Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4suW87BaY-nlR5ZSbszpSjWR5fw.cer
File: 4suW87BaY-nlR5ZSbszpSjWR5fw.cer (raw, json)
Hash identifier: 8yNmzsDhf97Zx1BNtbqEGOG+pkKXQt5tBH4lWPRDdqE=
Subject key identifier: E2:CB:96:F3:B0:5A:63:E9:E5:47:96:52:6E:CC:E9:4A:35:91:E5:FC
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6AA7
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9157B74/AF64E5103BAA11F09642821CC4F9AE02/4suW87BaY-nlR5ZSbszpSjWR5fw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9157B74/AF64E5103BAA11F09642821CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 02 Sep 2025 16:49:35 +0000
Certificate not after: Tue 01 Dec 2026 00:00:00 +0000
Subordinate resources: IP: 165.99.155.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Sep 2025 03:16:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27303 (0x6aa7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Sep 2 16:49:35 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=A9157B74, serialNumber=E2CB96F3B05A63E9E54796526ECCE94A3591E5FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b8:e4:07:f1:9b:54:01:13:58:3c:d2:df:8f:
a4:66:b4:8e:c3:1a:62:aa:b6:02:99:6a:3e:55:a5:
72:67:f3:1c:03:ad:69:bc:67:26:c0:f5:7a:97:1d:
e0:91:07:2a:0d:df:9b:aa:26:80:92:43:ab:4d:c7:
97:14:f7:a1:cf:e6:a8:cb:c3:68:81:5b:39:89:6e:
ca:d4:6c:e7:d7:19:6c:76:37:ef:7b:32:bb:c5:2f:
a1:e6:e9:4a:56:c5:f7:ae:27:66:b8:75:f5:28:36:
c5:2e:11:17:1e:1c:d1:28:4b:27:b9:a0:55:e0:59:
c6:84:b1:8c:d9:32:65:2a:90:99:95:af:88:47:58:
fa:4c:77:53:a0:8b:69:e5:f9:a8:3c:aa:f8:f5:d5:
a9:86:98:6a:55:b8:80:a6:b4:41:9c:9d:8b:12:56:
e0:25:ba:c2:bf:48:66:71:f3:d1:11:57:5a:fb:20:
70:14:56:6d:6f:5a:10:a3:3a:5c:74:41:6b:7e:0a:
e3:9e:64:74:2f:5d:24:e1:cc:61:05:67:5b:f9:ef:
a6:9c:60:cf:fa:6b:43:70:dd:97:ee:1f:e9:30:50:
55:44:5b:e3:3e:7e:d4:37:00:aa:a4:91:5e:8f:70:
0f:19:c9:98:cc:41:ab:e0:17:ac:91:ec:b4:eb:b0:
84:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:CB:96:F3:B0:5A:63:E9:E5:47:96:52:6E:CC:E9:4A:35:91:E5:FC
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9157B74/AF64E5103BAA11F09642821CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9157B74/AF64E5103BAA11F09642821CC4F9AE02/4suW87BaY-nlR5ZSbszpSjWR5fw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.99.155.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:a9:75:08:f9:64:a6:a7:f7:b0:f4:a1:fd:45:e6:6e:8a:da:
6d:65:69:50:fe:77:09:50:12:89:98:44:3e:d0:8c:3a:80:2d:
2a:f4:c8:1b:66:da:e0:38:80:1e:5b:f4:74:66:06:d9:46:83:
17:8c:41:e5:60:b4:13:34:46:35:26:88:7f:f5:c6:5d:42:59:
b6:4d:a8:55:4f:81:b2:ac:a6:88:2f:22:1c:f4:8e:1c:82:e9:
2f:c1:b9:3b:31:13:1e:17:5f:3f:b5:4e:71:16:b1:bf:db:58:
49:4b:53:44:7f:ff:65:85:06:fc:56:81:02:e7:11:d9:44:24:
23:86:63:2a:2f:f7:81:eb:0b:ce:01:16:1f:83:0a:cf:0e:6a:
5e:da:35:01:8c:65:88:7a:75:61:b6:80:c6:e8:00:e7:3b:55:
01:41:2e:49:30:62:c9:de:bf:bc:07:5b:30:16:94:13:98:7c:
8b:e4:41:ac:45:66:19:12:7f:17:3e:8b:4b:52:be:2f:ce:53:
f7:c8:d3:b3:34:03:bb:7b:d0:94:22:65:cf:85:ea:7d:a2:c1:
05:e8:7e:00:11:ff:22:82:56:79:9f:16:41:b2:7b:16:45:8d:
cb:52:02:18:e4:4a:17:4a:c0:47:29:5c:99:55:ce:05:5c:3a:
0d:eb:01:23
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICaqcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwOTAyMTY0OTM1WhcNMjYxMjAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE1N0I3NDExMC8GA1UEBRMoRTJDQjk2RjNCMDVBNjNFOUU1NDc5NjUy
NkVDQ0U5NEEzNTkxRTVGQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANq45Afxm1QBE1g80t+PpGa0jsMaYqq2AplqPlWlcmfzHAOtabxnJsD1epcd4JEH
Kg3fm6omgJJDq03HlxT3oc/mqMvDaIFbOYluytRs59cZbHY373syu8UvoebpSlbF
964nZrh19Sg2xS4RFx4c0ShLJ7mgVeBZxoSxjNkyZSqQmZWviEdY+kx3U6CLaeX5
qDyq+PXVqYaYalW4gKa0QZydixJW4CW6wr9IZnHz0RFXWvsgcBRWbW9aEKM6XHRB
a34K455kdC9dJOHMYQVnW/nvppxgz/prQ3Ddl+4f6TBQVURb4z5+1DcAqqSRXo9w
DxnJmMxBq+AXrJHstOuwhGUCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTiy5bzsFpj
6eVHllJuzOlKNZHl/DAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdCNzQvQUY2NEU1MTAzQkFBMTFGMDk2NDI4MjFDQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTU3Qjc0L0FGNjRFNTEwM0JBQTExRjA5NjQyODIxQ0M0RjlBRTAyLzRzdVc4N0Jh
WS1ubFI1WlNic3pwU2pXUjVmdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKVjmzANBgkqhkiG9w0BAQsFAAOCAQEAfal1CPlkpqf3sPSh/UXm
borabWVpUP53CVASiZhEPtCMOoAtKvTIG2ba4DiAHlv0dGYG2UaDF4xB5WC0EzRG
NSaIf/XGXUJZtk2oVU+BsqymiC8iHPSOHILpL8G5OzETHhdfP7VOcRaxv9tYSUtT
RH//ZYUG/FaBAucR2UQkI4ZjKi/3gesLzgEWH4MKzw5qXto1AYxliHp1YbaAxugA
5ztVAUEuSTBiyd6/vAdbMBaUE5h8i+RBrEVmGRJ/Fz6LS1K+L85T98jTszQDu3vQ
lCJlz4XqfaLBBeh+ABH/IoJWeZ8WQbJ7FkWNy1ICGORKF0rARylcmVXOBVw6DesB
Iw==
-----END CERTIFICATE-----
Generated at Thu Sep 4 12:30:18 2025 by rpki-client