Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2QTVUsDvMvJJq6RZe9hKFe5VVcE.cer
File: 2QTVUsDvMvJJq6RZe9hKFe5VVcE.cer (raw, json)
Hash identifier: 2Ffm0pCJVx4Vo02fjAwIjc6SlTjKpHa/3EmO6jWNp60=
Subject key identifier: D9:04:D5:52:C0:EF:32:F2:49:AB:A4:59:7B:D8:4A:15:EE:55:55:C1
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 64F3
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A5ED2/F245B2D6311B11F0A2F51160C4F9AE02/2QTVUsDvMvJJq6RZe9hKFe5VVcE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A5ED2/F245B2D6311B11F0A2F51160C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 14 May 2025 23:34:19 +0000
Certificate not after: Mon 02 Mar 2026 00:00:00 +0000
Subordinate resources: IP: 160.250.157.0/24
IP: 165.99.18.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 10 Jun 2025 20:16:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25843 (0x64f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: May 14 23:34:19 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=A91A5ED2, serialNumber=D904D552C0EF32F249ABA4597BD84A15EE5555C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:74:1a:82:dc:c7:84:50:fe:20:5e:ab:00:50:
0b:60:60:5c:85:f8:9a:f3:93:ca:4e:94:73:16:ea:
bf:36:c8:81:ae:27:0e:69:db:79:18:4a:26:cd:ba:
ef:28:05:29:13:9d:ec:d6:1f:14:68:21:00:e8:60:
64:fb:01:0a:0c:77:28:2a:12:7a:ed:2e:5d:ba:6e:
37:e8:e9:da:3f:32:23:e3:12:bb:5a:b4:3d:23:d9:
cd:f5:88:70:b7:01:ff:24:74:7d:7d:93:38:43:e1:
01:f8:5e:2d:72:ba:a6:7a:60:f8:8c:0a:ce:e1:28:
8a:2f:68:78:7b:1b:b0:f3:c9:84:fa:a5:17:f4:90:
d5:12:fe:96:99:5d:5c:df:9e:5f:8f:a4:64:c1:6e:
7d:87:04:c1:0d:f0:7e:b1:24:e3:f7:83:bd:c0:df:
7e:e4:36:79:1f:62:be:04:17:ce:ed:d8:b0:73:59:
fe:c6:a2:d0:2a:13:f5:80:42:de:f5:82:f7:89:b5:
25:f6:0b:74:df:ea:2a:9a:dd:6c:49:ba:87:e3:94:
09:f3:7f:dd:7c:d7:48:cf:f5:40:46:fa:9d:bd:78:
87:e4:e8:42:8b:b1:9e:7c:d1:ee:8f:4a:db:fd:5a:
58:94:0b:fc:e4:3f:c6:ce:a5:e6:3e:7f:7f:a7:c8:
e2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:04:D5:52:C0:EF:32:F2:49:AB:A4:59:7B:D8:4A:15:EE:55:55:C1
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A5ED2/F245B2D6311B11F0A2F51160C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A5ED2/F245B2D6311B11F0A2F51160C4F9AE02/2QTVUsDvMvJJq6RZe9hKFe5VVcE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.250.157.0/24
165.99.18.0/24
Signature Algorithm: sha256WithRSAEncryption
11:4a:5f:8e:c9:a2:fa:c0:84:ab:4d:22:55:8c:36:88:8e:8e:
b6:d3:77:fa:02:06:d3:20:89:79:59:f2:fd:68:58:ca:8f:29:
66:78:17:a0:f2:dd:52:a3:51:05:c4:e2:8e:62:83:7e:0f:ac:
16:4a:6c:0d:cd:85:05:a9:98:96:a1:11:47:96:81:f8:52:45:
52:81:31:c6:39:24:71:3c:4e:6d:a9:93:dd:ef:dd:6e:0c:cc:
0a:92:bb:58:cb:34:24:56:bb:d9:4c:3e:92:0f:e4:de:76:6a:
da:c4:ba:e2:6d:38:fb:b7:04:df:a1:75:19:c1:fa:60:e8:99:
af:93:a6:d3:4e:93:82:ee:11:91:47:d1:2f:67:3b:85:35:58:
1f:73:74:70:6b:87:3f:dd:40:a0:50:6f:9c:b2:de:41:1c:cc:
47:f1:d5:ed:20:98:95:9c:cb:c2:4e:b2:d1:2b:13:67:47:63:
b7:32:d8:7b:80:4e:c6:2a:a5:e6:71:20:20:2d:24:00:82:98:
ae:b9:ab:93:99:7e:33:39:83:f9:59:44:34:19:54:6e:73:a7:
79:31:fb:ca:51:f5:d3:0a:f6:bd:6e:75:50:73:44:03:0d:8a:
a5:de:81:99:a2:67:06:d9:f0:43:0f:0c:77:9b:6b:3e:42:6c:
a9:9e:e4:4e
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgICZPMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNTE0MjMzNDE5WhcNMjYwMzAyMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFBNUVEMjExMC8GA1UEBRMoRDkwNEQ1NTJDMEVGMzJGMjQ5QUJBNDU5
N0JEODRBMTVFRTU1NTVDMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALF0GoLcx4RQ/iBeqwBQC2BgXIX4mvOTyk6UcxbqvzbIga4nDmnbeRhKJs267ygF
KROd7NYfFGghAOhgZPsBCgx3KCoSeu0uXbpuN+jp2j8yI+MSu1q0PSPZzfWIcLcB
/yR0fX2TOEPhAfheLXK6pnpg+IwKzuEoii9oeHsbsPPJhPqlF/SQ1RL+lpldXN+e
X4+kZMFufYcEwQ3wfrEk4/eDvcDffuQ2eR9ivgQXzu3YsHNZ/sai0CoT9YBC3vWC
94m1JfYLdN/qKprdbEm6h+OUCfN/3XzXSM/1QEb6nb14h+ToQouxnnzR7o9K2/1a
WJQL/OQ/xs6l5j5/f6fI4nUCAwEAAaOCAvkwggL1MB0GA1UdDgQWBBTZBNVSwO8y
8kmrpFl72EoV7lVVwTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTVFRDIvRjI0NUIyRDYzMTFCMTFGMEEyRjUxMTYwQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE1RUQyL0YyNDVCMkQ2MzExQjExRjBBMkY1MTE2MEM0RjlBRTAyLzJRVFZVc0R2
TXZKSnE2UlplOWhLRmU1VlZjRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQWMBQw
EgQCAAEwDAMEAKD6nQMEAKVjEjANBgkqhkiG9w0BAQsFAAOCAQEAEUpfjsmi+sCE
q00iVYw2iI6OttN3+gIG0yCJeVny/WhYyo8pZngXoPLdUqNRBcTijmKDfg+sFkps
Dc2FBamYlqERR5aB+FJFUoExxjkkcTxObamT3e/dbgzMCpK7WMs0JFa72Uw+kg/k
3nZq2sS64m04+7cE36F1GcH6YOiZr5Om006Tgu4RkUfRL2c7hTVYH3N0cGuHP91A
oFBvnLLeQRzMR/HV7SCYlZzLwk6y0SsTZ0djtzLYe4BOxiql5nEgIC0kAIKYrrmr
k5l+MzmD+VlENBlUbnOneTH7ylH10wr2vW51UHNEAw2Kpd6BmaJnBtnwQw8Md5tr
PkJsqZ7kTg==
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:50:47 2025 by rpki-client