Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HNLU8yahhKSHvyKs14rVwGj0ZmE.cer
File: HNLU8yahhKSHvyKs14rVwGj0ZmE.cer (raw, json)
Hash identifier: AgDpdgbPfWzNtTE58fCYWqZ6NPqFeDOJt9gh9bsqO9k=
Subject key identifier: 1C:D2:D4:F3:26:A1:84:A4:87:BF:22:AC:D7:8A:D5:C0:68:F4:66:61
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 024A20
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91F8177/8BA3D8C43DDB11F0AC93D432C4F9AE02/HNLU8yahhKSHvyKs14rVwGj0ZmE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91F8177/8BA3D8C43DDB11F0AC93D432C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sat 31 May 2025 04:56:04 +0000
Certificate not after: Fri 01 May 2026 00:00:00 +0000
Subordinate resources: AS: 153574
IP: 163.61.94.0/23
IP: 2401:ece0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 14 Jun 2025 02:50:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150048 (0x24a20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 31 04:56:04 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=A91F8177, serialNumber=1CD2D4F326A184A487BF22ACD78AD5C068F46661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7a:44:4a:09:54:a9:8a:51:36:c7:1b:13:7b:
72:41:87:c6:9c:88:1f:eb:7a:ef:05:6d:36:f6:16:
e7:52:29:94:ef:01:31:10:f9:4c:15:3f:29:f9:98:
72:2d:aa:36:7f:74:c4:4a:9e:58:4c:b5:a6:d4:0f:
ab:48:dc:ae:8c:94:98:ef:5b:43:88:c1:8f:cb:16:
5c:5e:52:bd:ac:bf:8e:b3:1d:07:11:02:0d:f5:3c:
ea:b8:f3:85:14:08:73:d6:a8:22:7c:67:16:6a:16:
0c:cf:e9:32:c0:ca:0a:6b:10:a8:5a:e3:f8:ba:4a:
75:85:93:3f:a9:d3:ed:0e:e3:c4:ac:ac:14:4e:02:
12:4f:a0:f3:ce:06:c9:0b:71:09:49:fb:1a:84:65:
8e:9f:5f:67:9b:43:d7:c3:b0:16:d7:ea:0d:a6:9e:
3e:30:d8:0d:14:5a:6c:b3:83:98:c0:f6:55:0e:18:
1a:cf:5f:17:3f:b1:43:2e:4e:c3:a1:f0:13:44:02:
83:e3:0e:c8:65:05:5d:9b:eb:dc:fc:8a:e5:41:6b:
85:5c:d4:11:b1:02:00:b7:b8:58:60:07:13:eb:a6:
1a:b7:e5:40:0d:d3:d3:89:14:c1:03:0f:ea:50:03:
3c:c9:7b:a4:01:17:a3:b4:9a:48:7d:49:11:22:f2:
1d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D2:D4:F3:26:A1:84:A4:87:BF:22:AC:D7:8A:D5:C0:68:F4:66:61
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F8177/8BA3D8C43DDB11F0AC93D432C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F8177/8BA3D8C43DDB11F0AC93D432C4F9AE02/HNLU8yahhKSHvyKs14rVwGj0ZmE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
153574
sbgp-ipAddrBlock: critical
IPv4:
163.61.94.0/23
IPv6:
2401:ece0::/32
Signature Algorithm: sha256WithRSAEncryption
41:bd:8e:11:18:f9:19:9a:2c:0b:cd:a1:7b:ef:71:5b:71:4c:
eb:dd:93:3d:43:78:7a:f8:a3:40:7d:be:33:61:c3:1a:cb:24:
4d:a9:16:68:ac:7c:9a:73:4e:4b:94:4f:08:ed:ac:28:78:32:
3e:1a:89:e0:16:9e:1f:fb:85:33:c5:19:20:ef:db:1e:75:5d:
8c:80:c3:8c:a6:3a:70:95:d7:1e:59:10:93:6f:36:0a:0d:ce:
55:f7:6c:76:4d:79:7e:63:20:c1:70:a0:8e:a2:9a:78:22:11:
ee:b9:fd:84:bf:83:5b:75:27:52:f2:5f:a5:d9:0b:c3:09:24:
5c:d6:26:91:bb:39:a0:47:1b:4d:01:63:87:be:ca:c8:7a:15:
7d:75:cf:67:b1:a7:13:41:b8:6f:71:27:06:ad:2d:d6:54:6f:
f4:3a:43:5f:e1:d3:25:db:19:c0:0b:c8:dd:73:e5:9d:d0:92:
9c:3f:dc:f7:61:a6:79:82:cf:a4:10:54:1d:40:e3:f9:2f:77:
73:cc:b0:ed:e2:7f:8f:6f:81:cb:53:1a:5c:21:76:96:64:d5:
92:cf:ea:58:90:fa:03:15:5e:df:60:3d:10:8e:6a:05:34:75:
87:bc:4a:a1:93:60:fd:3a:7f:e3:f9:f1:a1:37:6d:83:1e:f8:
47:f8:84:58
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAkogMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUzMTA0NTYwNFoXDTI2MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRjgxNzcxMTAvBgNVBAUTKDFDRDJENEYzMjZBMTg0QTQ4N0JGMjJB
Q0Q3OEFENUMwNjhGNDY2NjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDNekRKCVSpilE2xxsTe3JBh8aciB/reu8FbTb2FudSKZTvATEQ+UwVPyn5mHIt
qjZ/dMRKnlhMtabUD6tI3K6MlJjvW0OIwY/LFlxeUr2sv46zHQcRAg31POq484UU
CHPWqCJ8ZxZqFgzP6TLAygprEKha4/i6SnWFkz+p0+0O48SsrBROAhJPoPPOBskL
cQlJ+xqEZY6fX2ebQ9fDsBbX6g2mnj4w2A0UWmyzg5jA9lUOGBrPXxc/sUMuTsOh
8BNEAoPjDshlBV2b69z8iuVBa4Vc1BGxAgC3uFhgBxPrphq35UAN09OJFMEDD+pQ
AzzJe6QBF6O0mkh9SREi8h3tAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUHNLU8yah
hKSHvyKs14rVwGj0ZmEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUY4MTc3LzhCQTNEOEM0M0REQjExRjBBQzkzRDQzMkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGODE3Ny84QkEzRDhDNDNEREIxMUYwQUM5M0Q0MzJDNEY5QUUwMi9ITkxVOHlh
aGhLU0h2eUtzMTRyVndHajBabUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlfmMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBoz1eMA0EAgAC
MAcDBQAkAezgMA0GCSqGSIb3DQEBCwUAA4IBAQBBvY4RGPkZmiwLzaF773FbcUzr
3ZM9Q3h6+KNAfb4zYcMayyRNqRZorHyac05LlE8I7awoeDI+GongFp4f+4UzxRkg
79sedV2MgMOMpjpwldceWRCTbzYKDc5V92x2TXl+YyDBcKCOopp4IhHuuf2Ev4Nb
dSdS8l+l2QvDCSRc1iaRuzmgRxtNAWOHvsrIehV9dc9nsacTQbhvcScGrS3WVG/0
OkNf4dMl2xnAC8jdc+Wd0JKcP9z3YaZ5gs+kEFQdQOP5L3dzzLDt4n+Pb4HLUxpc
IXaWZNWSz+pYkPoDFV7fYD0QjmoFNHWHvEqhk2D9On/j+fGhN22DHvhH+IRY
-----END CERTIFICATE-----
Generated at Sat Jun 7 05:34:44 2025 by rpki-client