
Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dCWq4W3bRko-K0ecekDJkCODa6A.cer
File: dCWq4W3bRko-K0ecekDJkCODa6A.cer (raw, json)
Hash identifier: hqm2ulPsoNAb6mD2R4R49NynWmPm0Ho3+sSR6PsSA+o=
Subject key identifier: 74:25:AA:E1:6D:DB:46:4A:3E:2B:47:9C:7A:40:C9:90:23:83:6B:A0
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 7D4D
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9163998/30CC084A08DC11EDBEDE612BC4F9AE02/dCWq4W3bRko-K0ecekDJkCODa6A.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9163998/30CC084A08DC11EDBEDE612BC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 19 Jun 2026 13:13:40 +0000
Certificate not after: Tue 31 Aug 2027 00:00:00 +0000
Subordinate resources: IP: 134.65.64.0 -- 134.65.125.255
IP: 143.92.64.0 -- 143.92.101.255
IP: 143.92.108.0/23
IP: 147.136.128.0/18
IP: 159.13.128.0/18
IP: 168.75.0.0/18
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 24 Jul 2026 19:50:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32077 (0x7d4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Jun 19 13:13:40 2026 GMT
Not After : Aug 31 00:00:00 2027 GMT
Subject: CN=A9163998, serialNumber=7425AAE16DDB464A3E2B479C7A40C99023836BA0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:39:9b:99:a2:cc:88:ac:7d:1d:5b:fc:16:f9:
87:c6:c4:c3:eb:d9:23:73:6e:27:ba:ec:48:5b:0d:
9d:15:9d:07:9f:37:36:76:98:eb:aa:eb:7e:d5:31:
c8:e1:40:91:e5:34:81:b7:38:cc:01:1d:ff:cf:0e:
49:46:3c:ef:3f:5d:8f:c1:00:a7:1b:31:62:6c:f6:
53:12:ed:a1:51:e6:75:22:f9:bf:65:16:a8:f8:d5:
2a:27:03:21:fd:cb:1c:46:df:9e:dd:88:a9:42:c4:
2d:ac:55:fc:20:f2:73:ab:f8:62:c1:df:c7:80:91:
95:0f:5e:99:4a:2c:9b:23:38:f8:01:70:0c:e0:ae:
db:f8:97:6c:26:ca:c1:a9:8a:fc:2b:8e:97:ca:89:
01:86:30:62:aa:11:63:35:19:b7:1d:df:76:b9:67:
da:8f:7b:79:1c:d4:48:ef:ce:7a:01:b9:71:62:7b:
4d:d6:e7:4b:35:7d:66:f0:fb:fb:97:b4:2b:ba:ae:
60:b9:de:e6:eb:1d:eb:16:0a:b5:70:0a:12:ab:d1:
97:d0:97:d0:e4:bb:f6:51:42:20:40:65:2d:0e:04:
5e:e7:b2:ef:5a:a7:f5:1b:f2:7f:a9:ff:94:da:94:
ed:35:38:c8:59:eb:63:14:2a:3d:c1:45:f2:5a:db:
b7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:25:AA:E1:6D:DB:46:4A:3E:2B:47:9C:7A:40:C9:90:23:83:6B:A0
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9163998/30CC084A08DC11EDBEDE612BC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9163998/30CC084A08DC11EDBEDE612BC4F9AE02/dCWq4W3bRko-K0ecekDJkCODa6A.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
134.65.64.0-134.65.125.255
143.92.64.0-143.92.101.255
143.92.108.0/23
147.136.128.0/18
159.13.128.0/18
168.75.0.0/18
Signature Algorithm: sha256WithRSAEncryption
56:72:2f:68:d0:e2:f8:98:da:df:eb:9c:b3:c9:55:bb:2c:a2:
8f:76:db:d8:e6:48:cf:97:a0:9c:25:58:84:71:64:74:15:86:
48:4f:30:de:8c:80:a3:0b:50:09:9b:6f:22:7f:49:a8:83:aa:
30:de:26:3f:3c:82:c8:8c:1d:fb:9f:2b:fb:c6:c4:1b:53:c3:
c4:2d:d2:7c:2f:61:31:48:eb:a9:08:7f:b7:b3:70:b7:38:0c:
91:1c:84:f2:7a:79:cb:cc:bb:7f:ef:0e:a2:9a:4c:68:1c:ff:
6c:f3:3f:89:ad:06:92:30:4b:54:05:be:77:26:cc:97:5f:0f:
71:6a:8d:df:83:da:b8:f1:78:7a:54:55:f0:63:4a:2c:a4:55:
e6:69:37:e9:5f:9e:aa:89:8c:ab:0a:97:7b:bf:e5:6c:51:ab:
b6:c3:e7:f7:6a:8f:a4:70:c7:cd:f4:e6:8c:14:5d:f0:13:4b:
9c:36:d0:8e:5e:1a:e3:55:cf:04:94:54:d4:18:07:73:91:64:
35:09:20:57:34:c3:9b:bd:e5:8f:86:bb:53:ea:27:1e:15:33:
17:92:19:29:d0:09:fc:85:94:dd:c8:c2:8f:d5:45:b6:4d:8c:
6f:a1:2f:f0:0c:23:85:6c:1f:2b:4b:43:a8:40:c0:12:61:2e:
78:e3:98:29
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgICfU0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjYwNjE5MTMxMzQwWhcNMjcwODMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE2Mzk5ODExMC8GA1UEBRMoNzQyNUFBRTE2RERCNDY0QTNFMkI0NzlD
N0E0MEM5OTAyMzgzNkJBMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKU5m5mizIisfR1b/Bb5h8bEw+vZI3NuJ7rsSFsNnRWdB583NnaY66rrftUxyOFA
keU0gbc4zAEd/88OSUY87z9dj8EApxsxYmz2UxLtoVHmdSL5v2UWqPjVKicDIf3L
HEbfnt2IqULELaxV/CDyc6v4YsHfx4CRlQ9emUosmyM4+AFwDOCu2/iXbCbKwamK
/CuOl8qJAYYwYqoRYzUZtx3fdrln2o97eRzUSO/OegG5cWJ7TdbnSzV9ZvD7+5e0
K7quYLne5usd6xYKtXAKEqvRl9CX0OS79lFCIEBlLQ4EXuey71qn9Rvyf6n/lNqU
7TU4yFnrYxQqPcFF8lrbt+8CAwEAAaOCAyEwggMdMB0GA1UdDgQWBBR0JarhbdtG
Sj4rR5x6QMmQI4NroDAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjM5OTgvMzBDQzA4NEEwOERDMTFFREJFREU2MTJCQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTYzOTk4LzMwQ0MwODRBMDhEQzExRURCRURFNjEyQkM0RjlBRTAyL2RDV3E0VzNi
UmtvLUswZWNla0RKa0NPRGE2QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBNBggrBgEFBQcBBwEB/wQ+MDww
OgQCAAEwNDAMAwQGhkFAAwQBhkF8MAwDBAaPXEADBAGPXGQDBAGPXGwDBAaTiIAD
BAafDYADBAaoSwAwDQYJKoZIhvcNAQELBQADggEBAFZyL2jQ4viY2t/rnLPJVbss
oo9229jmSM+XoJwlWIRxZHQVhkhPMN6MgKMLUAmbbyJ/SaiDqjDeJj88gsiMHfuf
K/vGxBtTw8Qt0nwvYTFI66kIf7ezcLc4DJEchPJ6ecvMu3/vDqKaTGgc/2zzP4mt
BpIwS1QFvncmzJdfD3Fqjd+D2rjxeHpUVfBjSiykVeZpN+lfnqqJjKsKl3u/5WxR
q7bD5/dqj6Rwx8305owUXfATS5w20I5eGuNVzwSUVNQYB3ORZDUJIFc0w5u95Y+G
u1PqJx4VMxeSGSnQCfyFlN3Iwo/VRbZNjG+hL/AMI4VsHytLQ6hAwBJhLnjjmCk=
-----END CERTIFICATE-----
Generated at Sat Jul 18 02:17:38 2026 by rpki-client