Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fh4CKuiXURLudYnUmzFmDKkKBBA.cer
File: Fh4CKuiXURLudYnUmzFmDKkKBBA.cer (raw, json)
Hash identifier: vfAc4U19HApviQS6S8jcA+Ah+Oxhlwm6f1zEJT30dpI=
Subject key identifier: 16:1E:02:2A:E8:97:51:12:EE:75:89:D4:9B:31:66:0C:A9:0A:04:10
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02607F
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A865F/BF966E4A1C8911EAA9B95761C4F9AE02/Fh4CKuiXURLudYnUmzFmDKkKBBA.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A865F/BF966E4A1C8911EAA9B95761C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 28 Aug 2025 19:04:09 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: IP: 45.123.104.0/22
IP: 103.63.228.0/22
IP: 2403:4e80::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 25 Sep 2025 18:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155775 (0x2607f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 28 19:04:09 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A91A865F, serialNumber=161E022AE8975112EE7589D49B31660CA90A0410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:29:2c:37:94:32:ef:6c:77:97:3c:c6:3d:fd:
39:75:3f:52:f6:45:39:c9:23:9a:08:21:59:36:5c:
47:22:7f:53:5d:f7:aa:00:a4:64:42:6a:60:18:48:
a7:ad:2c:e1:a5:e0:c2:71:9c:bf:48:b8:d9:1e:df:
9e:0c:60:fb:10:4e:45:76:9a:37:9b:98:a7:01:a7:
54:9f:4a:f3:b0:d6:19:f3:8e:36:02:a4:be:44:9f:
18:98:7c:b3:27:1f:a3:1e:22:e5:85:08:6e:32:75:
f5:fa:b1:2c:de:2e:05:2d:bb:88:36:db:e0:59:aa:
e7:2f:20:36:27:f7:4a:2d:b8:51:d3:04:c2:e2:99:
40:cb:9d:f6:72:e3:0a:73:23:f5:c2:b2:6e:e8:3e:
23:ff:d2:b7:60:04:ff:56:64:86:46:70:e8:8d:31:
c8:e9:d6:2f:d5:7e:60:0f:e8:66:bf:05:68:00:bf:
58:bf:bd:0b:96:98:11:ff:64:a8:41:51:4e:d0:5e:
0f:d1:38:10:b4:d0:4a:f2:e5:25:95:05:8a:a4:ab:
88:7b:e1:c8:e1:b9:c2:f0:79:4d:10:5f:2c:80:64:
c6:de:99:52:62:50:82:63:81:c1:75:4d:3e:62:6d:
9d:09:81:24:3f:d6:52:f6:7f:48:9e:89:97:17:1d:
6f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:1E:02:2A:E8:97:51:12:EE:75:89:D4:9B:31:66:0C:A9:0A:04:10
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A865F/BF966E4A1C8911EAA9B95761C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A865F/BF966E4A1C8911EAA9B95761C4F9AE02/Fh4CKuiXURLudYnUmzFmDKkKBBA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.123.104.0/22
103.63.228.0/22
IPv6:
2403:4e80::/32
Signature Algorithm: sha256WithRSAEncryption
04:9e:bd:cd:0b:19:49:fd:65:26:16:a9:55:30:61:22:b1:a5:
a1:c0:6e:44:c4:cd:7f:fe:a5:a2:6e:c7:fc:1c:24:bf:61:2c:
9e:d9:4e:7b:df:e9:c5:fb:b2:39:f5:4f:48:ef:0a:d0:36:43:
53:43:5e:30:16:be:f0:0e:81:0a:ac:30:2b:0b:cf:d2:3b:2f:
13:52:7a:98:7d:02:89:cc:d9:c2:17:11:2a:77:53:e2:58:99:
a8:b9:80:b2:ef:4a:38:1f:b2:c5:89:00:38:c4:fb:a2:f1:d0:
52:50:d1:f6:9e:bb:e1:24:2f:69:6d:67:0d:6e:b0:f5:0f:66:
da:a2:23:2a:6f:2f:2d:10:8f:2c:85:31:cd:67:03:ba:3d:ce:
8c:de:00:e9:51:e0:24:c1:3c:6e:5b:af:0d:55:cf:03:99:0e:
80:45:80:ed:f4:b5:bc:b3:91:09:3d:11:85:84:93:10:d5:72:
cb:71:aa:0f:da:be:6d:f4:28:1e:98:ed:07:0c:55:30:ba:30:
ee:8e:b6:d7:b8:84:93:5e:6a:66:50:fc:0a:60:65:75:c5:57:
bd:27:2d:fc:d0:d8:25:31:c8:7f:0c:ec:b3:a7:f3:7d:fe:28:
02:dd:a1:53:64:42:3e:98:22:26:15:28:9c:61:82:25:10:31:
a7:2e:fc:52
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgIDAmB/MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgyODE5MDQwOVoXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTg2NUYxMTAvBgNVBAUTKDE2MUUwMjJBRTg5NzUxMTJFRTc1ODlE
NDlCMzE2NjBDQTkwQTA0MTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFKSw3lDLvbHeXPMY9/Tl1P1L2RTnJI5oIIVk2XEcif1Nd96oApGRCamAYSKet
LOGl4MJxnL9IuNke354MYPsQTkV2mjebmKcBp1SfSvOw1hnzjjYCpL5EnxiYfLMn
H6MeIuWFCG4ydfX6sSzeLgUtu4g22+BZqucvIDYn90otuFHTBMLimUDLnfZy4wpz
I/XCsm7oPiP/0rdgBP9WZIZGcOiNMcjp1i/VfmAP6Ga/BWgAv1i/vQuWmBH/ZKhB
UU7QXg/ROBC00Ery5SWVBYqkq4h74cjhucLweU0QXyyAZMbemVJiUIJjgcF1TT5i
bZ0JgSQ/1lL2f0ieiZcXHW8HAgMBAAGjggMIMIIDBDAdBgNVHQ4EFgQUFh4CKuiX
URLudYnUmzFmDKkKBBAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE4NjVGL0JGOTY2RTRBMUM4OTExRUFBOUI5NTc2MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBODY1Ri9CRjk2NkU0QTFDODkxMUVBQTlCOTU3NjFDNEY5QUUwMi9GaDRDS3Vp
WFVSTHVkWW5VbXpGbURLa0tCQkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8EJTAj
MBIEAgABMAwDBAIte2gDBAJnP+QwDQQCAAIwBwMFACQDToAwDQYJKoZIhvcNAQEL
BQADggEBAASevc0LGUn9ZSYWqVUwYSKxpaHAbkTEzX/+paJux/wcJL9hLJ7ZTnvf
6cX7sjn1T0jvCtA2Q1NDXjAWvvAOgQqsMCsLz9I7LxNSeph9AonM2cIXESp3U+JY
mai5gLLvSjgfssWJADjE+6Lx0FJQ0faeu+EkL2ltZw1usPUPZtqiIypvLy0QjyyF
Mc1nA7o9zozeAOlR4CTBPG5brw1VzwOZDoBFgO30tbyzkQk9EYWEkxDVcstxqg/a
vm30KB6Y7QcMVTC6MO6Otte4hJNeamZQ/ApgZXXFV70nLfzQ2CUxyH8M7LOn833+
KALdoVNkQj6YIiYVKJxhgiUQMacu/FI=
-----END CERTIFICATE-----
Generated at Thu Sep 18 20:31:06 2025 by rpki-client