Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nwLaOrX7RTF1B8SAIc4Ki5NyVck.cer
File: nwLaOrX7RTF1B8SAIc4Ki5NyVck.cer (raw, json)
Hash identifier: bx0b1UHEdDIO/9qazVNHlVqKLQ1XLJc7dt1R3L0DXY0=
Subject key identifier: 9F:02:DA:3A:B5:FB:45:31:75:07:C4:80:21:CE:0A:8B:93:72:55:C9
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 72C0
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/nwLaOrX7RTF1B8SAIc4Ki5NyVck.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 25 Jan 2026 13:54:54 +0000
Certificate not after: Wed 31 Mar 2027 00:00:00 +0000
Subordinate resources: IP: 157.10.238.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 27 Feb 2026 00:38:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29376 (0x72c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Jan 25 13:54:54 2026 GMT
Not After : Mar 31 00:00:00 2027 GMT
Subject: CN=A91C6CAF, serialNumber=9F02DA3AB5FB45317507C48021CE0A8B937255C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:b6:9a:e6:68:c9:e6:02:12:bb:52:bf:f5:50:
48:10:40:fe:34:08:47:db:7d:1f:e6:e5:e2:6c:b1:
a0:81:04:90:cd:2d:23:f5:f9:eb:e7:4b:50:0b:ba:
f1:cc:a1:88:79:1b:6c:83:fe:62:23:f0:dc:3a:d5:
6f:01:0c:cf:fa:24:2b:6c:6f:02:40:1c:6a:4d:3c:
e4:72:4a:4d:b5:77:1c:8d:2a:ff:16:5f:53:1e:08:
10:7b:ea:35:c8:fb:eb:7a:82:82:2a:5a:1b:d3:5c:
04:ff:4b:ef:8b:c0:3a:09:ba:6a:37:d4:a1:ae:90:
30:5d:ed:cd:5d:95:c4:b5:12:9d:6d:8b:42:70:6f:
f2:68:6a:37:99:7e:8e:a5:80:bc:18:4e:6f:39:32:
67:9a:21:70:ea:31:66:53:c4:0e:9f:a5:85:3a:5f:
3b:ca:69:c2:45:59:16:a8:87:64:9b:54:0b:b6:e3:
91:a1:af:58:6e:d4:70:3f:4b:fd:f7:ec:7c:a3:f7:
4b:fa:68:18:05:d1:cd:65:be:5e:13:0b:58:bd:ee:
36:25:36:66:08:c4:e7:3a:cd:d1:c8:e7:82:2a:df:
8a:30:9d:1f:5e:cf:ab:d1:04:9d:fe:f8:0b:20:3e:
90:25:12:73:ae:30:cb:2f:63:52:56:6d:56:23:06:
ec:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:02:DA:3A:B5:FB:45:31:75:07:C4:80:21:CE:0A:8B:93:72:55:C9
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/nwLaOrX7RTF1B8SAIc4Ki5NyVck.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.238.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:bd:07:71:74:01:a8:ae:73:14:31:ca:2e:4b:c9:4a:97:17:
b3:0a:11:d2:2f:5e:25:b5:bb:86:53:12:d6:ff:a1:3b:ac:32:
41:ea:7c:4b:64:8e:f5:85:eb:53:2a:00:ef:6f:d0:ae:a8:a4:
70:97:b1:6d:4a:48:f9:96:83:21:7f:b1:a9:4c:d3:96:ae:fe:
f4:17:44:8f:77:ad:18:31:b7:4d:8b:82:1c:70:23:62:42:83:
c6:5a:c8:61:26:84:0d:a5:a8:48:b4:be:01:4f:6f:c7:04:53:
85:65:b6:17:c5:58:c8:37:8b:b7:b2:c1:ef:c2:f7:ee:08:f0:
09:b3:09:c0:90:dc:0c:06:05:6f:a6:61:f2:9a:ac:8d:88:d9:
d2:5d:ed:37:92:4d:60:f1:a5:58:80:db:4d:0a:2d:7d:16:63:
cb:40:27:6a:d7:20:cb:a7:8f:98:8a:25:f1:35:47:12:49:3b:
07:f4:40:1b:ef:d4:8e:2f:92:88:f8:7f:a1:b7:f4:9f:87:b6:
5b:d2:bc:26:e0:6d:ac:5a:23:53:26:c6:fa:14:09:3f:b6:61:
37:c2:67:26:7f:46:7f:44:52:15:83:c6:e9:18:a2:c4:7a:84:
5b:0d:a4:f4:c5:44:4d:be:fa:5c:cc:01:dc:e2:73:e8:0a:39:
ef:60:d9:3b
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICcsAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjYwMTI1MTM1NDU0WhcNMjcwMzMxMDAwMDAwWjBGMREwDwYD
VQQDDAhBOTFDNkNBRjExMC8GA1UEBRMoOUYwMkRBM0FCNUZCNDUzMTc1MDdDNDgw
MjFDRTBBOEI5MzcyNTVDOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AN62muZoyeYCErtSv/VQSBBA/jQIR9t9H+bl4myxoIEEkM0tI/X56+dLUAu68cyh
iHkbbIP+YiPw3DrVbwEMz/okK2xvAkAcak085HJKTbV3HI0q/xZfUx4IEHvqNcj7
63qCgipaG9NcBP9L74vAOgm6ajfUoa6QMF3tzV2VxLUSnW2LQnBv8mhqN5l+jqWA
vBhObzkyZ5ohcOoxZlPEDp+lhTpfO8ppwkVZFqiHZJtUC7bjkaGvWG7UcD9L/ffs
fKP3S/poGAXRzWW+XhMLWL3uNiU2ZgjE5zrN0cjngirfijCdH17Pq9EEnf74CyA+
kCUSc64wyy9jUlZtViMG7CECAwEAAaOCAvMwggLvMB0GA1UdDgQWBBSfAto6tftF
MXUHxIAhzgqLk3JVyTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzZDQUYvRjNFMEZBRTRCNkY0MTFFRUFDMjAzODEwQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM2Q0FGL0YzRTBGQUU0QjZGNDExRUVBQzIwMzgxMEM0RjlBRTAyL253TGFPclg3
UlRGMUI4U0FJYzRLaTVOeVZjay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0K7jANBgkqhkiG9w0BAQsFAAOCAQEAnL0HcXQBqK5zFDHKLkvJ
SpcXswoR0i9eJbW7hlMS1v+hO6wyQep8S2SO9YXrUyoA72/QrqikcJexbUpI+ZaD
IX+xqUzTlq7+9BdEj3etGDG3TYuCHHAjYkKDxlrIYSaEDaWoSLS+AU9vxwRThWW2
F8VYyDeLt7LB78L37gjwCbMJwJDcDAYFb6Zh8pqsjYjZ0l3tN5JNYPGlWIDbTQot
fRZjy0Anatcgy6ePmIol8TVHEkk7B/RAG+/Uji+SiPh/obf0n4e2W9K8JuBtrFoj
UybG+hQJP7ZhN8JnJn9Gf0RSFYPG6RiixHqEWw2k9MVETb76XMwB3OJz6Ao572DZ
Ow==
-----END CERTIFICATE-----
Generated at Fri Feb 20 03:47:12 2026 by rpki-client