This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/u8EDVhr9epMDbRxy3UwKfCpOKc4.cer File: u8EDVhr9epMDbRxy3UwKfCpOKc4.cer (raw, json) Hash identifier: a//hAuoYO2xSCgzwC+OSHK6txLbDrMDCUrFCiW8Xs1g= Subject key identifier: BB:C1:03:56:1A:FD:7A:93:03:6D:1C:72:DD:4C:0A:7C:2A:4E:29:CE Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E Certificate serial: 6EE2 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer Manifest: rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/u8EDVhr9epMDbRxy3UwKfCpOKc4.mft caRepository: rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/ Notify URL: https://rrdp.apnic.net/notification.xml Certificate not before: Wed 26 Nov 2025 01:54:07 +0000 Certificate not after: Tue 02 Mar 2027 00:00:00 +0000 Subordinate resources: IP: 139.163.0.0/16 IP: 168.134.0.0/16 Validation: OK Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 07:06:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28386 (0x6ee2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E Validity Not Before: Nov 26 01:54:07 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=A91F277D, serialNumber=BBC103561AFD7A93036D1C72DD4C0A7C2A4E29CE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:a5:3e:ef:7f:6a:5a:a4:32:a3:b6:64:d6:14: 6d:b0:8b:ba:15:17:b3:48:1c:97:fc:53:f2:01:60: de:40:85:29:03:b4:4d:db:8c:76:db:15:d7:37:26: 0d:1d:d5:13:4b:74:45:e5:62:f8:27:62:04:31:47: f4:2b:43:75:2f:6b:12:15:a2:5c:64:f9:1b:e3:cd: 56:7e:06:e1:50:7d:1f:b9:92:98:e3:ce:44:b8:d3: 5a:57:0d:14:4b:4d:1a:07:79:b3:96:6e:4c:76:b9: 49:fc:42:8a:a9:ae:0e:d5:9f:44:45:18:77:6b:94: 59:a2:77:2a:0e:cb:a7:53:bf:1f:9b:5c:69:bb:ec: dd:01:66:44:ad:dc:ec:12:41:50:45:1b:2e:7b:da: f8:47:e7:61:66:6e:3c:e2:dc:93:eb:08:29:c7:db: 4f:a6:65:5a:0e:b8:12:37:41:e2:e6:b2:ec:4e:a0: 11:7f:b6:c2:4b:01:03:a3:e3:a2:0f:ad:de:59:bd: 4e:c8:20:c3:07:c0:5d:51:9c:52:fd:93:95:15:9d: b5:b7:28:59:67:bc:90:48:0d:8a:61:9f:76:8f:a0: d4:1d:4a:3a:02:e7:2a:4e:19:21:f1:ef:5a:77:11: e2:cf:66:bf:27:8f:4e:72:96:e9:6d:d0:d2:eb:22: 88:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:C1:03:56:1A:FD:7A:93:03:6D:1C:72:DD:4C:0A:7C:2A:4E:29:CE X509v3 Authority Key Identifier: keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/ RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/u8EDVhr9epMDbRxy3UwKfCpOKc4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 139.163.0.0/16 168.134.0.0/16 Signature Algorithm: sha256WithRSAEncryption 0f:5a:d8:0e:94:81:59:8a:26:70:5e:8c:a5:b0:7c:5e:c4:9a: 5b:9f:ed:b8:8b:bd:77:2e:a1:d0:e3:e9:9c:74:28:41:47:a3: 6e:a8:c9:8d:db:59:47:f2:f3:7f:b3:d3:96:6a:9e:d8:dd:46: 7c:3d:54:79:b6:12:59:6e:fc:c3:fe:d5:9b:14:89:8a:e6:34: c6:18:48:55:46:1c:f4:01:54:67:fc:b6:4c:6d:c2:93:83:31: 39:1a:84:fc:7e:ec:08:e8:27:62:d5:ce:6b:89:e6:9e:94:b3: 96:a1:e1:20:63:75:2d:93:ac:88:25:40:67:2c:2e:2b:41:2b: b8:cf:6e:85:f0:33:73:a5:ca:72:12:5e:6f:43:93:1a:d8:ee: 8a:56:a5:4d:f0:d6:37:a3:78:92:94:b4:6e:8c:94:c4:9a:d1: f5:79:ec:f3:9a:55:4e:66:86:e0:19:3d:c6:f9:8a:72:fc:dd: bc:ec:06:d7:f3:52:8b:9e:67:04:00:c5:19:18:18:f5:ed:4f: 6e:58:4c:f6:15:c2:ba:3e:b3:32:3d:03:43:a8:2f:a7:96:a3: 4a:f5:12:8b:13:82:0e:47:83:73:af:08:7e:29:b3:6c:52:0b: fb:5a:89:9a:55:d8:44:98:0d:bc:1b:34:69:f5:8d:8d:ee:34: 73:b8:9c:a3 -----BEGIN CERTIFICATE----- MIIGATCCBOmgAwIBAgICbuIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD N0MxRDZFMEUwHhcNMjUxMTI2MDE1NDA3WhcNMjcwMzAyMDAwMDAwWjBGMREwDwYD VQQDEwhBOTFGMjc3RDExMC8GA1UEBRMoQkJDMTAzNTYxQUZEN0E5MzAzNkQxQzcy REQ0QzBBN0MyQTRFMjlDRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AMelPu9/alqkMqO2ZNYUbbCLuhUXs0gcl/xT8gFg3kCFKQO0TduMdtsV1zcmDR3V E0t0ReVi+CdiBDFH9CtDdS9rEhWiXGT5G+PNVn4G4VB9H7mSmOPORLjTWlcNFEtN Ggd5s5ZuTHa5SfxCiqmuDtWfREUYd2uUWaJ3Kg7Lp1O/H5tcabvs3QFmRK3c7BJB UEUbLnva+EfnYWZuPOLck+sIKcfbT6ZlWg64EjdB4uay7E6gEX+2wksBA6Pjog+t 3lm9TsggwwfAXVGcUv2TlRWdtbcoWWe8kEgNimGfdo+g1B1KOgLnKk4ZIfHvWncR 4s9mvyePTnKW6W3Q0usiiFsCAwEAAaOCAvcwggLzMB0GA1UdDgQWBBS7wQNWGv16 kwNtHHLdTAp8Kk4pzjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2 MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0 LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjI3N0QvNzhBMUQwOEU4RDZCMTFFQjk4NDBFMDVGQzRGOUFFMDIvMH4GCCsGAQUF BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MUYyNzdELzc4QTFEMDhFOEQ2QjExRUI5ODQwRTA1RkM0RjlBRTAyL3U4RURWaHI5 ZXBNRGJSeHkzVXdLZkNwT0tjNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAjBggrBgEFBQcBBwEB/wQUMBIw EAQCAAEwCgMDAIujAwMAqIYwDQYJKoZIhvcNAQELBQADggEBAA9a2A6UgVmKJnBe jKWwfF7Emluf7biLvXcuodDj6Zx0KEFHo26oyY3bWUfy83+z05ZqntjdRnw9VHm2 Ellu/MP+1ZsUiYrmNMYYSFVGHPQBVGf8tkxtwpODMTkahPx+7AjoJ2LVzmuJ5p6U s5ah4SBjdS2TrIglQGcsLitBK7jPboXwM3OlynISXm9DkxrY7opWpU3w1jejeJKU tG6MlMSa0fV57POaVU5mhuAZPcb5inL83bzsBtfzUoueZwQAxRkYGPXtT25YTPYV wro+szI9A0OoL6eWo0r1EosTgg5Hg3OvCH4ps2xSC/taiZpV2ESYDbwbNGn1jY3u NHO4nKM= -----END CERTIFICATE-----Generated at Wed Dec 3 13:18:31 2025 by rpki-client