Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2ZAsTpRyx61QgoEvp9B3FGq3y5w.cer
File: 2ZAsTpRyx61QgoEvp9B3FGq3y5w.cer (raw, json)
Hash identifier: /i90T+o4M1NdRhybFQ+3B4PcOo1K4hCEU4wZXdwqnBU=
Subject key identifier: D9:90:2C:4E:94:72:C7:AD:50:82:81:2F:A7:D0:77:14:6A:B7:CB:9C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0244E7
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A913664F/1E0854AEDD7D11ED91A0464DC4F9AE02/2ZAsTpRyx61QgoEvp9B3FGq3y5w.mft
caRepository: rsync://rpki.apnic.net/member_repository/A913664F/1E0854AEDD7D11ED91A0464DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 08 May 2025 13:09:04 +0000
Certificate not after: Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 45444
IP: 116.197.144.0/21
IP: 203.28.234.0/24
IP: 2406:a000::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 03 Jun 2025 07:19:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148711 (0x244e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 8 13:09:04 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=A913664F, serialNumber=D9902C4E9472C7AD5082812FA7D077146AB7CB9C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4a:fa:2d:ff:33:e3:fd:32:4e:2d:e8:0d:4e:
f8:1a:75:9d:73:e0:13:a7:53:42:44:14:fd:1d:5c:
6f:b0:df:bd:af:98:ff:42:46:35:72:81:4b:36:48:
c3:97:99:80:af:4d:c1:d8:7a:53:9c:b1:fa:92:c2:
1b:01:9b:2a:44:40:ab:25:b8:75:db:dd:49:81:40:
6e:68:a3:ea:82:ab:3d:15:89:62:a2:c1:50:21:06:
ed:d1:b6:14:52:be:3e:4f:b3:a9:b0:d5:35:90:c2:
90:69:ca:70:b2:62:4d:2e:13:e7:c6:75:90:2f:f8:
db:0c:78:9d:bf:5b:b1:7c:2d:89:97:7a:1d:68:e0:
69:7b:01:6e:11:ad:8f:0d:68:0e:6b:ea:2b:25:fa:
80:62:c7:10:78:99:88:1c:90:28:dd:1c:d3:3e:50:
6a:1c:ff:4d:48:4d:9d:de:82:78:2b:a2:9f:b3:90:
88:e0:c6:7c:48:42:c3:bf:cc:2a:3e:4d:0b:d8:6b:
b5:f4:31:90:e9:13:e8:af:ba:11:97:9b:4b:88:89:
9d:83:b1:e9:80:77:13:c4:68:4c:7d:ef:04:f3:d7:
85:a6:ff:56:af:95:70:91:97:53:6c:62:1e:c8:ea:
74:b8:6d:bd:c8:c2:79:b4:4a:73:8d:9c:96:57:40:
96:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:90:2C:4E:94:72:C7:AD:50:82:81:2F:A7:D0:77:14:6A:B7:CB:9C
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913664F/1E0854AEDD7D11ED91A0464DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913664F/1E0854AEDD7D11ED91A0464DC4F9AE02/2ZAsTpRyx61QgoEvp9B3FGq3y5w.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
45444
sbgp-ipAddrBlock: critical
IPv4:
116.197.144.0/21
203.28.234.0/24
IPv6:
2406:a000::/32
Signature Algorithm: sha256WithRSAEncryption
99:c0:6a:e7:1b:83:1b:53:3a:c8:b4:91:6f:68:d7:a0:25:5e:
db:1d:0d:a0:4a:ff:96:97:3c:1e:83:27:fb:cd:7c:fc:66:25:
68:bf:9f:e0:6a:17:ce:aa:41:db:2a:80:b2:56:5d:1c:e7:65:
b0:1d:66:e9:c7:67:b2:56:ee:b1:f6:b8:ac:02:51:00:f8:2b:
41:9b:1c:9e:6a:f0:72:6d:58:82:77:d5:1a:4c:d0:ec:66:c4:
6e:8a:54:d6:a4:48:34:61:fe:66:03:2e:d3:bf:16:df:6d:ff:
b5:8a:92:cf:f5:82:9b:ba:a4:d6:85:d9:f4:e1:57:4d:9f:c4:
15:82:b6:8a:b0:c1:10:f7:55:00:56:6c:e1:27:8b:70:c1:2d:
f7:ba:df:32:e3:31:78:94:fd:95:90:ca:87:40:c6:72:20:20:
16:7e:02:5a:25:ef:38:99:83:ad:4a:0d:a1:9f:34:20:12:ef:
4f:1f:3b:46:41:bf:00:74:1d:93:6a:e5:77:8b:73:8d:fe:b6:
4f:1b:aa:e5:ad:7c:28:b2:1d:8a:46:1b:7f:09:ef:9e:46:53:
fe:32:df:19:a6:65:4c:21:e0:37:f1:78:80:4a:ec:e7:2e:66:
f2:de:dd:86:e1:65:43:97:9c:40:07:26:37:62:fe:4a:1d:70:
fc:0b:f4:24
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAkTnMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUwODEzMDkwNFoXDTI2MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzY2NEYxMTAvBgNVBAUTKEQ5OTAyQzRFOTQ3MkM3QUQ1MDgyODEy
RkE3RDA3NzE0NkFCN0NCOUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQClSvot/zPj/TJOLegNTvgadZ1z4BOnU0JEFP0dXG+w372vmP9CRjVygUs2SMOX
mYCvTcHYelOcsfqSwhsBmypEQKsluHXb3UmBQG5oo+qCqz0ViWKiwVAhBu3RthRS
vj5Ps6mw1TWQwpBpynCyYk0uE+fGdZAv+NsMeJ2/W7F8LYmXeh1o4Gl7AW4RrY8N
aA5r6isl+oBixxB4mYgckCjdHNM+UGoc/01ITZ3egngrop+zkIjgxnxIQsO/zCo+
TQvYa7X0MZDpE+ivuhGXm0uIiZ2DsemAdxPEaEx97wTz14Wm/1avlXCRl1NsYh7I
6nS4bb3Iwnm0SnONnJZXQJYVAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQU2ZAsTpRy
x61QgoEvp9B3FGq3y5wwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM2NjRGLzFFMDg1NEFFREQ3RDExRUQ5MUEwNDY0REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzNjY0Ri8xRTA4NTRBRUREN0QxMUVEOTFBMDQ2NERDNEY5QUUwMi8yWkFzVHBS
eXg2MVFnb0V2cDlCM0ZHcTN5NXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDALGEMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDdMWQAwQAyxzq
MA0EAgACMAcDBQAkBqAAMA0GCSqGSIb3DQEBCwUAA4IBAQCZwGrnG4MbUzrItJFv
aNegJV7bHQ2gSv+Wlzwegyf7zXz8ZiVov5/gahfOqkHbKoCyVl0c52WwHWbpx2ey
Vu6x9risAlEA+CtBmxyeavBybViCd9UaTNDsZsRuilTWpEg0Yf5mAy7Tvxbfbf+1
ipLP9YKbuqTWhdn04VdNn8QVgraKsMEQ91UAVmzhJ4twwS33ut8y4zF4lP2VkMqH
QMZyICAWfgJaJe84mYOtSg2hnzQgEu9PHztGQb8AdB2TauV3i3ON/rZPG6rlrXwo
sh2KRht/Ce+eRlP+Mt8ZpmVMIeA38XiASuznLmby3t2G4WVDl5xAByY3Yv5KHXD8
C/Qk
-----END CERTIFICATE-----
Generated at Fri May 30 09:46:44 2025 by rpki-client