Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EH3ibRfjGgSJBuyrWYNP_rFIEQ8.cer
File: EH3ibRfjGgSJBuyrWYNP_rFIEQ8.cer (raw, json)
Hash identifier: RXf2s8TPXID35FgzVJdHZ0EnePTJ89nIzaOzhBrAiSc=
Subject key identifier: 10:7D:E2:6D:17:E3:1A:04:89:06:EC:AB:59:83:4F:FE:B1:48:11:0F
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 65C7
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91C9B37/34CD08CE3CA311F08A495C2FC4F9AE02/EH3ibRfjGgSJBuyrWYNP_rFIEQ8.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91C9B37/34CD08CE3CA311F08A495C2FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 29 May 2025 15:40:16 +0000
Certificate not after: Mon 31 Aug 2026 00:00:00 +0000
Subordinate resources: IP: 165.99.138.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 10 Jun 2025 20:16:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26055 (0x65c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: May 29 15:40:16 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=A91C9B37, serialNumber=107DE26D17E31A048906ECAB59834FFEB148110F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:39:8f:de:78:06:dc:4c:ec:7d:a2:c5:08:93:
f5:40:4a:a3:2b:e6:5f:a0:95:43:f5:f4:c1:db:a9:
24:85:d5:20:30:c5:a3:9c:19:05:d7:2f:4f:1c:7f:
86:23:7a:21:24:64:06:c3:ff:71:71:5b:ad:f6:57:
db:57:04:cb:33:a8:b2:c8:97:0d:0b:2e:a0:75:91:
09:1c:d3:70:98:f8:92:d9:ae:51:9f:3e:a5:c5:ec:
2e:e4:6b:45:0f:17:ed:dd:30:1a:ca:ac:65:ab:1f:
c1:5b:6f:8e:1e:33:38:fe:02:d3:41:59:c5:cc:b6:
f9:d5:85:69:22:d0:7a:61:6b:b0:10:71:40:bd:3a:
d4:01:ae:fc:5b:3d:29:87:b4:73:e2:f8:b7:58:1c:
53:27:f5:14:23:f9:33:b7:9d:8e:cf:74:0c:d4:be:
0b:72:7b:1d:08:91:e2:a4:50:79:1e:15:c9:6a:6f:
11:89:d8:1d:33:56:e4:9f:69:6d:0b:a9:1c:13:36:
d3:47:66:07:47:f3:8a:75:c4:d7:74:12:36:59:6e:
3e:93:a4:e1:69:aa:9d:0e:af:d6:f3:37:7c:8e:d4:
48:bf:b0:3e:15:ca:9e:e8:f2:62:ce:e3:dd:f9:3a:
f2:68:f0:47:c8:eb:69:ad:47:8b:88:73:c9:6d:5d:
54:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:7D:E2:6D:17:E3:1A:04:89:06:EC:AB:59:83:4F:FE:B1:48:11:0F
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C9B37/34CD08CE3CA311F08A495C2FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C9B37/34CD08CE3CA311F08A495C2FC4F9AE02/EH3ibRfjGgSJBuyrWYNP_rFIEQ8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.99.138.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:77:67:12:b3:ab:66:67:30:d5:77:f7:62:db:5c:06:5a:6e:
1d:d0:c4:3a:80:46:c3:47:09:63:b1:94:55:35:be:24:bc:98:
4f:a1:36:04:3d:cc:9f:51:a4:01:55:34:10:c5:1c:15:dd:53:
86:43:0c:c4:83:fa:de:52:b4:25:9c:57:d9:80:a9:4c:50:de:
00:dd:48:bb:4c:96:a2:23:57:55:d8:5c:00:63:66:67:70:52:
e4:18:b8:1b:d8:be:f6:5d:81:20:24:f6:84:e2:b1:3a:8f:19:
bc:7f:43:cd:43:50:58:cd:f7:79:fa:c1:8b:48:bd:f9:98:d3:
c7:84:20:1b:f3:7d:8e:23:3a:44:42:19:48:f2:07:4b:c9:19:
79:be:7c:1d:53:0f:aa:c2:55:14:37:24:13:8b:eb:85:d2:9b:
d0:47:44:de:81:ea:6e:6d:75:1b:02:2e:06:83:3a:5a:b8:74:
da:f9:38:01:05:5b:d1:f1:18:22:7c:b5:c1:ac:fc:d0:23:f0:
e3:dc:35:30:1e:f3:ba:c5:4a:29:11:3f:36:08:90:17:b7:58:
55:42:29:47:16:0f:8f:e1:80:20:18:9f:cf:83:ef:63:21:fe:
30:1b:d6:6f:7f:44:ed:82:43:6c:29:68:02:66:ad:df:0b:c8:
b3:e7:f8:2c
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICZccwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNTI5MTU0MDE2WhcNMjYwODMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDOUIzNzExMC8GA1UEBRMoMTA3REUyNkQxN0UzMUEwNDg5MDZFQ0FC
NTk4MzRGRkVCMTQ4MTEwRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMs5j954BtxM7H2ixQiT9UBKoyvmX6CVQ/X0wdupJIXVIDDFo5wZBdcvTxx/hiN6
ISRkBsP/cXFbrfZX21cEyzOossiXDQsuoHWRCRzTcJj4ktmuUZ8+pcXsLuRrRQ8X
7d0wGsqsZasfwVtvjh4zOP4C00FZxcy2+dWFaSLQemFrsBBxQL061AGu/Fs9KYe0
c+L4t1gcUyf1FCP5M7edjs90DNS+C3J7HQiR4qRQeR4VyWpvEYnYHTNW5J9pbQup
HBM200dmB0fzinXE13QSNlluPpOk4WmqnQ6v1vM3fI7USL+wPhXKnujyYs7j3fk6
8mjwR8jraa1Hi4hzyW1dVPMCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQQfeJtF+Ma
BIkG7KtZg0/+sUgRDzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzlCMzcvMzRDRDA4Q0UzQ0EzMTFGMDhBNDk1QzJGQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM5QjM3LzM0Q0QwOENFM0NBMzExRjA4QTQ5NUMyRkM0RjlBRTAyL0VIM2liUmZq
R2dTSkJ1eXJXWU5QX3JGSUVROC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaVjijANBgkqhkiG9w0BAQsFAAOCAQEAmndnErOrZmcw1Xf3Yttc
BlpuHdDEOoBGw0cJY7GUVTW+JLyYT6E2BD3Mn1GkAVU0EMUcFd1ThkMMxIP63lK0
JZxX2YCpTFDeAN1Iu0yWoiNXVdhcAGNmZ3BS5Bi4G9i+9l2BICT2hOKxOo8ZvH9D
zUNQWM33efrBi0i9+ZjTx4QgG/N9jiM6REIZSPIHS8kZeb58HVMPqsJVFDckE4vr
hdKb0EdE3oHqbm11GwIuBoM6Wrh02vk4AQVb0fEYIny1waz80CPw49w1MB7zusVK
KRE/NgiQF7dYVUIpRxYPj+GAIBifz4PvYyH+MBvWb39E7YJDbCloAmat3wvIs+f4
LA==
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:06:59 2025 by rpki-client