This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PcKYLLOQv9qGmu23U1P-S7lwobw.cer File: PcKYLLOQv9qGmu23U1P-S7lwobw.cer (raw, json) Hash identifier: 5hQtHFka2VRGPFospIS8PZxC8TKPsMiD5Mh0kYsiu9U= Subject key identifier: 3D:C2:98:2C:B3:90:BF:DA:86:9A:ED:B7:53:53:FE:4B:B9:70:A1:BC Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E Certificate serial: 6E85 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer Manifest: rsync://rpki.apnic.net/member_repository/A9156D54/7B92EF9A0C9411EDB71BC02FC4F9AE02/PcKYLLOQv9qGmu23U1P-S7lwobw.mft caRepository: rsync://rpki.apnic.net/member_repository/A9156D54/7B92EF9A0C9411EDB71BC02FC4F9AE02/ Notify URL: https://rrdp.apnic.net/notification.xml Certificate not before: Thu 20 Nov 2025 14:27:38 +0000 Certificate not after: Sun 31 Jan 2027 00:00:00 +0000 Subordinate resources: IP: 192.245.196.0/24 Validation: OK Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 07:06:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28293 (0x6e85) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E Validity Not Before: Nov 20 14:27:38 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=A9156D54, serialNumber=3DC2982CB390BFDA869AEDB75353FE4BB970A1BC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:2f:f8:ab:2c:80:a0:d4:3c:30:9d:59:94:b1: e0:dd:17:4c:1b:82:84:ae:3f:80:25:25:1e:04:fd: 4a:b8:93:9a:4f:b4:27:83:0d:be:5b:22:0a:3f:b8: ac:92:7e:b7:70:2f:45:80:59:08:6c:da:df:84:4b: 17:41:ce:e4:58:6a:29:66:bc:e6:e1:3f:5e:06:e8: bc:82:12:8e:fa:0f:d5:fd:56:ab:52:8f:04:32:ea: fb:7a:cc:68:dc:82:97:ca:c9:6e:a5:19:35:81:12: 10:d5:7a:45:29:21:95:a0:6b:f9:72:7a:ca:8f:4d: c1:91:4a:5f:82:f7:2a:e0:27:0b:38:9d:40:7a:8e: 9a:43:5c:ab:b3:09:98:b3:ad:2a:cb:d0:e8:ec:49: 1b:4a:d5:34:77:2b:88:a7:57:7c:61:a6:fb:5b:04: 64:85:a4:b5:b9:1f:31:89:80:15:0c:5c:62:ef:1a: 18:71:bd:ff:c2:55:ea:75:21:0f:2b:8a:33:64:a5: 07:75:5d:b5:8f:08:b7:3f:f4:5e:81:55:09:df:bc: fa:2f:0f:d1:cb:26:41:f9:7c:a7:47:d1:49:16:0d: 17:be:19:dc:ef:cb:e1:94:d3:6a:b6:b3:f0:7e:97: 8b:4a:5e:2b:10:69:f1:d6:50:44:8b:17:89:6c:13: b1:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:C2:98:2C:B3:90:BF:DA:86:9A:ED:B7:53:53:FE:4B:B9:70:A1:BC X509v3 Authority Key Identifier: keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9156D54/7B92EF9A0C9411EDB71BC02FC4F9AE02/ RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9156D54/7B92EF9A0C9411EDB71BC02FC4F9AE02/PcKYLLOQv9qGmu23U1P-S7lwobw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 192.245.196.0/24 Signature Algorithm: sha256WithRSAEncryption 04:1b:2e:bc:b7:68:3f:ed:b2:44:91:0b:73:a2:2f:1e:f3:68: 88:b1:d2:ea:01:33:c1:c4:f5:e8:11:45:d8:9a:72:ed:c4:a3: 3c:0c:40:1d:a3:bc:c6:cc:fb:36:0f:6a:d1:61:34:c8:2b:99: e3:0d:45:5f:91:8b:63:09:f7:aa:d7:10:03:55:af:28:d0:29: 45:0c:ce:59:9a:87:98:c6:f7:2e:b2:d1:52:49:65:bd:60:16: a9:c3:90:68:87:65:a3:8a:88:89:e3:bf:e4:d3:ee:75:55:e2: 6a:9f:89:ad:d7:48:bd:d7:37:88:d4:29:22:0d:65:14:fa:69: 2b:31:1c:ff:97:cc:ab:34:11:36:b0:29:05:26:47:f6:d7:c5: 1b:33:4e:df:aa:4a:98:e3:25:93:0e:e9:ee:7e:6f:7b:3d:72: bc:17:a5:9c:8a:04:ad:82:36:02:28:68:d0:30:af:2f:a2:5c: 74:3d:12:33:26:9c:81:97:1a:8c:31:eb:a6:8b:c8:f3:48:a0: 98:0d:ad:f0:40:c6:54:5c:fa:67:e7:0e:03:ea:41:5d:e8:47: fd:e1:72:01:13:46:7a:c8:d5:3b:c0:d1:30:49:fd:ed:9a:eb: a8:7d:af:36:34:83:8c:7c:30:8f:c8:d4:85:2f:7e:27:c1:a1: ea:42:6f:83 -----BEGIN CERTIFICATE----- MIIF/TCCBOWgAwIBAgICboUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD N0MxRDZFMEUwHhcNMjUxMTIwMTQyNzM4WhcNMjcwMTMxMDAwMDAwWjBGMREwDwYD VQQDEwhBOTE1NkQ1NDExMC8GA1UEBRMoM0RDMjk4MkNCMzkwQkZEQTg2OUFFREI3 NTM1M0ZFNEJCOTcwQTFCQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AKUv+KssgKDUPDCdWZSx4N0XTBuChK4/gCUlHgT9SriTmk+0J4MNvlsiCj+4rJJ+ t3AvRYBZCGza34RLF0HO5FhqKWa85uE/XgbovIISjvoP1f1Wq1KPBDLq+3rMaNyC l8rJbqUZNYESENV6RSkhlaBr+XJ6yo9NwZFKX4L3KuAnCzidQHqOmkNcq7MJmLOt KsvQ6OxJG0rVNHcriKdXfGGm+1sEZIWktbkfMYmAFQxcYu8aGHG9/8JV6nUhDyuK M2SlB3VdtY8Itz/0XoFVCd+8+i8P0csmQfl8p0fRSRYNF74Z3O/L4ZTTaraz8H6X i0peKxBp8dZQRIsXiWwTsYMCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQ9wpgss5C/ 2oaa7bdTU/5LuXChvDAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2 MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0 LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTZENTQvN0I5MkVGOUEwQzk0MTFFREI3MUJDMDJGQzRGOUFFMDIvMH4GCCsGAQUF BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MTU2RDU0LzdCOTJFRjlBMEM5NDExRURCNzFCQzAyRkM0RjlBRTAyL1BjS1lMTE9R djlxR211MjNVMVAtUzdsd29idy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAMD1xDANBgkqhkiG9w0BAQsFAAOCAQEABBsuvLdoP+2yRJELc6Iv HvNoiLHS6gEzwcT16BFF2Jpy7cSjPAxAHaO8xsz7Ng9q0WE0yCuZ4w1FX5GLYwn3 qtcQA1WvKNApRQzOWZqHmMb3LrLRUkllvWAWqcOQaIdlo4qIieO/5NPudVXiap+J rddIvdc3iNQpIg1lFPppKzEc/5fMqzQRNrApBSZH9tfFGzNO36pKmOMlkw7p7n5v ez1yvBelnIoErYI2Aiho0DCvL6JcdD0SMyacgZcajDHrpovI80igmA2t8EDGVFz6 Z+cOA+pBXehH/eFyARNGesjVO8DRMEn97ZrrqH2vNjSDjHwwj8jUhS9+J8Gh6kJv gw== -----END CERTIFICATE-----Generated at Wed Dec 3 13:18:27 2025 by rpki-client