Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y3kC4bqWiB1HLuyt-kW1V348HDE.cer
File: Y3kC4bqWiB1HLuyt-kW1V348HDE.cer (raw, json)
Hash identifier: tIOgX/23fiEMf3NBri74LU2v3PFwevbgLqdo6WVnBQw=
Subject key identifier: 63:79:02:E1:BA:96:88:1D:47:2E:EC:AD:FA:45:B5:57:7E:3C:1C:31
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02548B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 09 Jul 2025 05:15:09 +0000
Certificate not after: Mon 31 Aug 2026 00:00:00 +0000
Subordinate resources: AS: 152106
IP: 202.36.228.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 28 Jul 2025 10:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152715 (0x2548b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 9 05:15:09 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=A91CE524, serialNumber=637902E1BA96881D472EECADFA45B5577E3C1C31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:e8:c0:e0:0a:d3:8e:e3:2f:8a:62:c2:87:ba:
49:c4:ee:a3:74:c6:55:68:71:73:a8:ac:f4:a0:fb:
44:32:38:26:d5:e0:9b:1c:ee:c2:79:c8:66:c3:c5:
38:c2:44:21:23:00:12:f0:6a:89:ff:92:de:dc:70:
d3:db:c0:5d:09:a7:e5:33:3d:e5:2c:7c:3e:b1:b7:
cc:1a:3f:8d:8e:79:a1:c2:cf:f6:aa:ab:38:39:82:
8b:5a:46:a0:f4:ae:de:d3:92:ed:f3:80:80:84:c5:
af:9e:13:1d:38:09:29:9e:6f:80:86:d9:3e:b2:8e:
ef:52:58:6e:9e:6d:5f:90:9c:8f:bf:ed:c6:92:5c:
d9:1f:38:2c:14:80:b0:88:92:92:ea:89:b3:60:12:
21:d2:01:78:d6:e7:b8:42:cf:70:b3:97:53:6c:3c:
15:cd:34:3e:41:37:c5:af:27:bb:87:03:a7:bc:49:
11:e5:53:81:4a:c3:b6:37:d9:b8:5c:15:e2:ed:08:
9e:f8:ea:1c:0a:1f:50:71:a2:e0:3c:52:9b:28:ee:
5e:b5:b9:b5:bb:38:29:ec:c3:07:9c:23:5c:27:e6:
d3:78:bb:39:b6:69:50:a2:43:a4:53:b9:0a:89:81:
33:b4:ce:9e:9a:37:4e:78:7f:b4:44:ee:4c:bb:f5:
69:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:79:02:E1:BA:96:88:1D:47:2E:EC:AD:FA:45:B5:57:7E:3C:1C:31
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
152106
sbgp-ipAddrBlock: critical
IPv4:
202.36.228.0/24
Signature Algorithm: sha256WithRSAEncryption
45:a3:93:7a:60:c0:16:41:be:ee:25:6d:d0:15:a8:ad:be:39:
39:1d:4e:1e:bf:c5:fe:de:89:ef:df:85:3c:23:ce:67:da:ca:
ad:33:1d:62:71:eb:8a:4a:d2:a2:2e:59:b1:45:54:a3:b5:cd:
10:3f:69:ed:c8:16:c6:c7:b8:b8:6b:01:ca:85:2c:e6:49:e9:
26:7f:29:58:b8:fa:ce:cf:1d:eb:61:a4:33:33:dd:09:ea:6b:
27:39:49:0a:83:40:ed:5c:f6:66:79:05:a4:a1:10:70:0f:8c:
d0:fd:91:da:6e:ae:93:77:d6:36:9d:3c:56:d6:8a:e3:77:9c:
8c:30:08:09:73:d8:37:aa:c3:82:18:93:8e:88:04:5f:74:24:
1f:c8:cc:d6:43:e1:dc:23:77:73:a3:4b:84:6b:32:75:90:da:
41:64:9f:a0:3f:65:60:86:76:ac:a9:74:f0:4c:ba:35:b1:7b:
e8:85:e3:91:a0:0d:af:99:94:b4:04:ae:77:3b:3e:21:fc:2e:
13:68:68:96:50:bb:b4:fc:5f:5f:d0:ad:84:00:25:51:71:12:
5f:78:3f:c8:ab:53:f6:af:1d:40:9f:60:d1:ac:a8:87:d0:f9:
a1:dd:56:30:5b:bd:38:c3:cf:dc:26:8b:cd:fd:7c:38:ec:db:
b4:59:ce:fc
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAlSLMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDcwOTA1MTUwOVoXDTI2MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQ0U1MjQxMTAvBgNVBAUTKDYzNzkwMkUxQkE5Njg4MUQ0NzJFRUNB
REZBNDVCNTU3N0UzQzFDMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDf6MDgCtOO4y+KYsKHuknE7qN0xlVocXOorPSg+0QyOCbV4Jsc7sJ5yGbDxTjC
RCEjABLwaon/kt7ccNPbwF0Jp+UzPeUsfD6xt8waP42OeaHCz/aqqzg5gotaRqD0
rt7Tku3zgICExa+eEx04CSmeb4CG2T6yju9SWG6ebV+QnI+/7caSXNkfOCwUgLCI
kpLqibNgEiHSAXjW57hCz3Czl1NsPBXNND5BN8WvJ7uHA6e8SRHlU4FKw7Y32bhc
FeLtCJ746hwKH1BxouA8Upso7l61ubW7OCnswwecI1wn5tN4uzm2aVCiQ6RTuQqJ
gTO0zp6aN054f7RE7ky79WkjAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUY3kC4bqW
iB1HLuyt+kW1V348HDEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNFNTI0LzBDMkMyQkQ2ODhDNTExRUVBODMxMUM3MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDRTUyNC8wQzJDMkJENjg4QzUxMUVFQTgzMTFDNzFDNEY5QUUwMi9ZM2tDNGJx
V2lCMUhMdXl0LWtXMVYzNDhIREUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlIqMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyiTkMA0GCSqG
SIb3DQEBCwUAA4IBAQBFo5N6YMAWQb7uJW3QFaitvjk5HU4ev8X+3onv34U8I85n
2sqtMx1iceuKStKiLlmxRVSjtc0QP2ntyBbGx7i4awHKhSzmSekmfylYuPrOzx3r
YaQzM90J6msnOUkKg0DtXPZmeQWkoRBwD4zQ/ZHabq6Td9Y2nTxW1orjd5yMMAgJ
c9g3qsOCGJOOiARfdCQfyMzWQ+HcI3dzo0uEazJ1kNpBZJ+gP2VghnasqXTwTLo1
sXvoheORoA2vmZS0BK53Oz4h/C4TaGiWULu0/F9f0K2EACVRcRJfeD/Iq1P2rx1A
n2DRrKiH0Pmh3VYwW704w8/cJovN/Xw47Nu0Wc78
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:11:53 2025 by rpki-client