Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EW8KKmpLkkLXeiULcXAIFdKY3bk.cer
File: EW8KKmpLkkLXeiULcXAIFdKY3bk.cer (raw, json)
Hash identifier: G9LTpkkp8uVnv2xD116nU2+LMwePSyAJecYJlCqyPA8=
Subject key identifier: 11:6F:0A:2A:6A:4B:92:42:D7:7A:25:0B:71:70:08:15:D2:98:DD:B9
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6A2B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9175964/F531EDE45B1411EFAC974461C4F9AE02/EW8KKmpLkkLXeiULcXAIFdKY3bk.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9175964/F531EDE45B1411EFAC974461C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sat 23 Aug 2025 05:59:53 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: IP: 160.25.173.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Sep 2025 03:16:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27179 (0x6a2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Aug 23 05:59:53 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A9175964, serialNumber=116F0A2A6A4B9242D77A250B71700815D298DDB9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8c:fa:ab:f6:80:f2:e0:bf:1f:37:e0:93:92:
ab:2a:83:49:ef:24:26:e8:84:c0:37:b6:c5:e0:eb:
e4:fd:6f:79:1d:6f:ae:94:97:06:e9:69:16:fe:a2:
f7:9d:f2:34:c4:6a:3f:2f:de:47:19:79:0e:ab:a3:
7b:d9:af:09:cc:96:f4:c4:20:05:2d:4a:2c:58:9d:
f7:73:f2:d8:27:4a:31:e2:fa:6b:00:98:a2:51:08:
d3:6a:5f:fa:8c:43:67:d9:ef:78:57:d8:2e:60:e8:
17:33:6f:9f:a6:b0:ab:12:c8:91:08:93:75:2a:aa:
66:7c:76:b4:e9:d6:d3:93:69:93:29:1c:14:c9:9c:
5d:ab:d6:d4:93:41:ba:92:b3:79:6c:cb:56:1e:57:
7a:87:ec:95:c6:0a:88:93:d2:94:50:36:89:31:a7:
b4:d0:24:53:9a:fb:16:e7:e3:3d:2b:96:77:af:07:
88:ad:8e:33:88:5e:12:d6:86:59:b2:fb:eb:72:77:
fd:58:59:94:3d:bd:2d:f5:eb:35:46:67:d0:87:7e:
18:6f:0c:7d:59:9d:19:49:5f:9f:60:7a:a1:bd:d7:
76:f6:b2:18:90:7a:8b:81:0a:ab:b0:f3:6f:be:6b:
84:ec:78:2e:e5:32:9e:8e:f0:58:e5:1f:fb:ba:89:
b8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:6F:0A:2A:6A:4B:92:42:D7:7A:25:0B:71:70:08:15:D2:98:DD:B9
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9175964/F531EDE45B1411EFAC974461C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9175964/F531EDE45B1411EFAC974461C4F9AE02/EW8KKmpLkkLXeiULcXAIFdKY3bk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.25.173.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:76:75:b6:49:2d:7c:de:53:d3:7f:80:cc:f5:e9:dc:60:b4:
7a:d7:58:02:35:f4:4e:e8:8b:03:86:d5:a2:db:64:c9:d3:bd:
38:98:f1:7d:f5:d8:53:af:a1:ae:fa:10:0d:2e:56:29:82:ea:
41:9d:48:05:04:66:00:0d:41:f1:bd:a2:bc:cd:83:22:57:2c:
f9:0d:3d:02:40:33:b0:a7:41:e0:34:f9:6a:c4:92:d3:ba:d8:
e6:14:35:c1:bf:52:25:90:e8:a1:a5:93:f7:8e:49:ce:f6:c6:
ba:9f:9c:6c:6e:81:68:74:bf:d5:40:11:cd:4b:09:f3:02:01:
f7:d6:55:b7:f8:f8:e5:e5:90:31:e9:ca:7a:49:f0:8e:66:3c:
7b:60:37:10:4a:07:b1:bb:8b:f1:d3:2e:be:83:3b:f8:bd:f6:
7f:ee:d1:cc:70:28:4d:6c:e7:9d:89:de:49:2a:0b:61:85:c6:
b0:91:73:93:83:a9:df:06:63:ac:df:85:eb:0b:f3:26:b6:80:
d0:0d:a6:82:df:1d:3b:45:80:b4:a2:e9:7d:ba:3a:b2:51:d2:
1f:3b:80:8c:3d:cb:36:4d:04:18:cc:c8:6a:32:ea:2c:e0:14:
ac:b6:51:77:15:52:fd:84:fd:c5:ed:9c:11:da:eb:11:77:11:
01:a2:cb:1f
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICaiswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwODIzMDU1OTUzWhcNMjYxMDMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE3NTk2NDExMC8GA1UEBRMoMTE2RjBBMkE2QTRCOTI0MkQ3N0EyNTBC
NzE3MDA4MTVEMjk4RERCOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALOM+qv2gPLgvx834JOSqyqDSe8kJuiEwDe2xeDr5P1veR1vrpSXBulpFv6i953y
NMRqPy/eRxl5Dquje9mvCcyW9MQgBS1KLFid93Py2CdKMeL6awCYolEI02pf+oxD
Z9nveFfYLmDoFzNvn6awqxLIkQiTdSqqZnx2tOnW05NpkykcFMmcXavW1JNBupKz
eWzLVh5XeofslcYKiJPSlFA2iTGntNAkU5r7FufjPSuWd68HiK2OM4heEtaGWbL7
63J3/VhZlD29LfXrNUZn0Id+GG8MfVmdGUlfn2B6ob3XdvayGJB6i4EKq7Dzb75r
hOx4LuUyno7wWOUf+7qJuL0CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQRbwoqakuS
Qtd6JQtxcAgV0pjduTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU5NjQvRjUzMUVERTQ1QjE0MTFFRkFDOTc0NDYxQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTc1OTY0L0Y1MzFFREU0NUIxNDExRUZBQzk3NDQ2MUM0RjlBRTAyL0VXOEtLbXBM
a2tMWGVpVUxjWEFJRmRLWTNiay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKAZrTANBgkqhkiG9w0BAQsFAAOCAQEAbHZ1tkktfN5T03+AzPXp
3GC0etdYAjX0TuiLA4bVottkydO9OJjxffXYU6+hrvoQDS5WKYLqQZ1IBQRmAA1B
8b2ivM2DIlcs+Q09AkAzsKdB4DT5asSS07rY5hQ1wb9SJZDooaWT945JzvbGup+c
bG6BaHS/1UARzUsJ8wIB99ZVt/j45eWQMenKeknwjmY8e2A3EEoHsbuL8dMuvoM7
+L32f+7RzHAoTWznnYneSSoLYYXGsJFzk4Op3wZjrN+F6wvzJraA0A2mgt8dO0WA
tKLpfbo6slHSHzuAjD3LNk0EGMzIajLqLOAUrLZRdxVS/YT9xe2cEdrrEXcRAaLL
Hw==
-----END CERTIFICATE-----
Generated at Thu Sep 4 12:24:47 2025 by rpki-client