Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/42kpD9cZ4-SYfXGac7Hsd6qvSbY.cer
File: 42kpD9cZ4-SYfXGac7Hsd6qvSbY.cer (raw, json)
Hash identifier: GlKXlL1f94gua562IUPJNC8AvqTU+ytbR8DNn9OXoP0=
Subject key identifier: E3:69:29:0F:D7:19:E3:E4:98:7D:71:9A:73:B1:EC:77:AA:AF:49:B6
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02A13A
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91418C7/F93001B6F8CF11EF82D8D52BC4F9AE02/42kpD9cZ4-SYfXGac7Hsd6qvSbY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91418C7/F93001B6F8CF11EF82D8D52BC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 02 Mar 2026 13:03:58 +0000
Certificate not after: Fri 28 May 2027 00:00:00 +0000
Subordinate resources: IP: 163.61.206.0/23
IP: 2001:df5:2040::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 27 Mar 2026 14:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172346 (0x2a13a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Mar 2 13:03:58 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=A91418C7, serialNumber=E369290FD719E3E4987D719A73B1EC77AAAF49B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1d:21:9b:b4:65:83:10:e8:f3:16:8f:cc:44:
a5:10:eb:76:ab:fd:3c:73:50:95:6e:0c:12:83:9e:
38:fe:3a:99:67:c1:d3:c8:32:93:15:9e:30:48:31:
4c:85:7b:e8:24:85:de:54:37:5c:c5:28:2a:36:6f:
28:57:f5:db:88:0b:9a:1d:97:b7:b3:74:9f:03:38:
4a:9f:5c:d3:85:c2:90:92:ac:e9:11:e5:03:a0:e3:
2a:f0:8f:ff:d8:9b:09:35:7c:8e:01:98:7c:95:2c:
0a:e3:5f:b7:01:f2:b9:11:54:f9:dc:8a:ac:6f:e1:
37:aa:78:0b:cb:64:a4:36:1e:04:b0:8a:ba:d1:b8:
b1:d7:56:fa:fb:9a:3a:d7:33:cb:6c:43:18:08:a1:
3b:8a:56:e9:c8:31:f5:2f:05:3f:e5:14:63:6e:09:
93:87:d5:c4:bd:59:0f:bf:a8:83:b2:b3:aa:6f:1e:
6e:90:eb:1d:6d:0f:64:ad:c2:de:09:52:50:74:56:
f2:07:8d:8e:a3:60:ef:2c:f8:f1:75:a7:72:0e:24:
aa:40:64:a1:87:c7:5f:88:4e:84:e3:ad:5f:3d:16:
48:5f:95:a2:d6:c5:82:55:dc:2b:c5:7a:52:b5:c3:
4f:f5:a5:ac:3c:99:4c:7e:b2:de:6f:ef:27:6c:e6:
25:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:69:29:0F:D7:19:E3:E4:98:7D:71:9A:73:B1:EC:77:AA:AF:49:B6
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91418C7/F93001B6F8CF11EF82D8D52BC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91418C7/F93001B6F8CF11EF82D8D52BC4F9AE02/42kpD9cZ4-SYfXGac7Hsd6qvSbY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.206.0/23
IPv6:
2001:df5:2040::/48
Signature Algorithm: sha256WithRSAEncryption
02:0c:95:1f:01:2f:12:26:3d:27:29:8e:a1:32:56:83:b5:8c:
80:16:7f:50:c8:d8:39:05:1d:3d:32:e2:29:24:7f:8c:7d:f2:
02:a7:7f:17:98:47:27:6f:df:41:06:ea:90:7d:3b:36:c0:df:
61:46:5b:08:21:23:5a:38:c9:9d:95:ff:33:2d:5f:68:7f:ad:
e6:f6:11:ea:c8:1a:70:30:77:de:31:d1:dc:98:41:a3:bf:a7:
87:59:fd:20:e6:4d:b7:a2:5f:cb:60:18:77:d6:3c:aa:58:54:
62:20:aa:08:71:ce:81:be:0e:16:a3:6b:24:d8:3b:2f:12:4c:
37:10:e2:57:4e:c9:cb:fd:93:54:0c:7b:4f:0a:96:b3:70:ee:
16:93:20:90:5e:9d:b8:25:2a:4a:f7:4f:6f:75:3d:2a:a5:b4:
ef:16:72:88:85:e2:c6:66:ac:09:46:37:fb:84:9c:5f:13:20:
ec:21:f2:72:f0:3e:a4:2b:46:7c:e6:0b:94:d1:68:5e:66:11:
57:f7:13:e7:2b:eb:95:23:b2:d9:a8:b0:8d:b8:14:2b:4e:9f:
94:71:db:f4:71:8c:d3:37:2c:26:31:89:5e:79:83:bb:98:85:
c2:c0:8a:2f:d0:0e:1d:c8:c2:31:38:a6:7f:84:68:61:88:7e:
ea:cb:de:06
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgIDAqE6MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDMwMjEzMDM1OFoXDTI3MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNDE4QzcxMTAvBgNVBAUTKEUzNjkyOTBGRDcxOUUzRTQ5ODdENzE5
QTczQjFFQzc3QUFBRjQ5QjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCnHSGbtGWDEOjzFo/MRKUQ63ar/TxzUJVuDBKDnjj+OplnwdPIMpMVnjBIMUyF
e+gkhd5UN1zFKCo2byhX9duIC5odl7ezdJ8DOEqfXNOFwpCSrOkR5QOg4yrwj//Y
mwk1fI4BmHyVLArjX7cB8rkRVPnciqxv4TeqeAvLZKQ2HgSwirrRuLHXVvr7mjrX
M8tsQxgIoTuKVunIMfUvBT/lFGNuCZOH1cS9WQ+/qIOys6pvHm6Q6x1tD2Stwt4J
UlB0VvIHjY6jYO8s+PF1p3IOJKpAZKGHx1+IToTjrV89FkhflaLWxYJV3CvFelK1
w0/1paw8mUx+st5v7yds5iU5AgMBAAGjggMEMIIDADAdBgNVHQ4EFgQU42kpD9cZ
4+SYfXGac7Hsd6qvSbYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTQxOEM3L0Y5MzAwMUI2RjhDRjExRUY4MkQ4RDUyQkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0MThDNy9GOTMwMDFCNkY4Q0YxMUVGODJEOEQ1MkJDNEY5QUUwMi80MmtwRDlj
WjQtU1lmWEdhYzdIc2Q2cXZTYlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8EITAf
MAwEAgABMAYDBAGjPc4wDwQCAAIwCQMHACABDfUgQDANBgkqhkiG9w0BAQsFAAOC
AQEAAgyVHwEvEiY9JymOoTJWg7WMgBZ/UMjYOQUdPTLiKSR/jH3yAqd/F5hHJ2/f
QQbqkH07NsDfYUZbCCEjWjjJnZX/My1faH+t5vYR6sgacDB33jHR3JhBo7+nh1n9
IOZNt6Jfy2AYd9Y8qlhUYiCqCHHOgb4OFqNrJNg7LxJMNxDiV07Jy/2TVAx7TwqW
s3DuFpMgkF6duCUqSvdPb3U9KqW07xZyiIXixmasCUY3+4ScXxMg7CHycvA+pCtG
fOYLlNFoXmYRV/cT5yvrlSOy2aiwjbgUK06flHHb9HGM0zcsJjGJXnmDu5iFwsCK
L9AOHcjCMTimf4RoYYh+6sveBg==
-----END CERTIFICATE-----
Generated at Fri Mar 20 17:25:37 2026 by rpki-client