Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/GHL5iLZXI3g3mSN-VU28xuSdFLA.cer
File: GHL5iLZXI3g3mSN-VU28xuSdFLA.cer (raw, json)
Hash identifier: m47+BAuEPyhZwLckC0gdvrJPZh1uimGWoBLYXZjyP3s=
Subject key identifier: 18:72:F9:88:B6:57:23:78:37:99:23:7E:55:4D:BC:C6:E4:9D:14:B0
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 4B14
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Manifest: rsync://rpki.apnic.net/member_repository/A919986F/A61DF1DA466A11EAA007EF1FC4F9AE02/GHL5iLZXI3g3mSN-VU28xuSdFLA.mft
caRepository: rsync://rpki.apnic.net/member_repository/A919986F/A61DF1DA466A11EAA007EF1FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 28 Apr 2026 13:52:31 +0000
Certificate not after: Sun 31 Jan 2027 00:00:00 +0000
Subordinate resources: IP: 154.8.64.0 -- 154.8.119.255
IP: 154.8.126.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 09 May 2026 22:28:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19220 (0x4b14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Apr 28 13:52:31 2026 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=A919986F, serialNumber=1872F988B65723783799237E554DBCC6E49D14B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:86:e6:5e:79:19:0c:eb:25:43:58:a4:6c:69:
3c:1b:b1:76:40:04:59:1b:10:96:c5:9a:ff:38:6a:
00:ac:27:6a:42:e0:1e:31:62:32:bf:a5:0a:16:c6:
ae:fd:f1:21:70:77:4a:aa:76:51:5e:05:59:e0:5d:
c7:bd:9e:f3:c2:b7:a3:dd:f4:2a:ce:6c:b9:dd:0d:
4e:91:28:62:6a:4d:42:0a:62:da:f9:da:68:2b:dd:
f7:3a:e7:c6:c9:4d:d7:96:22:7c:60:66:18:92:0e:
ba:d9:5f:b9:c9:87:86:90:5d:1d:b7:0f:cd:f2:8f:
36:50:56:fe:07:bc:ca:13:8f:4c:68:9f:2c:44:c5:
ac:06:6c:3e:d4:10:a0:2c:2d:e8:f7:87:0a:31:c3:
3a:bb:56:45:a7:96:06:32:9a:42:3a:b0:7e:bd:fa:
6e:d3:53:2d:01:9d:70:d9:13:fe:86:9d:6a:85:72:
4a:8d:54:5e:64:74:63:1c:25:5f:9a:d1:57:67:8c:
5e:37:f9:67:00:ef:e4:77:28:a4:ad:c7:d0:d7:f8:
c0:40:9e:a5:95:4a:c6:97:4d:c5:f2:9a:ea:db:42:
27:86:c6:dd:ad:97:f9:c0:5f:59:c0:e9:af:3e:2a:
5e:94:1d:ec:be:ef:7d:ab:84:29:b3:77:3f:0f:4c:
79:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:72:F9:88:B6:57:23:78:37:99:23:7E:55:4D:BC:C6:E4:9D:14:B0
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919986F/A61DF1DA466A11EAA007EF1FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919986F/A61DF1DA466A11EAA007EF1FC4F9AE02/GHL5iLZXI3g3mSN-VU28xuSdFLA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.8.64.0-154.8.119.255
154.8.126.0/23
Signature Algorithm: sha256WithRSAEncryption
57:a4:70:82:7a:d6:d7:56:fb:61:50:40:ac:67:cc:66:a4:08:
fb:f8:ce:d2:8f:a9:4a:fb:4d:27:3b:bf:b5:3a:37:2a:06:79:
af:a9:e9:e3:76:70:2a:81:fa:0f:2e:79:3a:d9:c8:de:b8:3d:
02:3b:9c:4f:8d:50:e9:e4:5f:36:c5:79:8b:a2:28:61:46:d6:
bb:39:7f:cb:19:31:e2:cb:ef:e0:0f:09:b2:5e:34:8c:4c:17:
ca:af:8c:f7:1a:ea:0b:cd:ee:99:8e:a1:9a:03:e2:2f:aa:e3:
2b:47:d5:79:ee:63:50:4d:6c:d3:54:d7:24:f5:45:24:c8:9c:
0c:8c:45:13:46:5f:cf:da:8b:7d:ff:06:c7:4c:44:a4:3c:c7:
c0:81:dc:0d:55:da:44:23:e8:c0:5c:55:3f:dd:e9:8c:f3:19:
4f:75:7f:f4:a2:a3:fa:10:e6:7e:4d:0b:fd:f4:50:e3:9a:fa:
26:e1:27:7a:d3:de:e5:86:58:c8:a0:f4:56:d7:97:b2:b7:c9:
50:a1:d8:66:42:3b:35:9b:82:13:ce:c0:25:b3:2f:fd:9c:77:
84:62:9d:98:0d:38:16:d1:67:8a:1b:c9:a6:1b:e0:58:4a:8c:
2f:f9:c4:a8:58:7d:58:7f:5e:7d:84:8b:8f:ef:b6:c7:36:2b:
11:50:2d:30
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgICSxQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjYwNDI4MTM1MjMxWhcNMjcwMTMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE5OTg2RjExMC8GA1UEBRMoMTg3MkY5ODhCNjU3MjM3ODM3OTkyMzdF
NTU0REJDQzZFNDlEMTRCMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANeG5l55GQzrJUNYpGxpPBuxdkAEWRsQlsWa/zhqAKwnakLgHjFiMr+lChbGrv3x
IXB3Sqp2UV4FWeBdx72e88K3o930Ks5sud0NTpEoYmpNQgpi2vnaaCvd9zrnxslN
15YifGBmGJIOutlfucmHhpBdHbcPzfKPNlBW/ge8yhOPTGifLETFrAZsPtQQoCwt
6PeHCjHDOrtWRaeWBjKaQjqwfr36btNTLQGdcNkT/oadaoVySo1UXmR0YxwlX5rR
V2eMXjf5ZwDv5HcopK3H0Nf4wECepZVKxpdNxfKa6ttCJ4bG3a2X+cBfWcDprz4q
XpQd7L7vfauEKbN3Pw9Mea8CAwEAAaOCAwEwggL9MB0GA1UdDgQWBBQYcvmItlcj
eDeZI35VTbzG5J0UsDAfBgNVHSMEGDAWgBQ0j5ubkqcsz9NvPHDzVnVzPMjqIjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2
MTFFMkE2MkY4NzdDNzJGRDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJ
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTk4NkYvQTYxREYxREE0NjZBMTFFQUEwMDdFRjFGQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTk5ODZGL0E2MURGMURBNDY2QTExRUFBMDA3RUYxRkM0RjlBRTAyL0dITDVpTFpY
STNnM21TTi1WVTI4eHVTZEZMQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAtBggrBgEFBQcBBwEB/wQeMBww
GgQCAAEwFDAMAwQGmghAAwQDmghwAwQBmgh+MA0GCSqGSIb3DQEBCwUAA4IBAQBX
pHCCetbXVvthUECsZ8xmpAj7+M7Sj6lK+00nO7+1OjcqBnmvqenjdnAqgfoPLnk6
2cjeuD0CO5xPjVDp5F82xXmLoihhRta7OX/LGTHiy+/gDwmyXjSMTBfKr4z3GuoL
ze6ZjqGaA+IvquMrR9V57mNQTWzTVNck9UUkyJwMjEUTRl/P2ot9/wbHTESkPMfA
gdwNVdpEI+jAXFU/3emM8xlPdX/0oqP6EOZ+TQv99FDjmvom4Sd6097lhljIoPRW
15eyt8lQodhmQjs1m4ITzsAlsy/9nHeEYp2YDTgW0WeKG8mmG+BYSowv+cSoWH1Y
f159hIuP77bHNisRUC0w
-----END CERTIFICATE-----
Generated at Wed May 6 04:25:05 2026 by rpki-client