Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4suW87BaY-nlR5ZSbszpSjWR5fw.cer
File: 4suW87BaY-nlR5ZSbszpSjWR5fw.cer (raw, json)
Hash identifier: /6P0hnIxMxsHnxvV7r/lS39IxAW0xvEgHPxluVlOryo=
Subject key identifier: E2:CB:96:F3:B0:5A:63:E9:E5:47:96:52:6E:CC:E9:4A:35:91:E5:FC
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 65AD
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9157B74/AF64E5103BAA11F09642821CC4F9AE02/4suW87BaY-nlR5ZSbszpSjWR5fw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9157B74/AF64E5103BAA11F09642821CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 28 May 2025 10:01:17 +0000
Certificate not after: Mon 01 Dec 2025 00:00:00 +0000
Subordinate resources: IP: 165.99.155.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 10 Jun 2025 20:16:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26029 (0x65ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: May 28 10:01:17 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=A9157B74, serialNumber=E2CB96F3B05A63E9E54796526ECCE94A3591E5FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b8:e4:07:f1:9b:54:01:13:58:3c:d2:df:8f:
a4:66:b4:8e:c3:1a:62:aa:b6:02:99:6a:3e:55:a5:
72:67:f3:1c:03:ad:69:bc:67:26:c0:f5:7a:97:1d:
e0:91:07:2a:0d:df:9b:aa:26:80:92:43:ab:4d:c7:
97:14:f7:a1:cf:e6:a8:cb:c3:68:81:5b:39:89:6e:
ca:d4:6c:e7:d7:19:6c:76:37:ef:7b:32:bb:c5:2f:
a1:e6:e9:4a:56:c5:f7:ae:27:66:b8:75:f5:28:36:
c5:2e:11:17:1e:1c:d1:28:4b:27:b9:a0:55:e0:59:
c6:84:b1:8c:d9:32:65:2a:90:99:95:af:88:47:58:
fa:4c:77:53:a0:8b:69:e5:f9:a8:3c:aa:f8:f5:d5:
a9:86:98:6a:55:b8:80:a6:b4:41:9c:9d:8b:12:56:
e0:25:ba:c2:bf:48:66:71:f3:d1:11:57:5a:fb:20:
70:14:56:6d:6f:5a:10:a3:3a:5c:74:41:6b:7e:0a:
e3:9e:64:74:2f:5d:24:e1:cc:61:05:67:5b:f9:ef:
a6:9c:60:cf:fa:6b:43:70:dd:97:ee:1f:e9:30:50:
55:44:5b:e3:3e:7e:d4:37:00:aa:a4:91:5e:8f:70:
0f:19:c9:98:cc:41:ab:e0:17:ac:91:ec:b4:eb:b0:
84:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:CB:96:F3:B0:5A:63:E9:E5:47:96:52:6E:CC:E9:4A:35:91:E5:FC
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9157B74/AF64E5103BAA11F09642821CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9157B74/AF64E5103BAA11F09642821CC4F9AE02/4suW87BaY-nlR5ZSbszpSjWR5fw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.99.155.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:8b:95:24:cc:8d:af:a1:07:f1:10:a6:46:4f:02:72:e8:47:
e7:05:7b:f1:65:8b:b2:44:98:bb:70:10:62:4e:28:d3:35:e5:
45:d6:59:f3:1d:37:04:7e:a0:63:e4:b3:0c:7a:f4:f5:23:54:
01:3e:a2:61:99:13:88:c3:7a:07:f4:d9:ff:ad:14:e1:20:27:
7d:f8:69:57:47:af:ae:1b:49:74:37:ea:81:d3:e2:7e:b5:47:
92:48:13:4c:26:7d:e5:08:9a:80:d4:14:cc:14:5a:24:fd:0c:
19:1f:4d:53:ed:d4:ec:e6:de:5b:b1:3f:36:ee:a8:b3:28:1a:
51:cc:11:6a:86:a1:b4:e4:1f:38:8e:ae:06:36:e0:ea:a9:aa:
e1:40:88:64:18:2a:a5:76:6b:88:7b:b4:5e:ad:96:d3:02:06:
92:6b:79:a4:5c:f7:77:3c:ac:ac:72:d8:c2:45:a6:1d:3d:a0:
90:b4:3e:6b:a1:00:06:14:a6:2e:b7:ea:87:19:de:10:1c:9d:
2a:8e:01:cc:7c:e9:40:ae:61:32:52:8b:90:35:d5:b2:40:db:
3f:f9:90:3f:08:5f:d2:60:e7:1a:55:fa:a1:3e:b1:a8:97:bf:
fb:0d:81:6d:62:1a:98:da:5d:29:b2:a1:c1:d7:2b:58:33:b9:
5d:a4:5e:d2
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICZa0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNTI4MTAwMTE3WhcNMjUxMjAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE1N0I3NDExMC8GA1UEBRMoRTJDQjk2RjNCMDVBNjNFOUU1NDc5NjUy
NkVDQ0U5NEEzNTkxRTVGQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANq45Afxm1QBE1g80t+PpGa0jsMaYqq2AplqPlWlcmfzHAOtabxnJsD1epcd4JEH
Kg3fm6omgJJDq03HlxT3oc/mqMvDaIFbOYluytRs59cZbHY373syu8UvoebpSlbF
964nZrh19Sg2xS4RFx4c0ShLJ7mgVeBZxoSxjNkyZSqQmZWviEdY+kx3U6CLaeX5
qDyq+PXVqYaYalW4gKa0QZydixJW4CW6wr9IZnHz0RFXWvsgcBRWbW9aEKM6XHRB
a34K455kdC9dJOHMYQVnW/nvppxgz/prQ3Ddl+4f6TBQVURb4z5+1DcAqqSRXo9w
DxnJmMxBq+AXrJHstOuwhGUCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTiy5bzsFpj
6eVHllJuzOlKNZHl/DAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdCNzQvQUY2NEU1MTAzQkFBMTFGMDk2NDI4MjFDQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTU3Qjc0L0FGNjRFNTEwM0JBQTExRjA5NjQyODIxQ0M0RjlBRTAyLzRzdVc4N0Jh
WS1ubFI1WlNic3pwU2pXUjVmdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKVjmzANBgkqhkiG9w0BAQsFAAOCAQEATIuVJMyNr6EH8RCmRk8C
cuhH5wV78WWLskSYu3AQYk4o0zXlRdZZ8x03BH6gY+SzDHr09SNUAT6iYZkTiMN6
B/TZ/60U4SAnffhpV0evrhtJdDfqgdPifrVHkkgTTCZ95QiagNQUzBRaJP0MGR9N
U+3U7ObeW7E/Nu6osygaUcwRaoahtOQfOI6uBjbg6qmq4UCIZBgqpXZriHu0Xq2W
0wIGkmt5pFz3dzysrHLYwkWmHT2gkLQ+a6EABhSmLrfqhxneEBydKo4BzHzpQK5h
MlKLkDXVskDbP/mQPwhf0mDnGlX6oT6xqJe/+w2BbWIamNpdKbKhwdcrWDO5XaRe
0g==
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:02:08 2025 by rpki-client