Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KumFgVoQ3W0EUj_IHY2v1ya-eBY.cer
File: KumFgVoQ3W0EUj_IHY2v1ya-eBY.cer (raw, json)
Hash identifier: XMBs7ItXJBBvZ8Pv2QNuBpvQU+2tAdw/Ry3rysEHFsQ=
Subject key identifier: 2A:E9:85:81:5A:10:DD:6D:04:52:3F:C8:1D:8D:AF:D7:26:BE:78:16
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6811
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911F536/9A86DBD0C99A11EFB4CEEF1EC4F9AE02/KumFgVoQ3W0EUj_IHY2v1ya-eBY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911F536/9A86DBD0C99A11EFB4CEEF1EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 11 Jul 2025 07:24:39 +0000
Certificate not after: Wed 30 Sep 2026 00:00:00 +0000
Subordinate resources: IP: 160.22.213.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 27 Jul 2025 14:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26641 (0x6811)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Jul 11 07:24:39 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=A911F536, serialNumber=2AE985815A10DD6D04523FC81D8DAFD726BE7816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4e:2c:4f:d7:42:f2:14:ec:10:8d:81:31:6e:
20:d9:2e:dd:a4:65:22:ed:0e:c4:d8:27:3a:48:75:
22:09:07:1a:58:71:dc:ea:76:37:d6:d5:07:fb:5a:
dd:69:b7:59:d9:4d:6e:af:8e:70:11:9a:61:2f:b0:
e7:8b:40:42:ed:37:95:68:30:92:e9:27:ad:89:e3:
89:56:a0:64:38:01:7b:94:bf:14:5f:51:6a:58:7d:
87:1f:4d:92:63:ea:48:55:c1:52:ec:0b:03:ee:e5:
e8:1e:84:30:17:e2:b3:22:99:3e:46:e2:bd:81:24:
4d:41:58:99:9f:07:b2:43:8a:ab:a2:8b:5a:da:65:
9f:d9:e1:e7:bb:53:e8:bf:8f:85:f4:5c:b6:cc:d5:
4a:d1:2c:a1:92:4b:7d:55:e7:1b:6d:19:9c:7e:cc:
72:6d:0d:84:f0:e7:2e:b1:2b:4f:d6:fb:17:ca:29:
a9:d7:4c:60:e9:c5:c8:bf:90:17:2f:59:26:05:cc:
cb:03:f5:b7:a4:0d:13:1d:ff:ee:46:36:79:a9:ce:
a6:2f:85:89:17:1d:75:e8:67:dc:e8:9c:81:f6:46:
13:a0:ad:62:e1:81:1d:be:bc:99:1f:0d:b2:15:c7:
74:69:59:c2:ad:aa:20:95:c3:24:fd:78:77:1d:73:
95:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:E9:85:81:5A:10:DD:6D:04:52:3F:C8:1D:8D:AF:D7:26:BE:78:16
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911F536/9A86DBD0C99A11EFB4CEEF1EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911F536/9A86DBD0C99A11EFB4CEEF1EC4F9AE02/KumFgVoQ3W0EUj_IHY2v1ya-eBY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.22.213.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:e9:87:67:47:65:db:62:01:73:dc:5d:4d:b0:bd:f3:94:01:
a1:b5:43:76:4c:c6:21:0c:89:46:26:ee:c2:16:60:9d:6a:b3:
52:5a:35:c5:f0:37:01:36:d3:89:09:10:94:09:9c:55:59:4a:
e4:e6:4c:8d:2b:fe:f4:81:5c:0c:d0:47:09:fb:71:ef:9b:cd:
4b:44:fd:c6:52:54:b2:f0:92:8d:01:6d:d4:93:dc:e2:eb:5d:
fb:f1:30:30:68:09:48:5d:bc:13:1d:cf:9e:45:17:8c:a7:12:
ab:62:06:00:df:2e:79:db:dc:5b:5c:5d:77:a8:d2:cd:d9:90:
b7:45:1f:0c:11:89:64:17:90:c8:8e:3f:94:91:ab:0d:3d:92:
b2:79:09:64:1a:dc:36:96:66:d1:7a:92:98:9d:25:de:af:5c:
02:3b:d1:1e:3b:a3:5f:1c:e8:15:2c:93:bf:f2:2a:02:b4:5c:
c0:3a:49:d3:b3:b4:e1:3c:41:d7:4e:59:4a:52:0c:9a:1c:34:
f0:02:aa:1d:9b:fa:90:4d:0c:7f:c1:c7:2c:73:69:ab:f9:0f:
17:bc:f1:b2:05:1d:4e:06:3b:36:20:31:4e:b8:1d:1e:ce:67:
18:f1:f2:6f:1e:eb:5a:89:f6:2f:a8:b5:6f:a8:53:f6:13:4e:
91:99:f0:4a
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICaBEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNzExMDcyNDM5WhcNMjYwOTMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTExRjUzNjExMC8GA1UEBRMoMkFFOTg1ODE1QTEwREQ2RDA0NTIzRkM4
MUQ4REFGRDcyNkJFNzgxNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMBOLE/XQvIU7BCNgTFuINku3aRlIu0OxNgnOkh1IgkHGlhx3Op2N9bVB/ta3Wm3
WdlNbq+OcBGaYS+w54tAQu03lWgwkuknrYnjiVagZDgBe5S/FF9Ralh9hx9NkmPq
SFXBUuwLA+7l6B6EMBfisyKZPkbivYEkTUFYmZ8HskOKq6KLWtpln9nh57tT6L+P
hfRctszVStEsoZJLfVXnG20ZnH7Mcm0NhPDnLrErT9b7F8opqddMYOnFyL+QFy9Z
JgXMywP1t6QNEx3/7kY2eanOpi+FiRcddehn3OicgfZGE6CtYuGBHb68mR8NshXH
dGlZwq2qIJXDJP14dx1zleMCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQq6YWBWhDd
bQRSP8gdja/XJr54FjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUY1MzYvOUE4NkRCRDBDOTlBMTFFRkI0Q0VFRjFFQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTFGNTM2LzlBODZEQkQwQzk5QTExRUZCNENFRUYxRUM0RjlBRTAyL0t1bUZnVm9R
M1cwRVVqX0lIWTJ2MXlhLWVCWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKAW1TANBgkqhkiG9w0BAQsFAAOCAQEAOumHZ0dl22IBc9xdTbC9
85QBobVDdkzGIQyJRibuwhZgnWqzUlo1xfA3ATbTiQkQlAmcVVlK5OZMjSv+9IFc
DNBHCftx75vNS0T9xlJUsvCSjQFt1JPc4utd+/EwMGgJSF28Ex3PnkUXjKcSq2IG
AN8uedvcW1xdd6jSzdmQt0UfDBGJZBeQyI4/lJGrDT2SsnkJZBrcNpZm0XqSmJ0l
3q9cAjvRHjujXxzoFSyTv/IqArRcwDpJ07O04TxB105ZSlIMmhw08AKqHZv6kE0M
f8HHLHNpq/kPF7zxsgUdTgY7NiAxTrgdHs5nGPHybx7rWon2L6i1b6hT9hNOkZnw
Sg==
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:01:36 2025 by rpki-client