ke5C4euZlDOWIHphZv9oyqjWNyV0gANJRT9FJLPGx7oi0667TQqgLuZfkUNKQg7F
L96xX4AJtWcSHAMr+HJgWQRGTTOPkTPoz//tMzLJIEA89keJzxpXTmCS4rs+KnDe
x/EeaD+Pr+24TsYMoGWwOjX3AgMBAAGjggQcMIIEGDAdBgNVHQ4EFgQUHdG4aHiG
kkxGExFgUO6Q6dSUJp4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTFEODQ4L0MyNTFCNUIyOUIxMDExRUZBNzJCQTAyMEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExRDg0OC9DMjUxQjVCMjlCMTAxMUVGQTcyQkEwMjBDNEY5QUUwMi9IZEc0YUhp
R2treEdFeEZnVU82UTZkU1VKcDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJgYIKwYBBQUHAQgBAf8EFzAV
oBMwEQICJDICAl6bAgJepwIDANvRMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCB
9wQCAAEwgfADBAJnJJgDBAJnQdgDBAJn4WwDBALKAXQDBADLBfQDBADLCMwDBADL
CnwDBADLDHQDBADLDmoDBADLDsEDBADLEpcDBADLEzQDBAHLE9wDBAHLFG4DBADL
FRYDBADLFqkDBADLFzIDBADLF0cDBAHLGK4DBALLGUQDBADLGXsDBADLGZ4DBADL
Gp0DBADLGqsDBAHLGuIDBADLHRUDBADLHX8DBADLHk4DBADLH9YDBAHLICwDBADL
IC8DBAHLIL4DBADLIRwDBAHLIToDBAHLIWwDBADLIY4DBADLIqcDBAHLN8IDBADL
OPsDBADLPpMwDQQCAAIwBwMFACQDZAAwDQYJKoZIhvcNAQELBQADggEBAC909Kxq
ZTsn/8c/rE/Lf79qVnZPolAnPApHIJnDauFlWAvwcFvWXNd3PLsOiYpNLxKbK84e
9ftGK9SpKxlPbldO6pHPQNyJqeuoaJqlVs18yK0tDctdF1q30c/cP4sPi6EXxGHn
Q7lRX1DxTtSW7A5raN0nz3bdsXfQn3NsenXL7ukIEPY+by2+ZMVrEvpcCaXkzaRo
APQC9yUnIYyW0I6feHnDK0VXXAQJWz+RH1PIKmhdHsLOtfBZZX+9L+gnZ3SXlvwX
xTs0jPhZScIxtW+yK9Jic2bmQx1J+vBb7sbKyKv8bWV1W1g5Ci4iQAGca1pcEBmO
cPclbFAenj2NEEQ=
-----END CERTIFICATE-----
Generated at Sun Jul 20 17:38:44 2025 by rpki-client