Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer
File: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer (raw, json)
Hash identifier: UAyDt0QOe/owJqJIxWxGdHxP+ulbFlkSzOA4KDiafXQ=
Subject key identifier: 28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 026E54
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 21 Oct 2025 18:22:42 +0000
Certificate not after: Tue 01 Dec 2026 00:00:00 +0000
Subordinate resources: AS: 133778
IP: 103.42.92.0/22
IP: 2401:40c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 10 Nov 2025 16:23:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159316 (0x26e54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 21 18:22:42 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=A9194677, serialNumber=2876825F77C24A167DC41215350F688792981A67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0d:2d:9f:e4:3a:98:5b:02:c7:70:9d:b7:e2:
d3:26:1f:07:f4:9f:cc:f1:de:3e:8f:f7:69:09:75:
1c:eb:10:92:09:72:f0:b7:0f:b4:5a:00:87:c6:78:
55:da:e3:f1:b2:df:4f:f5:14:44:8a:c9:3d:79:80:
c9:81:0a:14:50:63:cc:fe:74:eb:d6:57:5c:b1:3a:
a5:b3:b9:a9:73:fe:8e:ac:5f:b3:02:ea:75:b9:be:
67:4e:b6:9c:9c:0d:5a:7d:e3:aa:67:2b:41:14:4c:
c7:dc:e0:95:37:9c:03:4b:14:0f:5e:27:38:32:91:
6a:3a:ab:b2:c3:9a:38:a5:75:c0:0e:9c:b0:fb:1a:
ea:ba:ef:24:db:99:31:28:94:a0:44:7a:44:b4:5a:
17:1b:f3:83:7f:6a:58:ec:d1:f3:68:dc:19:0c:de:
0a:13:7c:01:b5:39:82:4f:35:f1:e7:4b:54:8c:af:
45:94:59:09:f1:f5:20:4a:21:57:ef:1d:9c:ed:c5:
0d:00:e0:a7:36:75:18:95:f2:f1:bf:f2:79:4d:fa:
8e:76:8e:b2:d9:ec:d1:d7:e2:2c:e7:a1:37:7b:e4:
87:7a:e7:25:ae:aa:ed:d3:9e:80:8a:45:7d:fb:ad:
f4:3e:3c:f5:c9:23:25:11:3a:0e:e4:e9:f3:f3:74:
d0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
133778
sbgp-ipAddrBlock: critical
IPv4:
103.42.92.0/22
IPv6:
2401:40c0::/32
Signature Algorithm: sha256WithRSAEncryption
7c:b9:9b:44:45:93:dc:1b:3a:fb:3c:d6:0a:11:a1:03:cf:a3:
98:37:38:59:50:68:64:90:6a:d9:5f:b8:8c:d4:e5:29:e5:13:
a7:89:68:9d:fe:8e:1e:7f:25:f1:2c:4f:8b:72:9a:20:3c:be:
12:3c:54:d9:23:54:2e:b4:5b:15:ec:4c:35:d4:14:1c:0d:95:
97:08:b5:62:2a:62:b9:04:3b:c1:d4:72:c8:97:fa:58:63:11:
8b:b6:19:45:73:ff:82:99:9d:7c:8e:4d:7e:5c:34:a8:7b:6c:
de:87:1a:63:d0:e1:12:67:24:ab:09:5e:6b:fa:f9:66:e4:d5:
24:30:9a:f0:c5:51:88:2c:af:ee:d2:88:19:74:5c:98:77:c2:
c7:11:f4:d3:10:1d:9d:54:29:39:d0:34:71:a0:2a:ff:25:f0:
8a:7d:20:e2:81:16:dc:90:a8:8e:e8:28:39:89:5b:a6:1b:39:
da:98:9c:91:57:ed:be:52:a7:95:01:9a:39:bc:5b:f0:30:e3:
7c:d9:64:fa:9e:24:56:43:98:27:0a:ae:9d:ea:b6:5f:c4:7e:
fd:d0:ac:60:f5:7d:60:ba:ad:78:bd:96:6f:c0:52:f8:ac:f6:
5e:62:06:2f:8f:4c:ff:53:dc:6e:b6:aa:4f:a3:2c:a2:89:64:
2e:0b:98:17
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAm5UMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MTAyMTE4MjI0MloXDTI2MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTQ2NzcxMTAvBgNVBAUTKDI4NzY4MjVGNzdDMjRBMTY3REM0MTIx
NTM1MEY2ODg3OTI5ODFBNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLDS2f5DqYWwLHcJ234tMmHwf0n8zx3j6P92kJdRzrEJIJcvC3D7RaAIfGeFXa
4/Gy30/1FESKyT15gMmBChRQY8z+dOvWV1yxOqWzualz/o6sX7MC6nW5vmdOtpyc
DVp946pnK0EUTMfc4JU3nANLFA9eJzgykWo6q7LDmjildcAOnLD7Guq67yTbmTEo
lKBEekS0Whcb84N/aljs0fNo3BkM3goTfAG1OYJPNfHnS1SMr0WUWQnx9SBKIVfv
HZztxQ0A4Kc2dRiV8vG/8nlN+o52jrLZ7NHX4iznoTd75Id65yWuqu3TnoCKRX37
rfQ+PPXJIyUROg7k6fPzdND5AgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUKHaCX3fC
ShZ9xBIVNQ9oh5KYGmcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTk0Njc3LzAyMjdGNzg2NTc3NTExRUU5MkFDQTc1OUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5NDY3Ny8wMjI3Rjc4NjU3NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNm
Q1NoWjl4QklWTlE5b2g1S1lHbWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgqSMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZypcMA0EAgAC
MAcDBQAkAUDAMA0GCSqGSIb3DQEBCwUAA4IBAQB8uZtERZPcGzr7PNYKEaEDz6OY
NzhZUGhkkGrZX7iM1OUp5ROniWid/o4efyXxLE+LcpogPL4SPFTZI1QutFsV7Ew1
1BQcDZWXCLViKmK5BDvB1HLIl/pYYxGLthlFc/+CmZ18jk1+XDSoe2zehxpj0OES
ZySrCV5r+vlm5NUkMJrwxVGILK/u0ogZdFyYd8LHEfTTEB2dVCk50DRxoCr/JfCK
fSDigRbckKiO6Cg5iVumGznamJyRV+2+UqeVAZo5vFvwMON82WT6niRWQ5gnCq6d
6rZfxH790Kxg9X1guq14vZZvwFL4rPZeYgYvj0z/U9xutqpPoyyiiWQuC5gX
-----END CERTIFICATE-----
Generated at Mon Nov 3 18:05:13 2025 by rpki-client