
Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cleSPWdwxWeJGbB8vPqK-LnFBT8.cer
File: cleSPWdwxWeJGbB8vPqK-LnFBT8.cer (raw, json)
Hash identifier: iW3+s7LX3okWPGQ8AgBjXeXUCMifwFMgfeQ1S2gcUKc=
Subject key identifier: 72:57:92:3D:67:70:C5:67:89:19:B0:7C:BC:FA:8A:F8:B9:C5:05:3F
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 66AF
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91C7175/E9A092B868FD11EFA9500187C4F9AE02/cleSPWdwxWeJGbB8vPqK-LnFBT8.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91C7175/E9A092B868FD11EFA9500187C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 18 Jun 2025 06:24:12 +0000
Certificate not after: Mon 01 Dec 2025 00:00:00 +0000
Subordinate resources: IP: 160.30.234.0/24
IP: 165.101.26.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 25 Jun 2025 06:24:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26287 (0x66af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Jun 18 06:24:12 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=A91C7175, serialNumber=7257923D6770C5678919B07CBCFA8AF8B9C5053F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:48:b0:b6:76:6c:84:7c:e9:a8:a4:7c:86:99:
fe:8d:73:d0:a7:8f:37:81:83:fb:a9:19:05:15:0a:
01:c2:b4:95:7d:79:03:4f:40:41:30:f3:cb:c7:76:
c2:63:f2:72:bc:e7:8e:6e:8b:06:e6:58:48:19:ef:
0d:26:20:0f:36:de:fe:5d:37:3e:2a:44:31:2f:7b:
83:e0:02:3e:5a:70:cd:1e:32:71:f9:37:d4:b7:a3:
09:8d:a7:38:28:5e:8c:99:6f:03:9f:c8:8a:c6:52:
97:aa:5b:19:f7:75:8a:8b:5f:e0:35:b7:53:ec:18:
53:c1:92:0e:6a:4e:45:e9:87:45:17:6f:ad:57:b6:
a7:36:b0:5d:a3:87:9d:7f:b2:cd:1c:0c:fe:67:38:
cd:c2:c2:63:31:8c:32:e4:79:cd:75:14:09:4a:74:
83:81:b7:9b:f8:43:28:ab:7a:36:27:fe:a9:04:f0:
a4:9a:57:5c:79:7c:d8:0e:d1:fc:fa:b6:ea:0c:3b:
eb:f9:cf:ab:7a:9a:88:8e:b2:c8:28:dc:96:e0:23:
b7:a4:3f:eb:78:f9:0b:34:a1:2b:8f:70:e2:3b:c8:
5d:50:01:04:d9:01:a1:77:23:48:de:d9:36:96:3f:
2d:c2:e5:9c:ce:5c:b9:68:12:19:e9:d8:fd:57:32:
62:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:57:92:3D:67:70:C5:67:89:19:B0:7C:BC:FA:8A:F8:B9:C5:05:3F
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C7175/E9A092B868FD11EFA9500187C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C7175/E9A092B868FD11EFA9500187C4F9AE02/cleSPWdwxWeJGbB8vPqK-LnFBT8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.30.234.0/24
165.101.26.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:98:38:78:8f:2c:b7:70:42:b3:07:ce:3b:81:da:6f:e6:02:
03:e1:f3:48:60:7d:77:ed:c1:f7:15:16:15:0e:08:43:d7:16:
91:33:ac:45:5c:91:c6:56:f1:30:fc:1c:df:e5:78:30:6a:7e:
ea:40:75:3a:db:33:91:3a:c7:60:d1:80:e7:cd:81:bd:fb:f7:
0d:dd:88:a8:47:5f:09:8c:b7:bb:84:d7:c9:ba:08:18:4b:e8:
a5:3e:62:71:27:e8:64:cd:07:8d:6b:56:13:1c:06:ca:8d:9f:
e4:9b:9f:63:48:84:19:2e:39:ea:15:1b:94:0d:22:6f:53:4d:
d2:a0:5a:1f:aa:05:c5:31:46:3e:6c:33:60:d7:27:9a:de:80:
e4:f9:10:65:b2:87:76:8e:86:4c:71:2d:de:e0:d7:a2:5f:48:
75:4d:92:1f:b4:00:9c:6f:bb:d2:1a:ff:dc:19:c5:70:2e:8c:
4b:cd:ba:e0:6e:75:90:fa:ad:a2:de:41:04:81:18:3d:4a:dc:
25:55:25:0d:13:6e:62:73:a4:0e:e8:12:71:5a:0e:05:23:d8:
14:ca:a0:c2:20:01:37:2a:72:8f:5d:6f:64:97:5d:3a:fc:f7:
8a:79:3c:e5:ca:d6:1e:8d:72:fb:97:0c:1c:21:66:29:df:6f:
fb:cf:bd:84
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgICZq8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNjE4MDYyNDEyWhcNMjUxMjAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDNzE3NTExMC8GA1UEBRMoNzI1NzkyM0Q2NzcwQzU2Nzg5MTlCMDdD
QkNGQThBRjhCOUM1MDUzRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AL5IsLZ2bIR86aikfIaZ/o1z0KePN4GD+6kZBRUKAcK0lX15A09AQTDzy8d2wmPy
crznjm6LBuZYSBnvDSYgDzbe/l03PipEMS97g+ACPlpwzR4ycfk31LejCY2nOChe
jJlvA5/IisZSl6pbGfd1iotf4DW3U+wYU8GSDmpORemHRRdvrVe2pzawXaOHnX+y
zRwM/mc4zcLCYzGMMuR5zXUUCUp0g4G3m/hDKKt6Nif+qQTwpJpXXHl82A7R/Pq2
6gw76/nPq3qaiI6yyCjcluAjt6Q/63j5CzShK49w4jvIXVABBNkBoXcjSN7ZNpY/
LcLlnM5cuWgSGenY/VcyYpMCAwEAAaOCAvkwggL1MB0GA1UdDgQWBBRyV5I9Z3DF
Z4kZsHy8+or4ucUFPzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzcxNzUvRTlBMDkyQjg2OEZEMTFFRkE5NTAwMTg3QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM3MTc1L0U5QTA5MkI4NjhGRDExRUZBOTUwMDE4N0M0RjlBRTAyL2NsZVNQV2R3
eFdlSkdiQjh2UHFLLUxuRkJUOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQWMBQw
EgQCAAEwDAMEAKAe6gMEAKVlGjANBgkqhkiG9w0BAQsFAAOCAQEAD5g4eI8st3BC
swfOO4Hab+YCA+HzSGB9d+3B9xUWFQ4IQ9cWkTOsRVyRxlbxMPwc3+V4MGp+6kB1
OtszkTrHYNGA582Bvfv3Dd2IqEdfCYy3u4TXyboIGEvopT5icSfoZM0HjWtWExwG
yo2f5JufY0iEGS456hUblA0ib1NN0qBaH6oFxTFGPmwzYNcnmt6A5PkQZbKHdo6G
THEt3uDXol9IdU2SH7QAnG+70hr/3BnFcC6MS8264G51kPqtot5BBIEYPUrcJVUl
DRNuYnOkDugScVoOBSPYFMqgwiABNypyj11vZJddOvz3ink85crWHo1y+5cMHCFm
Kd9v+8+9hA==
-----END CERTIFICATE-----
Generated at Wed Jun 18 08:59:01 2025 by rpki-client