Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer
File: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer (raw, json)
Hash identifier: Tj0DMc17GIlsrNOPo2Vrd8QYbq2oFDge8erwmAtJhmI=
Subject key identifier: AB:C6:FB:A4:B7:84:28:38:79:19:0D:C7:17:E3:4B:4C:D8:82:DA:08
Authority key identifier: 34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
Certificate issuer: /CN=A90DC5BE/serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Certificate serial: 4A61
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 03 Mar 2026 13:27:44 +0000
Certificate not after: Fri 28 May 2027 00:00:00 +0000
Subordinate resources: IP: 196.1.1.0/24
IP: 196.1.109.0/24
IP: 196.1.113.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 18 Mar 2026 02:50:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19041 (0x4a61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=348F9B9B92A72CCFD36F3C70F35675733CC8EA22
Validity
Not Before: Mar 3 13:27:44 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=A9172CE3, serialNumber=ABC6FBA4B784283879190DC717E34B4CD882DA08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c8:29:15:07:81:3d:39:24:2e:9b:2b:fc:66:
0c:b0:8f:c2:b8:40:a0:89:82:9d:c5:95:9e:0d:9e:
da:a1:e2:ef:f0:cf:26:13:0a:e0:63:16:d7:92:3d:
df:8e:f6:a3:eb:17:e6:1a:a9:3d:69:de:c5:ca:fb:
ae:a8:36:30:78:17:a5:56:14:ec:a7:0c:97:ef:cd:
82:8d:1d:fc:d2:5c:12:11:da:70:9a:43:c0:8e:3e:
5b:63:dd:2b:e7:e3:59:ea:ce:21:7d:c2:42:c6:ef:
8e:f9:c0:df:f6:1a:ba:69:30:59:eb:f5:eb:9e:85:
d5:29:ac:3d:57:29:34:1a:78:3f:82:95:c1:ca:db:
79:1b:ee:8b:2c:df:f0:dd:ac:d5:9c:0c:51:3e:3d:
2a:b0:97:c4:a7:52:c7:f7:f1:d4:8a:39:05:fa:90:
b9:8d:b2:7f:bc:81:0c:b2:2b:48:c1:98:eb:4d:2a:
20:b9:5a:8e:df:1e:42:b4:d0:b9:77:00:48:f4:1a:
56:91:11:24:d6:ea:c9:4c:f1:c8:20:e9:f1:20:5f:
5c:92:71:bb:73:89:1c:37:19:d7:b0:ae:5c:f8:8f:
a4:73:23:97:57:72:84:7f:c9:06:c1:ff:2d:7d:15:
a0:4d:a3:14:1d:40:ce:d3:92:d1:ff:a3:45:3b:1c:
4d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:C6:FB:A4:B7:84:28:38:79:19:0D:C7:17:E3:4B:4C:D8:82:DA:08
X509v3 Authority Key Identifier:
keyid:34:8F:9B:9B:92:A7:2C:CF:D3:6F:3C:70:F3:56:75:73:3C:C8:EA:22
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.1.1.0/24
196.1.109.0/24
196.1.113.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:dc:dd:1b:84:08:03:18:43:62:1a:41:8b:30:de:d5:81:1f:
e9:e8:86:61:e3:ea:12:2c:a8:ea:12:57:47:f6:9d:e5:c3:f7:
3d:88:98:32:d5:94:d8:a8:4f:55:c4:21:6e:d6:6f:63:75:7d:
11:00:da:74:5f:ee:6b:3a:71:98:29:44:c9:11:11:b6:96:53:
57:74:29:2d:3d:01:56:e3:06:a7:3f:c5:b2:88:27:4f:b0:7e:
64:b2:f7:e8:46:be:0d:fa:29:52:57:30:ed:dc:32:89:48:44:
84:09:44:79:a8:7f:ce:31:07:0a:87:47:fc:45:ca:8d:1b:b5:
e1:d4:f3:af:76:51:c1:91:4c:bf:28:2f:c2:d3:0a:4c:00:d2:
07:9a:24:3c:11:1d:46:a5:08:a6:4b:d0:b7:df:24:e3:f0:1d:
63:92:49:92:d3:6f:82:a5:26:cb:b0:10:aa:f3:a8:31:66:ca:
40:28:b1:f1:56:02:bd:e9:be:b8:79:09:57:e2:8a:d0:53:0b:
26:75:2e:90:b4:cc:ec:98:1b:4a:df:3b:98:c1:5d:02:8b:c9:
f4:d1:88:8e:d0:af:2a:ac:17:dc:c0:65:11:c0:c6:a4:17:77:
bb:86:20:eb:27:96:6d:58:3d:d8:7b:63:79:9d:96:c5:e0:7e:
c6:c7:86:ef
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgICSmEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDM0OEY5QjlCOTJBNzJDQ0ZEMzZGM0M3MEYzNTY3NTcz
M0NDOEVBMjIwHhcNMjYwMzAzMTMyNzQ0WhcNMjcwNTI4MDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE3MkNFMzExMC8GA1UEBRMoQUJDNkZCQTRCNzg0MjgzODc5MTkwREM3
MTdFMzRCNENEODgyREEwODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AK7IKRUHgT05JC6bK/xmDLCPwrhAoImCncWVng2e2qHi7/DPJhMK4GMW15I93472
o+sX5hqpPWnexcr7rqg2MHgXpVYU7KcMl+/Ngo0d/NJcEhHacJpDwI4+W2PdK+fj
WerOIX3CQsbvjvnA3/YaumkwWev1656F1SmsPVcpNBp4P4KVwcrbeRvuiyzf8N2s
1ZwMUT49KrCXxKdSx/fx1Io5BfqQuY2yf7yBDLIrSMGY600qILlajt8eQrTQuXcA
SPQaVpERJNbqyUzxyCDp8SBfXJJxu3OJHDcZ17CuXPiPpHMjl1dyhH/JBsH/LX0V
oE2jFB1AztOS0f+jRTscTX0CAwEAAaOCAv8wggL7MB0GA1UdDgQWBBSrxvukt4Qo
OHkZDccX40tM2ILaCDAfBgNVHSMEGDAWgBQ0j5ubkqcsz9NvPHDzVnVzPMjqIjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjQxRkU2MTAxRDY2
MTFFMkE2MkY4NzdDNzJGRDFGRjIvTkktYm01S25MTV9UYnp4dzgxWjFjenpJNmlJ
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9OSS1ibTVLbkxNX1Rienh3ODFaMWN6ekk2aUkuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzJDRTMvNUQ3ODk5RjQ0MDU5MTFFQ0EwQUZBQTREQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTcyQ0UzLzVENzg5OUY0NDA1OTExRUNBMEFGQUE0REM0RjlBRTAyL3E4YjdwTGVF
S0RoNUdRM0hGLU5MVE5pQzJnZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQcMBow
GAQCAAEwEgMEAMQBAQMEAMQBbQMEAMQBcTANBgkqhkiG9w0BAQsFAAOCAQEAS9zd
G4QIAxhDYhpBizDe1YEf6eiGYePqEiyo6hJXR/ad5cP3PYiYMtWU2KhPVcQhbtZv
Y3V9EQDadF/uazpxmClEyRERtpZTV3QpLT0BVuMGpz/FsognT7B+ZLL36Ea+Dfop
Ulcw7dwyiUhEhAlEeah/zjEHCodH/EXKjRu14dTzr3ZRwZFMvygvwtMKTADSB5ok
PBEdRqUIpkvQt98k4/AdY5JJktNvgqUmy7AQqvOoMWbKQCix8VYCvem+uHkJV+KK
0FMLJnUukLTM7JgbSt87mMFdAovJ9NGIjtCvKqwX3MBlEcDGpBd3u4Yg6yeWbVg9
2HtjeZ2WxeB+xseG7w==
-----END CERTIFICATE-----
Generated at Wed Mar 11 11:09:30 2026 by rpki-client