Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer
File: KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer (raw, json)
Hash identifier: gaf/bgMPinXZhAOQnnru2T3LIbUhIS08P+5pdsPZrsQ=
Subject key identifier: 28:17:D4:A8:64:4A:EC:41:9A:DC:CE:E3:0C:4E:87:A2:4D:2F:F5:7B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 026362
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 04 Sep 2025 15:09:34 +0000
Certificate not after: Wed 30 Dec 2026 00:00:00 +0000
Subordinate resources: AS: 45748
IP: 202.14.70.0/23
IP: 202.43.118.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 25 Sep 2025 22:33:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156514 (0x26362)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Sep 4 15:09:34 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=A9158650, serialNumber=2817D4A8644AEC419ADCCEE30C4E87A24D2FF57B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:29:72:6a:54:3f:28:1c:34:ca:59:46:35:0b:
a8:92:c5:98:c3:9e:18:b8:f7:2d:e4:bb:cb:4a:67:
d0:0d:b4:78:f5:d7:b2:00:f1:75:f1:a4:d8:01:22:
e8:50:43:e2:a8:91:38:29:83:f7:4e:2d:dc:23:af:
de:60:7b:c6:98:6d:17:ee:1a:ed:d0:24:42:64:f4:
b7:72:23:8a:4b:00:99:c9:f6:71:0f:73:f0:3f:4d:
0c:5c:87:6c:50:3f:43:46:58:bc:f0:e6:2f:ce:9d:
f2:38:e1:f4:8a:b6:7f:83:31:02:02:33:26:4e:d2:
99:de:66:e7:16:f2:40:4e:f2:d0:86:9a:7a:28:db:
f4:80:45:4a:65:13:5a:29:af:14:ef:68:0e:36:33:
e8:83:3e:1a:7f:1b:e4:1e:08:c5:46:e4:66:b7:ed:
4f:1e:04:2a:af:fa:57:f5:6f:e1:92:30:85:bb:da:
44:7c:9a:a5:1e:97:0a:a6:5a:e4:70:9d:38:ed:7e:
e9:50:ea:28:10:07:5f:15:91:a7:93:65:3a:f1:c5:
63:a9:2d:8e:ee:90:09:4f:37:50:d1:ec:a4:39:6e:
31:c3:02:45:44:8e:cb:00:d4:03:15:02:09:89:17:
b2:23:43:fa:9a:ad:55:ab:fb:38:a0:3a:6b:8a:10:
0a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:17:D4:A8:64:4A:EC:41:9A:DC:CE:E3:0C:4E:87:A2:4D:2F:F5:7B
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
45748
sbgp-ipAddrBlock: critical
IPv4:
202.14.70.0/23
202.43.118.0/23
Signature Algorithm: sha256WithRSAEncryption
19:65:42:68:49:dd:22:47:75:9e:aa:1d:29:d3:35:f0:27:dc:
d0:69:63:bc:b9:35:d3:4b:bf:17:e3:8a:2a:f0:d9:c4:2b:bc:
84:88:61:cd:c2:1a:2e:ed:3c:8d:73:3b:ad:25:cd:f1:fb:2a:
d9:fc:30:55:cb:78:fe:ed:2d:e6:2b:63:d9:26:35:57:61:90:
9d:15:15:dc:db:40:8f:24:dd:f2:1b:97:40:7d:29:76:e1:78:
9f:ca:cb:6c:fc:ef:30:e4:a7:64:4b:60:a3:9c:76:2b:12:ff:
53:68:85:ae:bc:ce:97:f6:95:12:c7:6e:82:f0:4a:45:3a:39:
42:7a:25:59:f4:b2:61:b3:77:86:b5:5b:af:04:c9:a9:65:ea:
5f:d2:ff:ae:17:fd:33:04:33:8e:b3:fb:19:7a:ff:c6:10:dd:
7a:58:86:5b:00:c7:50:96:11:26:e0:42:57:6b:27:0a:cf:85:
d7:1f:31:c0:dc:e4:ae:55:8b:d4:00:2a:f5:94:ec:d5:20:3f:
2d:a1:c0:08:d1:33:57:04:a5:68:53:b7:51:43:de:79:47:4c:
8a:a3:69:13:ee:f7:76:a9:7c:ba:42:cd:56:34:a3:36:3c:93:
b2:7f:ba:3e:f3:08:f7:03:85:47:cc:8c:cd:43:dd:e2:33:70:
f1:31:a6:70
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgIDAmNiMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDkwNDE1MDkzNFoXDTI2MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTg2NTAxMTAvBgNVBAUTKDI4MTdENEE4NjQ0QUVDNDE5QURDQ0VF
MzBDNEU4N0EyNEQyRkY1N0IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCyKXJqVD8oHDTKWUY1C6iSxZjDnhi49y3ku8tKZ9ANtHj117IA8XXxpNgBIuhQ
Q+KokTgpg/dOLdwjr95ge8aYbRfuGu3QJEJk9LdyI4pLAJnJ9nEPc/A/TQxch2xQ
P0NGWLzw5i/OnfI44fSKtn+DMQICMyZO0pneZucW8kBO8tCGmnoo2/SARUplE1op
rxTvaA42M+iDPhp/G+QeCMVG5Ga37U8eBCqv+lf1b+GSMIW72kR8mqUelwqmWuRw
nTjtfulQ6igQB18VkaeTZTrxxWOpLY7ukAlPN1DR7KQ5bjHDAkVEjssA1AMVAgmJ
F7IjQ/qarVWr+zigOmuKEAplAgMBAAGjggMVMIIDETAdBgNVHQ4EFgQUKBfUqGRK
7EGa3M7jDE6Hok0v9XswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTU4NjUwLzc3NThEMkMyQkRBNzExRURBRUNENEE1REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1ODY1MC83NzU4RDJDMkJEQTcxMUVEQUVDRDRBNURDNEY5QUUwMi9LQmZVcUdS
SzdFR2EzTTdqREU2SG9rMHY5WHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDALK0MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQByg5GAwQByit2
MA0GCSqGSIb3DQEBCwUAA4IBAQAZZUJoSd0iR3Weqh0p0zXwJ9zQaWO8uTXTS78X
44oq8NnEK7yEiGHNwhou7TyNczutJc3x+yrZ/DBVy3j+7S3mK2PZJjVXYZCdFRXc
20CPJN3yG5dAfSl24Xifysts/O8w5KdkS2CjnHYrEv9TaIWuvM6X9pUSx26C8EpF
OjlCeiVZ9LJhs3eGtVuvBMmpZepf0v+uF/0zBDOOs/sZev/GEN16WIZbAMdQlhEm
4EJXaycKz4XXHzHA3OSuVYvUACr1lOzVID8tocAI0TNXBKVoU7dRQ955R0yKo2kT
7vd2qXy6Qs1WNKM2PJOyf7o+8wj3A4VHzIzNQ93iM3DxMaZw
-----END CERTIFICATE-----
Generated at Fri Sep 19 00:44:51 2025 by rpki-client