Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rIhkJjgk7eNlW5l0Lfs56IO7kUU.cer
File: rIhkJjgk7eNlW5l0Lfs56IO7kUU.cer (raw, json)
Hash identifier: /u/OiJZ6027xQdnAcrELWbmTyouhLDS6TympNCKiiBQ=
Subject key identifier: AC:88:64:26:38:24:ED:E3:65:5B:99:74:2D:FB:39:E8:83:BB:91:45
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 7C0C
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9120974/E105B3BA3A4911E9940F2D16C4F9AE02/rIhkJjgk7eNlW5l0Lfs56IO7kUU.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9120974/E105B3BA3A4911E9940F2D16C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 27 May 2026 12:33:07 +0000
Certificate not after: Fri 30 Jul 2027 00:00:00 +0000
Subordinate resources: IP: 45.40.192.0/18
IP: 129.28.0.0/16
IP: 129.204.0.0/16
IP: 129.211.0.0/16
IP: 132.232.0.0/16
IP: 134.175.0.0/16
IP: 142.86.0.0/16
IP: 146.56.192.0/18
IP: 148.70.0.0/16
IP: 149.41.0.0/16
IP: 152.136.0.0/16
IP: 158.79.0.0/16
IP: 159.75.0.0/16
IP: 161.120.0.0/16
IP: 162.14.0.0/16
IP: 172.81.192.0/18
IP: 192.144.128.0/17
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 09 Jun 2026 15:18:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31756 (0x7c0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: May 27 12:33:07 2026 GMT
Not After : Jul 30 00:00:00 2027 GMT
Subject: CN=A9120974, serialNumber=AC8864263824EDE3655B99742DFB39E883BB9145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:32:cc:61:bd:20:76:20:f2:dc:b2:a4:68:f4:
fb:4d:96:94:70:08:ef:35:5b:cd:8b:7c:bb:6a:4e:
d2:99:a5:31:68:b3:25:79:65:e1:84:1c:07:a5:5d:
52:72:f3:c6:7c:2c:90:93:6a:42:3b:a9:9d:ca:3e:
df:19:8a:e5:fe:0f:c4:b3:00:bf:5b:e6:b6:ee:a2:
c0:86:23:4d:f9:bf:05:fe:79:8c:e6:0d:4c:de:58:
9e:92:2d:62:37:0e:22:11:70:fc:ec:26:34:a6:5a:
e9:30:bc:d6:33:f4:46:4d:4e:5b:87:b1:80:cb:58:
4e:c5:ff:6c:1b:04:00:17:b5:1b:9e:5c:e2:08:54:
3a:a5:58:88:5b:08:be:9c:2b:0d:28:07:85:68:14:
fe:4b:16:d2:5e:3a:08:bd:49:97:c2:8c:b0:60:78:
8e:ce:b4:17:e3:d1:f2:50:cd:f9:28:a4:c7:15:57:
b4:eb:e5:a6:f5:56:87:91:5d:f8:a5:1e:2b:96:18:
8e:6d:f9:99:f6:9f:85:a8:76:ab:57:98:5b:10:a7:
3f:87:f4:33:81:ef:a7:6e:23:97:ab:01:08:2c:9e:
d8:80:12:04:8b:4c:56:68:94:7a:aa:c3:ab:64:32:
e1:22:7e:73:9c:75:26:db:32:45:ce:c9:6f:c3:0a:
28:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:88:64:26:38:24:ED:E3:65:5B:99:74:2D:FB:39:E8:83:BB:91:45
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9120974/E105B3BA3A4911E9940F2D16C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9120974/E105B3BA3A4911E9940F2D16C4F9AE02/rIhkJjgk7eNlW5l0Lfs56IO7kUU.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.40.192.0/18
129.28.0.0/16
129.204.0.0/16
129.211.0.0/16
132.232.0.0/16
134.175.0.0/16
142.86.0.0/16
146.56.192.0/18
148.70.0.0/16
149.41.0.0/16
152.136.0.0/16
158.79.0.0/16
159.75.0.0/16
161.120.0.0/16
162.14.0.0/16
172.81.192.0/18
192.144.128.0/17
Signature Algorithm: sha256WithRSAEncryption
62:9e:7e:e0:89:4e:bc:6b:00:6a:2f:b7:2f:d2:6c:05:7c:4b:
b3:12:b3:c3:2d:64:9b:3f:70:ee:5d:c8:c3:11:26:9a:29:ad:
6d:e1:ca:08:cf:a7:36:f5:40:66:8f:7b:3a:98:35:77:3c:35:
03:57:5a:03:0d:1b:b0:16:cb:a1:87:3b:e3:40:43:07:8e:a5:
b9:c3:04:e0:b7:99:97:a1:56:bc:9b:89:fe:0c:61:6e:2d:b4:
b8:b7:a2:19:48:a1:99:51:bb:93:32:51:e3:ff:25:ad:c0:ce:
7c:fa:b8:d3:60:47:cf:4d:55:61:5f:f6:7a:40:78:c0:73:91:
1e:67:e5:9d:7d:93:0c:ea:1f:81:42:e9:a8:fb:4c:2d:ea:58:
77:5d:22:dd:c3:30:97:80:8d:03:7d:86:2b:58:f8:89:18:3b:
be:aa:02:84:32:76:cc:5a:8b:60:71:23:db:62:62:aa:01:ae:
b1:bb:ae:d3:67:eb:35:f8:f6:1a:91:85:a5:a1:06:c9:dd:fe:
c5:be:2d:a7:7b:79:9e:9c:d0:bd:46:84:bf:7c:f7:29:f8:9d:
fc:9c:3a:8d:21:8b:3f:4a:35:d6:7c:a2:dd:ff:b0:0a:3f:a0:
a6:24:8a:6c:d2:92:29:85:3f:39:97:47:52:83:65:b4:43:da:
7a:37:36:4a
-----BEGIN CERTIFICATE-----
MIIGUDCCBTigAwIBAgICfAwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjYwNTI3MTIzMzA3WhcNMjcwNzMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEyMDk3NDExMC8GA1UEBRMoQUM4ODY0MjYzODI0RURFMzY1NUI5OTc0
MkRGQjM5RTg4M0JCOTE0NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMoyzGG9IHYg8tyypGj0+02WlHAI7zVbzYt8u2pO0pmlMWizJXll4YQcB6VdUnLz
xnwskJNqQjupnco+3xmK5f4PxLMAv1vmtu6iwIYjTfm/Bf55jOYNTN5YnpItYjcO
IhFw/OwmNKZa6TC81jP0Rk1OW4exgMtYTsX/bBsEABe1G55c4ghUOqVYiFsIvpwr
DSgHhWgU/ksW0l46CL1Jl8KMsGB4js60F+PR8lDN+SikxxVXtOvlpvVWh5Fd+KUe
K5YYjm35mfafhah2q1eYWxCnP4f0M4Hvp24jl6sBCCye2IASBItMVmiUeqrDq2Qy
4SJ+c5x1JtsyRc7Jb8MKKOcCAwEAAaOCA0YwggNCMB0GA1UdDgQWBBSsiGQmOCTt
42VbmXQt+znog7uRRTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjA5NzQvRTEwNUIzQkEzQTQ5MTFFOTk0MEYyRDE2QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTIwOTc0L0UxMDVCM0JBM0E0OTExRTk5NDBGMkQxNkM0RjlBRTAyL3JJaGtKamdr
N2VObFc1bDBMZnM1NklPN2tVVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDByBggrBgEFBQcBBwEB/wRjMGEw
XwQCAAEwWQMEBi0owAMDAIEcAwMAgcwDAwCB0wMDAIToAwMAhq8DAwCOVgMEBpI4
wAMDAJRGAwMAlSkDAwCYiAMDAJ5PAwMAn0sDAwCheAMDAKIOAwQGrFHAAwQHwJCA
MA0GCSqGSIb3DQEBCwUAA4IBAQBinn7giU68awBqL7cv0mwFfEuzErPDLWSbP3Du
XcjDESaaKa1t4coIz6c29UBmj3s6mDV3PDUDV1oDDRuwFsuhhzvjQEMHjqW5wwTg
t5mXoVa8m4n+DGFuLbS4t6IZSKGZUbuTMlHj/yWtwM58+rjTYEfPTVVhX/Z6QHjA
c5EeZ+WdfZMM6h+BQumo+0wt6lh3XSLdwzCXgI0DfYYrWPiJGDu+qgKEMnbMWotg
cSPbYmKqAa6xu67TZ+s1+PYakYWloQbJ3f7Fvi2ne3menNC9RoS/fPcp+J38nDqN
IYs/SjXWfKLd/7AKP6CmJIps0pIphT85l0dSg2W0Q9p6NzZK
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:12:38 2026 by rpki-client