Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxlflsRtTShdW95LCwMOODFOj8s.cer
File: MxlflsRtTShdW95LCwMOODFOj8s.cer (raw, json)
Hash identifier: QcK2RLe8UqDcFz1skrLhI0/JuYXXKVE6PupnsQ1GMXM=
Subject key identifier: 33:19:5F:96:C4:6D:4D:28:5D:5B:DE:4B:0B:03:0E:38:31:4E:8F:CB
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02535D
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/MxlflsRtTShdW95LCwMOODFOj8s.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 03 Jul 2025 18:38:48 +0000
Certificate not after: Mon 31 Aug 2026 00:00:00 +0000
Subordinate resources: AS: 4786
AS: 7567
AS: 9797
AS: 17766
AS: 23609
AS: 38014
AS: 45201
AS: 137232
IP: 43.251.108.0/22
IP: 103.1.228.0/22
IP: 103.16.148.0/22
IP: 103.105.139.0/24
IP: 103.252.191.0/24
IP: 116.213.0.0/23
IP: 116.213.3.0 -- 116.213.4.255
IP: 116.213.6.0 -- 116.213.19.255
IP: 124.109.64.0/19
IP: 150.129.84.0/22
IP: 202.9.87.0/24
IP: 202.125.160.0 -- 202.125.166.255
IP: 202.125.168.0/21
IP: 202.155.160.0/20
IP: 203.1.248.0/22
IP: 203.3.166.0/24
IP: 203.4.185.0/24
IP: 203.8.10.0/24
IP: 203.9.152.0/22
IP: 203.9.240.0/20
IP: 203.12.234.0/24
IP: 203.17.76.0/22
IP: 203.19.214.0/23
IP: 203.19.244.0/22
IP: 203.25.126.0/23
IP: 203.26.138.0/23
IP: 203.27.108.0/24
IP: 203.28.121.0/24
IP: 203.28.141.0/24
IP: 203.30.59.0/24
IP: 203.30.164.0/23
IP: 203.30.199.0/24
IP: 203.31.116.0/22
IP: 203.31.168.0/24
IP: 203.32.160.0/20
IP: 203.33.150.0/24
IP: 203.55.0.0/23
IP: 203.56.26.0/24
IP: 203.56.225.0/24
IP: 203.76.0.0/18
IP: 203.149.64.0 -- 203.149.87.255
IP: 210.215.0.0/16
IP: 2001:db0::/32
IP: 2001:df0:294::/48
IP: 2001:df3:7900::/48
IP: 2401:240::/32
IP: 2404:d200::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 28 Jul 2025 00:20:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152413 (0x2535d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 3 18:38:48 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=A9173CE6, serialNumber=33195F96C46D4D285D5BDE4B0B030E38314E8FCB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c6:95:94:76:b9:fc:de:63:96:34:79:65:e7:
30:c2:11:fa:b4:0b:c4:7b:35:53:7f:33:21:09:3c:
43:ce:b6:e4:c2:65:b7:d2:1d:8a:5a:7b:7d:09:a1:
a7:16:90:3c:74:1e:0d:61:7a:b2:d1:77:b7:4a:da:
a1:bc:02:d8:c0:e0:62:3f:d5:14:b5:f9:04:88:70:
39:d5:76:4f:1a:5b:70:38:26:af:f0:82:b7:9c:7a:
5d:de:e0:47:fe:e3:99:33:ee:d4:c2:7f:f6:c3:7b:
99:48:d7:ee:f0:d9:66:bd:45:a7:16:6e:59:a2:c5:
9e:6d:56:aa:ad:98:87:35:6a:a8:b8:32:26:d4:2c:
61:3f:93:78:98:95:65:03:e8:0d:93:d6:06:0e:66:
50:9f:4f:17:a3:76:de:4c:d4:b3:2f:27:54:f1:f7:
d2:a0:4b:fb:00:54:6a:96:cc:c3:7a:f1:5c:48:a0:
7e:7f:1a:e0:52:cf:ed:b5:f4:9a:12:ff:d5:e9:fc:
c1:63:84:9a:ba:7d:eb:a0:74:9a:91:5b:ed:3d:e9:
83:7c:70:e7:20:21:6c:9c:28:8e:d2:32:23:7a:d0:
26:3f:26:6d:a1:e6:91:96:91:2c:bb:ff:05:12:32:
de:4f:95:6f:7a:48:d3:d2:6b:c7:e7:ad:2e:34:1e:
4b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:19:5F:96:C4:6D:4D:28:5D:5B:DE:4B:0B:03:0E:38:31:4E:8F:CB
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/MxlflsRtTShdW95LCwMOODFOj8s.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
4786
7567
9797
17766
23609
38014
45201
137232
sbgp-ipAddrBlock: critical
IPv4:
43.251.108.0/22
103.1.228.0/22
103.16.148.0/22
103.105.139.0/24
103.252.191.0/24
116.213.0.0/23
116.213.3.0-116.213.4.255
116.213.6.0-116.213.19.255
124.109.64.0/19
150.129.84.0/22
202.9.87.0/24
202.125.160.0-202.125.166.255
202.125.168.0/21
202.155.160.0/20
203.1.248.0/22
203.3.166.0/24
203.4.185.0/24
203.8.10.0/24
203.9.152.0/22
203.9.240.0/20
203.12.234.0/24
203.17.76.0/22
203.19.214.0/23
203.19.244.0/22
203.25.126.0/23
203.26.138.0/23
203.27.108.0/24
203.28.121.0/24
203.28.141.0/24
203.30.59.0/24
203.30.164.0/23
203.30.199.0/24
203.31.116.0/22
203.31.168.0/24
203.32.160.0/20
203.33.150.0/24
203.55.0.0/23
203.56.26.0/24
203.56.225.0/24
203.76.0.0/18
203.149.64.0-203.149.87.255
210.215.0.0/16
IPv6:
2001:db0::/32
2001:df0:294::/48
2001:df3:7900::/48
2401:240::/32
2404:d200::/32
Signature Algorithm: sha256WithRSAEncryption
b1:fb:e0:3d:17:5c:b6:b1:df:88:96:d3:d0:c4:45:88:c6:f0:
65:dc:be:78:47:a7:a3:18:31:ce:18:73:01:57:7e:35:b9:2e:
b2:b4:c0:cc:67:1e:1c:88:e5:a4:6e:8d:6b:14:b2:45:15:84:
ee:91:4a:2e:b7:68:ef:91:2d:5f:5a:77:36:c2:03:a9:8a:42:
f4:6c:67:97:a4:07:31:d0:fb:ee:99:80:c7:b9:c4:fd:39:c2:
be:0a:4f:ce:b5:47:c2:aa:e3:ec:57:41:51:63:35:df:51:45:
17:cb:6b:0a:f2:61:38:7b:4b:bb:6d:37:b8:2f:b4:82:10:d7:
a0:01:f5:8e:dc:0a:80:b4:82:c0:57:32:bb:03:5c:d1:bb:b0:
84:02:74:f8:69:96:15:db:e4:04:92:90:37:87:4f:37:a0:b2:
97:69:b3:88:49:69:91:a4:56:2c:d2:67:83:7a:55:6f:08:ac:
19:e3:d3:8a:30:4e:ea:c2:3a:33:b2:51:f4:d3:3f:44:14:24:
86:ba:cc:e3:c9:db:d5:3f:ba:bb:89:3f:81:e7:d4:40:6f:8c:
b7:a2:41:da:20:ba:37:6c:9e:05:f2:7f:8a:9a:41:6c:af:5f:
b2:52:7e:21:5a:e2:b4:4d:5a:ff:b3:d4:5d:6c:e9:a0:2c:14:
52:5f:c8:7e
-----BEGIN CERTIFICATE-----
MIIHhjCCBm6gAwIBAgIDAlNdMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDcwMzE4Mzg0OFoXDTI2MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNzNDRTYxMTAvBgNVBAUTKDMzMTk1Rjk2QzQ2RDREMjg1RDVCREU0
QjBCMDMwRTM4MzE0RThGQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCfxpWUdrn83mOWNHll5zDCEfq0C8R7NVN/MyEJPEPOtuTCZbfSHYpae30JoacW
kDx0Hg1herLRd7dK2qG8AtjA4GI/1RS1+QSIcDnVdk8aW3A4Jq/wgrecel3e4Ef+
45kz7tTCf/bDe5lI1+7w2Wa9RacWblmixZ5tVqqtmIc1aqi4MibULGE/k3iYlWUD
6A2T1gYOZlCfTxejdt5M1LMvJ1Tx99KgS/sAVGqWzMN68VxIoH5/GuBSz+219JoS
/9Xp/MFjhJq6feugdJqRW+096YN8cOcgIWycKI7SMiN60CY/Jm2h5pGWkSy7/wUS
Mt5PlW96SNPSa8fnrS40HkvvAgMBAAGjggR7MIIEdzAdBgNVHQ4EFgQUMxlflsRt
TShdW95LCwMOODFOj8swHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTczQ0U2LzBFOEUyNzgwN0JEMDExRUI4NUE2Njk4MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3M0NFNi8wRThFMjc4MDdCRDAxMUVCODVBNjY5ODBDNEY5QUUwMi9NeGxmbHNS
dFRTaGRXOTVMQ3dNT09ERk9qOHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQgBAf8EKTAn
oCUwIwICErICAh2PAgImRQICRWYCAlw5AgMAlH4CAwCwkQIDAhgQMIIBawYIKwYB
BQUHAQcBAf8EggFaMIIBVjCCASMEAgABMIIBGwMEAiv7bAMEAmcB5AMEAmcQlAME
AGdpiwMEAGf8vwMEAXTVADAMAwQAdNUDAwQAdNUEMAwDBAF01QYDBAJ01RADBAV8
bUADBAKWgVQDBADKCVcwDAMEBcp9oAMEAMp9pgMEA8p9qAMEBMqboAMEAssB+AME
AMsDpgMEAMsEuQMEAMsICgMEAssJmAMEBMsJ8AMEAMsM6gMEAssRTAMEAcsT1gME
AssT9AMEAcsZfgMEAcsaigMEAMsbbAMEAMsceQMEAMscjQMEAMseOwMEAcsepAME
AMsexwMEAssfdAMEAMsfqAMEBMsgoAMEAMshlgMEAcs3AAMEAMs4GgMEAMs44QME
BstMADAMAwQGy5VAAwQDy5VQAwMA0tcwLQQCAAIwJwMFACABDbADBwAgAQ3wApQD
BwAgAQ3zeQADBQAkAQJAAwUAJATSADANBgkqhkiG9w0BAQsFAAOCAQEAsfvgPRdc
trHfiJbT0MRFiMbwZdy+eEenoxgxzhhzAVd+NbkusrTAzGceHIjlpG6NaxSyRRWE
7pFKLrdo75EtX1p3NsIDqYpC9Gxnl6QHMdD77pmAx7nE/TnCvgpPzrVHwqrj7FdB
UWM131FFF8trCvJhOHtLu203uC+0ghDXoAH1jtwKgLSCwFcyuwNc0buwhAJ0+GmW
FdvkBJKQN4dPN6Cyl2mziElpkaRWLNJng3pVbwisGePTijBO6sI6M7JR9NM/RBQk
hrrM48nb1T+6u4k/gefUQG+Mt6JB2iC6N2yeBfJ/ippBbK9fslJ+IVritE1a/7PU
XWzpoCwUUl/Ifg==
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:17:24 2025 by rpki-client