Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XW8me3qjzDZHyTE7nux9aaFnOVg.cer
File: XW8me3qjzDZHyTE7nux9aaFnOVg.cer (raw, json)
Hash identifier: 86Tey01/Y9NBzUPHCZv2j+W8bLDxSiE1B1iM/J8SlEM=
Subject key identifier: 5D:6F:26:7B:7A:A3:CC:36:47:C9:31:3B:9E:EC:7D:69:A1:67:39:58
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 65A9
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91583E2/43FB787C3B9911F0A0CC5978C4F9AE02/XW8me3qjzDZHyTE7nux9aaFnOVg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91583E2/43FB787C3B9911F0A0CC5978C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 28 May 2025 07:56:35 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: IP: 160.191.102.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Jun 2025 02:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26025 (0x65a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: May 28 07:56:35 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A91583E2, serialNumber=5D6F267B7AA3CC3647C9313B9EEC7D69A1673958
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ce:11:12:b6:b7:5f:b7:f4:11:f9:15:57:9f:
7e:38:ff:64:32:db:03:de:1e:0f:e4:c2:aa:1d:40:
d1:74:fe:10:25:64:1c:3b:f0:f4:51:e2:27:78:e7:
1a:d0:1a:72:e1:aa:0f:be:42:58:17:0f:73:84:fb:
fe:7b:e7:38:d1:7b:c4:d8:4f:e5:10:fd:e5:79:b7:
b5:be:05:1f:44:e0:b2:f8:48:ae:87:87:68:fd:8f:
83:f8:a9:03:47:ec:3b:8b:5a:8d:d2:d4:98:c9:06:
8c:d0:1b:46:45:a4:8b:1f:03:10:83:47:be:9d:b4:
3f:fe:79:2a:cc:14:19:d3:3a:e2:a1:c5:e3:ee:ad:
18:f7:17:79:84:9f:5e:87:44:fb:cd:41:5c:dc:c0:
c8:92:c0:f6:c9:4a:9f:83:a2:a4:db:bf:80:e1:57:
d9:d7:ee:24:3e:b4:1b:d3:0a:f0:12:f9:27:cc:b9:
76:16:84:6c:14:af:a2:04:fc:73:b2:7c:4e:74:35:
2e:1f:d9:30:c2:89:06:c7:5c:eb:04:86:36:89:f5:
97:ba:48:ab:c1:9d:3a:a6:30:57:4d:01:f5:24:d8:
8e:ba:9b:a5:54:73:88:79:75:7b:ce:bc:8a:e9:27:
5c:3e:bc:a6:4a:a1:7d:3e:17:5f:f0:ac:a5:8d:52:
b5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:6F:26:7B:7A:A3:CC:36:47:C9:31:3B:9E:EC:7D:69:A1:67:39:58
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91583E2/43FB787C3B9911F0A0CC5978C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91583E2/43FB787C3B9911F0A0CC5978C4F9AE02/XW8me3qjzDZHyTE7nux9aaFnOVg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.102.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:0d:c5:3a:f5:5e:d1:6a:ba:85:c8:8a:42:2e:3e:81:77:3d:
ef:06:eb:0e:c7:42:53:95:da:e6:1c:26:7a:b0:95:18:28:2b:
4c:8d:fd:8a:6d:95:ed:19:c7:7d:c9:a0:01:6c:e1:1c:8f:11:
66:86:43:d9:53:73:1a:db:05:84:6d:09:8a:f8:92:39:25:51:
48:8a:da:30:e3:ac:ea:2d:0d:98:30:d7:d2:53:b5:f8:1f:33:
78:75:f3:83:28:8e:69:c4:e3:9f:45:8a:38:a1:14:93:df:aa:
72:21:c3:7c:aa:00:bd:3a:59:18:a0:fc:95:bd:93:c5:fb:3c:
85:50:0d:ba:81:08:eb:59:9e:6c:58:0d:2c:1a:f1:69:55:2c:
40:73:74:7f:b7:3a:75:a0:a9:9c:6a:4b:27:7b:90:3f:53:ee:
eb:ec:4d:57:68:79:1e:f3:ed:ef:a1:30:9d:7a:e1:0b:04:51:
4b:98:11:18:f3:43:08:aa:84:cc:da:f8:40:28:7d:05:62:00:
94:b5:12:e0:ab:e7:cf:b7:e7:cb:05:4d:d8:df:14:14:cc:91:
77:9a:eb:8a:5e:fb:22:60:16:60:85:12:9d:24:2a:b0:2e:1b:
de:64:ea:55:3b:36:9e:b6:45:fa:3f:df:e1:7f:e8:b4:a5:19:
c1:6e:9f:22
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICZakwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNTI4MDc1NjM1WhcNMjYwMTMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE1ODNFMjExMC8GA1UEBRMoNUQ2RjI2N0I3QUEzQ0MzNjQ3QzkzMTNC
OUVFQzdENjlBMTY3Mzk1ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AOrOERK2t1+39BH5FVeffjj/ZDLbA94eD+TCqh1A0XT+ECVkHDvw9FHiJ3jnGtAa
cuGqD75CWBcPc4T7/nvnONF7xNhP5RD95Xm3tb4FH0TgsvhIroeHaP2Pg/ipA0fs
O4tajdLUmMkGjNAbRkWkix8DEINHvp20P/55KswUGdM64qHF4+6tGPcXeYSfXodE
+81BXNzAyJLA9slKn4OipNu/gOFX2dfuJD60G9MK8BL5J8y5dhaEbBSvogT8c7J8
TnQ1Lh/ZMMKJBsdc6wSGNon1l7pIq8GdOqYwV00B9STYjrqbpVRziHl1e868iukn
XD68pkqhfT4XX/CspY1SteECAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRdbyZ7eqPM
NkfJMTue7H1poWc5WDAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTgzRTIvNDNGQjc4N0MzQjk5MTFGMEEwQ0M1OTc4QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTU4M0UyLzQzRkI3ODdDM0I5OTExRjBBMENDNTk3OEM0RjlBRTAyL1hXOG1lM3Fq
ekRaSHlURTdudXg5YWFGbk9WZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaC/ZjANBgkqhkiG9w0BAQsFAAOCAQEAXA3FOvVe0Wq6hciKQi4+
gXc97wbrDsdCU5Xa5hwmerCVGCgrTI39im2V7RnHfcmgAWzhHI8RZoZD2VNzGtsF
hG0JiviSOSVRSIraMOOs6i0NmDDX0lO1+B8zeHXzgyiOacTjn0WKOKEUk9+qciHD
fKoAvTpZGKD8lb2Txfs8hVANuoEI61mebFgNLBrxaVUsQHN0f7c6daCpnGpLJ3uQ
P1Pu6+xNV2h5HvPt76EwnXrhCwRRS5gRGPNDCKqEzNr4QCh9BWIAlLUS4Kvnz7fn
ywVN2N8UFMyRd5rril77ImAWYIUSnSQqsC4b3mTqVTs2nrZF+j/f4X/otKUZwW6f
Ig==
-----END CERTIFICATE-----
Generated at Mon Jun 2 06:28:15 2025 by rpki-client