Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer
File: R-lr-DG7PMQ7TweEJj5ylYddVRY.cer (raw, json)
Hash identifier: PipeRjKgk4jA5/26xwkDZwzlaeszFpePbK4/ojdp1yU=
Subject key identifier: 47:E9:6B:F8:31:BB:3C:C4:3B:4F:07:84:26:3E:72:95:87:5D:55:16
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 64DC
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 13 May 2025 14:48:05 +0000
Certificate not after: Mon 31 Aug 2026 00:00:00 +0000
Subordinate resources: IP: 165.99.40.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Jun 2025 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25820 (0x64dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: May 13 14:48:05 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=A91C4204, serialNumber=47E96BF831BB3CC43B4F0784263E7295875D5516
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a6:db:75:a3:76:ef:7d:30:59:92:2e:ee:14:
51:b1:8c:6d:55:cb:52:be:dd:b9:65:52:31:0f:51:
e6:37:55:a8:ee:f5:06:3c:bd:a4:bd:6d:ed:e2:80:
53:37:46:57:9a:70:2c:8f:91:50:8e:9f:9e:fb:5c:
e9:d5:16:67:b0:a2:13:2c:c0:1f:dc:b0:f6:7a:03:
e1:28:a4:cd:55:c7:98:32:0e:60:ec:a8:79:d6:fc:
95:a3:57:f3:74:7d:41:4c:85:d7:d0:63:a3:8a:5c:
41:11:69:41:5f:ac:24:3e:b1:0a:92:0f:0b:c1:6d:
ab:6d:20:de:97:80:32:df:b2:bd:02:8c:ba:7c:84:
f7:a0:f1:78:58:11:43:95:b2:9e:00:58:23:35:50:
b7:10:6c:f7:fd:c8:43:d6:9e:af:8a:ef:0a:25:70:
7a:b6:ba:83:f1:09:20:79:75:e5:09:21:d8:3f:ac:
3d:94:f3:00:32:1d:1e:05:e0:a1:1c:0e:a3:a9:0c:
73:70:54:34:01:f8:db:66:9f:c9:11:2c:d0:28:93:
a5:13:aa:5b:8a:2f:40:e5:0a:e4:2e:a8:fe:01:bd:
9a:91:57:20:63:ef:ba:37:35:fd:95:c9:7d:7b:fe:
a0:dd:e0:1a:60:87:0e:c5:44:ad:38:08:41:8e:d2:
c9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:E9:6B:F8:31:BB:3C:C4:3B:4F:07:84:26:3E:72:95:87:5D:55:16
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.99.40.0/23
Signature Algorithm: sha256WithRSAEncryption
56:ab:e0:87:57:56:7d:cc:11:67:12:1e:2d:6f:be:06:70:b4:
dd:49:52:c9:0b:46:d4:01:a7:32:1f:e6:1b:13:0f:81:43:0e:
0b:c8:a9:ad:50:d7:d4:b1:27:b2:94:56:5b:37:82:92:33:0c:
ab:03:d8:14:a8:4a:98:47:95:b9:90:a5:8e:64:e6:b6:dd:73:
bc:0d:c6:b8:86:04:63:d2:ca:0f:03:b7:40:56:02:77:4f:8a:
ca:89:b6:4f:6e:1c:43:4f:a4:1f:f4:62:ad:cc:fa:5e:c7:05:
ff:d6:bd:09:42:f0:e8:53:21:ac:bf:c2:e2:4f:af:32:16:68:
e1:1a:c6:3a:6d:d9:16:21:b3:5b:71:d4:39:d6:16:0d:a2:c9:
8d:ae:c7:84:fd:25:e0:90:06:48:df:69:4e:a1:62:9e:5a:cc:
f1:eb:03:3d:29:00:12:9d:d9:7d:5d:88:1f:3e:d6:a2:48:e1:
0f:84:2c:bc:03:97:0e:fe:64:35:1f:64:0f:05:83:61:f1:d1:
1c:a2:85:84:b5:06:50:1f:ed:13:a4:37:35:f7:d5:a1:94:7e:
05:65:42:fa:7a:1f:e6:1b:14:7c:71:10:48:77:61:5d:6e:dd:
f8:ab:3f:e3:34:2d:a6:8b:d2:98:a3:72:33:3d:56:c2:de:4e:
1c:1a:90:54
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICZNwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNTEzMTQ0ODA1WhcNMjYwODMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDNDIwNDExMC8GA1UEBRMoNDdFOTZCRjgzMUJCM0NDNDNCNEYwNzg0
MjYzRTcyOTU4NzVENTUxNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMum23Wjdu99MFmSLu4UUbGMbVXLUr7duWVSMQ9R5jdVqO71Bjy9pL1t7eKAUzdG
V5pwLI+RUI6fnvtc6dUWZ7CiEyzAH9yw9noD4SikzVXHmDIOYOyoedb8laNX83R9
QUyF19Bjo4pcQRFpQV+sJD6xCpIPC8Ftq20g3peAMt+yvQKMunyE96DxeFgRQ5Wy
ngBYIzVQtxBs9/3IQ9aer4rvCiVwera6g/EJIHl15Qkh2D+sPZTzADIdHgXgoRwO
o6kMc3BUNAH422afyREs0CiTpROqW4ovQOUK5C6o/gG9mpFXIGPvujc1/ZXJfXv+
oN3gGmCHDsVErTgIQY7SyTECAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRH6Wv4Mbs8
xDtPB4QmPnKVh11VFjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzQyMDQvNDQxQjUwNTIzMDA5MTFGMEEwQUE3RDNEQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM0MjA0LzQ0MUI1MDUyMzAwOTExRjBBMEFBN0QzREM0RjlBRTAyL1ItbHItREc3
UE1RN1R3ZUVKajV5bFlkZFZSWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaVjKDANBgkqhkiG9w0BAQsFAAOCAQEAVqvgh1dWfcwRZxIeLW++
BnC03UlSyQtG1AGnMh/mGxMPgUMOC8iprVDX1LEnspRWWzeCkjMMqwPYFKhKmEeV
uZCljmTmtt1zvA3GuIYEY9LKDwO3QFYCd0+Kyom2T24cQ0+kH/Rircz6XscF/9a9
CULw6FMhrL/C4k+vMhZo4RrGOm3ZFiGzW3HUOdYWDaLJja7HhP0l4JAGSN9pTqFi
nlrM8esDPSkAEp3ZfV2IHz7WokjhD4QsvAOXDv5kNR9kDwWDYfHRHKKFhLUGUB/t
E6Q3NffVoZR+BWVC+nof5hsUfHEQSHdhXW7d+Ks/4zQtpovSmKNyMz1Wwt5OHBqQ
VA==
-----END CERTIFICATE-----
Generated at Sun Jun 1 07:28:47 2025 by rpki-client