Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihuLzV7XzXIsUwBJjkqTZdBGo04.cer
File: ihuLzV7XzXIsUwBJjkqTZdBGo04.cer (raw, json)
Hash identifier: Zq8VQmElgtppIu0Spqm9Dm5BxArvn0qRcF/BR7rYak0=
Subject key identifier: 8A:1B:8B:CD:5E:D7:CD:72:2C:53:00:49:8E:4A:93:65:D0:46:A3:4E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025383
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E01C6/491C8CE6CC9111EA8A59EF46C4F9AE02/ihuLzV7XzXIsUwBJjkqTZdBGo04.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E01C6/491C8CE6CC9111EA8A59EF46C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 04 Jul 2025 04:48:14 +0000
Certificate not after: Mon 31 Aug 2026 00:00:00 +0000
Subordinate resources: AS: 136778
IP: 103.94.76.0/22
IP: 2401:36c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 27 Jul 2025 12:43:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152451 (0x25383)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 4 04:48:14 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=A91E01C6, serialNumber=8A1B8BCD5ED7CD722C5300498E4A9365D046A34E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:79:9b:e9:cc:61:ab:b2:70:0c:7b:d5:de:5b:
5b:13:37:fc:55:78:33:a1:85:4b:03:4b:92:b4:2a:
ed:35:6a:92:e0:7c:3b:be:1b:96:7a:02:c3:82:d0:
59:dc:60:cc:58:4a:31:4f:c8:9d:43:cf:e5:e5:28:
fd:c5:1a:a4:8e:0f:47:e6:8d:10:b9:24:b6:96:86:
54:1c:99:d9:44:7c:24:cc:3e:3a:28:cc:57:f3:26:
91:05:5d:2d:95:f4:a7:7f:c1:7d:5d:fc:57:f9:5a:
aa:5b:d8:d1:dc:8e:46:bc:54:0b:8d:d1:88:64:c0:
77:f4:ee:ce:c8:28:84:1a:2b:ce:d1:1d:73:a5:cf:
39:d6:6a:fa:f6:ff:e5:0d:37:8c:8f:d9:e7:bd:0f:
16:9c:79:e8:b9:fd:5c:d7:ef:55:2f:67:bf:6f:fa:
5c:72:01:38:89:66:c2:56:33:84:90:5f:6b:4d:65:
b9:35:ff:40:39:7b:d1:03:e8:6e:cc:9f:61:b4:07:
28:c1:22:34:8f:4e:85:01:93:af:0d:32:ef:e2:6a:
f8:7d:f7:3c:6d:f1:07:89:e6:75:6f:15:08:d9:9b:
14:c2:d8:34:0b:c6:e4:84:38:f0:36:a0:ab:a4:88:
4b:c4:7e:5a:86:51:76:5a:a8:3b:41:cf:22:ef:87:
51:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:1B:8B:CD:5E:D7:CD:72:2C:53:00:49:8E:4A:93:65:D0:46:A3:4E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E01C6/491C8CE6CC9111EA8A59EF46C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E01C6/491C8CE6CC9111EA8A59EF46C4F9AE02/ihuLzV7XzXIsUwBJjkqTZdBGo04.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
136778
sbgp-ipAddrBlock: critical
IPv4:
103.94.76.0/22
IPv6:
2401:36c0::/32
Signature Algorithm: sha256WithRSAEncryption
d9:43:32:70:00:67:8f:ba:55:35:6c:57:1b:f5:66:0f:59:13:
bd:7f:0b:03:14:a6:62:10:6a:b9:01:6b:c1:63:e3:21:4c:dd:
0c:33:b4:08:c2:e8:33:62:43:f4:42:09:c3:36:56:27:59:57:
a0:8c:8c:b9:98:57:53:45:c3:10:f9:a8:c5:65:59:9c:23:98:
d6:16:f4:e6:45:7b:91:dc:ea:7d:ae:bc:1b:63:c3:5c:27:a0:
62:77:a1:40:7c:5a:ba:bc:6a:7e:52:c3:24:81:dd:a9:8d:b4:
78:d4:52:74:f3:55:6f:10:ce:66:4f:57:6f:37:6f:7e:cb:64:
5d:0e:26:21:3d:95:77:c5:d8:83:ff:4b:42:b1:49:4e:99:73:
4d:2b:6b:50:18:4a:80:32:a7:dc:af:26:fa:c0:77:4b:f3:8d:
49:8a:2b:95:e0:e3:b3:38:21:0d:fe:ed:ea:27:16:b6:63:60:
6b:a1:f0:12:21:1f:f6:67:bc:a1:a4:71:53:c0:cb:c6:28:22:
3c:ba:3b:62:ec:e7:28:91:f7:40:4b:ab:f6:87:50:9f:2b:6b:
4a:d3:76:b1:ae:d7:85:34:59:83:80:66:44:b6:5f:9a:c2:4f:
74:1a:e6:f6:5a:96:c0:38:b9:d7:04:fe:6e:74:68:0c:c1:ac:
e9:37:dc:71
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAlODMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDcwNDA0NDgxNFoXDTI2MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTAxQzYxMTAvBgNVBAUTKDhBMUI4QkNENUVEN0NENzIyQzUzMDA0
OThFNEE5MzY1RDA0NkEzNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGeZvpzGGrsnAMe9XeW1sTN/xVeDOhhUsDS5K0Ku01apLgfDu+G5Z6AsOC0Fnc
YMxYSjFPyJ1Dz+XlKP3FGqSOD0fmjRC5JLaWhlQcmdlEfCTMPjoozFfzJpEFXS2V
9Kd/wX1d/Ff5Wqpb2NHcjka8VAuN0YhkwHf07s7IKIQaK87RHXOlzznWavr2/+UN
N4yP2ee9Dxaceei5/VzX71UvZ79v+lxyATiJZsJWM4SQX2tNZbk1/0A5e9ED6G7M
n2G0ByjBIjSPToUBk68NMu/iavh99zxt8QeJ5nVvFQjZmxTC2DQLxuSEOPA2oKuk
iEvEflqGUXZaqDtBzyLvh1EFAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUihuLzV7X
zXIsUwBJjkqTZdBGo04wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUUwMUM2LzQ5MUM4Q0U2Q0M5MTExRUE4QTU5RUY0NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFMDFDNi80OTFDOENFNkNDOTExMUVBOEE1OUVGNDZDNEY5QUUwMi9paHVMelY3
WHpYSXNVd0JKamtxVFpkQkdvMDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhZKMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ15MMA0EAgAC
MAcDBQAkATbAMA0GCSqGSIb3DQEBCwUAA4IBAQDZQzJwAGePulU1bFcb9WYPWRO9
fwsDFKZiEGq5AWvBY+MhTN0MM7QIwugzYkP0QgnDNlYnWVegjIy5mFdTRcMQ+ajF
ZVmcI5jWFvTmRXuR3Op9rrwbY8NcJ6Bid6FAfFq6vGp+UsMkgd2pjbR41FJ081Vv
EM5mT1dvN29+y2RdDiYhPZV3xdiD/0tCsUlOmXNNK2tQGEqAMqfcryb6wHdL841J
iiuV4OOzOCEN/u3qJxa2Y2BrofASIR/2Z7yhpHFTwMvGKCI8ujti7OcokfdAS6v2
h1CfK2tK03axrteFNFmDgGZEtl+awk90Gub2WpbAOLnXBP5udGgMwazpN9xx
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:22:12 2025 by rpki-client