Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rOKNq-U2SWN_puTjId4bY0Y7g88.cer
File: rOKNq-U2SWN_puTjId4bY0Y7g88.cer (raw, json)
Hash identifier: 7L0Wk69HmItxy5iHOPeil8C7LyMkKziNLFnPdyeYRqI=
Subject key identifier: AC:E2:8D:AB:E5:36:49:63:7F:A6:E4:E3:21:DE:1B:63:46:3B:83:CF
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02A7B9
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9186249/A1F2343CD17011EEA6151C4DC4F9AE02/rOKNq-U2SWN_puTjId4bY0Y7g88.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9186249/A1F2343CD17011EEA6151C4DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 31 Mar 2026 04:00:47 +0000
Certificate not after: Fri 28 May 2027 00:00:00 +0000
Subordinate resources: AS: 152585
IP: 2001:df3:7ec0::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 12 Apr 2026 14:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 174009 (0x2a7b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Mar 31 04:00:47 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=A9186249, serialNumber=ACE28DABE53649637FA6E4E321DE1B63463B83CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:65:0e:b0:0c:51:bf:30:54:fe:ef:36:e9:53:
ed:30:d8:45:bd:71:e4:42:f5:21:3c:b0:85:64:6d:
cd:c9:00:cd:4f:6b:82:26:94:f0:09:bb:e2:a1:74:
25:eb:81:7e:e5:7c:78:22:d7:c6:bd:ad:d9:6a:93:
39:12:e6:18:97:19:02:46:13:89:cc:fd:21:72:41:
d2:3b:2a:27:7d:56:2d:88:64:5a:a5:f4:d7:69:b4:
f8:a5:bf:9b:eb:39:a0:b8:3e:4e:8d:69:90:c3:f2:
19:74:65:d7:86:a3:51:ac:84:54:10:12:23:7c:d8:
6d:c5:e2:39:f3:13:09:63:b2:86:f1:61:05:4a:e6:
32:a1:ff:bf:05:e1:9d:ea:fe:80:f6:51:3c:06:fa:
4a:dc:02:ae:64:0a:3b:08:22:62:ed:a3:b9:7e:e4:
b6:af:d6:f7:a2:c2:08:63:0d:da:0a:9d:d2:a8:5a:
f9:0f:5a:96:17:72:f7:f6:5b:71:f1:5a:6a:e4:74:
0b:df:2c:63:43:e8:84:b7:c3:9d:7a:a0:e9:31:38:
75:67:40:bf:bd:9b:f6:26:4d:b6:60:62:a4:4a:55:
51:38:34:80:c1:27:47:95:09:e2:86:77:f6:78:ad:
43:47:48:f5:41:04:09:06:78:82:cc:de:99:04:d9:
a2:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:E2:8D:AB:E5:36:49:63:7F:A6:E4:E3:21:DE:1B:63:46:3B:83:CF
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9186249/A1F2343CD17011EEA6151C4DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9186249/A1F2343CD17011EEA6151C4DC4F9AE02/rOKNq-U2SWN_puTjId4bY0Y7g88.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
152585
sbgp-ipAddrBlock: critical
IPv6:
2001:df3:7ec0::/48
Signature Algorithm: sha256WithRSAEncryption
8b:72:53:57:21:ed:4b:1b:a1:e8:c5:06:e2:8b:e9:1d:a3:40:
9c:bb:7e:b1:77:bf:b2:46:82:c2:42:e7:05:42:00:ec:b9:fc:
55:88:be:58:49:9e:a2:96:50:be:24:19:46:45:9a:08:02:d8:
95:03:57:04:76:d2:d0:01:ea:69:0a:06:78:8e:a0:d5:89:a5:
39:03:ea:21:1e:21:44:f8:ad:d3:4a:d2:bd:3a:62:fb:1a:06:
98:65:b3:a1:69:47:d4:b1:df:c0:54:1f:84:27:56:d2:b8:0e:
af:88:d8:8c:80:ff:f4:3a:a0:9f:10:b0:3a:55:42:8f:4d:77:
81:0e:6e:b4:b8:da:38:6a:b6:f3:72:04:e4:dc:f6:0c:bd:18:
4c:0c:6b:28:56:04:89:f1:2c:2d:c7:df:22:a4:2b:a1:2e:e3:
6a:f5:3f:ad:2c:65:91:ce:ed:d6:7e:fd:24:51:8b:e2:35:4c:
1a:78:78:4b:21:bb:77:2e:d5:c9:f7:7c:60:41:3a:6b:91:68:
3d:12:69:ce:12:07:90:14:1f:c7:31:bd:27:ba:69:47:a9:65:
95:71:75:3d:43:8f:4c:de:9a:1c:22:ef:d0:e6:b7:dd:4f:62:
03:b1:2c:32:7a:9a:39:a5:30:de:98:5d:d5:1b:61:47:e8:dc:
63:0e:21:c7
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgIDAqe5MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDMzMTA0MDA0N1oXDTI3MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxODYyNDkxMTAvBgNVBAUTKEFDRTI4REFCRTUzNjQ5NjM3RkE2RTRF
MzIxREUxQjYzNDYzQjgzQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDTZQ6wDFG/MFT+7zbpU+0w2EW9ceRC9SE8sIVkbc3JAM1Pa4ImlPAJu+KhdCXr
gX7lfHgi18a9rdlqkzkS5hiXGQJGE4nM/SFyQdI7Kid9Vi2IZFql9NdptPilv5vr
OaC4Pk6NaZDD8hl0ZdeGo1GshFQQEiN82G3F4jnzEwljsobxYQVK5jKh/78F4Z3q
/oD2UTwG+krcAq5kCjsIImLto7l+5Lav1veiwghjDdoKndKoWvkPWpYXcvf2W3Hx
WmrkdAvfLGND6IS3w516oOkxOHVnQL+9m/YmTbZgYqRKVVE4NIDBJ0eVCeKGd/Z4
rUNHSPVBBAkGeILM3pkE2aLVAgMBAAGjggMSMIIDDjAdBgNVHQ4EFgQUrOKNq+U2
SWN/puTjId4bY0Y7g88wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTg2MjQ5L0ExRjIzNDNDRDE3MDExRUVBNjE1MUM0REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4NjI0OS9BMUYyMzQzQ0QxNzAxMUVFQTYxNTFDNERDNEY5QUUwMi9yT0tOcS1V
MlNXTl9wdVRqSWQ0YlkwWTdnODgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlQJMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN837AMA0G
CSqGSIb3DQEBCwUAA4IBAQCLclNXIe1LG6HoxQbii+kdo0Ccu36xd7+yRoLCQucF
QgDsufxViL5YSZ6illC+JBlGRZoIAtiVA1cEdtLQAeppCgZ4jqDViaU5A+ohHiFE
+K3TStK9OmL7GgaYZbOhaUfUsd/AVB+EJ1bSuA6viNiMgP/0OqCfELA6VUKPTXeB
Dm60uNo4arbzcgTk3PYMvRhMDGsoVgSJ8Swtx98ipCuhLuNq9T+tLGWRzu3Wfv0k
UYviNUwaeHhLIbt3LtXJ93xgQTprkWg9EmnOEgeQFB/HMb0numlHqWWVcXU9Q49M
3pocIu/Q5rfdT2IDsSwyepo5pTDemF3VG2FH6NxjDiHH
-----END CERTIFICATE-----
Generated at Sun Apr 5 18:34:17 2026 by rpki-client