Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xNT7D_AneW6dqhe3VVH9C3fxmC8.cer
File: xNT7D_AneW6dqhe3VVH9C3fxmC8.cer (raw, json)
Hash identifier: c7YVmwfcC8R1ndEhbVtSRPAIXRWd86fZEMbZZsRBBmw=
Subject key identifier: C4:D4:FB:0F:F0:27:79:6E:9D:AA:17:B7:55:51:FD:0B:77:F1:98:2F
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025180
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A916EB94/E3CC25D8811E11EC92025551C4F9AE02/xNT7D_AneW6dqhe3VVH9C3fxmC8.mft
caRepository: rsync://rpki.apnic.net/member_repository/A916EB94/E3CC25D8811E11EC92025551C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 30 Jun 2025 17:48:44 +0000
Certificate not after: Mon 31 Aug 2026 00:00:00 +0000
Subordinate resources: AS: 9451
AS: 9926
AS: 38067
AS: 38555
AS: 58688
IP: 43.231.20.0/22
IP: 45.112.72.0/22
IP: 45.248.152.0/22
IP: 103.14.128.0/22
IP: 103.20.180.0/22
IP: 103.29.124.0/22
IP: 103.217.112.0/22
IP: 103.240.44.0/22
IP: 103.247.44.0/22
IP: 116.12.32.0/21
IP: 120.50.176.0/21
IP: 122.102.32.0/21
IP: 210.1.240.0/20
IP: 2405:6900::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 27 Jul 2025 09:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 151936 (0x25180)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jun 30 17:48:44 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=A916EB94, serialNumber=C4D4FB0FF027796E9DAA17B75551FD0B77F1982F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:27:63:0d:25:b2:51:f2:af:30:d8:14:0e:a3:
b1:bc:3f:96:b0:57:75:d2:7d:32:1c:94:84:4a:71:
e0:b3:3f:15:8e:75:ac:3b:61:7a:5a:be:7a:2e:9d:
5a:d3:21:05:dd:03:70:21:63:7f:2d:c7:e5:f4:2e:
09:f2:c0:ee:25:7a:4a:4e:38:08:a1:39:47:6e:e2:
1e:36:91:d4:d7:96:99:a3:67:f4:0b:ed:e9:58:3a:
78:99:3c:66:38:d9:78:ad:a3:47:b6:af:6a:3b:57:
35:ea:33:2b:95:40:40:cc:46:29:eb:d8:da:b8:19:
06:47:d0:c0:92:8a:62:87:f7:ad:0f:80:8a:9f:2b:
77:15:a9:cc:d0:41:ab:a8:b9:2a:b7:6a:d5:27:02:
45:0f:8f:4a:b3:45:78:db:51:5f:96:5a:ad:d5:78:
17:2e:99:ef:9c:1a:2c:a7:78:39:d5:22:3e:5b:14:
25:14:9c:b1:9c:fa:74:78:7f:c0:d9:e7:e5:9a:5e:
28:3d:52:a7:0c:39:21:de:2e:14:92:7f:85:b1:8f:
2b:33:9d:8d:b7:71:4f:b1:b7:fc:55:53:29:e8:47:
bc:e1:bc:90:c7:84:37:dc:08:c2:78:3c:b8:7a:72:
cb:b2:5c:94:dc:89:25:94:76:2a:39:82:54:91:04:
83:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:D4:FB:0F:F0:27:79:6E:9D:AA:17:B7:55:51:FD:0B:77:F1:98:2F
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A916EB94/E3CC25D8811E11EC92025551C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A916EB94/E3CC25D8811E11EC92025551C4F9AE02/xNT7D_AneW6dqhe3VVH9C3fxmC8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9451
9926
38067
38555
58688
sbgp-ipAddrBlock: critical
IPv4:
43.231.20.0/22
45.112.72.0/22
45.248.152.0/22
103.14.128.0/22
103.20.180.0/22
103.29.124.0/22
103.217.112.0/22
103.240.44.0/22
103.247.44.0/22
116.12.32.0/21
120.50.176.0/21
122.102.32.0/21
210.1.240.0/20
IPv6:
2405:6900::/32
Signature Algorithm: sha256WithRSAEncryption
97:6d:d1:12:22:aa:f1:6f:47:7c:60:52:3e:73:9f:96:20:2e:
b3:32:b4:29:47:15:c4:df:0b:34:b8:65:fb:34:d7:2d:62:4a:
a7:61:19:a7:21:67:3f:1b:05:9f:f0:f7:8f:b2:9d:57:7a:84:
e1:82:1d:76:57:c7:d6:32:9d:52:a4:c8:7f:fe:f8:0e:f1:f1:
a2:f0:5d:b5:9d:2f:1d:3a:5e:05:f3:17:7f:6f:fa:1b:61:cc:
c5:4c:b7:d8:25:43:a9:e1:dd:36:41:0b:4a:4b:17:f2:3d:72:
b6:72:c4:79:7b:77:08:bf:ab:b3:b3:c6:ac:20:51:8d:00:f2:
c8:3a:e6:a5:28:e2:8e:f3:2d:1b:e3:15:cb:e7:a4:f1:69:38:
cf:54:4f:c9:db:e3:2d:21:5d:48:bc:17:08:cb:25:ed:aa:a8:
c2:ea:e0:9d:74:2d:8a:cb:bb:92:8f:74:10:69:15:65:f3:ac:
48:c1:7f:4b:b9:4d:73:dd:eb:2b:6c:54:2b:c8:35:b0:b6:fc:
c8:49:8d:17:7e:1d:fd:e1:4b:60:c0:0e:6b:13:4e:b4:4b:80:
5d:01:c0:b2:b7:8e:da:1b:28:c2:bf:b6:41:4f:d6:22:3e:f1:
ef:29:65:96:86:44:58:a4:82:39:55:50:06:a6:dc:51:40:4a:
34:a3:92:1f
-----BEGIN CERTIFICATE-----
MIIGgzCCBWugAwIBAgIDAlGAMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDYzMDE3NDg0NFoXDTI2MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNkVCOTQxMTAvBgNVBAUTKEM0RDRGQjBGRjAyNzc5NkU5REFBMTdC
NzU1NTFGRDBCNzdGMTk4MkYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCmJ2MNJbJR8q8w2BQOo7G8P5awV3XSfTIclIRKceCzPxWOdaw7YXpavnounVrT
IQXdA3AhY38tx+X0LgnywO4lekpOOAihOUdu4h42kdTXlpmjZ/QL7elYOniZPGY4
2Xito0e2r2o7VzXqMyuVQEDMRinr2Nq4GQZH0MCSimKH960PgIqfK3cVqczQQauo
uSq3atUnAkUPj0qzRXjbUV+WWq3VeBcume+cGiyneDnVIj5bFCUUnLGc+nR4f8DZ
5+WaXig9UqcMOSHeLhSSf4WxjysznY23cU+xt/xVUynoR7zhvJDHhDfcCMJ4PLh6
csuyXJTciSWUdio5glSRBIOBAgMBAAGjggN4MIIDdDAdBgNVHQ4EFgQUxNT7D/An
eW6dqhe3VVH9C3fxmC8wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTZFQjk0L0UzQ0MyNUQ4ODExRTExRUM5MjAyNTU1MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2RUI5NC9FM0NDMjVEODgxMUUxMUVDOTIwMjU1NTFDNEY5QUUwMi94TlQ3RF9B
bmVXNmRxaGUzVlZIOUMzZnhtQzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLAYIKwYBBQUHAQgBAf8EHTAb
oBkwFwICJOsCAibGAgMAlLMCAwCWmwIDAOVAMHYGCCsGAQUFBwEHAQH/BGcwZTBU
BAIAATBOAwQCK+cUAwQCLXBIAwQCLfiYAwQCZw6AAwQCZxS0AwQCZx18AwQCZ9lw
AwQCZ/AsAwQCZ/csAwQDdAwgAwQDeDKwAwQDemYgAwQE0gHwMA0EAgACMAcDBQAk
BWkAMA0GCSqGSIb3DQEBCwUAA4IBAQCXbdESIqrxb0d8YFI+c5+WIC6zMrQpRxXE
3ws0uGX7NNctYkqnYRmnIWc/GwWf8PePsp1XeoThgh12V8fWMp1SpMh//vgO8fGi
8F21nS8dOl4F8xd/b/obYczFTLfYJUOp4d02QQtKSxfyPXK2csR5e3cIv6uzs8as
IFGNAPLIOualKOKO8y0b4xXL56TxaTjPVE/J2+MtIV1IvBcIyyXtqqjC6uCddC2K
y7uSj3QQaRVl86xIwX9LuU1z3esrbFQryDWwtvzISY0Xfh394UtgwA5rE060S4Bd
AcCyt47aGyjCv7ZBT9YiPvHvKWWWhkRYpII5VVAGptxRQEo0o5If
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:47 2025 by rpki-client