Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LE5bBUJzo8HuQWpC354jYiY3OWE.cer
File: LE5bBUJzo8HuQWpC354jYiY3OWE.cer (raw, json)
Hash identifier: hVi4OXNHg6TWj838sWklRt31KArK9e0Jt+Bv4GnGBHw=
Subject key identifier: 2C:4E:5B:05:42:73:A3:C1:EE:41:6A:42:DF:9E:23:62:26:37:39:61
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 024777
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9134CDB/BDAF60E4DAE511EA8A255A4DC4F9AE02/LE5bBUJzo8HuQWpC354jYiY3OWE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9134CDB/BDAF60E4DAE511EA8A255A4DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 20 May 2025 14:14:19 +0000
Certificate not after: Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 132426
AS: 133444
IP: 43.239.252.0/22
IP: 45.120.128.0/22
IP: 103.20.224.0/22
IP: 103.229.112.0/22
IP: 2400:df80::/32
IP: 2405:4700::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 06 Jun 2025 07:11:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149367 (0x24777)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 20 14:14:19 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=A9134CDB, serialNumber=2C4E5B054273A3C1EE416A42DF9E236226373961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5d:ec:d4:f7:b0:7c:e7:66:2c:f4:9f:eb:03:
59:7c:77:14:54:1a:41:3e:7e:aa:74:1f:fa:4c:85:
ab:ea:b3:d3:b9:58:05:e2:95:08:8f:0c:bb:83:4e:
fa:37:e4:18:98:ad:27:f6:8d:c5:d0:e1:7a:dc:17:
e8:c6:2c:0a:4b:d5:94:c4:23:e4:9a:e0:02:dd:95:
c4:82:58:20:88:6a:7c:96:99:1b:01:c3:a6:06:24:
7d:80:57:82:ff:49:de:1b:7a:57:ec:af:9d:2c:a2:
3a:c8:1e:96:94:e1:f7:a3:6c:6b:ae:a9:e2:92:b5:
76:43:33:59:87:23:ec:5f:4a:75:09:35:92:32:62:
28:57:8d:eb:2c:e4:32:3c:56:3d:68:a8:2c:6b:60:
74:4e:a5:a5:1a:60:f4:e0:a2:43:41:cd:c6:a1:73:
66:bf:87:63:d8:31:a3:44:92:33:57:57:eb:a0:c5:
74:06:41:bf:04:26:db:c2:5b:92:ed:48:e0:b3:cf:
2a:86:f8:89:16:a5:a5:15:73:86:2a:32:a2:cb:e1:
36:1e:9f:87:eb:f5:3b:0c:09:70:1f:cc:f0:e3:ba:
94:68:11:97:27:4e:cd:ed:27:ce:7e:bd:80:00:50:
a3:07:a3:e3:8b:7b:09:fb:4d:63:d6:06:98:45:2b:
f0:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:4E:5B:05:42:73:A3:C1:EE:41:6A:42:DF:9E:23:62:26:37:39:61
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9134CDB/BDAF60E4DAE511EA8A255A4DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9134CDB/BDAF60E4DAE511EA8A255A4DC4F9AE02/LE5bBUJzo8HuQWpC354jYiY3OWE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
132426
133444
sbgp-ipAddrBlock: critical
IPv4:
43.239.252.0/22
45.120.128.0/22
103.20.224.0/22
103.229.112.0/22
IPv6:
2400:df80::/32
2405:4700::/32
Signature Algorithm: sha256WithRSAEncryption
35:48:b2:d9:44:a0:af:ad:2c:04:a8:a2:ab:b8:e5:9b:a6:d3:
1e:fe:80:6f:89:3f:16:de:9c:a6:63:e4:ee:a5:93:92:9e:8c:
50:63:3b:55:82:8a:a7:b3:ca:27:e0:7c:30:b0:1f:f2:01:54:
88:63:7e:68:99:ed:a0:7d:da:70:78:6c:69:ba:a5:fc:41:f2:
10:21:51:98:75:83:c2:f1:ff:4b:8a:e9:91:b6:10:c9:56:01:
74:b7:e5:37:c8:80:6b:dd:c9:85:4b:82:0d:4d:f8:8e:b6:6b:
46:f1:9d:fd:7d:6c:7b:28:b5:3a:ee:eb:a1:f9:27:ae:db:2f:
85:b2:85:c9:9c:91:91:1c:db:5d:38:06:36:82:4c:92:10:35:
91:84:67:c2:35:2d:52:4f:c9:f1:14:ad:93:bd:ff:1f:fc:ba:
5e:57:d0:ef:92:b2:4f:cf:01:ea:be:b5:b0:38:d4:fe:3a:47:
da:1b:5d:28:8b:cf:77:02:a7:66:88:a8:01:0f:eb:d4:ca:fd:
98:12:60:1c:ce:23:3d:3f:4a:e3:5f:08:85:ba:c7:1a:10:d5:
f1:18:33:0d:68:f6:35:c4:20:fd:ff:2e:16:7e:90:78:55:8e:
57:4a:d8:fc:4e:42:4d:45:4f:06:9a:88:00:dd:06:81:f7:d3:
7b:e2:d7:8c
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgIDAkd3MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUyMDE0MTQxOVoXDTI2MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzRDREIxMTAvBgNVBAUTKDJDNEU1QjA1NDI3M0EzQzFFRTQxNkE0
MkRGOUUyMzYyMjYzNzM5NjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDUXezU97B852Ys9J/rA1l8dxRUGkE+fqp0H/pMhavqs9O5WAXilQiPDLuDTvo3
5BiYrSf2jcXQ4XrcF+jGLApL1ZTEI+Sa4ALdlcSCWCCIanyWmRsBw6YGJH2AV4L/
Sd4belfsr50sojrIHpaU4fejbGuuqeKStXZDM1mHI+xfSnUJNZIyYihXjess5DI8
Vj1oqCxrYHROpaUaYPTgokNBzcahc2a/h2PYMaNEkjNXV+ugxXQGQb8EJtvCW5Lt
SOCzzyqG+IkWpaUVc4YqMqLL4TYen4fr9TsMCXAfzPDjupRoEZcnTs3tJ85+vYAA
UKMHo+OLewn7TWPWBphFK/DtAgMBAAGjggM8MIIDODAdBgNVHQ4EFgQULE5bBUJz
o8HuQWpC354jYiY3OWEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM0Q0RCL0JEQUY2MEU0REFFNTExRUE4QTI1NUE0REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzNENEQi9CREFGNjBFNERBRTUxMUVBOEEyNTVBNERDNEY5QUUwMi9MRTViQlVK
em84SHVRV3BDMzU0allpWTNPV0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDAgVKAgMCCUQwRwYIKwYBBQUHAQcBAf8EODA2MB4EAgABMBgDBAIr7/wD
BAIteIADBAJnFOADBAJn5XAwFAQCAAIwDgMFACQA34ADBQAkBUcAMA0GCSqGSIb3
DQEBCwUAA4IBAQA1SLLZRKCvrSwEqKKruOWbptMe/oBviT8W3pymY+TupZOSnoxQ
YztVgoqns8on4HwwsB/yAVSIY35ome2gfdpweGxpuqX8QfIQIVGYdYPC8f9LiumR
thDJVgF0t+U3yIBr3cmFS4INTfiOtmtG8Z39fWx7KLU67uuh+Seu2y+FsoXJnJGR
HNtdOAY2gkySEDWRhGfCNS1ST8nxFK2Tvf8f/LpeV9DvkrJPzwHqvrWwONT+Okfa
G10oi893AqdmiKgBD+vUyv2YEmAcziM9P0rjXwiFuscaENXxGDMNaPY1xCD9/y4W
fpB4VY5XStj8TkJNRU8GmogA3QaB99N74teM
-----END CERTIFICATE-----
Generated at Fri May 30 08:49:06 2025 by rpki-client