Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lAF1ch5wtiCMXKApOLMOBFG5nEQ.cer
File: lAF1ch5wtiCMXKApOLMOBFG5nEQ.cer (raw, json)
Hash identifier: raxRMfo54JoIgkhDuBtaG1Mb4O3wROs+xCrr9NERiFE=
Subject key identifier: 94:01:75:72:1E:70:B6:20:8C:5C:A0:29:38:B3:0E:04:51:B9:9C:44
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 7BC6
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9185308/EBCDD274557A11F188F83279CB833773/lAF1ch5wtiCMXKApOLMOBFG5nEQ.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9185308/EBCDD274557A11F188F83279CB833773/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 22 May 2026 01:09:50 +0000
Certificate not after: Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 50.21.80.0/20
IP: 64.140.144.0/20
IP: 148.66.64.0/18
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 09 Jun 2026 15:18:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31686 (0x7bc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: May 22 01:09:50 2026 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=A9185308, serialNumber=940175721E70B6208C5CA02938B30E0451B99C44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:40:13:f1:22:36:66:e5:06:03:61:2c:6c:ed:
2e:3f:8e:6a:53:d7:82:88:fc:d4:9b:ee:0c:c0:1a:
9a:9e:28:b9:46:ca:e2:0a:ec:61:aa:76:22:d1:47:
a9:18:3d:8e:6e:4b:f7:13:4d:bd:b0:77:d5:74:56:
06:e2:01:54:57:a2:7d:e9:c0:55:55:45:03:38:27:
9f:f5:84:ce:ca:a3:02:c4:d5:05:ee:23:dd:11:f2:
7c:09:3e:f8:b2:3e:b3:0c:a7:47:f7:7a:36:4e:53:
6f:c9:a0:df:7f:43:fd:61:75:e2:89:3c:03:7e:46:
d7:78:69:f9:d2:5e:93:c2:94:d0:80:18:45:18:34:
bb:0d:75:2f:d8:1a:af:33:1a:23:4f:9d:dc:95:eb:
17:ec:b0:a1:bc:71:b4:1e:2d:4d:3a:67:7e:e3:16:
c5:ff:41:c3:3c:f1:66:8c:b8:4c:99:21:8c:9e:da:
6e:bf:bb:11:7f:ea:e6:24:ec:7a:9a:ec:09:7f:43:
11:56:87:07:83:be:d0:12:34:fb:dc:97:bc:9d:39:
55:58:47:b9:cc:9e:5c:1f:ab:24:21:12:6b:a3:ed:
b4:81:5b:9a:4c:d1:23:64:8a:78:29:c9:a7:38:de:
50:ee:3d:ca:68:df:76:92:ec:76:f4:90:2e:b6:86:
cf:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:01:75:72:1E:70:B6:20:8C:5C:A0:29:38:B3:0E:04:51:B9:9C:44
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9185308/EBCDD274557A11F188F83279CB833773/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9185308/EBCDD274557A11F188F83279CB833773/lAF1ch5wtiCMXKApOLMOBFG5nEQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
50.21.80.0/20
64.140.144.0/20
148.66.64.0/18
Signature Algorithm: sha256WithRSAEncryption
53:eb:e6:98:50:60:f3:72:0c:19:95:f7:46:fc:e4:b7:2c:d7:
65:eb:29:3f:20:93:78:c1:9c:7e:6d:df:d0:34:17:1c:74:b3:
36:4c:4c:23:2a:68:57:5a:7c:88:c0:36:47:50:13:3c:9d:a4:
dc:0b:e1:31:cb:46:b2:fa:bb:7a:bd:93:e9:3a:5f:fa:2e:65:
b6:9e:f9:52:63:5b:a0:6f:2d:d8:13:12:e1:6f:7e:ee:80:63:
d5:24:e1:fe:37:4f:61:6e:9b:5c:a1:f8:5a:28:58:d4:77:51:
7d:cd:d5:e1:59:7d:61:cc:5e:ac:47:34:ce:9c:09:9b:de:b5:
ea:90:54:bd:28:86:41:bd:65:a2:08:d0:47:eb:24:fd:70:8e:
2d:89:e2:37:ec:d8:70:f4:6c:4f:31:30:ad:d4:02:2c:31:cb:
84:25:6d:04:90:f8:a6:4a:6c:05:28:25:c6:3d:9a:a5:c7:0a:
38:02:be:e0:f1:bb:24:01:06:12:17:18:c5:58:fe:d6:66:52:
26:74:79:12:c0:8d:05:7a:74:b3:14:33:38:76:49:69:ae:8b:
1d:ba:ce:1f:f9:cc:85:86:ae:13:91:8b:61:cb:f4:9e:56:da:
47:cc:53:cb:44:09:7b:9f:61:e5:4b:c9:f3:a1:af:fb:5e:b1:
7b:74:fc:45
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgICe8YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjYwNTIyMDEwOTUwWhcNMjYwNzMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE4NTMwODExMC8GA1UEBRMoOTQwMTc1NzIxRTcwQjYyMDhDNUNBMDI5
MzhCMzBFMDQ1MUI5OUM0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AI1AE/EiNmblBgNhLGztLj+OalPXgoj81JvuDMAamp4ouUbK4grsYap2ItFHqRg9
jm5L9xNNvbB31XRWBuIBVFeifenAVVVFAzgnn/WEzsqjAsTVBe4j3RHyfAk++LI+
swynR/d6Nk5Tb8mg339D/WF14ok8A35G13hp+dJek8KU0IAYRRg0uw11L9garzMa
I0+d3JXrF+ywobxxtB4tTTpnfuMWxf9BwzzxZoy4TJkhjJ7abr+7EX/q5iTseprs
CX9DEVaHB4O+0BI0+9yXvJ05VVhHucyeXB+rJCESa6PttIFbmkzRI2SKeCnJpzje
UO49ymjfdpLsdvSQLraGzxUCAwEAAaOCAv8wggL7MB0GA1UdDgQWBBSUAXVyHnC2
IIxcoCk4sw4EUbmcRDAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODUzMDgvRUJDREQyNzQ1NTdBMTFGMTg4RjgzMjc5Q0I4MzM3NzMvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTg1MzA4L0VCQ0REMjc0NTU3QTExRjE4OEY4MzI3OUNCODMzNzczL2xBRjFjaDV3
dGlDTVhLQXBPTE1PQkZHNW5FUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQcMBow
GAQCAAEwEgMEBDIVUAMEBECMkAMEBpRCQDANBgkqhkiG9w0BAQsFAAOCAQEAU+vm
mFBg83IMGZX3RvzktyzXZespPyCTeMGcfm3f0DQXHHSzNkxMIypoV1p8iMA2R1AT
PJ2k3AvhMctGsvq7er2T6Tpf+i5ltp75UmNboG8t2BMS4W9+7oBj1STh/jdPYW6b
XKH4WihY1HdRfc3V4Vl9YcxerEc0zpwJm9616pBUvSiGQb1logjQR+sk/XCOLYni
N+zYcPRsTzEwrdQCLDHLhCVtBJD4pkpsBSglxj2apccKOAK+4PG7JAEGEhcYxVj+
1mZSJnR5EsCNBXp0sxQzOHZJaa6LHbrOH/nMhYauE5GLYcv0nlbaR8xTy0QJe59h
5UvJ86Gv+16xe3T8RQ==
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:10:27 2026 by rpki-client