Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer
File: zFfgNkMaXqPBcqpyg0Aa88StXFk.cer (raw, json)
Hash identifier: YPlwj38nJrwv+5i8N0oPR+lMGShjj9vAvm/JjpmeRaE=
Subject key identifier: CC:57:E0:36:43:1A:5E:A3:C1:72:AA:72:83:40:1A:F3:C4:AD:5C:59
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023A05
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 26 Mar 2025 20:20:28 +0000
Certificate not after: Thu 28 May 2026 00:00:00 +0000
Subordinate resources: AS: 135126
IP: 43.252.112.0/22
IP: 103.210.24.0/22
IP: 180.233.124.0/22
IP: 2404:78c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 05:08:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145925 (0x23a05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Mar 26 20:20:28 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=A91FDC78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:33:13:72:1b:2f:72:5c:f9:fe:2a:0b:06:37:
70:74:27:2f:a9:aa:b9:ee:18:7e:33:2c:1a:d7:8d:
88:b8:25:1f:d1:e1:fa:47:74:39:01:41:11:bb:0f:
46:3c:3e:81:45:8c:65:76:28:7d:d9:12:94:47:74:
a1:c9:17:c1:9f:8a:cf:50:9c:1d:14:86:54:7d:b7:
6d:19:0b:b2:bf:0d:ca:09:a6:fa:96:1d:39:29:cd:
f5:c3:78:1d:62:68:6d:4a:27:83:24:5e:58:4d:88:
85:44:35:fe:71:c6:1d:23:43:ba:31:a4:64:3d:c8:
1b:b6:35:b8:8a:b6:d3:4b:80:25:48:86:b6:00:91:
72:23:8d:d9:fe:90:3d:9f:7d:fd:13:c9:0d:d9:5b:
ef:ea:41:87:36:64:84:f8:d8:39:59:35:aa:fa:56:
52:d3:b0:61:a6:a5:88:18:91:db:d8:53:33:7f:6d:
85:48:79:77:f0:3e:89:0f:7b:1f:09:d6:ac:7a:08:
81:98:e6:4e:35:00:2e:06:53:50:b8:2d:42:81:6f:
05:98:e4:ce:61:6b:f8:1a:89:b2:39:fb:b5:52:fd:
ea:13:4d:a6:b1:c9:d8:8b:b4:6b:e6:bf:04:00:7d:
19:34:9e:01:04:52:e4:c9:d1:3f:9b:ca:34:93:9f:
b4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:57:E0:36:43:1A:5E:A3:C1:72:AA:72:83:40:1A:F3:C4:AD:5C:59
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
135126
sbgp-ipAddrBlock: critical
IPv4:
43.252.112.0/22
103.210.24.0/22
180.233.124.0/22
IPv6:
2404:78c0::/32
Signature Algorithm: sha256WithRSAEncryption
bc:6f:29:63:8b:1e:08:0c:49:fc:6e:68:3f:ee:f8:00:86:dc:
98:7f:7e:8d:4c:55:92:10:ca:fb:9b:e7:a0:5c:09:ec:4d:c9:
17:dd:ad:eb:1e:b2:c8:e9:99:ed:1a:ca:32:82:ec:63:c0:e3:
bf:ad:93:fe:3b:be:64:d5:0e:3f:17:56:10:02:35:1b:bb:63:
f9:99:bf:ff:e8:16:33:1a:9b:0b:86:88:f9:51:6c:22:e4:72:
e6:fb:56:9a:af:7e:3a:b0:42:87:49:8a:52:00:78:a8:3b:43:
9e:bc:5f:75:b6:c6:cd:33:ca:d6:cd:da:b5:38:00:6e:87:96:
ab:de:77:1c:0e:35:a3:9c:ea:bc:14:71:a0:6d:ad:36:ae:97:
4e:b1:68:ad:d6:89:34:3b:ca:bd:5f:13:e4:45:a0:9e:a0:cb:
67:9f:78:fe:ef:de:0a:5f:23:27:49:10:9e:32:40:fd:09:85:
79:db:4b:af:d9:90:7e:67:35:b8:48:24:9c:50:b4:59:98:e6:
87:5f:45:fa:e2:40:32:f1:b1:df:6a:b5:7c:fc:ca:da:5e:d0:
27:26:33:d1:3a:d7:65:e9:43:0b:d2:60:ab:b5:49:62:81:58:
b3:f4:44:8a:3f:c7:2f:e0:17:74:0d:af:81:80:3a:0e:f6:6c:
c4:f8:b8:6f
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgIDAjoFMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDMyNjIwMjAyOFoXDTI2MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRkRDNzgxMTAvBgNVBAUTKENDNTdFMDM2NDMxQTVFQTNDMTcyQUE3
MjgzNDAxQUYzQzRBRDVDNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCpMxNyGy9yXPn+KgsGN3B0Jy+pqrnuGH4zLBrXjYi4JR/R4fpHdDkBQRG7D0Y8
PoFFjGV2KH3ZEpRHdKHJF8Gfis9QnB0UhlR9t20ZC7K/DcoJpvqWHTkpzfXDeB1i
aG1KJ4MkXlhNiIVENf5xxh0jQ7oxpGQ9yBu2NbiKttNLgCVIhrYAkXIjjdn+kD2f
ff0TyQ3ZW+/qQYc2ZIT42DlZNar6VlLTsGGmpYgYkdvYUzN/bYVIeXfwPokPex8J
1qx6CIGY5k41AC4GU1C4LUKBbwWY5M5ha/gaibI5+7VS/eoTTaaxydiLtGvmvwQA
fRk0ngEEUuTJ0T+byjSTn7RnAgMBAAGjggMqMIIDJjAdBgNVHQ4EFgQUzFfgNkMa
XqPBcqpyg0Aa88StXFkwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUZEQzc4LzE1NDc0MDA4QUVBQzExRUFBNkMxRDc2MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGREM3OC8xNTQ3NDAwOEFFQUMxMUVBQTZDMUQ3NjFDNEY5QUUwMi96RmZnTmtN
YVhxUEJjcXB5ZzBBYTg4U3RYRmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg/WMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCK/xwAwQCZ9IY
AwQCtOl8MA0EAgACMAcDBQAkBHjAMA0GCSqGSIb3DQEBCwUAA4IBAQC8byljix4I
DEn8bmg/7vgAhtyYf36NTFWSEMr7m+egXAnsTckX3a3rHrLI6ZntGsoyguxjwOO/
rZP+O75k1Q4/F1YQAjUbu2P5mb//6BYzGpsLhoj5UWwi5HLm+1aar346sEKHSYpS
AHioO0OevF91tsbNM8rWzdq1OABuh5ar3nccDjWjnOq8FHGgba02rpdOsWit1ok0
O8q9XxPkRaCeoMtnn3j+794KXyMnSRCeMkD9CYV520uv2ZB+ZzW4SCScULRZmOaH
X0X64kAy8bHfarV8/MraXtAnJjPROtdl6UML0mCrtUligViz9ESKP8cv4Bd0Da+B
gDoO9mzE+Lhv
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:05:11 2025 by rpki-client