Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/LvRpVEOkwMezTqkbYqPY-OQUUX4.cer
File: LvRpVEOkwMezTqkbYqPY-OQUUX4.cer (raw, json)
Hash identifier: VnVkv2upU3y1Fbfd8dGYJcd/3HjU30eRQoM8kIFZ+OY=
Subject key identifier: 2E:F4:69:54:43:A4:C0:C7:B3:4E:A9:1B:62:A3:D8:F8:E4:14:51:7E
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 656A
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9167A72/44DE69CE2B1411F08523F26BC4F9AE02/LvRpVEOkwMezTqkbYqPY-OQUUX4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9167A72/44DE69CE2B1411F08523F26BC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 23 May 2025 04:35:52 +0000
Certificate not after: Mon 31 Aug 2026 00:00:00 +0000
Subordinate resources: IP: 168.140.196.0/22
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Jun 2025 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25962 (0x656a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: May 23 04:35:52 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=A9167A72, serialNumber=2EF4695443A4C0C7B34EA91B62A3D8F8E414517E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c7:06:30:81:b4:fd:9b:40:67:46:3a:3e:7e:
71:09:c2:dd:46:a7:35:3f:ed:88:6f:f0:13:b5:5e:
00:60:66:32:b8:60:33:5a:07:c7:b1:be:12:06:ba:
45:9d:38:fe:81:b1:53:ed:4a:3d:41:b7:f4:eb:b9:
4b:1b:39:36:b8:97:08:e8:a1:0e:2a:d0:4e:40:ab:
83:03:27:ea:46:4c:c1:b9:94:3c:2d:8c:c2:36:65:
32:86:40:fb:db:68:a1:8e:87:86:90:9a:a7:04:02:
99:fd:80:d4:12:d6:e9:d7:8d:4d:20:f1:95:83:9e:
15:1e:f6:f0:dd:5b:f6:51:7d:7b:61:b5:ef:cd:c6:
7b:d7:a5:c5:f1:90:5c:53:07:ea:be:15:60:8a:ed:
1f:b2:a7:17:07:0a:a6:11:a1:6f:d9:7c:eb:c5:1d:
5c:77:96:d3:00:3a:1f:8f:42:6d:24:1a:0e:ff:23:
34:fe:44:f0:1c:b3:d0:a8:0e:70:52:86:b0:bb:e0:
ff:8b:b7:f4:2a:9a:ec:4b:40:f0:34:29:45:86:80:
00:e4:09:71:f3:43:c4:3b:2e:65:87:f0:0d:a4:60:
e0:3b:f5:b7:51:f8:66:b9:84:77:83:9e:10:bd:67:
73:18:e8:dd:81:e0:13:4d:74:13:1b:f0:24:33:29:
10:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:F4:69:54:43:A4:C0:C7:B3:4E:A9:1B:62:A3:D8:F8:E4:14:51:7E
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9167A72/44DE69CE2B1411F08523F26BC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9167A72/44DE69CE2B1411F08523F26BC4F9AE02/LvRpVEOkwMezTqkbYqPY-OQUUX4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
168.140.196.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:c5:35:43:eb:fb:fc:f2:c3:c3:45:bc:ad:68:ef:2c:20:ae:
7d:bc:4d:97:23:05:0c:93:d4:1b:0e:f1:0a:c5:c1:71:97:0b:
ad:4e:0b:09:29:7f:70:e2:69:51:4b:fd:f7:eb:d5:ca:13:be:
03:cd:65:28:e0:f7:30:66:cc:5a:87:84:1a:72:14:18:52:f7:
60:d3:30:55:2c:6a:54:ed:36:00:0e:bc:c8:ff:ae:e0:72:61:
5e:85:c0:e6:8a:24:c2:7a:34:6c:44:08:ad:61:e3:14:d9:85:
26:9d:63:7a:06:2e:8a:51:e3:0e:6e:fd:a0:da:65:a6:28:1f:
72:27:c1:c3:91:a6:a6:9a:1a:42:a0:29:d9:1a:57:c4:3f:9b:
85:2f:72:3d:4e:77:ca:fe:90:d3:aa:94:91:49:6a:5a:ad:ea:
0b:75:b7:e2:1d:52:31:a5:72:b9:8a:29:8f:ce:25:4e:9c:c4:
43:21:d0:7b:35:be:05:7f:a1:68:30:13:17:5f:5f:35:eb:d2:
b5:1e:9b:78:a5:eb:5e:5b:14:98:b4:e4:bb:f9:98:c1:b1:ab:
b5:5b:6e:70:9c:ad:ec:b5:0c:37:67:d2:cc:f9:37:5e:b3:8b:
d5:87:bd:c6:1c:bd:f9:6a:2c:89:92:73:08:9e:55:0e:c9:e7:
cf:ff:67:0a
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICZWowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNTIzMDQzNTUyWhcNMjYwODMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE2N0E3MjExMC8GA1UEBRMoMkVGNDY5NTQ0M0E0QzBDN0IzNEVBOTFC
NjJBM0Q4RjhFNDE0NTE3RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKfHBjCBtP2bQGdGOj5+cQnC3UanNT/tiG/wE7VeAGBmMrhgM1oHx7G+Ega6RZ04
/oGxU+1KPUG39Ou5Sxs5NriXCOihDirQTkCrgwMn6kZMwbmUPC2MwjZlMoZA+9to
oY6HhpCapwQCmf2A1BLW6deNTSDxlYOeFR728N1b9lF9e2G1783Ge9elxfGQXFMH
6r4VYIrtH7KnFwcKphGhb9l868UdXHeW0wA6H49CbSQaDv8jNP5E8Byz0KgOcFKG
sLvg/4u39Cqa7EtA8DQpRYaAAOQJcfNDxDsuZYfwDaRg4Dv1t1H4ZrmEd4OeEL1n
cxjo3YHgE010ExvwJDMpEC0CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQu9GlUQ6TA
x7NOqRtio9j45BRRfjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjdBNzIvNDRERTY5Q0UyQjE0MTFGMDg1MjNGMjZCQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTY3QTcyLzQ0REU2OUNFMkIxNDExRjA4NTIzRjI2QkM0RjlBRTAyL0x2UnBWRU9r
d01lelRxa2JZcVBZLU9RVVVYNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAqiMxDANBgkqhkiG9w0BAQsFAAOCAQEAG8U1Q+v7/PLDw0W8rWjv
LCCufbxNlyMFDJPUGw7xCsXBcZcLrU4LCSl/cOJpUUv99+vVyhO+A81lKOD3MGbM
WoeEGnIUGFL3YNMwVSxqVO02AA68yP+u4HJhXoXA5ookwno0bEQIrWHjFNmFJp1j
egYuilHjDm79oNplpigfcifBw5GmppoaQqAp2RpXxD+bhS9yPU53yv6Q06qUkUlq
Wq3qC3W34h1SMaVyuYopj84lTpzEQyHQezW+BX+haDATF19fNevStR6beKXrXlsU
mLTku/mYwbGrtVtucJyt7LUMN2fSzPk3XrOL1Ye9xhy9+WosiZJzCJ5VDsnnz/9n
Cg==
-----END CERTIFICATE-----
Generated at Sun Jun 1 08:07:40 2025 by rpki-client