Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer
File: L9JLb9eYBEVzVDhmYs4w3aOyALU.cer (raw, json)
Hash identifier: aIdpEXOOMGg4qemW9lrlfx2T6YjGcqhFsZsiI8gQwe4=
Subject key identifier: 2F:D2:4B:6F:D7:98:04:45:73:54:38:66:62:CE:30:DD:A3:B2:00:B5
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6488
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 05 May 2025 17:25:26 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 157.20.146.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Jun 2025 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25736 (0x6488)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: May 5 17:25:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A91A29DA, serialNumber=2FD24B6FD79804457354386662CE30DDA3B200B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8e:1f:5b:8e:2a:e9:10:bc:22:59:e7:c8:bb:
19:01:27:ba:a2:0c:06:3b:b1:d0:e4:82:42:69:35:
22:8d:c7:ae:39:98:54:3e:b6:d8:22:d0:36:f9:ce:
da:22:8c:2a:58:a9:25:f7:7f:8e:e8:91:84:f7:d5:
8d:9c:ca:78:24:2e:a4:00:ab:68:ab:79:fc:08:e8:
96:2a:47:13:bf:d7:89:90:60:aa:30:c9:4d:b8:9f:
c7:e6:db:dc:46:34:76:9f:d7:2d:f5:8b:22:3a:ff:
ab:6f:75:4d:a5:46:96:0c:e1:70:1f:85:8e:54:e6:
01:04:52:64:6d:b2:d8:10:ea:b8:5a:a6:18:2f:ef:
7e:b2:d8:b2:df:87:b2:5c:04:6a:dd:8f:aa:d9:66:
ea:e3:11:22:37:37:91:2c:5b:ec:e6:3e:1c:4b:8b:
b2:e2:17:62:f4:cf:ef:fa:87:44:b2:7e:bd:c5:96:
4b:fd:4b:fb:fd:13:97:1c:6e:d3:94:ba:e7:cd:4c:
e4:eb:71:56:95:cc:ea:8d:0b:1d:d3:74:c9:18:43:
83:6c:87:60:0e:69:19:8c:d1:02:92:e3:90:3d:3f:
6f:93:99:2f:07:28:95:f7:49:5a:d1:32:a2:dd:b5:
f0:30:ae:33:49:b5:5e:13:94:40:ce:a1:d2:b0:c6:
76:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D2:4B:6F:D7:98:04:45:73:54:38:66:62:CE:30:DD:A3:B2:00:B5
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.146.0/23
Signature Algorithm: sha256WithRSAEncryption
41:da:f6:f2:bd:cf:7a:4e:1f:4d:5a:39:9f:dd:95:d5:de:a4:
6b:27:38:d1:30:c5:80:fa:2e:0f:bb:49:de:8a:fa:86:64:cb:
fc:d7:8f:b1:b3:7b:a4:51:c9:21:4c:4c:47:d3:6d:fc:f1:1b:
51:62:92:92:40:d6:6d:fb:1d:77:52:32:0b:fa:bd:e2:2f:c9:
ab:8a:2b:2b:0e:de:8e:de:b6:3d:16:89:26:53:ef:9e:ae:5d:
79:27:68:a3:04:c2:0c:f8:e4:fd:86:c1:8d:fb:92:33:0d:b6:
3c:69:8a:e8:07:d8:5a:90:84:4d:70:e9:39:c1:d7:e9:ad:d3:
a8:da:76:4a:3f:46:c4:2a:7e:b1:a3:4b:4c:41:16:94:63:b1:
15:61:96:60:82:2a:39:2c:e3:d8:04:29:5b:b7:d0:89:8a:88:
2f:59:10:a1:50:a3:64:61:c2:59:11:8c:3a:6a:cc:69:24:77:
74:c3:ec:e6:6a:7e:d6:bd:92:14:fe:40:61:39:29:ec:81:67:
8d:c9:d9:36:04:22:8f:91:b9:e9:89:e9:4c:79:8c:a0:b7:7c:
71:83:50:95:77:fe:a6:0d:da:9c:20:da:be:e8:66:b3:28:f7:
94:49:c7:32:56:14:f7:5a:47:b7:19:bd:c4:19:ab:81:40:f4:
1e:13:44:37
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICZIgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNTA1MTcyNTI2WhcNMjYwNzAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFBMjlEQTExMC8GA1UEBRMoMkZEMjRCNkZENzk4MDQ0NTczNTQzODY2
NjJDRTMwRERBM0IyMDBCNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM+OH1uOKukQvCJZ58i7GQEnuqIMBjux0OSCQmk1Io3HrjmYVD622CLQNvnO2iKM
KlipJfd/juiRhPfVjZzKeCQupACraKt5/AjolipHE7/XiZBgqjDJTbifx+bb3EY0
dp/XLfWLIjr/q291TaVGlgzhcB+FjlTmAQRSZG2y2BDquFqmGC/vfrLYst+HslwE
at2Pqtlm6uMRIjc3kSxb7OY+HEuLsuIXYvTP7/qHRLJ+vcWWS/1L+/0Tlxxu05S6
581M5OtxVpXM6o0LHdN0yRhDg2yHYA5pGYzRApLjkD0/b5OZLwcolfdJWtEyot21
8DCuM0m1XhOUQM6h0rDGdhECAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQv0ktv15gE
RXNUOGZizjDdo7IAtTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTI5REEvMzRCNUI1MTREQTU0MTFFRTgyN0NBNTdEQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUEyOURBLzM0QjVCNTE0REE1NDExRUU4MjdDQTU3REM0RjlBRTAyL0w5SkxiOWVZ
QkVWelZEaG1ZczR3M2FPeUFMVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0UkjANBgkqhkiG9w0BAQsFAAOCAQEAQdr28r3Pek4fTVo5n92V
1d6kayc40TDFgPouD7tJ3or6hmTL/NePsbN7pFHJIUxMR9Nt/PEbUWKSkkDWbfsd
d1IyC/q94i/Jq4orKw7ejt62PRaJJlPvnq5deSdoowTCDPjk/YbBjfuSMw22PGmK
6AfYWpCETXDpOcHX6a3TqNp2Sj9GxCp+saNLTEEWlGOxFWGWYIIqOSzj2AQpW7fQ
iYqIL1kQoVCjZGHCWRGMOmrMaSR3dMPs5mp+1r2SFP5AYTkp7IFnjcnZNgQij5G5
6YnpTHmMoLd8cYNQlXf+pg3anCDavuhmsyj3lEnHMlYU91pHtxm9xBmrgUD0HhNE
Nw==
-----END CERTIFICATE-----
Generated at Sun Jun 1 07:53:16 2025 by rpki-client