Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer
File: CeskiT_4OKrchy_8N1hCf2rsIXI.cer (raw, json)
Hash identifier: 4K5uVtIlKMrzvgGchNCueAMeDjKinp7NxxbAQGD52JU=
Subject key identifier: 09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025F35
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft
caRepository: rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 24 Aug 2025 15:36:25 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: AS: 142605
IP: 103.170.204.0/23
IP: 2001:df7:2780::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 25 Sep 2025 15:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155445 (0x25f35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 24 15:36:25 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A918F7A1, serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:65:31:8d:14:c0:d8:28:88:81:a5:71:b3:57:
20:9d:c3:5e:6a:a5:88:38:5c:5e:c5:49:89:4d:71:
1a:cb:1e:19:b7:c0:88:80:31:c7:f0:88:02:d3:80:
3e:6f:86:9f:3d:37:f6:48:12:49:b1:70:ab:d7:7d:
dc:6d:92:44:84:0f:62:56:eb:5b:33:6c:62:b6:7a:
e2:77:d4:62:97:ba:7c:55:b3:27:7a:1f:51:27:2d:
71:88:9b:61:f4:67:18:69:cc:8d:40:a8:c9:c0:84:
5e:ab:4b:82:b1:a8:32:13:e8:37:f4:0d:0f:75:15:
3a:e5:ef:c4:b5:48:3a:ac:72:94:d7:ce:a3:86:d5:
0e:ce:89:64:98:13:a7:3c:c7:9c:2a:1a:19:91:8c:
86:21:56:84:95:7f:72:12:b1:b5:85:68:97:64:21:
e3:30:87:ff:14:2b:9e:55:52:94:d9:7b:a3:55:8e:
f9:70:ad:52:63:10:48:96:14:64:90:5c:ad:82:c4:
ee:36:27:1f:60:49:e5:2d:de:6b:86:36:e3:1f:60:
fe:f5:7a:47:cb:a2:c3:24:3d:34:69:ac:ea:6e:7d:
1b:75:f0:c3:23:3f:bd:10:c4:ab:35:fa:17:df:8d:
01:e9:07:59:10:c5:57:e2:43:93:fa:18:6d:f7:ff:
0b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
142605
sbgp-ipAddrBlock: critical
IPv4:
103.170.204.0/23
IPv6:
2001:df7:2780::/48
Signature Algorithm: sha256WithRSAEncryption
1d:7c:f3:17:df:9e:8f:4f:8e:0d:2c:50:78:9b:f9:63:d6:3a:
a5:80:dc:2b:18:74:a5:fe:b2:9c:4b:fb:23:5a:9e:2d:66:4c:
81:89:41:55:d3:b8:c6:fe:7e:f1:b4:44:39:d7:0d:69:f2:15:
b3:14:61:20:dc:8e:36:2b:28:9b:db:d2:8d:5b:6e:7f:6b:89:
0e:30:7e:2f:88:42:c5:52:9a:50:eb:2e:aa:4b:5e:c0:2e:28:
68:b1:45:77:f3:eb:95:44:ba:db:1d:2a:e4:0d:2c:87:1d:d2:
9b:10:87:85:fc:69:a6:f6:62:07:c6:22:cf:9a:5a:d8:84:67:
d8:6d:e8:d3:14:89:e5:cb:16:76:1b:61:f1:95:55:76:65:90:
6f:80:34:ae:cc:2e:f3:75:41:93:b8:ab:0f:0d:8c:f3:18:03:
6e:dc:14:29:0f:f3:92:7d:0a:6e:ef:55:c2:01:5a:84:b6:43:
ed:15:6d:a0:1c:5c:06:9f:11:77:e4:c2:94:fd:ef:43:8e:04:
2a:10:14:3b:d8:0e:43:87:75:dd:59:f6:fc:a5:ef:85:b7:59:
03:22:85:ef:18:f0:9c:2c:d8:de:68:5f:8a:81:4d:80:97:2a:
c5:8d:38:10:31:b3:73:21:04:05:7c:fb:47:7b:4e:f0:a9:77:
35:1b:ec:bd
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAl81MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgyNDE1MzYyNVoXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOEY3QTExMTAvBgNVBAUTKDA5RUIyNDg5M0ZGODM4QUFEQzg3MkZG
QzM3NTg0MjdGNkFFQzIxNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCqZTGNFMDYKIiBpXGzVyCdw15qpYg4XF7FSYlNcRrLHhm3wIiAMcfwiALTgD5v
hp89N/ZIEkmxcKvXfdxtkkSED2JW61szbGK2euJ31GKXunxVsyd6H1EnLXGIm2H0
ZxhpzI1AqMnAhF6rS4KxqDIT6Df0DQ91FTrl78S1SDqscpTXzqOG1Q7OiWSYE6c8
x5wqGhmRjIYhVoSVf3ISsbWFaJdkIeMwh/8UK55VUpTZe6NVjvlwrVJjEEiWFGSQ
XK2CxO42Jx9gSeUt3muGNuMfYP71ekfLosMkPTRprOpufRt18MMjP70QxKs1+hff
jQHpB1kQxVfiQ5P6GG33/wuPAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUCeskiT/4
OKrchy/8N1hCf2rsIXIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThGN0ExLzkxRThFMjg0RjQzNzExRUJCNUQ1NjkxQ0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4RjdBMS85MUU4RTI4NEY0MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRf
NE9LcmNoeV84TjFoQ2YycnNJWEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAi0NMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ6rMMA8EAgAC
MAkDBwAgAQ33J4AwDQYJKoZIhvcNAQELBQADggEBAB188xffno9Pjg0sUHib+WPW
OqWA3CsYdKX+spxL+yNani1mTIGJQVXTuMb+fvG0RDnXDWnyFbMUYSDcjjYrKJvb
0o1bbn9riQ4wfi+IQsVSmlDrLqpLXsAuKGixRXfz65VEutsdKuQNLIcd0psQh4X8
aab2YgfGIs+aWtiEZ9ht6NMUieXLFnYbYfGVVXZlkG+ANK7MLvN1QZO4qw8NjPMY
A27cFCkP85J9Cm7vVcIBWoS2Q+0VbaAcXAafEXfkwpT970OOBCoQFDvYDkOHdd1Z
9vyl74W3WQMihe8Y8Jws2N5oX4qBTYCXKsWNOBAxs3MhBAV8+0d7TvCpdzUb7L0=
-----END CERTIFICATE-----
Generated at Thu Sep 18 17:17:50 2025 by rpki-client