Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7ZsOYIWiXfJnSf8nWBpOi8fBhsw.cer
File: 7ZsOYIWiXfJnSf8nWBpOi8fBhsw.cer (raw, json)
Hash identifier: P5udy4wxdMVKzijntLwxLxUGx4LtS/3YHdPfFvFaY+w=
Subject key identifier: ED:9B:0E:60:85:A2:5D:F2:67:49:FF:27:58:1A:4E:8B:C7:C1:86:CC
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0247B3
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A02D8/E09248EA2AB611EFB339FD81C4F9AE02/7ZsOYIWiXfJnSf8nWBpOi8fBhsw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A02D8/E09248EA2AB611EFB339FD81C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 21 May 2025 05:10:24 +0000
Certificate not after: Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 149299
IP: 103.25.10.0/23
IP: 2001:df3:b340::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 06 Jun 2025 07:11:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149427 (0x247b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 21 05:10:24 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=A91A02D8, serialNumber=ED9B0E6085A25DF26749FF27581A4E8BC7C186CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e5:bf:d5:b0:be:55:d3:ab:6a:a5:a0:5a:c0:
96:14:de:2d:ba:e6:bc:fd:6a:63:15:82:01:97:39:
09:23:16:97:23:88:ac:53:79:3a:e2:1a:a0:a6:79:
ea:b2:7a:ab:e9:65:2f:d3:af:d6:91:23:1c:cd:d0:
a1:fa:18:42:fc:6e:b3:7e:3d:8a:22:d9:e9:08:6f:
a7:6a:e6:0b:8f:39:4a:3e:08:70:99:98:39:7b:aa:
4c:bf:59:23:6f:55:f2:b4:4f:b2:1d:ab:65:02:ee:
66:56:c4:05:58:30:4c:e4:a9:44:83:83:0e:34:e9:
33:9a:d8:c8:0f:9b:e0:f8:da:5d:9f:39:66:3c:38:
9d:8e:00:8d:1f:51:ea:a5:db:cf:6f:38:c1:d6:be:
c2:d3:5c:5e:34:a5:3d:85:2e:29:da:fc:14:00:12:
be:75:c6:11:26:ad:ed:1d:e9:99:a3:83:07:6b:a7:
ba:85:f2:d0:3c:de:da:de:8f:52:c0:65:2b:da:a9:
a6:ee:4e:83:63:f9:6f:99:d4:76:72:60:bf:fd:f2:
b8:cf:59:97:07:d2:5a:f9:64:db:1d:5d:3a:3b:ec:
ad:29:36:98:0a:c6:bc:b7:82:39:dc:b9:f1:be:4f:
9c:83:fd:5e:1a:88:a8:48:74:08:0a:b9:01:32:66:
ee:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:9B:0E:60:85:A2:5D:F2:67:49:FF:27:58:1A:4E:8B:C7:C1:86:CC
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A02D8/E09248EA2AB611EFB339FD81C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A02D8/E09248EA2AB611EFB339FD81C4F9AE02/7ZsOYIWiXfJnSf8nWBpOi8fBhsw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
149299
sbgp-ipAddrBlock: critical
IPv4:
103.25.10.0/23
IPv6:
2001:df3:b340::/48
Signature Algorithm: sha256WithRSAEncryption
1a:8a:c0:65:ca:d9:f0:31:d7:fa:06:83:2b:a6:0d:ce:5d:e2:
62:e0:70:47:99:71:59:2b:c9:b2:31:1b:57:cb:a0:53:6d:37:
8b:5f:a8:73:c3:23:0f:7b:23:a2:43:98:4a:c2:a6:5e:2a:3b:
f8:b1:16:51:c9:84:91:c5:63:91:1c:06:ad:0b:2d:b2:d0:2f:
da:30:72:d1:e8:fe:6d:91:c6:4e:0b:d0:e7:6a:33:d6:5b:f7:
82:97:9b:8e:1b:73:36:bb:9d:8f:11:7d:a9:b8:97:21:31:84:
b6:71:6f:31:76:65:40:2d:37:d1:b5:0a:39:dc:3f:dc:53:d5:
aa:e8:04:57:70:c6:f1:2d:2e:94:5a:8c:d7:43:4c:ae:20:72:
cc:f4:24:a5:ad:ba:cb:61:00:61:8a:20:32:66:96:08:00:39:
df:ba:05:a7:55:39:c3:af:a8:43:1e:35:c7:cf:a8:45:96:d7:
80:ff:f1:49:48:ff:75:2e:6b:e0:6d:a2:a4:54:7e:a7:c8:7c:
93:bd:cf:e2:11:bd:62:fa:5a:94:4d:ef:da:03:2d:97:a9:03:
84:e5:62:5a:13:ed:d4:1a:48:f3:d1:5c:8e:01:ef:fd:12:2e:
89:15:f3:7e:3a:e2:72:cb:42:36:54:2d:59:c0:c2:bf:2a:a3:
05:3a:f4:ab
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAkezMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUyMTA1MTAyNFoXDTI2MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTAyRDgxMTAvBgNVBAUTKEVEOUIwRTYwODVBMjVERjI2NzQ5RkYy
NzU4MUE0RThCQzdDMTg2Q0MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCm5b/VsL5V06tqpaBawJYU3i265rz9amMVggGXOQkjFpcjiKxTeTriGqCmeeqy
eqvpZS/Tr9aRIxzN0KH6GEL8brN+PYoi2ekIb6dq5guPOUo+CHCZmDl7qky/WSNv
VfK0T7Idq2UC7mZWxAVYMEzkqUSDgw406TOa2MgPm+D42l2fOWY8OJ2OAI0fUeql
289vOMHWvsLTXF40pT2FLina/BQAEr51xhEmre0d6Zmjgwdrp7qF8tA83trej1LA
ZSvaqabuToNj+W+Z1HZyYL/98rjPWZcH0lr5ZNsdXTo77K0pNpgKxry3gjncufG+
T5yD/V4aiKhIdAgKuQEyZu6PAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQU7ZsOYIWi
XfJnSf8nWBpOi8fBhswwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUEwMkQ4L0UwOTI0OEVBMkFCNjExRUZCMzM5RkQ4MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBMDJEOC9FMDkyNDhFQTJBQjYxMUVGQjMzOUZEODFDNEY5QUUwMi83WnNPWUlX
aVhmSm5TZjhuV0JwT2k4ZkJoc3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkczMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZxkKMA8EAgAC
MAkDBwAgAQ3zs0AwDQYJKoZIhvcNAQELBQADggEBABqKwGXK2fAx1/oGgyumDc5d
4mLgcEeZcVkrybIxG1fLoFNtN4tfqHPDIw97I6JDmErCpl4qO/ixFlHJhJHFY5Ec
Bq0LLbLQL9owctHo/m2Rxk4L0OdqM9Zb94KXm44bcza7nY8Rfam4lyExhLZxbzF2
ZUAtN9G1CjncP9xT1aroBFdwxvEtLpRajNdDTK4gcsz0JKWtusthAGGKIDJmlggA
Od+6BadVOcOvqEMeNcfPqEWW14D/8UlI/3Uua+BtoqRUfqfIfJO9z+IRvWL6WpRN
79oDLZepA4TlYloT7dQaSPPRXI4B7/0SLokV83464nLLQjZULVnAwr8qowU69Ks=
-----END CERTIFICATE-----
Generated at Fri May 30 09:45:19 2025 by rpki-client