Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/T_UoRyFcSiLp8RSebL_t901hzos.cer
File: T_UoRyFcSiLp8RSebL_t901hzos.cer (raw, json)
Hash identifier: RzGufZge8gULHr071Wc5EERs3HphqS7cOIhpxpQlvhg=
Subject key identifier: 4F:F5:28:47:21:5C:4A:22:E9:F1:14:9E:6C:BF:ED:F7:4D:61:CE:8B
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6AB9
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 04 Sep 2025 01:00:58 +0000
Certificate not after: Tue 01 Dec 2026 00:00:00 +0000
Subordinate resources: IP: 130.116.0.0/16
IP: 130.155.0.0/16
IP: 138.194.0.0/16
IP: 140.79.0.0/16
IP: 140.253.0.0/16
IP: 144.110.0.0/16
IP: 146.118.0.0/16
IP: 152.83.0.0/16
IP: 192.16.180.0/24
IP: 192.41.146.0/24
IP: 192.42.60.0 -- 192.42.62.255
IP: 192.54.105.0 -- 192.54.106.255
IP: 192.55.219.0/24
IP: 192.55.232.0/24
IP: 192.65.130.0/24
IP: 192.67.12.0/24
IP: 192.67.171.0/24
IP: 192.68.132.0/24
IP: 192.82.140.0/24
IP: 192.83.238.0/24
IP: 192.84.237.0 -- 192.84.238.255
IP: 192.94.62.0 -- 192.94.64.255
IP: 192.94.209.0/24
IP: 192.102.250.0/23
IP: 192.107.9.0/24
IP: 192.111.32.0/24
IP: 192.122.176.0/24
IP: 192.124.117.0/24
IP: 192.124.152.0/24
IP: 192.138.100.0/24
IP: 192.149.36.0/24
IP: 192.150.202.0/24
IP: 192.160.16.0/24
IP: 192.188.115.0/24
IP: 192.188.186.0/24
IP: 192.207.156.0 -- 192.207.158.255
IP: 192.207.197.0 -- 192.207.198.255
IP: 192.245.210.0 -- 192.245.217.255
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 14:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27321 (0x6ab9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Sep 4 01:00:58 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=A91F33A5, serialNumber=4FF52847215C4A22E9F1149E6CBFEDF74D61CE8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6c:03:bb:a4:9b:e9:bd:b6:54:1f:fb:54:c7:
ad:fb:d0:e0:3e:91:7f:7f:48:f6:1a:20:de:da:29:
5e:e7:96:5c:66:21:32:a2:1f:6c:f7:52:79:8a:25:
2d:80:98:41:67:13:a2:c8:c4:ba:84:a3:7b:9c:79:
d6:c1:be:fa:ec:c6:e7:41:9c:e3:1f:9a:93:e4:d5:
d1:bb:3c:51:5c:21:25:7a:95:b4:07:85:5b:60:59:
b9:5e:99:3d:df:38:2a:3c:3e:8a:7f:d5:92:49:5a:
da:7b:2b:ee:38:26:b8:38:47:e5:1f:9e:17:55:0e:
a8:cd:4e:11:e0:d5:4b:88:d0:1b:19:b6:a5:78:c0:
dc:78:81:ff:d6:ce:d1:0a:61:a5:aa:f5:c0:d9:01:
30:24:7a:04:60:22:a6:0d:09:73:df:0f:d4:90:bd:
fc:60:e7:8c:0b:49:19:2c:aa:7f:8e:55:82:f8:bf:
66:25:1b:58:7b:56:a0:22:4f:da:d6:51:1b:6e:8d:
a8:a7:f4:88:0c:ac:c3:e6:3d:47:f8:ef:cb:04:37:
7f:4e:5d:a6:3a:48:2c:56:02:38:3f:1e:85:96:d3:
ba:7e:04:44:df:9b:cf:c5:c0:e9:89:d8:16:65:d5:
41:59:11:28:ce:2a:c3:9e:8a:75:96:25:96:ef:51:
27:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:F5:28:47:21:5C:4A:22:E9:F1:14:9E:6C:BF:ED:F7:4D:61:CE:8B
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
130.116.0.0/16
130.155.0.0/16
138.194.0.0/16
140.79.0.0/16
140.253.0.0/16
144.110.0.0/16
146.118.0.0/16
152.83.0.0/16
192.16.180.0/24
192.41.146.0/24
192.42.60.0-192.42.62.255
192.54.105.0-192.54.106.255
192.55.219.0/24
192.55.232.0/24
192.65.130.0/24
192.67.12.0/24
192.67.171.0/24
192.68.132.0/24
192.82.140.0/24
192.83.238.0/24
192.84.237.0-192.84.238.255
192.94.62.0-192.94.64.255
192.94.209.0/24
192.102.250.0/23
192.107.9.0/24
192.111.32.0/24
192.122.176.0/24
192.124.117.0/24
192.124.152.0/24
192.138.100.0/24
192.149.36.0/24
192.150.202.0/24
192.160.16.0/24
192.188.115.0/24
192.188.186.0/24
192.207.156.0-192.207.158.255
192.207.197.0-192.207.198.255
192.245.210.0-192.245.217.255
Signature Algorithm: sha256WithRSAEncryption
a8:a3:76:82:fc:c6:dd:8b:58:f1:07:1a:df:ad:d3:d9:ac:02:
52:10:19:0c:fc:75:8d:be:83:9a:cc:a4:74:d0:1c:72:52:4c:
1b:9a:1a:45:9f:f8:73:e9:18:9c:4a:95:9d:b3:ed:ae:f4:ed:
22:5c:93:e9:30:c7:ff:c6:3d:8f:64:5a:5e:5f:67:17:ab:8c:
92:52:f2:7c:ee:97:13:35:cb:00:0c:f7:37:bb:d0:d8:94:8d:
01:3c:29:24:4f:d4:de:49:46:1e:ab:03:d3:7b:4d:e2:8d:51:
51:72:47:73:67:20:fd:19:bc:40:e7:3b:77:d3:25:23:36:25:
4d:1f:ae:9a:6a:a8:75:b0:5a:79:c7:58:67:29:7e:67:21:64:
62:45:2b:87:07:01:c8:5a:fc:d0:2b:36:47:ff:15:57:07:08:
99:39:0a:a5:70:14:85:ce:c7:ae:c4:d1:41:81:1e:5c:28:b3:
fe:d3:35:9d:58:ab:7f:2c:f2:82:4a:75:27:64:fc:9d:ef:a6:
3d:6b:77:4b:3b:0e:09:e3:29:35:32:34:97:d3:6b:f0:07:2c:
84:78:0e:0e:44:82:10:47:18:0b:85:c9:cf:04:64:1a:a8:21:
f8:e3:cf:c5:7a:a2:51:6c:ae:27:35:ad:c3:73:88:0a:4b:d4:
77:01:fc:8d
-----BEGIN CERTIFICATE-----
MIIHFTCCBf2gAwIBAgICarkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwOTA0MDEwMDU4WhcNMjYxMjAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFGMzNBNTExMC8GA1UEBRMoNEZGNTI4NDcyMTVDNEEyMkU5RjExNDlF
NkNCRkVERjc0RDYxQ0U4QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMRsA7ukm+m9tlQf+1THrfvQ4D6Rf39I9hog3topXueWXGYhMqIfbPdSeYolLYCY
QWcTosjEuoSje5x51sG++uzG50Gc4x+ak+TV0bs8UVwhJXqVtAeFW2BZuV6ZPd84
Kjw+in/Vkkla2nsr7jgmuDhH5R+eF1UOqM1OEeDVS4jQGxm2pXjA3HiB/9bO0Qph
par1wNkBMCR6BGAipg0Jc98P1JC9/GDnjAtJGSyqf45Vgvi/ZiUbWHtWoCJP2tZR
G26NqKf0iAysw+Y9R/jvywQ3f05dpjpILFYCOD8ehZbTun4ERN+bz8XA6YnYFmXV
QVkRKM4qw56KdZYllu9RJ2cCAwEAAaOCBAswggQHMB0GA1UdDgQWBBRP9ShHIVxK
IunxFJ5sv+33TWHOizAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjMzQTUvMTE4NzA5NzJENEQ4MTFFQ0E0MjQ1RjEwQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUYzM0E1LzExODcwOTcyRDREODExRUNBNDI0NUYxMEM0RjlBRTAyL1RfVW9SeUZj
U2lMcDhSU2ViTF90OTAxaHpvcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDCCATUGCCsGAQUFBwEHAQH/BIIB
JDCCASAwggEcBAIAATCCARQDAwCCdAMDAIKbAwMAisIDAwCMTwMDAIz9AwMAkG4D
AwCSdgMDAJhTAwQAwBC0AwQAwCmSMAwDBALAKjwDBADAKj4wDAMEAMA2aQMEAMA2
agMEAMA32wMEAMA36AMEAMBBggMEAMBDDAMEAMBDqwMEAMBEhAMEAMBSjAMEAMBT
7jAMAwQAwFTtAwQAwFTuMAwDBAHAXj4DBADAXkADBADAXtEDBAHAZvoDBADAawkD
BADAbyADBADAerADBADAfHUDBADAfJgDBADAimQDBADAlSQDBADAlsoDBADAoBAD
BADAvHMDBADAvLowDAMEAsDPnAMEAMDPnjAMAwQAwM/FAwQAwM/GMAwDBAHA9dID
BAHA9dgwDQYJKoZIhvcNAQELBQADggEBAKijdoL8xt2LWPEHGt+t09msAlIQGQz8
dY2+g5rMpHTQHHJSTBuaGkWf+HPpGJxKlZ2z7a707SJck+kwx//GPY9kWl5fZxer
jJJS8nzulxM1ywAM9ze70NiUjQE8KSRP1N5JRh6rA9N7TeKNUVFyR3NnIP0ZvEDn
O3fTJSM2JU0frppqqHWwWnnHWGcpfmchZGJFK4cHAcha/NArNkf/FVcHCJk5CqVw
FIXOx67E0UGBHlwos/7TNZ1Yq38s8oJKdSdk/J3vpj1rd0s7DgnjKTUyNJfTa/AH
LIR4Dg5EghBHGAuFyc8EZBqoIfjjz8V6olFsric1rcNziApL1HcB/I0=
-----END CERTIFICATE-----
Generated at Sat Oct 18 15:55:26 2025 by rpki-client