Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ZajQiy7I9C1Duap6QjUXK7ftFmU.cer
File: ZajQiy7I9C1Duap6QjUXK7ftFmU.cer (raw, json)
Hash identifier: eeLL8fV+3sboiKaB3/y7NGMZplDcMmVPUATiqyf+GYA=
Subject key identifier: 65:A8:D0:8B:2E:C8:F4:2D:43:B9:AA:7A:42:35:17:2B:B7:ED:16:65
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 72C5
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A912C7DC/64BA4BA8C58B11EFB87E5F33C4F9AE02/ZajQiy7I9C1Duap6QjUXK7ftFmU.mft
caRepository: rsync://rpki.apnic.net/member_repository/A912C7DC/64BA4BA8C58B11EFB87E5F33C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 26 Jan 2026 12:38:55 +0000
Certificate not after: Wed 31 Mar 2027 00:00:00 +0000
Subordinate resources: IP: 161.248.50.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 27 Feb 2026 00:38:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29381 (0x72c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Jan 26 12:38:55 2026 GMT
Not After : Mar 31 00:00:00 2027 GMT
Subject: CN=A912C7DC, serialNumber=65A8D08B2EC8F42D43B9AA7A4235172BB7ED1665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:55:ba:95:9d:a9:af:36:c7:0b:c8:4e:32:11:
22:70:58:5a:f2:dc:0b:1f:8a:d6:88:74:2b:cd:3a:
6d:ed:74:a3:9b:1e:85:30:e0:91:66:4c:47:b0:a2:
e7:64:68:db:78:e6:40:e9:1b:be:1f:a7:ea:f7:42:
25:d6:c0:3d:57:c2:18:9b:99:b3:ef:c1:14:80:dd:
4c:eb:a3:ef:87:7d:0a:8f:1f:17:4b:7b:a4:41:fd:
fb:56:c1:b1:2f:3d:6c:28:1e:5b:72:35:e9:04:3c:
6c:b9:f9:ce:54:aa:d0:e4:ce:ef:bf:7a:30:19:5b:
a8:89:51:70:df:da:f8:49:43:b5:0c:48:ad:6b:08:
d1:fc:6d:db:fa:8d:2b:29:be:ee:d3:68:69:d7:ef:
8a:b2:a0:93:46:28:9e:f0:dd:8d:96:20:58:97:52:
c4:b2:41:26:a3:04:e1:99:84:83:ca:66:9b:23:a3:
20:71:e7:c5:74:22:f6:b4:92:ed:73:6b:74:03:e6:
b4:45:42:c6:e3:6a:c6:63:e4:70:0e:15:c6:50:04:
ae:a6:b1:aa:4f:1c:96:3b:54:4b:97:84:f1:ac:1f:
76:ea:8f:0e:f1:fc:3a:96:b1:1c:ce:ee:e1:3e:44:
24:1a:b4:83:13:48:a0:ff:c0:45:39:4f:3f:a0:9b:
0c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:A8:D0:8B:2E:C8:F4:2D:43:B9:AA:7A:42:35:17:2B:B7:ED:16:65
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912C7DC/64BA4BA8C58B11EFB87E5F33C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912C7DC/64BA4BA8C58B11EFB87E5F33C4F9AE02/ZajQiy7I9C1Duap6QjUXK7ftFmU.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.50.0/23
Signature Algorithm: sha256WithRSAEncryption
c4:96:b7:64:8d:e2:2b:2c:7e:be:09:b1:4d:f4:60:db:cd:59:
76:e5:9d:48:21:1d:a0:77:35:8b:30:1f:55:4a:c1:a2:fc:82:
e8:9c:6d:1c:e3:99:86:37:6f:c1:ae:c0:03:48:9f:62:87:31:
8c:87:75:ce:5f:85:02:d5:92:ee:76:31:79:09:99:f1:26:10:
77:3b:04:f9:2b:42:d9:04:82:87:81:97:38:35:24:9c:0a:83:
4a:d4:1e:de:7d:98:ef:17:4f:54:70:c2:f9:69:ff:ef:01:bf:
41:76:de:96:2e:aa:2e:70:89:51:92:b0:84:b2:db:cf:19:9d:
08:14:33:dc:70:d6:d5:bb:b2:6d:a8:aa:cd:16:c1:cd:2d:c4:
be:26:f4:bc:bc:5e:ce:a7:f2:85:1b:62:6d:81:eb:54:6d:8c:
4f:3a:b1:8a:91:68:3e:f4:29:e6:4f:c3:53:3e:86:89:6f:de:
94:cd:93:19:53:e5:26:15:19:5e:c7:55:13:5d:65:22:de:90:
80:ae:4a:44:b9:36:21:dd:a4:57:49:72:f9:ae:e9:7d:c0:55:
1f:42:11:0e:bf:29:2c:2a:c2:09:69:9f:8b:00:3b:ef:f9:8c:
76:ad:8b:81:7b:50:db:3a:e9:70:2d:17:dc:63:8b:68:93:0e:
8e:bc:da:2e
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICcsUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjYwMTI2MTIzODU1WhcNMjcwMzMxMDAwMDAwWjBGMREwDwYD
VQQDDAhBOTEyQzdEQzExMC8GA1UEBRMoNjVBOEQwOEIyRUM4RjQyRDQzQjlBQTdB
NDIzNTE3MkJCN0VEMTY2NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALhVupWdqa82xwvITjIRInBYWvLcCx+K1oh0K806be10o5sehTDgkWZMR7Ci52Ro
23jmQOkbvh+n6vdCJdbAPVfCGJuZs+/BFIDdTOuj74d9Co8fF0t7pEH9+1bBsS89
bCgeW3I16QQ8bLn5zlSq0OTO7796MBlbqIlRcN/a+ElDtQxIrWsI0fxt2/qNKym+
7tNoadfvirKgk0YonvDdjZYgWJdSxLJBJqME4ZmEg8pmmyOjIHHnxXQi9rSS7XNr
dAPmtEVCxuNqxmPkcA4VxlAErqaxqk8cljtUS5eE8awfduqPDvH8OpaxHM7u4T5E
JBq0gxNIoP/ARTlPP6CbDCcCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRlqNCLLsj0
LUO5qnpCNRcrt+0WZTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkM3REMvNjRCQTRCQThDNThCMTFFRkI4N0U1RjMzQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTJDN0RDLzY0QkE0QkE4QzU4QjExRUZCODdFNUYzM0M0RjlBRTAyL1phalFpeTdJ
OUMxRHVhcDZRalVYSzdmdEZtVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaH4MjANBgkqhkiG9w0BAQsFAAOCAQEAxJa3ZI3iKyx+vgmxTfRg
281ZduWdSCEdoHc1izAfVUrBovyC6JxtHOOZhjdvwa7AA0ifYocxjId1zl+FAtWS
7nYxeQmZ8SYQdzsE+StC2QSCh4GXODUknAqDStQe3n2Y7xdPVHDC+Wn/7wG/QXbe
li6qLnCJUZKwhLLbzxmdCBQz3HDW1buybaiqzRbBzS3Evib0vLxezqfyhRtibYHr
VG2MTzqxipFoPvQp5k/DUz6GiW/elM2TGVPlJhUZXsdVE11lIt6QgK5KRLk2Id2k
V0ly+a7pfcBVH0IRDr8pLCrCCWmfiwA77/mMdq2LgXtQ2zrpcC0X3GOLaJMOjrza
Lg==
-----END CERTIFICATE-----
Generated at Fri Feb 20 03:50:15 2026 by rpki-client