Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OZp7H8QgfroHB6hRUZXMaOg2q_g.cer
File: OZp7H8QgfroHB6hRUZXMaOg2q_g.cer (raw, json)
Hash identifier: +yYAG1tRECh7KLaa/ooQUDvuACKv9Kya7KguO6+hXGM=
Subject key identifier: 39:9A:7B:1F:C4:20:7E:BA:07:07:A8:51:51:95:CC:68:E8:36:AB:F8
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 65D0
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91C1025/8D7B9BF29D8411EF817E1420C4F9AE02/OZp7H8QgfroHB6hRUZXMaOg2q_g.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91C1025/8D7B9BF29D8411EF817E1420C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 29 May 2025 23:41:24 +0000
Certificate not after: Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 160.25.210.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Jun 2025 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26064 (0x65d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: May 29 23:41:24 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=A91C1025, serialNumber=399A7B1FC4207EBA0707A8515195CC68E836ABF8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ad:68:9d:7d:ec:e3:98:39:83:21:94:5b:79:
95:85:62:27:b5:09:c5:77:f4:b5:56:2a:bf:84:b1:
3e:35:c1:6b:aa:4a:79:9e:63:25:dc:e4:1d:ee:85:
bd:4f:6f:5b:56:76:7f:03:63:57:c8:e4:68:4c:4a:
ec:49:61:14:ac:a7:c9:6b:f4:41:74:fc:44:5c:8d:
52:96:34:cf:59:72:ca:66:7b:08:86:44:23:f7:76:
c8:9a:c0:83:9b:4a:42:19:71:0e:83:c6:93:db:a3:
e8:2e:45:bd:74:07:8a:df:8c:4c:e7:ed:7b:fb:13:
04:53:ad:91:b3:48:ea:8a:17:96:b4:87:a2:88:9c:
0f:8c:b1:51:cd:12:5a:3a:a6:46:04:b9:4d:b2:e2:
69:45:cd:b2:95:e7:57:09:55:65:90:fc:80:e3:83:
b8:15:5d:24:f4:b9:7a:f3:39:ef:07:b6:9c:26:42:
d9:fc:64:48:f4:25:74:80:39:8c:5d:3a:63:f3:32:
1b:ee:f4:34:a0:55:58:2a:ff:74:66:86:dc:67:a3:
87:ea:5c:ad:49:7b:3f:f2:e0:11:df:27:91:96:88:
25:b5:f8:ea:61:81:63:b0:b0:e9:9b:61:05:48:4e:
cb:ee:79:cb:9c:c1:09:0c:e6:a2:4e:ec:59:16:72:
43:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:9A:7B:1F:C4:20:7E:BA:07:07:A8:51:51:95:CC:68:E8:36:AB:F8
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C1025/8D7B9BF29D8411EF817E1420C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C1025/8D7B9BF29D8411EF817E1420C4F9AE02/OZp7H8QgfroHB6hRUZXMaOg2q_g.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.25.210.0/23
Signature Algorithm: sha256WithRSAEncryption
74:34:30:3f:98:9b:69:21:43:ab:53:75:5d:87:c6:2b:de:2c:
cc:68:da:25:a7:93:34:29:ff:bc:02:4a:78:c1:97:f2:72:41:
86:ef:34:62:0c:e1:07:86:dd:0d:c4:27:49:eb:a5:06:af:f9:
20:7b:d1:20:02:77:84:d1:c1:1c:d1:ce:bf:a0:e2:41:5b:b6:
e9:f0:75:77:69:b8:3e:c3:01:9e:bf:83:7a:95:0e:11:f2:51:
86:20:ce:11:b0:74:33:a2:67:a9:02:b5:5c:8b:24:2d:84:6b:
9a:e8:43:ff:93:33:9d:11:b3:33:bc:7f:76:ba:69:fb:64:96:
1c:e5:1c:96:fa:10:55:af:68:b8:32:bd:e0:98:8f:b5:83:e9:
e7:59:f4:69:cb:80:1e:78:3d:3b:76:e0:79:92:66:b3:ea:fc:
3d:58:7c:06:3f:e9:4a:74:22:c6:dc:77:50:ee:18:90:f4:20:
3e:1c:f3:33:06:8c:57:62:70:6f:4a:58:23:2a:7d:ea:8c:72:
a5:67:07:23:73:41:37:98:01:ce:9c:42:d4:e9:c5:60:93:1a:
c7:3a:5a:d9:43:d0:39:d8:c5:75:6c:7a:04:b1:6a:8a:13:c0:
3b:2f:23:cc:15:35:4f:85:b9:b1:ed:c2:c0:b5:5e:49:f5:dc:
36:91:05:71
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICZdAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNTI5MjM0MTI0WhcNMjYwNzMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDMTAyNTExMC8GA1UEBRMoMzk5QTdCMUZDNDIwN0VCQTA3MDdBODUx
NTE5NUNDNjhFODM2QUJGODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AOCtaJ197OOYOYMhlFt5lYViJ7UJxXf0tVYqv4SxPjXBa6pKeZ5jJdzkHe6FvU9v
W1Z2fwNjV8jkaExK7ElhFKynyWv0QXT8RFyNUpY0z1lyymZ7CIZEI/d2yJrAg5tK
QhlxDoPGk9uj6C5FvXQHit+MTOfte/sTBFOtkbNI6ooXlrSHooicD4yxUc0SWjqm
RgS5TbLiaUXNspXnVwlVZZD8gOODuBVdJPS5evM57we2nCZC2fxkSPQldIA5jF06
Y/MyG+70NKBVWCr/dGaG3Gejh+pcrUl7P/LgEd8nkZaIJbX46mGBY7Cw6ZthBUhO
y+55y5zBCQzmok7sWRZyQ60CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQ5mnsfxCB+
ugcHqFFRlcxo6Dar+DAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzEwMjUvOEQ3QjlCRjI5RDg0MTFFRjgxN0UxNDIwQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUMxMDI1LzhEN0I5QkYyOUQ4NDExRUY4MTdFMTQyMEM0RjlBRTAyL09acDdIOFFn
ZnJvSEI2aFJVWlhNYU9nMnFfZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaAZ0jANBgkqhkiG9w0BAQsFAAOCAQEAdDQwP5ibaSFDq1N1XYfG
K94szGjaJaeTNCn/vAJKeMGX8nJBhu80YgzhB4bdDcQnSeulBq/5IHvRIAJ3hNHB
HNHOv6DiQVu26fB1d2m4PsMBnr+DepUOEfJRhiDOEbB0M6JnqQK1XIskLYRrmuhD
/5MznRGzM7x/drpp+2SWHOUclvoQVa9ouDK94JiPtYPp51n0acuAHng9O3bgeZJm
s+r8PVh8Bj/pSnQixtx3UO4YkPQgPhzzMwaMV2Jwb0pYIyp96oxypWcHI3NBN5gB
zpxC1OnFYJMaxzpa2UPQOdjFdWx6BLFqihPAOy8jzBU1T4W5se3CwLVeSfXcNpEF
cQ==
-----END CERTIFICATE-----
Generated at Sun Jun 1 07:58:04 2025 by rpki-client