This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/feYHxGFdegH73UqGrVRZQBp1mSE.cer File: feYHxGFdegH73UqGrVRZQBp1mSE.cer (raw, json) Hash identifier: w5QuGl9InaYfZxax+V+oXtj1FV37mO1NuoDPxe+WqgQ= Subject key identifier: 7D:E6:07:C4:61:5D:7A:01:FB:DD:4A:86:AD:54:59:40:1A:75:99:21 Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8 Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8 Certificate serial: 4EA2 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer Manifest: rsync://rpki.apnic.net/member_repository/A912442A/E7C4F9DEF62511EE8DAD8E35C4F9AE02/feYHxGFdegH73UqGrVRZQBp1mSE.mft caRepository: rsync://rpki.apnic.net/member_repository/A912442A/E7C4F9DEF62511EE8DAD8E35C4F9AE02/ Notify URL: https://rrdp.apnic.net/notification.xml Certificate not before: Tue 02 Dec 2025 12:59:35 +0000 Certificate not after: Sun 31 Jan 2027 00:00:00 +0000 Subordinate resources: IP: 85.204.26.0/24 IP: 85.204.243.0 -- 85.204.244.255 IP: 85.204.247.0/24 IP: 85.204.250.0/24 IP: 85.204.253.0/24 IP: 86.107.53.0/24 IP: 89.38.134.0/24 IP: 89.39.91.0/24 IP: 89.47.94.0/24 IP: 92.114.109.0/24 Validation: OK Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Dec 2025 14:50:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20130 (0x4ea2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8 Validity Not Before: Dec 2 12:59:35 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=A912442A, serialNumber=7DE607C4615D7A01FBDD4A86AD5459401A759921 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:25:e7:5e:5e:b1:04:dd:e1:3a:5b:84:0d:76: 3f:67:d8:96:02:6c:2f:e4:b5:b2:9e:b2:eb:84:cf: 42:ed:02:b8:7c:13:09:61:ed:89:d6:f5:3d:1f:d6: 4f:03:a9:c1:4f:fc:44:cd:11:57:9a:f4:4a:f7:55: 61:df:e1:5a:c3:66:4c:c8:a7:46:4c:57:64:8a:88: c1:1a:83:cc:1a:45:2b:c3:c9:ff:18:e2:5e:12:58: 13:04:01:40:4a:80:1d:2c:90:d1:8d:36:02:69:c9: 9d:f9:6c:f8:72:93:0d:26:30:68:40:57:0e:32:e5: 4c:13:0c:d8:da:3d:2e:3f:e9:f2:ca:28:f5:83:a1: b4:de:f2:05:32:d5:c5:24:bd:4b:b0:1a:a6:87:37: 44:92:75:9f:f8:e9:35:53:86:b3:ad:54:85:ee:4f: 5c:d4:98:1c:4d:c6:f9:4c:7d:8b:d9:2c:c5:93:d0: 81:cd:be:f4:f4:5f:a7:7c:1d:fc:bb:76:a5:ab:de: 1e:55:22:56:00:30:06:c9:24:d7:bc:64:d2:7b:52: 6f:ef:1d:d8:28:87:4f:bc:b4:74:75:f6:39:d1:ad: 0f:4f:da:da:42:e2:13:ea:41:9f:c7:de:97:d5:1a: 55:bc:b2:5e:71:04:22:13:37:da:12:cc:51:a2:f2: 75:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:E6:07:C4:61:5D:7A:01:FB:DD:4A:86:AD:54:59:40:1A:75:99:21 X509v3 Authority Key Identifier: keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912442A/E7C4F9DEF62511EE8DAD8E35C4F9AE02/ RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912442A/E7C4F9DEF62511EE8DAD8E35C4F9AE02/feYHxGFdegH73UqGrVRZQBp1mSE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 85.204.26.0/24 85.204.243.0-85.204.244.255 85.204.247.0/24 85.204.250.0/24 85.204.253.0/24 86.107.53.0/24 89.38.134.0/24 89.39.91.0/24 89.47.94.0/24 92.114.109.0/24 Signature Algorithm: sha256WithRSAEncryption 4c:93:23:66:b3:63:46:6e:fc:be:ba:bb:4f:b8:f9:c0:3a:5c: 91:26:13:70:e4:2f:a7:2e:be:92:5c:b2:7f:18:7b:27:c0:7a: f3:e8:d0:7f:2c:9d:cc:85:2c:5d:1c:c5:39:a3:46:d0:ac:72: 5a:11:ce:21:84:55:ad:b8:7b:18:0e:82:a1:b3:44:3e:10:9a: 7c:5d:1a:c2:66:f5:c3:24:8e:b3:0e:c1:62:b7:d7:e4:e6:ee: d5:dc:c3:a9:bb:5f:ba:8c:e7:90:85:d4:4a:26:3f:72:ec:9c: 9f:5b:35:00:81:83:ae:43:ef:ac:af:08:22:92:c9:07:bf:d9: eb:4a:49:3b:66:5c:77:cd:58:57:fa:3e:43:05:85:ba:5b:7a: ac:a2:4e:ab:ca:81:7c:36:cc:39:6b:ac:6f:93:80:f9:61:05: d7:55:91:0b:5e:a3:dd:91:fa:3c:3c:10:75:c1:5e:90:4e:ce: 21:f8:3a:3a:b5:7d:ad:2a:1d:23:62:1a:13:e4:9e:b4:fd:fd: e6:7c:f4:d9:ec:e6:14:d3:0b:a0:ee:e2:63:15:ea:84:f0:4d: cd:46:ff:8d:22:11:47:4b:c3:a0:b2:9a:cc:c4:cc:6f:26:56: 81:81:9b:0d:96:f0:39:8a:92:b3:ca:09:54:7d:82:91:03:a1: fa:da:0f:48 -----BEGIN CERTIFICATE----- MIIGOzCCBSOgAwIBAgICTqIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2 MTU5RTc2RjgwHhcNMjUxMjAyMTI1OTM1WhcNMjcwMTMxMDAwMDAwWjBGMREwDwYD VQQDEwhBOTEyNDQyQTExMC8GA1UEBRMoN0RFNjA3QzQ2MTVEN0EwMUZCREQ0QTg2 QUQ1NDU5NDAxQTc1OTkyMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB ALol515esQTd4TpbhA12P2fYlgJsL+S1sp6y64TPQu0CuHwTCWHtidb1PR/WTwOp wU/8RM0RV5r0SvdVYd/hWsNmTMinRkxXZIqIwRqDzBpFK8PJ/xjiXhJYEwQBQEqA HSyQ0Y02AmnJnfls+HKTDSYwaEBXDjLlTBMM2No9Lj/p8soo9YOhtN7yBTLVxSS9 S7Aapoc3RJJ1n/jpNVOGs61Uhe5PXNSYHE3G+Ux9i9ksxZPQgc2+9PRfp3wd/Lt2 paveHlUiVgAwBskk17xk0ntSb+8d2CiHT7y0dHX2OdGtD0/a2kLiE+pBn8fel9Ua VbyyXnEEIhM32hLMUaLydbMCAwEAAaOCAzEwggMtMB0GA1UdDgQWBBR95gfEYV16 AfvdSoatVFlAGnWZITAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2 MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjQ0MkEvRTdDNEY5REVGNjI1MTFFRThEQUQ4RTM1QzRGOUFFMDIvMH4GCCsGAQUF BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MTI0NDJBL0U3QzRGOURFRjYyNTExRUU4REFEOEUzNUM0RjlBRTAyL2ZlWUh4R0Zk ZWdINzNVcUdyVlJaUUJwMW1TRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBdBggrBgEFBQcBBwEB/wROMEww SgQCAAEwRAMEAFXMGjAMAwQAVczzAwQAVcz0AwQAVcz3AwQAVcz6AwQAVcz9AwQA Vms1AwQAWSaGAwQAWSdbAwQAWS9eAwQAXHJtMA0GCSqGSIb3DQEBCwUAA4IBAQBM kyNms2NGbvy+urtPuPnAOlyRJhNw5C+nLr6SXLJ/GHsnwHrz6NB/LJ3MhSxdHMU5 o0bQrHJaEc4hhFWtuHsYDoKhs0Q+EJp8XRrCZvXDJI6zDsFit9fk5u7V3MOpu1+6 jOeQhdRKJj9y7JyfWzUAgYOuQ++srwgikskHv9nrSkk7Zlx3zVhX+j5DBYW6W3qs ok6ryoF8Nsw5a6xvk4D5YQXXVZELXqPdkfo8PBB1wV6QTs4h+Do6tX2tKh0jYhoT 5J60/f3mfPTZ7OYU0wug7uJjFeqE8E3NRv+NIhFHS8OgsprMxMxvJlaBgZsNlvA5 ipKzyglUfYKRA6H62g9I -----END CERTIFICATE-----Generated at Mon Dec 15 18:18:53 2025 by rpki-client