Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OYN8tL7K9qYmyRaulgJBtgnmsgo.cer
File: OYN8tL7K9qYmyRaulgJBtgnmsgo.cer (raw, json)
Hash identifier: ih9+mdLyEP/pgcT2tQfDzDxMUXqZgnt19GwXd/lHe04=
Subject key identifier: 39:83:7C:B4:BE:CA:F6:A6:26:C9:16:AE:96:02:41:B6:09:E6:B2:0A
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6568
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.mft
caRepository: rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 23 May 2025 04:01:23 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 137.157.0.0/16
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Jun 2025 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25960 (0x6568)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: May 23 04:01:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A918C3B7, serialNumber=39837CB4BECAF6A626C916AE960241B609E6B20A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:46:a6:71:51:c4:eb:c9:0f:da:25:58:82:f3:
7f:dd:e7:63:05:35:c5:32:a1:7d:9a:86:ce:7e:f3:
1a:9a:40:3e:d5:8d:47:a0:02:23:3b:26:de:6e:9d:
8e:19:a5:e5:56:d7:62:79:41:a6:70:1b:2e:0d:58:
30:37:07:19:a1:1d:98:8b:76:24:b5:6b:9a:f5:ec:
62:eb:e3:55:06:23:c4:87:68:e0:32:30:6b:fb:5a:
e9:2a:7e:d5:ae:e0:a2:de:42:08:a0:84:3b:ac:8e:
04:32:81:d1:5e:dd:b3:36:e0:60:e3:44:5b:81:96:
e3:c8:24:9e:28:28:65:e8:ad:a5:01:c3:2e:b1:20:
3a:f2:2a:f0:e4:fc:69:b6:58:20:64:d2:bc:9a:ae:
c5:ce:57:fb:dc:79:8f:d5:a4:b8:c3:7a:c4:05:7b:
32:f2:ca:eb:e0:43:39:15:88:57:ed:c4:a6:05:29:
32:f3:f1:d4:4a:e6:60:19:91:62:7f:8c:59:98:0c:
ea:9a:d2:31:a4:29:f8:7f:3f:a4:16:93:2c:ec:0a:
2e:f6:d5:e0:ee:af:62:da:0b:97:cc:d9:40:b0:1c:
74:a2:83:3d:6f:df:42:b8:e7:be:16:f6:77:a8:16:
ed:97:b0:8f:8b:9a:f7:69:2d:d0:39:bf:d0:66:b1:
36:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:83:7C:B4:BE:CA:F6:A6:26:C9:16:AE:96:02:41:B6:09:E6:B2:0A
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
137.157.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b5:e5:6c:20:67:83:55:02:c9:7d:76:4c:3e:81:ea:e1:bc:b6:
7a:ec:50:06:82:97:18:a1:b6:32:bb:a0:0a:4b:0b:f9:1e:39:
e2:7e:7e:b3:58:81:fd:27:71:ca:96:83:a5:d9:52:32:48:78:
88:be:2d:f8:dc:01:87:8b:7e:54:7f:5a:9b:45:d2:2b:7d:d1:
e0:f6:97:45:69:0e:6b:92:b6:c0:62:4c:6b:99:64:df:5f:f3:
ef:7d:7f:27:3c:d9:bf:31:c4:d8:6f:a0:7a:d9:12:15:f7:38:
0f:2f:c4:25:e4:5d:f9:ae:d7:9b:48:0c:c5:f8:42:16:8b:ac:
d8:98:b8:94:32:82:cc:96:3b:75:0b:50:83:50:f9:41:cc:3a:
84:ec:cf:53:cf:25:06:65:aa:da:3b:e2:ac:67:29:c9:fb:59:
a4:a2:e0:b1:a4:94:8e:5b:a7:a5:1e:55:5c:77:42:1e:b9:74:
d7:7d:6c:bd:66:97:c2:58:19:f8:6c:aa:19:c8:d2:a0:03:db:
00:d9:6d:7b:a6:02:27:96:a0:14:bb:68:5a:e4:16:31:8a:50:
a3:d2:2c:ea:20:fd:d4:68:7b:9f:02:78:4c:7c:1c:44:f9:bb:
e9:e0:17:1e:be:56:97:d2:aa:8a:43:6f:cd:09:98:1b:b2:1c:
2f:42:fc:f3
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgICZWgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNTIzMDQwMTIzWhcNMjYwNzAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE4QzNCNzExMC8GA1UEBRMoMzk4MzdDQjRCRUNBRjZBNjI2QzkxNkFF
OTYwMjQxQjYwOUU2QjIwQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AOFGpnFRxOvJD9olWILzf93nYwU1xTKhfZqGzn7zGppAPtWNR6ACIzsm3m6djhml
5VbXYnlBpnAbLg1YMDcHGaEdmIt2JLVrmvXsYuvjVQYjxIdo4DIwa/ta6Sp+1a7g
ot5CCKCEO6yOBDKB0V7dszbgYONEW4GW48gknigoZeitpQHDLrEgOvIq8OT8abZY
IGTSvJquxc5X+9x5j9WkuMN6xAV7MvLK6+BDORWIV+3EpgUpMvPx1ErmYBmRYn+M
WZgM6prSMaQp+H8/pBaTLOwKLvbV4O6vYtoLl8zZQLAcdKKDPW/fQrjnvhb2d6gW
7Zewj4ua92kt0Dm/0GaxNuMCAwEAAaOCAvIwggLuMB0GA1UdDgQWBBQ5g3y0vsr2
pibJFq6WAkG2CeayCjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEMzQjcvMTU5QTRBRDA5MzI1MTFFRUJFOTg3RjYwQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThDM0I3LzE1OUE0QUQwOTMyNTExRUVCRTk4N0Y2MEM0RjlBRTAyL09ZTjh0TDdL
OXFZbXlSYXVsZ0pCdGdubXNnby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAeBggrBgEFBQcBBwEB/wQPMA0w
CwQCAAEwBQMDAImdMA0GCSqGSIb3DQEBCwUAA4IBAQC15WwgZ4NVAsl9dkw+gerh
vLZ67FAGgpcYobYyu6AKSwv5Hjnifn6zWIH9J3HKloOl2VIySHiIvi343AGHi35U
f1qbRdIrfdHg9pdFaQ5rkrbAYkxrmWTfX/PvfX8nPNm/McTYb6B62RIV9zgPL8Ql
5F35rtebSAzF+EIWi6zYmLiUMoLMljt1C1CDUPlBzDqE7M9TzyUGZaraO+KsZynJ
+1mkouCxpJSOW6elHlVcd0IeuXTXfWy9ZpfCWBn4bKoZyNKgA9sA2W17pgInlqAU
u2ha5BYxilCj0izqIP3UaHufAnhMfBxE+bvp4BcevlaX0qqKQ2/NCZgbshwvQvzz
-----END CERTIFICATE-----
Generated at Sun Jun 1 08:16:11 2025 by rpki-client