Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QF5asHUAe6PYUmLWiyUZhsbp3V0.cer
File: QF5asHUAe6PYUmLWiyUZhsbp3V0.cer (raw, json)
Hash identifier: epQu/QMKk0udToHptGkCRgqr0lbxHknwUzFuk3N1gi8=
Subject key identifier: 40:5E:5A:B0:75:00:7B:A3:D8:52:62:D6:8B:25:19:86:C6:E9:DD:5D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02A6BE
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9134639/2BA23C8CD5BF11F08DBC7C31C4F9AE02/QF5asHUAe6PYUmLWiyUZhsbp3V0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9134639/2BA23C8CD5BF11F08DBC7C31C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 27 Mar 2026 08:05:21 +0000
Certificate not after: Fri 28 May 2027 00:00:00 +0000
Subordinate resources: AS: 17825
AS: 38720
AS: 38746
AS: 45432
IP: 117.104.232.0/21
IP: 119.151.0.0 -- 119.151.191.255
IP: 123.255.252.0/22
IP: 202.41.204.0/24
IP: 202.52.2.0/23
IP: 202.67.4.0/22
IP: 202.162.188.0/22
IP: 203.143.176.0/20
IP: 2400:6300::/32
IP: 2405:6c00::/32
IP: 2405:a300::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 13 Apr 2026 02:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173758 (0x2a6be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Mar 27 08:05:21 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=A9134639, serialNumber=405E5AB075007BA3D85262D68B251986C6E9DD5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:95:b0:ec:bf:11:91:85:ae:a9:47:71:70:20:
f5:25:4b:ce:0a:78:f9:2c:8b:5f:4f:b2:5b:1b:ad:
64:42:5c:49:f0:81:b2:9e:b6:38:c5:7d:82:56:2c:
c5:90:1f:75:7b:d5:09:9c:a0:7b:fd:be:00:6d:d8:
b7:37:b7:7a:b4:80:8b:35:30:37:7e:cf:2b:54:59:
fb:62:30:df:8e:28:a6:9d:59:0c:2f:88:e1:78:61:
9f:62:0d:68:4b:f4:9d:19:82:5b:f9:a3:51:f0:6b:
95:31:58:0b:99:36:c8:ac:b7:ec:90:48:1a:ad:7d:
2f:b3:19:6f:05:86:6d:05:19:5d:12:b3:4d:9a:4f:
c3:84:29:92:c8:7e:a5:9e:df:0b:e5:8a:96:d3:c4:
25:7a:96:6c:9e:24:43:c4:06:c0:b8:d1:3b:14:60:
d8:4b:2e:9f:e7:4e:34:42:3b:fb:96:9a:f5:51:b0:
d3:05:da:29:d0:62:ec:d9:3c:95:8d:1b:4e:09:f7:
c0:d7:80:98:ee:e0:4c:26:c5:af:61:5b:1f:0f:6b:
7f:8c:27:25:4a:56:2a:5c:89:1b:ad:e5:00:f8:dd:
96:ff:38:9e:f2:f2:88:31:7e:26:bf:56:23:f4:cb:
50:d6:16:1e:62:70:31:ad:41:62:46:fd:1d:ba:eb:
88:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:5E:5A:B0:75:00:7B:A3:D8:52:62:D6:8B:25:19:86:C6:E9:DD:5D
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9134639/2BA23C8CD5BF11F08DBC7C31C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9134639/2BA23C8CD5BF11F08DBC7C31C4F9AE02/QF5asHUAe6PYUmLWiyUZhsbp3V0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
17825
38720
38746
45432
sbgp-ipAddrBlock: critical
IPv4:
117.104.232.0/21
119.151.0.0-119.151.191.255
123.255.252.0/22
202.41.204.0/24
202.52.2.0/23
202.67.4.0/22
202.162.188.0/22
203.143.176.0/20
IPv6:
2400:6300::/32
2405:6c00::/32
2405:a300::/32
Signature Algorithm: sha256WithRSAEncryption
a2:6d:5c:31:de:9e:86:8a:76:f3:af:a2:18:5f:16:79:2d:e1:
b8:60:95:52:d9:b2:57:ea:3a:f1:43:a1:e2:60:fa:44:6e:79:
bf:a5:8c:5d:e9:0e:27:c4:04:f5:74:59:88:d8:64:68:86:5c:
f2:39:76:24:4a:3c:d1:66:a2:ca:17:98:5b:51:da:b0:31:37:
27:ac:1a:9d:ab:ce:c0:45:e7:e8:a3:77:f6:2c:6f:f6:14:4b:
9d:4a:e9:8d:4c:ba:15:b5:3f:4d:ba:2b:1e:ae:b5:fc:a1:d0:
0a:4c:63:2b:c0:df:d9:f8:95:00:4b:d9:ef:d7:b0:8e:c3:ce:
7f:36:62:1b:e4:ba:d3:80:c4:c2:1e:da:4d:97:87:4b:2b:48:
ec:3a:15:45:b6:e1:0a:2e:28:47:9f:e0:d1:2d:35:7f:45:37:
3d:c4:79:b8:64:e9:c6:31:4f:45:2d:e8:9f:77:f4:9d:d0:1e:
66:c6:0f:26:2f:cf:0c:df:35:9b:7e:bc:12:f4:3a:b5:e4:b5:
22:b9:ec:af:90:85:fb:4d:7c:24:0f:1a:d5:7b:42:02:97:c1:
9f:ed:d7:a4:ff:a8:85:50:71:18:19:b1:8a:57:12:1a:9e:64:
ae:6f:2d:8d:e1:e4:e6:bc:24:84:da:81:da:f4:8e:f3:8a:d4:
54:97:1d:ed
-----BEGIN CERTIFICATE-----
MIIGdjCCBV6gAwIBAgIDAqa+MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDMyNzA4MDUyMVoXDTI3MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzQ2MzkxMTAvBgNVBAUTKDQwNUU1QUIwNzUwMDdCQTNEODUyNjJE
NjhCMjUxOTg2QzZFOURENUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDNlbDsvxGRha6pR3FwIPUlS84KePksi19PslsbrWRCXEnwgbKetjjFfYJWLMWQ
H3V71QmcoHv9vgBt2Lc3t3q0gIs1MDd+zytUWftiMN+OKKadWQwviOF4YZ9iDWhL
9J0Zglv5o1Hwa5UxWAuZNsist+yQSBqtfS+zGW8Fhm0FGV0Ss02aT8OEKZLIfqWe
3wvlipbTxCV6lmyeJEPEBsC40TsUYNhLLp/nTjRCO/uWmvVRsNMF2inQYuzZPJWN
G04J98DXgJju4Ewmxa9hWx8Pa3+MJyVKVipciRut5QD43Zb/OJ7y8ogxfia/ViP0
y1DWFh5icDGtQWJG/R2664jvAgMBAAGjggNrMIIDZzAdBgNVHQ4EFgQUQF5asHUA
e6PYUmLWiyUZhsbp3V0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM0NjM5LzJCQTIzQzhDRDVCRjExRjA4REJDN0MzMUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzNDYzOS8yQkEyM0M4Q0Q1QkYxMUYwOERCQzdDMzFDNEY5QUUwMi9RRjVhc0hV
QWU2UFlVbUxXaXlVWmhzYnAzVjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKAYIKwYBBQUHAQgBAf8EGTAX
oBUwEwICRaECAwCXQAIDAJdaAgMAsXgwbQYIKwYBBQUHAQcBAf8EXjBcMD0EAgAB
MDcDBAN1aOgwCwMDAHeXAwQGd5eAAwQCe//8AwQAyinMAwQByjQCAwQCykMEAwQC
yqK8AwQEy4+wMBsEAgACMBUDBQAkAGMAAwUAJAVsAAMFACQFowAwDQYJKoZIhvcN
AQELBQADggEBAKJtXDHenoaKdvOvohhfFnkt4bhglVLZslfqOvFDoeJg+kRueb+l
jF3pDifEBPV0WYjYZGiGXPI5diRKPNFmosoXmFtR2rAxNyesGp2rzsBF5+ijd/Ys
b/YUS51K6Y1MuhW1P026Kx6utfyh0ApMYyvA39n4lQBL2e/XsI7Dzn82YhvkutOA
xMIe2k2Xh0srSOw6FUW24QouKEef4NEtNX9FNz3Eebhk6cYxT0Ut6J939J3QHmbG
DyYvzwzfNZt+vBL0OrXktSK57K+QhftNfCQPGtV7QgKXwZ/t16T/qIVQcRgZsYpX
EhqeZK5vLY3h5Oa8JITagdr0jvOK1FSXHe0=
-----END CERTIFICATE-----
Generated at Mon Apr 6 07:06:39 2026 by rpki-client