Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aH-6IOL3iRfg-wO5ErjIVjfFNz0.cer
File: aH-6IOL3iRfg-wO5ErjIVjfFNz0.cer (raw, json)
Hash identifier: 7pIU6RcCdGTnKTY9c16RCXdT+ezaSam5pQPZs92+PmI=
Subject key identifier: 68:7F:BA:20:E2:F7:89:17:E0:FB:03:B9:12:B8:C8:56:37:C5:37:3D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02A6CC
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A913B243/A9A753A0BB9911F0B5FB696AC4F9AE02/aH-6IOL3iRfg-wO5ErjIVjfFNz0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A913B243/A9A753A0BB9911F0B5FB696AC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 27 Mar 2026 12:50:54 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 154212
IP: 202.20.105.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 12 Apr 2026 14:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173772 (0x2a6cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Mar 27 12:50:54 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=A913B243, serialNumber=687FBA20E2F78917E0FB03B912B8C85637C5373D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ee:35:3f:0c:0c:44:91:de:51:ec:7e:31:84:
a1:66:b2:61:29:5b:fd:f8:53:b4:9a:68:2a:8a:40:
96:04:cd:28:b7:92:8f:7d:e1:8b:d0:08:d8:dd:45:
b0:7a:83:92:45:72:99:fb:48:b9:cd:7a:91:97:54:
13:bd:66:41:c0:63:5f:31:63:76:3a:1f:66:c9:41:
45:56:ec:ec:c6:84:ea:a5:83:7a:53:85:80:fe:9e:
1d:0f:f3:e2:77:95:37:a4:24:99:24:a0:ca:25:0a:
80:89:23:21:67:93:a1:c8:32:98:f3:8d:16:f8:dd:
56:4d:35:8c:08:a7:28:cd:74:86:5b:c8:83:01:af:
a1:7a:8e:d1:c0:29:35:bd:24:96:2b:d6:8c:ef:51:
70:76:b5:26:cf:ca:a8:a2:05:57:22:a4:f6:e2:e5:
e4:1b:89:6b:85:bf:86:93:86:3e:ac:ba:2c:8d:5b:
2e:de:00:75:4b:d6:67:07:1a:21:a2:1b:69:4c:39:
3c:04:3c:be:0b:59:e5:68:4a:d2:ed:19:1c:6f:e7:
63:17:4c:c1:7b:e1:7f:47:15:40:b6:66:00:4b:64:
a1:15:f3:6b:02:22:dd:11:fd:43:c2:d3:ea:53:0c:
41:77:6f:00:d1:2c:6a:42:98:62:dc:cd:4f:1f:4c:
c7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:7F:BA:20:E2:F7:89:17:E0:FB:03:B9:12:B8:C8:56:37:C5:37:3D
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913B243/A9A753A0BB9911F0B5FB696AC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913B243/A9A753A0BB9911F0B5FB696AC4F9AE02/aH-6IOL3iRfg-wO5ErjIVjfFNz0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
154212
sbgp-ipAddrBlock: critical
IPv4:
202.20.105.0/24
Signature Algorithm: sha256WithRSAEncryption
01:43:2e:7f:fe:3c:b2:f5:24:0d:39:ac:4f:d0:e3:d2:da:3b:
92:c1:78:ee:f1:0a:1b:cb:79:32:81:d7:2b:3a:33:86:e0:ed:
b1:57:80:0c:39:af:cf:99:ee:a7:b0:ba:88:63:f7:d4:66:15:
e5:17:02:d6:60:af:9a:4b:28:84:d8:c4:f2:ae:e1:e6:8b:74:
a8:cd:1e:14:82:a0:49:0b:b1:ff:56:0e:c6:c9:36:b3:4a:9a:
63:e8:1b:d3:a4:3c:e1:48:fe:d6:9f:d4:88:da:e1:d1:95:72:
19:54:ea:44:c3:c9:7b:38:fa:7b:1e:07:7c:de:16:ad:f0:8e:
88:6f:03:0f:4b:ee:0d:64:e5:60:dd:5e:f1:60:64:6a:76:3a:
8a:e3:aa:c6:2c:56:67:a1:ae:08:84:08:4a:78:2a:f4:af:9d:
a4:78:4d:8e:d5:1b:63:03:b9:5b:f9:f9:1b:72:28:98:93:db:
96:41:d4:ce:8a:d2:18:11:75:b7:ae:d8:98:56:26:c8:2a:1b:
67:02:5d:00:41:97:cc:af:66:c6:ad:35:a4:ae:3e:7c:24:82:
0b:ec:dd:9a:e2:f9:9e:69:aa:9d:4c:22:48:c4:9d:26:f2:fe:
89:01:82:5c:11:c3:e3:b5:fb:89:33:0b:91:1a:3e:13:9f:84:
56:e5:06:0e
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAqbMMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDMyNzEyNTA1NFoXDTI3MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0IyNDMxMTAvBgNVBAUTKDY4N0ZCQTIwRTJGNzg5MTdFMEZCMDNC
OTEyQjhDODU2MzdDNTM3M0QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDM7jU/DAxEkd5R7H4xhKFmsmEpW/34U7SaaCqKQJYEzSi3ko994YvQCNjdRbB6
g5JFcpn7SLnNepGXVBO9ZkHAY18xY3Y6H2bJQUVW7OzGhOqlg3pThYD+nh0P8+J3
lTekJJkkoMolCoCJIyFnk6HIMpjzjRb43VZNNYwIpyjNdIZbyIMBr6F6jtHAKTW9
JJYr1ozvUXB2tSbPyqiiBVcipPbi5eQbiWuFv4aThj6suiyNWy7eAHVL1mcHGiGi
G2lMOTwEPL4LWeVoStLtGRxv52MXTMF74X9HFUC2ZgBLZKEV82sCIt0R/UPC0+pT
DEF3bwDRLGpCmGLczU8fTMdhAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUaH+6IOL3
iRfg+wO5ErjIVjfFNz0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNCMjQzL0E5QTc1M0EwQkI5OTExRjBCNUZCNjk2QUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzQjI0My9BOUE3NTNBMEJCOTkxMUYwQjVGQjY5NkFDNEY5QUUwMi9hSC02SU9M
M2lSZmctd081RXJqSVZqZkZOejAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlpkMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyhRpMA0GCSqG
SIb3DQEBCwUAA4IBAQABQy5//jyy9SQNOaxP0OPS2juSwXju8Qoby3kygdcrOjOG
4O2xV4AMOa/Pme6nsLqIY/fUZhXlFwLWYK+aSyiE2MTyruHmi3SozR4UgqBJC7H/
Vg7GyTazSppj6BvTpDzhSP7Wn9SI2uHRlXIZVOpEw8l7OPp7Hgd83hat8I6IbwMP
S+4NZOVg3V7xYGRqdjqK46rGLFZnoa4IhAhKeCr0r52keE2O1RtjA7lb+fkbciiY
k9uWQdTOitIYEXW3rtiYVibIKhtnAl0AQZfMr2bGrTWkrj58JIIL7N2a4vmeaaqd
TCJIxJ0m8v6JAYJcEcPjtfuJMwuRGj4Tn4RW5QYO
-----END CERTIFICATE-----
Generated at Sun Apr 5 19:44:28 2026 by rpki-client