Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M7aVMpWAEDjwF_pl1HB4GlzHcsA.cer
File: M7aVMpWAEDjwF_pl1HB4GlzHcsA.cer (raw, json)
Hash identifier: 0/YwjczgkwZowwF0A8DggAOHpkIS9gK7+raAb440WP4=
Subject key identifier: 33:B6:95:32:95:80:10:38:F0:17:FA:65:D4:70:78:1A:5C:C7:72:C0
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025B11
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9191E08/9EC631ECC60911ECB460EC57C4F9AE02/M7aVMpWAEDjwF_pl1HB4GlzHcsA.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9191E08/9EC631ECC60911ECB460EC57C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 04 Aug 2025 20:50:23 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: AS: 134373
IP: 45.122.136.0/22
IP: 103.63.4.0/22
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 11:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154385 (0x25b11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 4 20:50:23 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A9191E08, serialNumber=33B6953295801038F017FA65D470781A5CC772C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:79:0a:0b:e3:f7:25:b7:d1:ee:b4:16:83:4e:
44:e0:07:9a:6d:d6:50:bc:9e:5f:22:7d:d2:ff:67:
3d:1f:53:21:ff:2c:9c:29:ae:4e:ef:02:c7:3e:cc:
dd:b4:ff:b5:80:ad:f0:31:e7:b8:79:47:6a:e1:b0:
c0:cb:58:16:71:40:83:ae:f3:62:b2:26:cc:4f:54:
22:99:5b:7b:b5:23:23:eb:44:62:11:4d:a9:f8:9f:
1e:85:9d:e8:bf:01:76:32:3f:03:91:e6:92:cf:ab:
ce:83:e5:09:49:31:7e:de:9a:93:d8:5d:ba:ab:fe:
80:1d:f4:e1:24:78:e5:cf:9d:9c:a8:e5:df:2c:a4:
62:f0:a3:26:12:f9:09:e7:f5:12:f7:ad:ef:f0:74:
e0:96:66:ab:40:36:da:6c:53:28:50:03:e7:da:71:
89:39:40:cb:33:78:cd:07:bd:b2:60:9c:1e:84:3d:
78:c5:9a:22:0b:0a:3a:7a:0e:23:81:83:66:a4:24:
5c:b8:a0:0c:c8:66:f3:a8:44:22:7a:d3:97:a4:d3:
a9:92:8c:6b:c6:27:91:46:f4:d8:13:80:56:72:6c:
ec:0c:e3:d5:9e:23:c9:10:a5:dc:98:dc:6a:af:15:
6f:81:3f:d6:e4:86:83:e8:c3:47:ac:7f:e9:ae:cc:
e1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:B6:95:32:95:80:10:38:F0:17:FA:65:D4:70:78:1A:5C:C7:72:C0
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9191E08/9EC631ECC60911ECB460EC57C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9191E08/9EC631ECC60911ECB460EC57C4F9AE02/M7aVMpWAEDjwF_pl1HB4GlzHcsA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
134373
sbgp-ipAddrBlock: critical
IPv4:
45.122.136.0/22
103.63.4.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:9b:c4:d5:39:82:04:63:f1:bd:b4:a2:13:19:df:90:b7:cb:
55:69:54:04:c3:17:d3:c3:14:1b:8a:3c:89:c4:bf:9f:51:d0:
e5:82:52:d9:7b:cd:20:46:b9:f6:f5:54:09:31:79:62:79:39:
b3:ea:47:ee:ea:30:f6:10:73:6f:7b:f9:3b:97:cb:5f:3e:bb:
d4:a6:98:28:e8:14:c4:ce:18:af:f7:af:75:22:cc:42:d5:2e:
08:55:36:f0:f7:ad:63:e1:5f:5b:0c:51:bc:95:3b:4d:7d:8c:
f3:f2:05:e8:cb:97:12:ab:cb:25:fb:de:02:d8:8b:e2:3f:f5:
88:39:0a:07:e7:be:61:a8:f0:a1:ae:d2:2c:3c:60:fc:ba:12:
ba:99:a8:2c:1f:c6:ab:85:04:3c:d3:dd:ab:bd:15:df:89:65:
d4:24:88:89:59:0c:21:38:94:f1:78:19:94:2a:95:ec:be:b1:
d6:8c:13:f3:8b:4a:d9:7c:49:d6:a8:f6:af:97:92:d8:1d:58:
13:78:a4:74:f1:21:59:c6:4a:35:e5:99:b6:65:22:fd:67:6c:
35:e7:98:e1:4b:a7:f2:00:66:6c:e3:c5:4a:c3:63:da:38:6a:
fd:e4:cc:ae:eb:02:68:74:4d:f8:96:82:c5:9f:99:1e:e5:d2:
64:e6:d7:64
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgIDAlsRMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgwNDIwNTAyM1oXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTFFMDgxMTAvBgNVBAUTKDMzQjY5NTMyOTU4MDEwMzhGMDE3RkE2
NUQ0NzA3ODFBNUNDNzcyQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6eQoL4/clt9HutBaDTkTgB5pt1lC8nl8ifdL/Zz0fUyH/LJwprk7vAsc+zN20
/7WArfAx57h5R2rhsMDLWBZxQIOu82KyJsxPVCKZW3u1IyPrRGIRTan4nx6Fnei/
AXYyPwOR5pLPq86D5QlJMX7empPYXbqr/oAd9OEkeOXPnZyo5d8spGLwoyYS+Qnn
9RL3re/wdOCWZqtANtpsUyhQA+facYk5QMszeM0HvbJgnB6EPXjFmiILCjp6DiOB
g2akJFy4oAzIZvOoRCJ605ek06mSjGvGJ5FG9NgTgFZybOwM49WeI8kQpdyY3Gqv
FW+BP9bkhoPow0esf+muzOERAgMBAAGjggMVMIIDETAdBgNVHQ4EFgQUM7aVMpWA
EDjwF/pl1HB4GlzHcsAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTkxRTA4LzlFQzYzMUVDQzYwOTExRUNCNDYwRUM1N0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5MUUwOC85RUM2MzFFQ0M2MDkxMUVDQjQ2MEVDNTdDNEY5QUUwMi9NN2FWTXBX
QUVEandGX3BsMUhCNEdsekhjc0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgzlMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLXqIAwQCZz8E
MA0GCSqGSIb3DQEBCwUAA4IBAQBfm8TVOYIEY/G9tKITGd+Qt8tVaVQEwxfTwxQb
ijyJxL+fUdDlglLZe80gRrn29VQJMXlieTmz6kfu6jD2EHNve/k7l8tfPrvUppgo
6BTEzhiv9691IsxC1S4IVTbw961j4V9bDFG8lTtNfYzz8gXoy5cSq8sl+94C2Ivi
P/WIOQoH575hqPChrtIsPGD8uhK6magsH8arhQQ8092rvRXfiWXUJIiJWQwhOJTx
eBmUKpXsvrHWjBPzi0rZfEnWqPavl5LYHVgTeKR08SFZxko15Zm2ZSL9Z2w155jh
S6fyAGZs48VKw2PaOGr95Myu6wJodE34loLFn5ke5dJk5tdk
-----END CERTIFICATE-----
Generated at Fri Aug 22 14:32:07 2025 by rpki-client