This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/du8ZOVeobWTTw83rngdGdG70KQo.cer File: du8ZOVeobWTTw83rngdGdG70KQo.cer (raw, json) Hash identifier: +fsD/P1gUzpPST5W33o+GYNwr8S8Pt8eiUJh4RitkQk= Subject key identifier: 76:EF:19:39:57:A8:6D:64:D3:C3:CD:EB:9E:07:46:74:6E:F4:29:0A Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E Certificate serial: 6EBF Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer Manifest: rsync://rpki.apnic.net/member_repository/A91C40D6/05F86014C53711EEB67AEB79C4F9AE02/du8ZOVeobWTTw83rngdGdG70KQo.mft caRepository: rsync://rpki.apnic.net/member_repository/A91C40D6/05F86014C53711EEB67AEB79C4F9AE02/ Notify URL: https://rrdp.apnic.net/notification.xml Certificate not before: Mon 24 Nov 2025 18:24:42 +0000 Certificate not after: Sun 31 Jan 2027 00:00:00 +0000 Subordinate resources: IP: 138.99.216.0/22 Validation: OK Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 07:06:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28351 (0x6ebf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E Validity Not Before: Nov 24 18:24:42 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=A91C40D6, serialNumber=76EF193957A86D64D3C3CDEB9E0746746EF4290A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:8e:54:d3:b9:0e:33:45:dc:34:4b:7f:e0:08: 4b:1c:79:63:08:82:80:d9:70:aa:69:d7:5e:fe:5e: 1e:39:b8:a0:a5:14:d2:70:5b:73:31:59:da:00:16: 36:86:99:a1:e2:96:b2:54:ca:d5:98:e6:c9:f0:26: ad:f6:4d:df:f8:07:3f:0d:06:63:aa:d7:06:b1:5f: 4e:d2:2a:44:98:d8:48:72:00:e6:87:41:75:e2:ef: e4:7f:2e:6e:87:39:98:93:a7:5e:5c:f0:a1:d1:31: 9d:4e:43:79:fd:e3:06:9b:23:8d:62:07:3b:e9:05: 1c:86:03:55:e9:d7:0e:67:3f:0a:d1:09:9d:ad:45: 0e:67:6c:0b:3d:e3:80:3c:49:68:b5:b8:0c:17:23: b8:e4:52:c7:64:f5:95:95:2d:72:1a:ae:f9:47:88: d0:0a:cf:50:b6:9c:bc:ad:d2:26:07:8f:c8:85:56: af:10:8e:d4:f0:36:b6:59:31:b4:b4:94:61:25:08: bb:f1:36:a2:bc:b1:c5:a2:3f:a5:0b:a0:78:70:e0: 15:d3:bb:22:69:64:35:44:c6:24:af:62:58:f1:0b: b1:82:6a:e4:63:42:ad:0d:42:77:6d:f2:48:de:6f: 60:94:37:34:3c:c1:57:2b:2c:1c:2b:9d:c4:71:d0: 4b:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:EF:19:39:57:A8:6D:64:D3:C3:CD:EB:9E:07:46:74:6E:F4:29:0A X509v3 Authority Key Identifier: keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C40D6/05F86014C53711EEB67AEB79C4F9AE02/ RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C40D6/05F86014C53711EEB67AEB79C4F9AE02/du8ZOVeobWTTw83rngdGdG70KQo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 138.99.216.0/22 Signature Algorithm: sha256WithRSAEncryption 78:a8:1b:f9:73:fe:04:09:6d:4d:ac:d2:78:73:33:a8:b4:4d: e6:50:d3:98:c5:bd:44:57:37:fc:b4:d5:16:5f:a4:07:b3:35: 56:c6:9f:81:89:4a:76:44:47:f5:31:f5:d7:22:95:2f:de:4b: 2e:c6:4f:dc:6e:c4:c7:b5:05:f7:92:62:89:5c:d2:09:40:73: 3d:69:69:34:78:15:38:f5:f0:78:cf:3d:a3:24:ef:c4:b3:b2: 03:72:a7:c2:ac:3b:df:62:c4:9e:d9:5f:08:53:2f:1d:68:a4: 5e:aa:9c:2c:95:92:32:09:49:75:92:ab:2e:f5:a0:97:ca:36: c3:fb:a8:b5:c7:29:be:4d:8c:5b:eb:69:35:f5:24:51:0c:9a: f8:9b:c6:dd:0e:cc:7c:ab:da:c4:7e:d0:cf:a8:94:8d:88:3e: 00:18:f6:24:98:a3:a3:3f:d0:0f:27:a3:9d:fd:d4:b8:43:39: 9b:ca:f5:c8:70:ca:8d:f7:cd:fa:e5:19:5a:5c:3c:a4:c1:0a: db:5d:31:b5:92:61:7e:33:d6:a8:d0:26:c4:7e:77:f0:ba:a5: 39:71:f8:e4:8c:e0:2d:28:30:65:13:c1:b6:aa:e3:ad:d3:90: e1:46:a5:8f:59:55:4d:fe:45:88:f9:13:1f:9d:ba:64:c1:8a: 05:0f:84:24 -----BEGIN CERTIFICATE----- MIIF/TCCBOWgAwIBAgICbr8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD N0MxRDZFMEUwHhcNMjUxMTI0MTgyNDQyWhcNMjcwMTMxMDAwMDAwWjBGMREwDwYD VQQDEwhBOTFDNDBENjExMC8GA1UEBRMoNzZFRjE5Mzk1N0E4NkQ2NEQzQzNDREVC OUUwNzQ2NzQ2RUY0MjkwQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AMGOVNO5DjNF3DRLf+AISxx5YwiCgNlwqmnXXv5eHjm4oKUU0nBbczFZ2gAWNoaZ oeKWslTK1ZjmyfAmrfZN3/gHPw0GY6rXBrFfTtIqRJjYSHIA5odBdeLv5H8uboc5 mJOnXlzwodExnU5Def3jBpsjjWIHO+kFHIYDVenXDmc/CtEJna1FDmdsCz3jgDxJ aLW4DBcjuORSx2T1lZUtchqu+UeI0ArPULacvK3SJgePyIVWrxCO1PA2tlkxtLSU YSUIu/E2oryxxaI/pQugeHDgFdO7ImlkNUTGJK9iWPELsYJq5GNCrQ1Cd23ySN5v YJQ3NDzBVyssHCudxHHQS1UCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBR27xk5V6ht ZNPDzeueB0Z0bvQpCjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2 MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0 LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzQwRDYvMDVGODYwMTRDNTM3MTFFRUI2N0FFQjc5QzRGOUFFMDIvMH4GCCsGAQUF BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MUM0MEQ2LzA1Rjg2MDE0QzUzNzExRUVCNjdBRUI3OUM0RjlBRTAyL2R1OFpPVmVv YldUVHc4M3JuZ2RHZEc3MEtRby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAopj2DANBgkqhkiG9w0BAQsFAAOCAQEAeKgb+XP+BAltTazSeHMz qLRN5lDTmMW9RFc3/LTVFl+kB7M1VsafgYlKdkRH9TH11yKVL95LLsZP3G7Ex7UF 95JiiVzSCUBzPWlpNHgVOPXweM89oyTvxLOyA3Knwqw732LEntlfCFMvHWikXqqc LJWSMglJdZKrLvWgl8o2w/uotccpvk2MW+tpNfUkUQya+JvG3Q7MfKvaxH7Qz6iU jYg+ABj2JJijoz/QDyejnf3UuEM5m8r1yHDKjffN+uUZWlw8pMEK210xtZJhfjPW qNAmxH538LqlOXH45IzgLSgwZRPBtqrjrdOQ4Ualj1lVTf5FiPkTH526ZMGKBQ+E JA== -----END CERTIFICATE-----Generated at Wed Dec 3 13:57:17 2025 by rpki-client