Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RkGQf-X0c_GJBtRqogMH7e2hnJ0.cer
File: RkGQf-X0c_GJBtRqogMH7e2hnJ0.cer (raw, json)
Hash identifier: wRth7fF3Dj2SzinCCSS65iOmXeXl5bFgCGdwas1cPP4=
Subject key identifier: 46:41:90:7F:E5:F4:73:F1:89:06:D4:6A:A2:03:07:ED:ED:A1:9C:9D
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 65C2
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A913647F/B91AAA7486DB11EFBA4D5F26C4F9AE02/RkGQf-X0c_GJBtRqogMH7e2hnJ0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A913647F/B91AAA7486DB11EFBA4D5F26C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 29 May 2025 13:21:39 +0000
Certificate not after: Mon 31 Aug 2026 00:00:00 +0000
Subordinate resources: IP: 160.22.210.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Jun 2025 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26050 (0x65c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: May 29 13:21:39 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=A913647F, serialNumber=4641907FE5F473F18906D46AA20307EDEDA19C9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:60:d0:01:2f:da:b3:ca:d5:cc:75:3b:a3:cb:
a6:6d:8b:37:4a:94:ae:f1:5a:c7:86:83:93:36:78:
84:54:2b:9d:4e:09:7a:29:86:da:fc:15:2c:03:f0:
10:d6:4b:b5:49:76:7c:71:66:8a:07:ad:49:83:70:
ab:e4:c6:c8:76:50:90:ef:d2:38:d5:46:8b:da:66:
fb:b8:c3:05:55:43:94:40:c7:dd:c2:09:b1:1d:71:
e5:eb:6b:84:6a:a6:cb:61:b0:c0:81:8d:d7:dd:3d:
3f:b5:fc:b6:33:4b:f0:a4:93:42:08:1a:05:5a:52:
00:48:b5:c7:40:d6:fd:1d:da:6c:ab:f5:36:64:6d:
01:12:79:e2:d9:27:b8:56:7d:b4:d0:98:20:0c:23:
5b:a8:8a:19:a4:1d:a3:94:ec:b9:f9:bf:13:e3:32:
27:95:57:f8:a8:55:33:19:88:e3:37:06:eb:80:d8:
8d:72:6e:c2:be:e5:4e:eb:6e:a6:ac:bd:09:29:e4:
57:6f:54:1f:ed:64:1a:46:32:09:a9:f5:cb:9c:54:
0b:ae:34:a7:ee:96:ea:93:77:82:f8:72:97:be:74:
df:28:cd:a4:20:f0:51:13:5a:73:fa:15:90:a5:c4:
9a:9f:1c:7f:20:0c:89:39:5b:43:0d:81:70:e6:bf:
c9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:41:90:7F:E5:F4:73:F1:89:06:D4:6A:A2:03:07:ED:ED:A1:9C:9D
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913647F/B91AAA7486DB11EFBA4D5F26C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913647F/B91AAA7486DB11EFBA4D5F26C4F9AE02/RkGQf-X0c_GJBtRqogMH7e2hnJ0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.22.210.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:b3:a8:dd:f7:0d:eb:59:4d:12:0d:41:97:1d:1f:4d:f8:f8:
18:34:13:97:06:26:7c:3a:9d:ab:82:1e:a8:7d:bb:58:a0:a6:
3e:71:1a:51:ce:f3:32:de:09:57:6f:1d:1b:85:68:83:5f:4e:
6a:70:71:da:71:50:07:36:5a:c2:c9:d2:d5:74:81:d7:87:7a:
c6:1e:29:c0:bb:c8:2d:10:d1:ea:e2:db:44:90:1d:9a:54:8e:
cb:b4:f3:58:08:df:8b:16:28:37:93:c9:1a:9c:f6:46:33:15:
3c:06:6e:02:f9:90:76:21:8b:53:5c:bc:98:6f:0d:4c:75:27:
7d:58:f7:cb:b8:10:d3:d3:1c:0f:e9:05:8f:ba:e4:3a:07:39:
3e:2c:87:67:e2:98:b8:0a:06:a0:ed:6a:82:b3:9b:6e:17:32:
1e:3b:c5:ac:4f:f2:bf:4f:22:91:6d:58:94:51:0c:fa:e8:67:
35:50:96:45:f6:ba:cc:ed:75:d5:37:96:dc:96:c2:bb:56:a9:
bc:8c:ec:33:23:e2:b4:55:b9:e2:55:14:5b:2e:3a:58:3b:0f:
59:4a:88:99:8a:0e:91:de:f3:56:64:8a:3f:8f:57:0d:3e:4c:
d3:90:92:00:53:fc:64:6e:5d:62:7a:50:59:25:e4:d4:b2:bb:
37:9a:ca:c1
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICZcIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNTI5MTMyMTM5WhcNMjYwODMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEzNjQ3RjExMC8GA1UEBRMoNDY0MTkwN0ZFNUY0NzNGMTg5MDZENDZB
QTIwMzA3RURFREExOUM5RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKRg0AEv2rPK1cx1O6PLpm2LN0qUrvFax4aDkzZ4hFQrnU4JeimG2vwVLAPwENZL
tUl2fHFmigetSYNwq+TGyHZQkO/SONVGi9pm+7jDBVVDlEDH3cIJsR1x5etrhGqm
y2GwwIGN1909P7X8tjNL8KSTQggaBVpSAEi1x0DW/R3abKv1NmRtARJ54tknuFZ9
tNCYIAwjW6iKGaQdo5Tsufm/E+MyJ5VX+KhVMxmI4zcG64DYjXJuwr7lTutupqy9
CSnkV29UH+1kGkYyCan1y5xUC640p+6W6pN3gvhyl7503yjNpCDwURNac/oVkKXE
mp8cfyAMiTlbQw2BcOa/yXcCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRGQZB/5fRz
8YkG1GqiAwft7aGcnTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzY0N0YvQjkxQUFBNzQ4NkRCMTFFRkJBNEQ1RjI2QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM2NDdGL0I5MUFBQTc0ODZEQjExRUZCQTRENUYyNkM0RjlBRTAyL1JrR1FmLVgw
Y19HSkJ0UnFvZ01IN2UyaG5KMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaAW0jANBgkqhkiG9w0BAQsFAAOCAQEAuLOo3fcN61lNEg1Blx0f
Tfj4GDQTlwYmfDqdq4IeqH27WKCmPnEaUc7zMt4JV28dG4Vog19OanBx2nFQBzZa
wsnS1XSB14d6xh4pwLvILRDR6uLbRJAdmlSOy7TzWAjfixYoN5PJGpz2RjMVPAZu
AvmQdiGLU1y8mG8NTHUnfVj3y7gQ09McD+kFj7rkOgc5PiyHZ+KYuAoGoO1qgrOb
bhcyHjvFrE/yv08ikW1YlFEM+uhnNVCWRfa6zO111TeW3JbCu1apvIzsMyPitFW5
4lUUWy46WDsPWUqImYoOkd7zVmSKP49XDT5M05CSAFP8ZG5dYnpQWSXk1LK7N5rK
wQ==
-----END CERTIFICATE-----
Generated at Sun Jun 1 07:59:25 2025 by rpki-client