Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/-SffOEirq8qI_z2VoeWxZ1TGOlM.cer
File: -SffOEirq8qI_z2VoeWxZ1TGOlM.cer (raw, json)
Hash identifier: Vg/UU34aikLbLkrc7a/kJIaRmseYUZA6DRhJWv/2Vmg=
Subject key identifier: F9:27:DF:38:48:AB:AB:CA:88:FF:3D:95:A1:E5:B1:67:54:C6:3A:53
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial: 5311
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest: rsync://rpki-rsync.idnic.net/repo/IDNIC/3/F927DF3848ABABCA88FF3D95A1E5B16754C63A53.mft
caRepository: rsync://rpki-rsync.idnic.net/repo/IDNIC/3/
Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml
Certificate not before: Sat 02 May 2026 05:32:06 +0000
Certificate not after: Mon 31 Aug 2026 00:00:00 +0000
Subordinate resources: AS: 56868
IP: 82.158.128.0/19
IP: 151.158.4.0/23
IP: 151.158.10.0/23
IP: 151.158.36.0/23
IP: 151.158.42.0/23
IP: 151.158.54.0 -- 151.158.57.255
IP: 151.158.74.0/23
IP: 151.158.82.0 -- 151.158.85.255
IP: 151.158.92.0/23
IP: 151.158.106.0/23
IP: 151.158.132.0/23
IP: 151.158.150.0/23
IP: 151.158.176.0/24
IP: 151.158.183.0/24
IP: 151.158.186.0/23
IP: 151.158.202.0 -- 151.158.205.255
IP: 151.158.234.0/24
IP: 151.158.236.0/23
IP: 151.158.239.0 -- 151.158.241.255
IP: 151.158.250.0/24
IP: 212.117.48.0/20
IP: 2001:7fa:2::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 09 May 2026 22:28:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21265 (0x5311)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Validity
Not Before: May 2 05:32:06 2026 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=A91862140000, serialNumber=F927DF3848ABABCA88FF3D95A1E5B16754C63A53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4c:d0:0b:13:31:0e:50:62:e2:c0:c0:82:ea:
de:d6:33:0e:60:61:e1:6e:cb:a2:5a:d2:5b:5b:b2:
30:41:15:ca:b2:e5:fe:be:c0:69:e3:5a:b5:58:c9:
d3:a9:4f:21:b1:14:76:f8:c6:ba:8c:2f:ac:c5:2f:
51:11:13:89:67:6c:65:a5:04:c2:0a:a9:ef:c5:86:
9d:43:fd:e9:3b:d7:d1:28:d4:47:7b:06:a9:4a:40:
87:3e:26:d2:ea:68:7c:00:30:e4:9a:54:c6:1a:5b:
c8:60:0c:f9:67:f3:f0:7f:86:c2:68:92:b5:fd:a8:
5f:41:a0:d8:1c:0c:55:f6:6e:c3:5d:c9:28:ae:77:
f3:c3:6f:a8:52:98:8d:9e:2c:2d:6f:58:fa:e1:3e:
72:f3:c2:e3:b7:f6:e6:5e:f6:d4:4f:bc:64:30:19:
58:6f:85:40:39:2e:c7:e7:63:16:cd:9a:44:43:1a:
26:0a:21:12:c1:2f:1f:d1:73:44:6a:ff:24:38:d8:
b3:c8:46:30:d3:e4:12:1a:a5:b4:b2:bf:18:ef:86:
d2:86:d7:12:a3:6b:34:ce:df:45:9a:fe:73:b6:8e:
eb:c5:7c:05:fd:32:73:c0:ee:8c:d6:be:4b:d0:3b:
50:37:23:b7:55:21:61:26:20:f4:4c:cf:9a:fc:99:
ca:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:27:DF:38:48:AB:AB:CA:88:FF:3D:95:A1:E5:B1:67:54:C6:3A:53
X509v3 Authority Key Identifier:
keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/3/
RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/3/F927DF3848ABABCA88FF3D95A1E5B16754C63A53.mft
RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
56868
sbgp-ipAddrBlock: critical
IPv4:
82.158.128.0/19
151.158.4.0/23
151.158.10.0/23
151.158.36.0/23
151.158.42.0/23
151.158.54.0-151.158.57.255
151.158.74.0/23
151.158.82.0-151.158.85.255
151.158.92.0/23
151.158.106.0/23
151.158.132.0/23
151.158.150.0/23
151.158.176.0/24
151.158.183.0/24
151.158.186.0/23
151.158.202.0-151.158.205.255
151.158.234.0/24
151.158.236.0/23
151.158.239.0-151.158.241.255
151.158.250.0/24
212.117.48.0/20
IPv6:
2001:7fa:2::/48
Signature Algorithm: sha256WithRSAEncryption
19:64:30:a7:cf:ae:5b:7d:f2:64:b8:66:c0:e3:05:b4:88:a4:
9b:c3:65:a3:2c:f2:ef:ef:ce:ca:28:e3:02:b8:c2:95:9b:a2:
e8:6d:9c:54:60:a9:4a:f6:6f:80:a9:8e:88:d5:56:7f:66:ee:
df:f6:97:de:c9:c4:b4:d1:c9:0e:38:d6:9c:65:f3:52:52:0e:
0f:f8:b4:c6:07:7f:39:c9:ca:95:87:7d:6b:83:bf:51:57:77:
91:ce:0f:9f:53:ee:7b:1c:56:3d:a0:85:4c:a6:65:38:61:b8:
9a:23:b5:5c:d5:36:b4:36:80:8c:d4:61:10:50:d8:40:2d:4b:
57:09:c5:bf:35:8e:de:3a:af:0a:be:95:79:c1:2c:59:85:e7:
89:c7:be:aa:9c:73:bf:85:f4:d0:67:26:c5:b7:f6:63:11:d1:
53:7f:ad:47:54:18:a2:80:b1:93:d8:84:81:01:ae:20:51:ef:
ed:4b:c3:e4:e0:88:13:bc:8f:50:9a:8b:a6:6c:c3:98:78:b7:
b8:cf:c7:91:fd:38:57:29:5d:b7:87:d8:8c:f5:57:a6:5d:4c:
79:f3:8f:eb:ea:2a:3d:46:fa:f8:14:d6:98:db:dd:0d:33:60:
9e:ec:cf:e5:a1:93:a4:75:92:1c:56:84:2f:b5:3d:57:68:71:
00:4b:e4:ee
-----BEGIN CERTIFICATE-----
MIIGjTCCBXWgAwIBAgICUxEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjYwNTAyMDUzMjA2WhcNMjYwODMxMDAwMDAwWjBKMRUwEwYD
VQQDEwxBOTE4NjIxNDAwMDAxMTAvBgNVBAUTKEY5MjdERjM4NDhBQkFCQ0E4OEZG
M0Q5NUExRTVCMTY3NTRDNjNBNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzTNALEzEOUGLiwMCC6t7WMw5gYeFuy6Ja0ltbsjBBFcqy5f6+wGnjWrVY
ydOpTyGxFHb4xrqML6zFL1ERE4lnbGWlBMIKqe/Fhp1D/ek719Eo1Ed7BqlKQIc+
JtLqaHwAMOSaVMYaW8hgDPln8/B/hsJokrX9qF9BoNgcDFX2bsNdySiud/PDb6hS
mI2eLC1vWPrhPnLzwuO39uZe9tRPvGQwGVhvhUA5LsfnYxbNmkRDGiYKIRLBLx/R
c0Rq/yQ42LPIRjDT5BIapbSyvxjvhtKG1xKjazTO30Wa/nO2juvFfAX9MnPA7ozW
vkvQO1A3I7dVIWEmIPRMz5r8mcppAgMBAAGjggN/MIIDezAdBgNVHQ4EFgQU+Sff
OEirq8qI/z2VoeWxZ1TGOlMwHwYDVR0jBBgwFoAUDPzneFf88B852ZpitKpi5hWe
dvgwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBo
oGagZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0
MUQ2NjExRTJBM0YyN0Y3QzcyRkQxRkYyL0RQem5lRmY4OEI4NTJacGl0S3BpNWhX
ZWR2Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUy
MUE0RjRGQjQvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZnLmNlcjBKBgNVHSAB
Af8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFw
bmljLm5ldC9SUEtJL0NQUy5wZGYwgesGCCsGAQUFBwELBIHeMIHbMDYGCCsGAQUF
BzAFhipyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMy8w
YgYIKwYBBQUHMAqGVnJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9J
RE5JQy8zL0Y5MjdERjM4NDhBQkFCQ0E4OEZGM0Q5NUExRTVCMTY3NTRDNjNBNTMu
bWZ0MD0GCCsGAQUFBzANhjFodHRwczovL3Jwa2ktcnJkcC5pZG5pYy5uZXQvcnJk
cC9ub3RpZmljYXRpb24ueG1sMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDeJDCB
zAYIKwYBBQUHAQcBAf8EgbwwgbkwgaUEAgABMIGeAwQFUp6AAwQBl54EAwQBl54K
AwQBl54kAwQBl54qMAwDBAGXnjYDBAGXnjgDBAGXnkowDAMEAZeeUgMEAZeeVAME
AZeeXAMEAZeeagMEAZeehAMEAZeelgMEAJeesAMEAJeetwMEAZeeujAMAwQBl57K
AwQBl57MAwQAl57qAwQBl57sMAwDBACXnu8DBAGXnvADBACXnvoDBATUdTAwDwQC
AAIwCQMHACABB/oAAjANBgkqhkiG9w0BAQsFAAOCAQEAGWQwp8+uW33yZLhmwOMF
tIikm8Nloyzy7+/OyijjArjClZui6G2cVGCpSvZvgKmOiNVWf2bu3/aX3snEtNHJ
DjjWnGXzUlIOD/i0xgd/OcnKlYd9a4O/UVd3kc4Pn1PuexxWPaCFTKZlOGG4miO1
XNU2tDaAjNRhEFDYQC1LVwnFvzWO3jqvCr6VecEsWYXnice+qpxzv4X00Gcmxbf2
YxHRU3+tR1QYooCxk9iEgQGuIFHv7UvD5OCIE7yPUJqLpmzDmHi3uM/Hkf04Vyld
t4fYjPVXpl1MefOP6+oqPUb6+BTWmNvdDTNgnuzP5aGTpHWSHFaEL7U9V2hxAEvk
7g==
-----END CERTIFICATE-----
Generated at Tue May 5 14:11:11 2026 by rpki-client