Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rIhkJjgk7eNlW5l0Lfs56IO7kUU.cer
File: rIhkJjgk7eNlW5l0Lfs56IO7kUU.cer (raw, json)
Hash identifier: +aIEUxjafyutfXvlyIn2V06c8XMlti/pXNozkIqzgBA=
Subject key identifier: AC:88:64:26:38:24:ED:E3:65:5B:99:74:2D:FB:39:E8:83:BB:91:45
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6512
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9120974/E105B3BA3A4911E9940F2D16C4F9AE02/rIhkJjgk7eNlW5l0Lfs56IO7kUU.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9120974/E105B3BA3A4911E9940F2D16C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 16 May 2025 13:07:36 +0000
Certificate not after: Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 45.40.192.0/18
IP: 129.28.0.0/16
IP: 129.204.0.0/16
IP: 129.211.0.0/16
IP: 132.232.0.0/16
IP: 134.175.0.0/16
IP: 142.70.0.0/16
IP: 142.86.0.0/16
IP: 146.56.192.0/18
IP: 148.70.0.0/16
IP: 149.41.0.0/16
IP: 152.136.0.0/16
IP: 158.79.0.0/16
IP: 159.75.0.0/16
IP: 161.120.0.0/16
IP: 162.14.0.0/16
IP: 172.81.192.0/18
IP: 192.144.128.0/17
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Jun 2025 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25874 (0x6512)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: May 16 13:07:36 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=A9120974, serialNumber=AC8864263824EDE3655B99742DFB39E883BB9145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:32:cc:61:bd:20:76:20:f2:dc:b2:a4:68:f4:
fb:4d:96:94:70:08:ef:35:5b:cd:8b:7c:bb:6a:4e:
d2:99:a5:31:68:b3:25:79:65:e1:84:1c:07:a5:5d:
52:72:f3:c6:7c:2c:90:93:6a:42:3b:a9:9d:ca:3e:
df:19:8a:e5:fe:0f:c4:b3:00:bf:5b:e6:b6:ee:a2:
c0:86:23:4d:f9:bf:05:fe:79:8c:e6:0d:4c:de:58:
9e:92:2d:62:37:0e:22:11:70:fc:ec:26:34:a6:5a:
e9:30:bc:d6:33:f4:46:4d:4e:5b:87:b1:80:cb:58:
4e:c5:ff:6c:1b:04:00:17:b5:1b:9e:5c:e2:08:54:
3a:a5:58:88:5b:08:be:9c:2b:0d:28:07:85:68:14:
fe:4b:16:d2:5e:3a:08:bd:49:97:c2:8c:b0:60:78:
8e:ce:b4:17:e3:d1:f2:50:cd:f9:28:a4:c7:15:57:
b4:eb:e5:a6:f5:56:87:91:5d:f8:a5:1e:2b:96:18:
8e:6d:f9:99:f6:9f:85:a8:76:ab:57:98:5b:10:a7:
3f:87:f4:33:81:ef:a7:6e:23:97:ab:01:08:2c:9e:
d8:80:12:04:8b:4c:56:68:94:7a:aa:c3:ab:64:32:
e1:22:7e:73:9c:75:26:db:32:45:ce:c9:6f:c3:0a:
28:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:88:64:26:38:24:ED:E3:65:5B:99:74:2D:FB:39:E8:83:BB:91:45
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9120974/E105B3BA3A4911E9940F2D16C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9120974/E105B3BA3A4911E9940F2D16C4F9AE02/rIhkJjgk7eNlW5l0Lfs56IO7kUU.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.40.192.0/18
129.28.0.0/16
129.204.0.0/16
129.211.0.0/16
132.232.0.0/16
134.175.0.0/16
142.70.0.0/16
142.86.0.0/16
146.56.192.0/18
148.70.0.0/16
149.41.0.0/16
152.136.0.0/16
158.79.0.0/16
159.75.0.0/16
161.120.0.0/16
162.14.0.0/16
172.81.192.0/18
192.144.128.0/17
Signature Algorithm: sha256WithRSAEncryption
98:d9:2b:24:71:7c:7f:be:07:d3:12:0e:18:fb:8e:9b:d5:fa:
cf:33:20:c3:95:00:69:ee:ae:ba:69:7d:20:75:63:87:9f:7f:
03:23:c6:e5:62:94:9f:a7:49:f6:c8:33:31:3b:07:14:cc:a9:
17:00:39:74:25:a5:67:db:2f:e1:e7:cd:92:e4:21:19:a1:6f:
5c:c4:9d:ed:62:d0:00:83:af:53:0c:22:8a:c5:8d:c5:ac:8b:
85:bc:3d:9a:b5:3f:ca:db:30:34:4e:a4:da:da:1a:7d:4a:3e:
77:aa:ca:37:10:91:af:90:ea:90:f7:19:a6:2b:99:2d:84:9f:
c7:56:52:29:2b:ee:3f:4b:5e:fb:85:35:de:1f:7e:8e:29:c9:
d7:d0:ad:7b:21:d8:d2:b4:5f:3b:3a:34:c5:93:e8:ec:28:12:
00:7f:40:32:d5:1f:65:18:10:78:a9:9a:52:27:de:f4:4b:e4:
c2:37:2f:f0:7b:ff:23:28:40:4b:6e:bd:0a:c9:7e:64:a2:7e:
ea:bd:2c:33:e5:af:d2:f0:79:50:ae:f7:d5:96:b2:2f:50:d4:
06:ae:2c:f8:ad:0d:c7:c4:62:b4:07:d7:02:70:b8:c1:8e:e6:
b9:27:22:3c:e7:f3:02:4e:b9:e1:26:f4:0e:41:83:1e:7b:6d:
b3:24:f9:cc
-----BEGIN CERTIFICATE-----
MIIGVTCCBT2gAwIBAgICZRIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNTE2MTMwNzM2WhcNMjYwNzMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEyMDk3NDExMC8GA1UEBRMoQUM4ODY0MjYzODI0RURFMzY1NUI5OTc0
MkRGQjM5RTg4M0JCOTE0NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMoyzGG9IHYg8tyypGj0+02WlHAI7zVbzYt8u2pO0pmlMWizJXll4YQcB6VdUnLz
xnwskJNqQjupnco+3xmK5f4PxLMAv1vmtu6iwIYjTfm/Bf55jOYNTN5YnpItYjcO
IhFw/OwmNKZa6TC81jP0Rk1OW4exgMtYTsX/bBsEABe1G55c4ghUOqVYiFsIvpwr
DSgHhWgU/ksW0l46CL1Jl8KMsGB4js60F+PR8lDN+SikxxVXtOvlpvVWh5Fd+KUe
K5YYjm35mfafhah2q1eYWxCnP4f0M4Hvp24jl6sBCCye2IASBItMVmiUeqrDq2Qy
4SJ+c5x1JtsyRc7Jb8MKKOcCAwEAAaOCA0swggNHMB0GA1UdDgQWBBSsiGQmOCTt
42VbmXQt+znog7uRRTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjA5NzQvRTEwNUIzQkEzQTQ5MTFFOTk0MEYyRDE2QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTIwOTc0L0UxMDVCM0JBM0E0OTExRTk5NDBGMkQxNkM0RjlBRTAyL3JJaGtKamdr
N2VObFc1bDBMZnM1NklPN2tVVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDB3BggrBgEFBQcBBwEB/wRoMGYw
ZAQCAAEwXgMEBi0owAMDAIEcAwMAgcwDAwCB0wMDAIToAwMAhq8DAwCORgMDAI5W
AwQGkjjAAwMAlEYDAwCVKQMDAJiIAwMAnk8DAwCfSwMDAKF4AwMAog4DBAasUcAD
BAfAkIAwDQYJKoZIhvcNAQELBQADggEBAJjZKyRxfH++B9MSDhj7jpvV+s8zIMOV
AGnurrppfSB1Y4effwMjxuVilJ+nSfbIMzE7BxTMqRcAOXQlpWfbL+HnzZLkIRmh
b1zEne1i0ACDr1MMIorFjcWsi4W8PZq1P8rbMDROpNraGn1KPneqyjcQka+Q6pD3
GaYrmS2En8dWUikr7j9LXvuFNd4ffo4pydfQrXsh2NK0Xzs6NMWT6OwoEgB/QDLV
H2UYEHipmlIn3vRL5MI3L/B7/yMoQEtuvQrJfmSifuq9LDPlr9LweVCu99WWsi9Q
1AauLPitDcfEYrQH1wJwuMGO5rknIjzn8wJOueEm9A5Bgx57bbMk+cw=
-----END CERTIFICATE-----
Generated at Sun Jun 1 08:09:40 2025 by rpki-client