Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xGfLLMucIacHtd-86roFTBkFI64.cer
File: xGfLLMucIacHtd-86roFTBkFI64.cer (raw, json)
Hash identifier: Sk7rcSBwj4qO0bfjQykmK7p0YAkJPNq/AqhdNW9opbs=
Subject key identifier: C4:67:CB:2C:CB:9C:21:A7:07:B5:DF:BC:EA:BA:05:4C:19:05:23:AE
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 022C46
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A919C3BE/947B3506093811EA95CA3129C4F9AE02/xGfLLMucIacHtd-86roFTBkFI64.mft
caRepository: rsync://rpki.apnic.net/member_repository/A919C3BE/947B3506093811EA95CA3129C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 29 Jan 2025 18:50:26 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: AS: 134970
IP: 103.251.244.0/22
IP: 220.247.128.0/22
IP: 2407:7380::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 12 Apr 2025 07:53:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142406 (0x22c46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 29 18:50:26 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=A919C3BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:09:f1:d0:0a:72:14:5d:70:cc:54:70:12:7d:
41:61:43:b3:99:4b:b8:20:32:3a:ae:e9:36:f2:50:
8e:ae:06:92:3f:ff:96:d7:06:71:33:3d:fe:2f:c9:
36:fb:05:ba:5f:81:7c:8f:f4:1f:ea:59:9c:6c:ab:
a5:e2:94:31:62:f7:d2:7e:25:05:fe:33:7c:bb:35:
43:04:d5:4f:e2:9e:4f:ca:49:10:a0:64:6f:1f:85:
fb:b9:d7:ee:58:be:f9:3b:27:9d:7b:31:10:c3:03:
eb:e7:7d:c6:b1:37:a1:9d:06:e7:ff:1c:0f:26:ac:
aa:0e:b8:ca:3b:2f:fa:5c:e9:0a:d3:f7:de:d4:15:
da:b8:f0:a8:a7:fa:5f:f1:34:b3:b4:de:bd:75:ee:
c9:41:2a:b5:6b:3c:bb:32:68:ec:a5:24:dd:8a:85:
be:d0:3a:f9:d4:f0:b2:80:9b:bd:30:3b:de:ee:6a:
bd:91:9e:6b:7a:4a:bb:43:5a:61:98:aa:d8:e0:ad:
55:28:cf:58:23:09:c1:fc:cc:7b:9c:57:7c:8e:1a:
f1:8f:27:e6:6f:68:d0:bb:6a:a2:34:93:1d:cb:3e:
95:c4:dc:78:7f:4b:fe:86:b7:d4:e7:41:f5:b0:a5:
e8:71:29:3c:7e:79:e2:dc:9f:35:66:fc:c5:bf:ae:
8a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:67:CB:2C:CB:9C:21:A7:07:B5:DF:BC:EA:BA:05:4C:19:05:23:AE
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919C3BE/947B3506093811EA95CA3129C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919C3BE/947B3506093811EA95CA3129C4F9AE02/xGfLLMucIacHtd-86roFTBkFI64.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
134970
sbgp-ipAddrBlock: critical
IPv4:
103.251.244.0/22
220.247.128.0/22
IPv6:
2407:7380::/32
Signature Algorithm: sha256WithRSAEncryption
ac:98:14:d5:30:8b:89:1a:f5:16:6d:a4:c7:06:1d:cb:44:ae:
86:17:59:4f:ea:f2:a9:b6:25:9b:45:a5:f7:43:42:0f:82:77:
89:d4:a2:8c:78:51:a1:7b:24:18:ed:84:1c:51:41:9c:c6:7b:
13:0b:14:06:52:af:3f:f3:c5:a0:56:2c:5d:b0:fa:ee:c5:a7:
48:58:c0:e5:98:35:5d:76:f0:fc:07:0f:b1:ff:61:e9:33:1f:
7b:3a:79:3a:2d:cc:17:41:12:e8:85:da:39:7f:7b:a2:65:9e:
a9:33:b8:87:95:78:46:37:3c:2e:13:37:ef:dd:dd:c1:f0:df:
0a:67:27:1a:bd:a5:ab:82:8e:b1:ed:86:92:8f:ac:79:f8:8d:
ec:f2:b9:f8:eb:92:75:ce:1a:5b:20:2e:dc:4c:4a:e4:c0:3d:
2b:c4:1e:96:1d:80:8e:63:db:d1:93:94:5a:c9:7d:45:a8:45:
f4:85:91:2e:78:1e:a1:b6:c3:c6:28:a7:2d:b9:45:ca:b0:85:
ec:99:37:6c:88:e8:db:fc:3e:a2:84:8f:28:b0:38:51:45:3f:
da:81:9e:a2:fa:aa:94:35:71:5f:16:6c:6f:b9:48:f0:c5:b0:
0a:fd:78:db:d5:18:df:d3:d9:8a:0f:78:88:bb:0e:a0:33:8b:
23:e4:c5:62
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAixGMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDEyOTE4NTAyNloXDTI2MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOUMzQkUxMTAvBgNVBAUTKEM0NjdDQjJDQ0I5QzIxQTcwN0I1REZC
Q0VBQkEwNTRDMTkwNTIzQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDnCfHQCnIUXXDMVHASfUFhQ7OZS7ggMjqu6TbyUI6uBpI//5bXBnEzPf4vyTb7
BbpfgXyP9B/qWZxsq6XilDFi99J+JQX+M3y7NUME1U/ink/KSRCgZG8fhfu51+5Y
vvk7J517MRDDA+vnfcaxN6GdBuf/HA8mrKoOuMo7L/pc6QrT997UFdq48Kin+l/x
NLO03r117slBKrVrPLsyaOylJN2Khb7QOvnU8LKAm70wO97uar2Rnmt6SrtDWmGY
qtjgrVUoz1gjCcH8zHucV3yOGvGPJ+ZvaNC7aqI0kx3LPpXE3Hh/S/6Gt9TnQfWw
pehxKTx+eeLcnzVm/MW/ropVAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUxGfLLMuc
IacHtd+86roFTBkFI64wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTlDM0JFLzk0N0IzNTA2MDkzODExRUE5NUNBMzEyOUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5QzNCRS85NDdCMzUwNjA5MzgxMUVBOTVDQTMxMjlDNEY5QUUwMi94R2ZMTE11
Y0lhY0h0ZC04NnJvRlRCa0ZJNjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg86MDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ/v0AwQC3PeA
MA0EAgACMAcDBQAkB3OAMA0GCSqGSIb3DQEBCwUAA4IBAQCsmBTVMIuJGvUWbaTH
Bh3LRK6GF1lP6vKptiWbRaX3Q0IPgneJ1KKMeFGheyQY7YQcUUGcxnsTCxQGUq8/
88WgVixdsPruxadIWMDlmDVddvD8Bw+x/2HpMx97Onk6LcwXQRLohdo5f3uiZZ6p
M7iHlXhGNzwuEzfv3d3B8N8KZycavaWrgo6x7YaSj6x5+I3s8rn465J1zhpbIC7c
TErkwD0rxB6WHYCOY9vRk5RayX1FqEX0hZEueB6htsPGKKctuUXKsIXsmTdsiOjb
/D6ihI8osDhRRT/agZ6i+qqUNXFfFmxvuUjwxbAK/Xjb1Rjf09mKD3iIuw6gM4sj
5MVi
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:18:12 2025 by rpki-client