Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4RQ3jak0hhRp9JXZdZjg8AKJwzA.cer
File: 4RQ3jak0hhRp9JXZdZjg8AKJwzA.cer (raw, json)
Hash identifier: zjSFCESf9z6ohfk38YQeLcWCH0cIyZx+sf93cXtCuhg=
Subject key identifier: E1:14:37:8D:A9:34:86:14:69:F4:95:D9:75:98:E0:F0:02:89:C3:30
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 026206
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft
caRepository: rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 01 Sep 2025 23:53:03 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: AS: 142587
IP: 103.170.76.0/23
IP: 2001:df7:1580::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 15 Sep 2025 22:38:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156166 (0x26206)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Sep 1 23:53:03 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A917F0AF, serialNumber=E114378DA934861469F495D97598E0F00289C330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:87:5f:88:b1:f9:05:a9:04:91:71:f6:c7:7c:
23:bf:9f:42:d4:3b:c2:82:00:3f:05:27:60:74:c1:
71:9c:83:e6:97:e8:c9:48:49:89:7a:72:5f:69:a8:
dd:e4:71:08:1e:9e:56:e0:b2:9b:20:6a:93:c8:c5:
9c:3e:54:ae:d3:c8:f0:06:cc:0f:b7:3c:bc:0d:e0:
17:cf:bd:c7:cb:b9:48:b3:17:5d:bb:cb:36:48:3b:
5a:78:a1:5e:d9:95:64:2c:97:ff:ac:12:59:8b:71:
30:b2:98:b2:4a:97:d4:cf:6c:00:09:39:23:e3:24:
fe:38:fe:0d:2c:96:38:1b:29:fd:06:73:b5:18:be:
ff:df:f9:63:33:5e:6a:97:f0:8e:df:36:0c:6c:14:
88:80:dd:3a:1a:ff:a0:b9:c7:26:78:97:48:50:a4:
cd:4e:b1:74:0d:e4:8f:6d:ca:a2:8a:70:14:e6:c5:
39:80:ce:1b:6b:0f:1d:3a:d0:c4:07:fe:6a:d3:2c:
21:1f:70:72:b8:f1:50:f5:94:29:7f:c6:a0:28:92:
02:b4:2f:e9:0f:c9:00:68:7b:ed:c0:b9:e2:85:0b:
6a:c6:8d:38:cc:b1:49:f3:4e:54:87:a3:e1:14:21:
fc:d6:1c:38:5d:5a:3b:58:2f:26:e0:00:93:06:98:
7e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:14:37:8D:A9:34:86:14:69:F4:95:D9:75:98:E0:F0:02:89:C3:30
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
142587
sbgp-ipAddrBlock: critical
IPv4:
103.170.76.0/23
IPv6:
2001:df7:1580::/48
Signature Algorithm: sha256WithRSAEncryption
30:97:73:a6:f6:3b:03:b1:d8:a1:1c:b7:fe:f7:df:42:05:e6:
c3:46:65:fa:cf:a1:bf:44:78:6c:b8:d0:35:0f:29:57:f0:f0:
40:fb:19:17:cf:85:d5:f2:65:32:e2:02:da:0c:22:eb:81:7b:
84:c9:50:58:1d:01:f0:6d:57:03:20:ef:1d:df:2f:e0:23:8c:
68:1a:51:91:2c:02:3f:d4:83:54:8d:8f:8e:69:6f:56:de:2d:
d0:b9:ce:f1:a2:4b:d2:e4:35:1e:6b:43:4c:dd:49:8a:82:dc:
53:61:0b:49:c6:4d:20:bb:7d:bd:58:af:2a:74:52:73:1a:70:
30:37:46:ca:06:b9:4e:69:52:ac:29:7d:42:ab:b8:f8:94:bf:
1a:f2:67:a5:07:6f:69:6c:b4:fa:35:84:c6:a1:aa:00:fd:f1:
9d:95:6a:83:17:b6:7a:98:82:a6:a9:5c:97:01:6a:8a:2d:9a:
72:41:32:e2:fe:91:e5:3d:02:a2:15:81:6d:bb:4c:39:56:56:
3c:af:df:0b:b8:7d:0e:8a:e2:0a:b9:5e:7b:b9:79:3c:45:3b:
88:0a:27:de:81:64:db:6d:78:27:92:b1:e6:8a:5a:cb:5a:c8:
ff:06:74:ae:1b:e3:6c:b6:cc:93:70:74:56:a3:41:e5:db:eb:
ed:b0:8d:10
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAmIGMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDkwMTIzNTMwM1oXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxN0YwQUYxMTAvBgNVBAUTKEUxMTQzNzhEQTkzNDg2MTQ2OUY0OTVE
OTc1OThFMEYwMDI4OUMzMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDdh1+IsfkFqQSRcfbHfCO/n0LUO8KCAD8FJ2B0wXGcg+aX6MlISYl6cl9pqN3k
cQgenlbgspsgapPIxZw+VK7TyPAGzA+3PLwN4BfPvcfLuUizF127yzZIO1p4oV7Z
lWQsl/+sElmLcTCymLJKl9TPbAAJOSPjJP44/g0sljgbKf0Gc7UYvv/f+WMzXmqX
8I7fNgxsFIiA3Toa/6C5xyZ4l0hQpM1OsXQN5I9tyqKKcBTmxTmAzhtrDx060MQH
/mrTLCEfcHK48VD1lCl/xqAokgK0L+kPyQBoe+3AueKFC2rGjTjMsUnzTlSHo+EU
IfzWHDhdWjtYLybgAJMGmH6hAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQU4RQ3jak0
hhRp9JXZdZjg8AKJwzAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTdGMEFGLzJEN0E3RTBFQ0M0RjExRUZBODlBOEYxNEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3RjBBRi8yRDdBN0UwRUNDNEYxMUVGQTg5QThGMTRDNEY5QUUwMi80UlEzamFr
MGhoUnA5SlhaZFpqZzhBS0p3ekEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiz7MDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ6pMMA8EAgAC
MAkDBwAgAQ33FYAwDQYJKoZIhvcNAQELBQADggEBADCXc6b2OwOx2KEct/7330IF
5sNGZfrPob9EeGy40DUPKVfw8ED7GRfPhdXyZTLiAtoMIuuBe4TJUFgdAfBtVwMg
7x3fL+AjjGgaUZEsAj/Ug1SNj45pb1beLdC5zvGiS9LkNR5rQ0zdSYqC3FNhC0nG
TSC7fb1Yryp0UnMacDA3RsoGuU5pUqwpfUKruPiUvxryZ6UHb2lstPo1hMahqgD9
8Z2VaoMXtnqYgqapXJcBaootmnJBMuL+keU9AqIVgW27TDlWVjyv3wu4fQ6K4gq5
Xnu5eTxFO4gKJ96BZNtteCeSseaKWstayP8GdK4b42y2zJNwdFajQeXb6+2wjRA=
-----END CERTIFICATE-----
Generated at Tue Sep 9 01:59:19 2025 by rpki-client