Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0e69FiTc3lGUEO1dZObVE5hLd9A.cer
File: 0e69FiTc3lGUEO1dZObVE5hLd9A.cer (raw, json)
Hash identifier: zaxLu+vB3gPhEv7x3Bt637yzDEzZS2jRbYG/k0ngDH8=
Subject key identifier: D1:EE:BD:16:24:DC:DE:51:94:10:ED:5D:64:E6:D5:13:98:4B:77:D0
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 67C3
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A913F2BD/3EE27676389611EF9EDE8136C4F9AE02/0e69FiTc3lGUEO1dZObVE5hLd9A.mft
caRepository: rsync://rpki.apnic.net/member_repository/A913F2BD/3EE27676389611EF9EDE8136C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 07 Jul 2025 06:04:57 +0000
Certificate not after: Wed 30 Sep 2026 00:00:00 +0000
Subordinate resources: IP: 160.25.40.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 27 Jul 2025 14:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26563 (0x67c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Jul 7 06:04:57 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=A913F2BD, serialNumber=D1EEBD1624DCDE519410ED5D64E6D513984B77D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:1c:40:f7:43:30:e0:75:81:8a:26:4a:7c:06:
5f:48:22:a2:8e:e2:8a:e7:c5:58:b9:d0:ea:2b:8e:
5c:7e:e0:ed:64:73:b9:4d:d3:b1:4f:a6:60:a6:14:
60:1c:49:c9:47:52:30:4f:69:be:7d:ff:52:95:1f:
8d:7d:6f:83:69:25:d1:46:dc:d8:a8:ae:4b:15:8d:
91:bb:65:59:0f:ea:43:df:df:33:96:cf:62:b7:bf:
ce:d5:60:97:0c:b2:3b:41:d2:53:e8:4d:45:ba:c7:
0d:20:02:70:1c:aa:77:bf:2d:0b:30:07:e0:a7:79:
2c:f1:47:05:ca:91:92:5f:91:e6:83:ef:ba:85:a9:
bd:c7:e8:00:e8:2f:2c:96:9e:68:aa:aa:36:7c:f3:
29:fe:e7:e4:79:07:c0:9b:c5:69:d8:a6:31:32:61:
01:55:66:2c:3d:e6:ef:77:cc:27:48:9c:af:c4:d8:
49:43:98:13:90:43:1a:75:99:79:a2:f2:53:90:05:
4c:88:d6:b3:90:ee:81:d4:b0:66:0b:d3:e8:55:0f:
76:98:6e:00:46:21:8c:da:f5:13:cd:9a:26:dc:97:
4e:42:76:2e:b5:3a:d0:0e:30:fd:cd:42:8e:cb:b0:
7a:84:63:8c:01:44:39:c0:f6:13:33:f1:9b:a6:1c:
e5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:EE:BD:16:24:DC:DE:51:94:10:ED:5D:64:E6:D5:13:98:4B:77:D0
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913F2BD/3EE27676389611EF9EDE8136C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913F2BD/3EE27676389611EF9EDE8136C4F9AE02/0e69FiTc3lGUEO1dZObVE5hLd9A.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.25.40.0/23
Signature Algorithm: sha256WithRSAEncryption
21:1c:5b:9e:80:31:e9:26:0a:42:3f:a6:a0:f6:6f:20:dc:e6:
6e:9b:c1:be:6b:57:2e:45:75:c1:bf:27:03:5c:2f:b6:5a:ee:
22:62:77:31:ce:cb:9e:1e:b0:35:1f:a9:e3:51:91:ed:62:58:
63:61:fc:22:7f:aa:bc:77:36:08:51:65:a8:c2:67:ca:c1:ec:
62:5a:85:22:c5:6f:04:4c:85:56:21:61:2a:18:a3:08:b7:26:
5f:ef:e8:f6:b9:e3:05:3c:11:ba:21:d7:ca:79:67:40:69:c6:
35:61:7f:35:24:1f:6a:34:84:04:ea:26:15:ba:e3:a0:d3:fb:
bf:ad:53:da:7b:0a:ff:94:72:2b:ab:e8:e4:a3:bc:2e:45:74:
03:81:69:7a:17:67:f1:b6:5d:4a:54:07:fa:9f:26:21:38:c9:
ee:03:84:16:fc:2d:ba:c9:b3:98:d9:8f:9d:df:17:47:fa:e9:
8a:c8:2a:0c:45:6e:53:87:6b:27:d2:a7:c6:80:a4:39:57:b6:
d3:d0:83:f9:9e:5d:97:9e:52:5d:01:f4:27:8e:17:a7:39:c1:
ba:fc:f6:e0:84:65:27:6b:4d:1a:e1:42:fb:37:df:c1:81:23:
cc:fa:4a:ac:09:5d:fb:16:65:1f:1e:2f:2c:84:bf:77:1e:1f:
bb:43:14:cd
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICZ8MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNzA3MDYwNDU3WhcNMjYwOTMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEzRjJCRDExMC8GA1UEBRMoRDFFRUJEMTYyNERDREU1MTk0MTBFRDVE
NjRFNkQ1MTM5ODRCNzdEMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AOMcQPdDMOB1gYomSnwGX0gioo7iiufFWLnQ6iuOXH7g7WRzuU3TsU+mYKYUYBxJ
yUdSME9pvn3/UpUfjX1vg2kl0Ubc2KiuSxWNkbtlWQ/qQ9/fM5bPYre/ztVglwyy
O0HSU+hNRbrHDSACcByqd78tCzAH4Kd5LPFHBcqRkl+R5oPvuoWpvcfoAOgvLJae
aKqqNnzzKf7n5HkHwJvFadimMTJhAVVmLD3m73fMJ0icr8TYSUOYE5BDGnWZeaLy
U5AFTIjWs5DugdSwZgvT6FUPdphuAEYhjNr1E82aJtyXTkJ2LrU60A4w/c1Cjsuw
eoRjjAFEOcD2EzPxm6Yc5ccCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTR7r0WJNze
UZQQ7V1k5tUTmEt30DAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0YyQkQvM0VFMjc2NzYzODk2MTFFRjlFREU4MTM2QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNGMkJELzNFRTI3Njc2Mzg5NjExRUY5RURFODEzNkM0RjlBRTAyLzBlNjlGaVRj
M2xHVUVPMWRaT2JWRTVoTGQ5QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaAZKDANBgkqhkiG9w0BAQsFAAOCAQEAIRxbnoAx6SYKQj+moPZv
INzmbpvBvmtXLkV1wb8nA1wvtlruImJ3Mc7Lnh6wNR+p41GR7WJYY2H8In+qvHc2
CFFlqMJnysHsYlqFIsVvBEyFViFhKhijCLcmX+/o9rnjBTwRuiHXynlnQGnGNWF/
NSQfajSEBOomFbrjoNP7v61T2nsK/5RyK6vo5KO8LkV0A4Fpehdn8bZdSlQH+p8m
ITjJ7gOEFvwtusmzmNmPnd8XR/rpisgqDEVuU4drJ9KnxoCkOVe209CD+Z5dl55S
XQH0J44XpznBuvz24IRlJ2tNGuFC+zffwYEjzPpKrAld+xZlHx4vLIS/dx4fu0MU
zQ==
-----END CERTIFICATE-----
Generated at Sun Jul 20 15:33:13 2025 by rpki-client