Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qY-MQG_FZkCCkCD-hw9lkshMMA.cer
File: 3qY-MQG_FZkCCkCD-hw9lkshMMA.cer (raw, json)
Hash identifier: WiCDcMwRSGgVHH3Nr+FWsTVOXLcRPWF/OP/FLr3p2Ok=
Subject key identifier: DE:A6:3E:31:01:BF:15:99:02:0A:40:83:FA:1C:3D:96:4B:21:30:C0
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 026E73
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9161857/CB14BF263C9811F0AF124B38C4F9AE02/3qY-MQG_FZkCCkCD-hw9lkshMMA.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9161857/CB14BF263C9811F0AF124B38C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 22 Oct 2025 05:18:32 +0000
Certificate not after: Mon 31 Aug 2026 00:00:00 +0000
Subordinate resources: AS: 153913
IP: 203.169.6.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 10 Nov 2025 09:20:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159347 (0x26e73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 22 05:18:32 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=A9161857, serialNumber=DEA63E3101BF1599020A4083FA1C3D964B2130C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0c:ed:bf:da:27:8d:76:11:6b:67:59:bb:b7:
46:c6:5f:cc:aa:fe:93:42:4b:4e:da:fb:b3:2a:bf:
15:7f:1a:3a:17:58:8d:2f:c4:d5:cf:c3:2f:8d:5a:
a7:cb:8e:c7:9d:9e:5e:28:87:2d:be:3f:0f:00:b7:
97:8f:3b:51:f5:de:04:88:fd:dc:62:fa:e6:55:1a:
c7:d5:09:8e:5e:19:d2:63:e6:b7:51:5b:68:d6:36:
59:21:78:1f:fb:a6:f8:5f:c8:b0:1e:95:5a:57:36:
a5:d6:81:c1:f9:bd:90:2e:c8:38:65:52:14:57:a7:
6f:ad:58:4c:8d:9a:34:7c:f2:31:6e:48:7b:5b:77:
37:6c:05:4f:5d:a8:d7:c5:43:a0:4e:97:b5:5c:d2:
78:5f:64:59:79:de:ab:99:55:c3:25:57:57:1f:91:
1a:1b:b3:5d:bd:54:5a:cd:e9:31:87:a7:96:29:74:
0b:f2:64:ac:0d:b5:1e:5f:e2:9c:72:c5:88:56:f1:
04:66:96:74:59:b3:d8:ea:84:54:f9:1c:1a:a9:2b:
22:bb:2a:a0:f5:65:e5:17:6f:32:d8:5e:d9:66:3c:
8e:00:26:32:06:d1:b8:f4:36:ae:27:51:93:91:b8:
02:28:90:1e:a3:ef:1f:48:da:57:f9:1b:26:fe:f8:
fe:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A6:3E:31:01:BF:15:99:02:0A:40:83:FA:1C:3D:96:4B:21:30:C0
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9161857/CB14BF263C9811F0AF124B38C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9161857/CB14BF263C9811F0AF124B38C4F9AE02/3qY-MQG_FZkCCkCD-hw9lkshMMA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
153913
sbgp-ipAddrBlock: critical
IPv4:
203.169.6.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:0b:6b:ee:04:5a:0c:a0:e1:c6:e7:39:5e:4f:9d:6d:fe:a2:
84:fa:83:b6:f1:e8:b3:27:63:c5:e2:ea:8a:b2:a1:52:95:0d:
59:a3:c0:85:6d:ad:d4:c3:a6:60:cb:7e:a1:28:fb:de:17:43:
a1:01:ee:25:7a:82:4e:ef:fa:8b:92:76:89:2f:72:5d:4e:13:
31:31:ef:26:68:d4:a5:60:c2:8c:1e:8c:37:d2:df:24:7e:c1:
e7:c0:3a:2f:c3:43:d7:44:9b:82:9f:a8:51:5c:d4:4d:bf:ee:
fa:38:d1:8e:1b:2b:c4:d4:bc:c2:b7:64:54:39:da:82:ee:64:
22:75:f9:02:89:15:a1:8b:2a:81:93:10:38:07:8c:d8:95:e1:
aa:cf:1f:e6:c1:be:6b:33:8a:b3:d2:5f:81:94:53:8a:25:7b:
41:e9:42:00:ab:6a:bc:7d:4f:ab:6a:d3:ee:5b:9f:94:ec:32:
da:fa:3b:a7:a0:19:17:04:2f:d6:ee:13:c6:71:db:1c:ce:0e:
af:38:fe:bc:5b:32:4b:b4:82:59:92:95:e3:68:0b:28:b4:9f:
f5:e7:bf:77:7e:8d:91:99:90:66:c4:e0:36:6e:f6:23:18:81:
8a:88:cd:5d:43:af:49:cb:0f:ae:62:c1:91:4f:6c:51:b4:0d:
f1:17:b1:41
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAm5zMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MTAyMjA1MTgzMloXDTI2MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNjE4NTcxMTAvBgNVBAUTKERFQTYzRTMxMDFCRjE1OTkwMjBBNDA4
M0ZBMUMzRDk2NEIyMTMwQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJDO2/2ieNdhFrZ1m7t0bGX8yq/pNCS07a+7MqvxV/GjoXWI0vxNXPwy+NWqfL
jsednl4ohy2+Pw8At5ePO1H13gSI/dxi+uZVGsfVCY5eGdJj5rdRW2jWNlkheB/7
pvhfyLAelVpXNqXWgcH5vZAuyDhlUhRXp2+tWEyNmjR88jFuSHtbdzdsBU9dqNfF
Q6BOl7Vc0nhfZFl53quZVcMlV1cfkRobs129VFrN6TGHp5YpdAvyZKwNtR5f4pxy
xYhW8QRmlnRZs9jqhFT5HBqpKyK7KqD1ZeUXbzLYXtlmPI4AJjIG0bj0Nq4nUZOR
uAIokB6j7x9I2lf5Gyb++P4VAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQU3qY+MQG/
FZkCCkCD+hw9lkshMMAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTYxODU3L0NCMTRCRjI2M0M5ODExRjBBRjEyNEIzOEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2MTg1Ny9DQjE0QkYyNjNDOTgxMUYwQUYxMjRCMzhDNEY5QUUwMi8zcVktTVFH
X0Zaa0NDa0NELWh3OWxrc2hNTUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlk5MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBy6kGMA0GCSqG
SIb3DQEBCwUAA4IBAQCKC2vuBFoMoOHG5zleT51t/qKE+oO28eizJ2PF4uqKsqFS
lQ1Zo8CFba3Uw6Zgy36hKPveF0OhAe4leoJO7/qLknaJL3JdThMxMe8maNSlYMKM
How30t8kfsHnwDovw0PXRJuCn6hRXNRNv+76ONGOGyvE1LzCt2RUOdqC7mQidfkC
iRWhiyqBkxA4B4zYleGqzx/mwb5rM4qz0l+BlFOKJXtB6UIAq2q8fU+ratPuW5+U
7DLa+junoBkXBC/W7hPGcdsczg6vOP68WzJLtIJZkpXjaAsotJ/15793fo2RmZBm
xOA2bvYjGIGKiM1dQ69Jyw+uYsGRT2xRtA3xF7FB
-----END CERTIFICATE-----
Generated at Mon Nov 3 11:16:38 2025 by rpki-client