Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XZRtT0edN7zhcAywut1RosPfYg8.cer
File: XZRtT0edN7zhcAywut1RosPfYg8.cer (raw, json)
Hash identifier: mIofgBOV/iXqyygxJeBuwFoxddp4vNaTQT/ckxW96g4=
Subject key identifier: 5D:94:6D:4F:47:9D:37:BC:E1:70:0C:B0:BA:DD:51:A2:C3:DF:62:0F
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6A43
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/XZRtT0edN7zhcAywut1RosPfYg8.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 26 Aug 2025 14:01:29 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: IP: 157.20.65.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Sep 2025 03:16:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27203 (0x6a43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Aug 26 14:01:29 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A9152787, serialNumber=5D946D4F479D37BCE1700CB0BADD51A2C3DF620F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:37:ed:e1:07:c1:fc:a2:86:23:86:3d:fd:e5:
6b:4c:9f:97:d4:be:2d:56:7e:5b:b1:f1:7f:2c:20:
85:39:ad:08:a6:3b:cf:94:f0:0e:66:49:fc:f0:4e:
6e:dc:5d:44:cc:43:e7:d7:56:1c:ff:4d:ef:f3:bd:
ce:d3:b4:30:c7:6a:75:ce:00:23:1d:5a:6b:3a:15:
28:27:d6:d9:b0:40:14:9f:53:3c:03:a7:06:f9:57:
eb:b0:53:b5:5f:02:9c:91:c1:23:8e:fb:19:ec:bd:
97:d3:77:45:f3:52:1f:28:17:1b:d8:ef:1c:73:96:
0d:76:4d:e4:d9:82:80:0d:d9:7d:65:c1:1c:8a:d9:
29:e1:51:a0:cc:50:d0:75:d2:12:7e:89:94:ec:80:
fa:d7:2a:2a:3c:f1:a5:18:1f:6b:de:1a:f8:2c:3c:
10:ca:83:ef:52:da:cf:10:e6:ad:4f:cf:09:ad:b6:
75:f8:d6:3d:bc:50:d0:7a:1b:e5:bf:bc:1b:ec:84:
51:44:5a:7f:6d:bc:5c:30:a8:e4:55:12:ff:0c:a0:
61:8b:4f:82:5c:03:45:54:32:f4:82:34:f7:53:36:
4d:45:d2:76:45:70:df:68:9d:2b:f5:47:69:55:09:
86:f0:71:cd:89:25:fa:b6:7f:76:c2:e1:12:03:8e:
2a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:94:6D:4F:47:9D:37:BC:E1:70:0C:B0:BA:DD:51:A2:C3:DF:62:0F
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/XZRtT0edN7zhcAywut1RosPfYg8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.65.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:76:f0:57:5a:18:ea:20:55:3a:c6:c5:da:f0:e5:a8:5e:46:
53:23:84:41:d9:42:f0:0f:53:e1:f1:c0:87:76:3c:33:27:70:
52:9a:03:e3:79:56:7d:2d:20:5e:ca:f6:52:0c:15:13:a4:be:
45:2e:6a:eb:8e:4a:ff:68:f9:02:08:ab:f6:b4:a1:56:ee:84:
6d:42:f0:90:cf:47:28:5a:de:ea:14:92:bb:1f:ee:04:68:62:
b1:55:52:51:83:4c:cb:75:f6:c7:2d:24:cf:1e:10:6e:50:09:
32:82:e3:15:69:94:b6:ed:7a:ed:87:b6:ef:4c:bd:33:61:c9:
08:ae:f4:41:c8:80:0e:05:67:2c:28:15:20:4d:67:c2:ec:6a:
56:c8:1e:59:96:ad:2c:20:3b:e8:cb:42:64:99:ce:00:b1:00:
4b:66:8d:c3:94:ba:2c:01:18:85:75:f0:7f:0d:2e:d3:dc:5f:
29:c7:67:70:dd:d3:7d:8f:9d:e3:13:d3:28:3b:8d:41:b4:57:
18:4a:f6:c5:59:ca:bc:09:53:04:95:91:b6:c0:e1:07:0b:2c:
aa:25:49:cb:5d:65:25:a5:36:a8:85:8c:32:5a:86:54:6b:3a:
b6:4a:88:5b:73:e7:bd:1d:bd:0e:cf:ec:ac:f3:a1:cf:ba:30:
d4:dd:2f:bd
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICakMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwODI2MTQwMTI5WhcNMjYxMDMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE1Mjc4NzExMC8GA1UEBRMoNUQ5NDZENEY0NzlEMzdCQ0UxNzAwQ0Iw
QkFERDUxQTJDM0RGNjIwRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMs37eEHwfyihiOGPf3la0yfl9S+LVZ+W7HxfywghTmtCKY7z5TwDmZJ/PBObtxd
RMxD59dWHP9N7/O9ztO0MMdqdc4AIx1aazoVKCfW2bBAFJ9TPAOnBvlX67BTtV8C
nJHBI477Gey9l9N3RfNSHygXG9jvHHOWDXZN5NmCgA3ZfWXBHIrZKeFRoMxQ0HXS
En6JlOyA+tcqKjzxpRgfa94a+Cw8EMqD71LazxDmrU/PCa22dfjWPbxQ0Hob5b+8
G+yEUURaf228XDCo5FUS/wygYYtPglwDRVQy9II091M2TUXSdkVw32idK/VHaVUJ
hvBxzYkl+rZ/dsLhEgOOKpkCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRdlG1PR503
vOFwDLC63VGiw99iDzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTI3ODcvMjI4NjU2MkE4Rjc5MTFFRjkyQUM3ODFFQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTUyNzg3LzIyODY1NjJBOEY3OTExRUY5MkFDNzgxRUM0RjlBRTAyL1haUnRUMGVk
Tjd6aGNBeXd1dDFSb3NQZllnOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAJ0UQTANBgkqhkiG9w0BAQsFAAOCAQEAqnbwV1oY6iBVOsbF2vDl
qF5GUyOEQdlC8A9T4fHAh3Y8MydwUpoD43lWfS0gXsr2UgwVE6S+RS5q645K/2j5
Agir9rShVu6EbULwkM9HKFre6hSSux/uBGhisVVSUYNMy3X2xy0kzx4QblAJMoLj
FWmUtu167Ye270y9M2HJCK70QciADgVnLCgVIE1nwuxqVsgeWZatLCA76MtCZJnO
ALEAS2aNw5S6LAEYhXXwfw0u09xfKcdncN3TfY+d4xPTKDuNQbRXGEr2xVnKvAlT
BJWRtsDhBwssqiVJy11lJaU2qIWMMlqGVGs6tkqIW3PnvR29Ds/srPOhz7ow1N0v
vQ==
-----END CERTIFICATE-----
Generated at Thu Sep 4 12:30:14 2025 by rpki-client