
Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer
File: KbaocCpK1kSocQZLZAet5JPmOo0.cer (raw, json)
Hash identifier: lk223jiEz2x4Ivk6ihiao6jy7w4Cd4WY8+/fTJ5GTqg=
Subject key identifier: 29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 7EBF
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 14 Jul 2026 14:25:03 +0000
Certificate not after: Thu 30 Sep 2027 00:00:00 +0000
Subordinate resources: IP: 66.150.240.0/21
IP: 168.245.188.0/22
IP: 198.246.223.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 24 Jul 2026 19:50:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32447 (0x7ebf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Jul 14 14:25:03 2026 GMT
Not After : Sep 30 00:00:00 2027 GMT
Subject: CN=A919EAF3, serialNumber=29B6A8702A4AD644A871064B6407ADE493E63A8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:cf:e1:bd:7f:38:00:70:74:25:c4:67:da:60:
c1:1d:08:41:cf:77:c5:c1:d5:74:6f:0f:ff:a2:7a:
cf:6b:cf:20:cc:6a:69:a9:d8:f3:d8:59:e4:38:dc:
fc:a7:46:5a:78:1d:00:ef:44:6e:41:05:5e:aa:b1:
48:4e:aa:f2:b6:7d:58:2b:0d:9b:1b:d6:72:24:d7:
e4:f9:a0:89:53:92:07:13:ee:b1:5d:82:a3:7e:ca:
77:7b:46:25:ca:7d:78:01:d6:02:c9:68:fb:2e:f2:
4d:80:f3:b1:cb:d0:12:6e:96:85:b9:6d:1f:02:e0:
f8:d9:f3:6e:cf:d0:8e:60:89:15:c8:53:00:24:36:
c6:10:79:3a:da:dd:ff:b3:c2:23:36:b8:60:72:20:
3b:71:d0:43:4d:af:9e:8e:09:de:b8:6e:25:36:10:
81:f1:c7:6b:57:cc:6b:00:04:b6:2b:e7:55:20:dd:
43:8f:9d:4b:fe:08:86:ce:df:c3:49:db:e3:71:67:
e8:f1:35:02:68:37:a4:f5:a6:a3:38:d5:84:89:d9:
c6:0f:eb:49:ca:ba:e6:cd:78:fc:27:cb:ff:71:8b:
b3:b3:19:5e:12:2e:df:a9:9f:42:02:75:e1:e6:4a:
1f:61:e0:5c:b1:33:52:d6:c8:81:65:2d:09:40:5e:
de:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
66.150.240.0/21
168.245.188.0/22
198.246.223.0/24
Signature Algorithm: sha256WithRSAEncryption
94:d4:ca:03:f7:29:16:c0:46:41:e9:68:ad:72:3c:8d:62:98:
e8:6b:1a:04:2f:0f:5c:43:ab:ee:bb:31:cf:0c:c1:0f:37:90:
59:5c:03:4f:95:e0:3b:fd:86:2d:49:2b:b9:8e:85:7c:b6:ce:
f0:0d:f7:70:e1:b5:ca:49:ca:66:95:d6:f0:82:00:5e:14:be:
d4:bc:c8:15:7d:74:dd:8c:de:8a:30:4c:43:c0:d0:0e:89:5d:
f8:07:19:94:6c:40:f6:09:50:66:91:6d:70:04:74:f9:6c:53:
bb:ad:89:8d:e9:0e:10:35:f3:b6:c1:a7:ca:33:5e:2a:30:d4:
09:2c:3d:2f:84:d6:ec:43:22:a8:be:69:84:5c:da:97:38:96:
c1:98:68:44:9c:76:61:cf:9c:07:fb:a0:58:9d:1e:71:20:fe:
09:b8:fd:d9:44:ca:89:3e:e5:28:13:83:08:12:a0:df:cd:12:
73:87:30:bf:4a:fd:fd:84:56:21:02:50:83:ee:a7:4e:71:c3:
0b:6b:b2:bf:1e:41:fb:23:85:e0:bd:96:a9:6e:14:9f:0e:14:
3e:45:0d:2d:c3:03:f2:6d:40:43:7a:0e:bc:31:11:0a:d0:74:
e0:e4:3e:28:82:bf:f5:59:37:25:d4:8e:29:27:aa:81:02:73:
8e:c5:89:a5
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgICfr8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjYwNzE0MTQyNTAzWhcNMjcwOTMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE5RUFGMzExMC8GA1UEBRMoMjlCNkE4NzAyQTRBRDY0NEE4NzEwNjRC
NjQwN0FERTQ5M0U2M0E4RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM7P4b1/OABwdCXEZ9pgwR0IQc93xcHVdG8P/6J6z2vPIMxqaanY89hZ5Djc/KdG
WngdAO9EbkEFXqqxSE6q8rZ9WCsNmxvWciTX5PmgiVOSBxPusV2Co37Kd3tGJcp9
eAHWAslo+y7yTYDzscvQEm6WhbltHwLg+Nnzbs/QjmCJFchTACQ2xhB5Otrd/7PC
Iza4YHIgO3HQQ02vno4J3rhuJTYQgfHHa1fMawAEtivnVSDdQ4+dS/4Ihs7fw0nb
43Fn6PE1Amg3pPWmozjVhInZxg/rScq65s14/CfL/3GLs7MZXhIu36mfQgJ14eZK
H2HgXLEzUtbIgWUtCUBe3mUCAwEAAaOCAv8wggL7MB0GA1UdDgQWBBQptqhwKkrW
RKhxBktkB63kk+Y6jTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVBRjMvOTNCQjUwMkU2RDE4MTFFN0E4MTVEQTgwQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTlFQUYzLzkzQkI1MDJFNkQxODExRTdBODE1REE4MEM0RjlBRTAyL0tiYW9jQ3BL
MWtTb2NRWkxaQWV0NUpQbU9vMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQcMBow
GAQCAAEwEgMEA0KW8AMEAqj1vAMEAMb23zANBgkqhkiG9w0BAQsFAAOCAQEAlNTK
A/cpFsBGQelorXI8jWKY6GsaBC8PXEOr7rsxzwzBDzeQWVwDT5XgO/2GLUkruY6F
fLbO8A33cOG1yknKZpXW8IIAXhS+1LzIFX103YzeijBMQ8DQDold+AcZlGxA9glQ
ZpFtcAR0+WxTu62JjekOEDXztsGnyjNeKjDUCSw9L4TW7EMiqL5phFzalziWwZho
RJx2Yc+cB/ugWJ0ecSD+Cbj92UTKiT7lKBODCBKg380Sc4cwv0r9/YRWIQJQg+6n
TnHDC2uyvx5B+yOF4L2WqW4Unw4UPkUNLcMD8m1AQ3oOvDERCtB04OQ+KIK/9Vk3
JdSOKSeqgQJzjsWJpQ==
-----END CERTIFICATE-----
Generated at Sat Jul 18 02:19:51 2026 by rpki-client