Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ny8cd2Gx3cgyjFC60O7tzZny5PI.cer
File: Ny8cd2Gx3cgyjFC60O7tzZny5PI.cer (raw, json)
Hash identifier: QjH4CuY7Up/2cTp5Z1yw9rYl8z7K6rGn08avvmbqaAg=
Subject key identifier: 37:2F:1C:77:61:B1:DD:C8:32:8C:50:BA:D0:EE:ED:CD:99:F2:E4:F2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0272CC
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91142EA/F5332D7E84C311E6B9821A81C4F9AE02/Ny8cd2Gx3cgyjFC60O7tzZny5PI.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91142EA/F5332D7E84C311E6B9821A81C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 04 Nov 2025 12:25:54 +0000
Certificate not after: Wed 30 Dec 2026 00:00:00 +0000
Subordinate resources: AS: 133866
IP: 103.76.44.0/22
IP: 116.206.88.0/22
IP: 2407:6280::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 12 Nov 2025 16:59:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160460 (0x272cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 4 12:25:54 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=A91142EA, serialNumber=372F1C7761B1DDC8328C50BAD0EEEDCD99F2E4F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:fb:4c:7d:1e:7a:3a:12:cc:bd:05:ae:a2:36:
31:45:4a:1d:d0:02:79:01:61:2a:44:ba:80:84:d2:
9e:01:9f:37:f5:7a:05:45:1a:56:0b:65:2c:44:53:
cb:fa:df:b5:97:c3:24:1a:7b:af:fd:04:f5:f2:63:
a4:b6:2f:1e:18:4f:35:4a:f4:b6:49:f3:96:36:4c:
88:68:bd:b5:ff:6d:5b:fb:6b:fe:c0:19:3a:b2:b1:
f8:70:4f:6b:2f:3d:f1:ce:c8:95:9e:3f:41:26:d2:
06:ac:84:98:33:03:3e:ec:bc:28:1f:c6:c0:fb:22:
b4:93:af:6d:9d:06:f7:ae:2b:bb:86:4a:f2:6f:1a:
ef:b0:21:20:ae:f1:77:af:7b:68:14:e7:69:20:8b:
15:85:df:cb:2e:6d:5a:06:28:f7:f4:10:11:d5:c1:
1b:22:76:0a:64:82:69:10:55:c6:60:dc:50:b1:6d:
ef:52:c1:9c:82:64:fb:69:2e:44:5d:bb:80:61:84:
01:bd:b0:5e:f3:d3:1c:d2:49:1c:35:a1:41:9d:81:
ee:2b:41:fd:bf:66:f6:7d:e5:2a:fa:90:a1:e6:5c:
05:8c:b7:d9:59:75:f0:bb:a3:ba:ee:df:bc:23:e8:
4e:0d:29:95:6b:3d:64:e9:a5:30:38:b9:9a:e2:ee:
c7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:2F:1C:77:61:B1:DD:C8:32:8C:50:BA:D0:EE:ED:CD:99:F2:E4:F2
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91142EA/F5332D7E84C311E6B9821A81C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91142EA/F5332D7E84C311E6B9821A81C4F9AE02/Ny8cd2Gx3cgyjFC60O7tzZny5PI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
133866
sbgp-ipAddrBlock: critical
IPv4:
103.76.44.0/22
116.206.88.0/22
IPv6:
2407:6280::/32
Signature Algorithm: sha256WithRSAEncryption
4e:31:40:3f:aa:97:10:d1:1f:bf:03:22:ab:51:47:c4:c2:57:
e8:ae:6f:39:b9:24:8d:c1:6e:90:bc:38:60:35:b0:25:23:0f:
66:ca:b9:d3:3c:9d:ed:15:ca:2a:b7:70:70:b5:4c:53:0e:b2:
e0:22:c8:86:2d:ec:d8:3b:97:f6:69:35:94:dc:2f:09:38:62:
0b:2e:b1:7c:8f:f0:67:b6:bc:6e:40:1b:4d:39:6f:13:91:b6:
34:94:67:b9:52:f6:93:c9:c2:7b:be:71:2f:a3:30:bf:bf:35:
3e:3a:de:9b:49:cc:be:2a:08:e4:ab:69:33:4e:4d:52:45:b6:
1e:58:74:0e:bd:be:85:cc:64:c5:41:60:db:51:1c:af:47:43:
7f:00:29:f2:79:33:c3:5c:ae:6d:a9:9c:fc:6d:52:10:a9:b2:
15:a1:e4:2b:3f:13:b4:fe:1b:67:9e:67:a1:9e:09:11:5f:4f:
01:76:eb:09:17:3d:57:f3:9f:83:15:54:57:f8:94:bc:8f:22:
cf:18:bf:0b:8b:0c:82:01:eb:1b:bf:d4:53:9a:8b:b3:ef:17:
57:df:06:cc:7b:43:00:42:77:38:0b:42:d0:d8:d1:d4:d2:06:
48:57:c0:59:f9:83:27:19:c5:a7:60:35:ab:2f:c2:c8:41:15:
da:61:d9:2d
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAnLMMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MTEwNDEyMjU1NFoXDTI2MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTQyRUExMTAvBgNVBAUTKDM3MkYxQzc3NjFCMUREQzgzMjhDNTBC
QUQwRUVFRENEOTlGMkU0RjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDm+0x9Hno6Esy9Ba6iNjFFSh3QAnkBYSpEuoCE0p4Bnzf1egVFGlYLZSxEU8v6
37WXwyQae6/9BPXyY6S2Lx4YTzVK9LZJ85Y2TIhovbX/bVv7a/7AGTqysfhwT2sv
PfHOyJWeP0Em0gashJgzAz7svCgfxsD7IrSTr22dBveuK7uGSvJvGu+wISCu8Xev
e2gU52kgixWF38subVoGKPf0EBHVwRsidgpkgmkQVcZg3FCxbe9SwZyCZPtpLkRd
u4BhhAG9sF7z0xzSSRw1oUGdge4rQf2/ZvZ95Sr6kKHmXAWMt9lZdfC7o7ru37wj
6E4NKZVrPWTppTA4uZri7sd/AgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUNy8cd2Gx
3cgyjFC60O7tzZny5PIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTE0MkVBL0Y1MzMyRDdFODRDMzExRTZCOTgyMUE4MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExNDJFQS9GNTMzMkQ3RTg0QzMxMUU2Qjk4MjFBODFDNEY5QUUwMi9OeThjZDJH
eDNjZ3lqRkM2ME83dHpabnk1UEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgrqMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ0wsAwQCdM5Y
MA0EAgACMAcDBQAkB2KAMA0GCSqGSIb3DQEBCwUAA4IBAQBOMUA/qpcQ0R+/AyKr
UUfEwlform85uSSNwW6QvDhgNbAlIw9myrnTPJ3tFcoqt3BwtUxTDrLgIsiGLezY
O5f2aTWU3C8JOGILLrF8j/BntrxuQBtNOW8TkbY0lGe5UvaTycJ7vnEvozC/vzU+
Ot6bScy+Kgjkq2kzTk1SRbYeWHQOvb6FzGTFQWDbURyvR0N/ACnyeTPDXK5tqZz8
bVIQqbIVoeQrPxO0/htnnmehngkRX08BdusJFz1X85+DFVRX+JS8jyLPGL8LiwyC
Aesbv9RTmouz7xdX3wbMe0MAQnc4C0LQ2NHU0gZIV8BZ+YMnGcWnYDWrL8LIQRXa
Ydkt
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:11:17 2025 by rpki-client