Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
File: RED2xCLpUAx9RqYtfetw0zqIdQ4.cer (raw, json)
Hash identifier: 46m0unJOYeNKbrOzklEYi+IpmxsImQ8TP21Zd9+O7uU=
Subject key identifier: 44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 026E6B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 22 Oct 2025 00:04:23 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: AS: 4651 -- 4652
AS: 9335
AS: 9931
AS: 18252
AS: 131089 -- 131090
AS: 134565
AS: 135566
AS: 139474
AS: 139591
AS: 152463
IP: 61.7.128.0/17
IP: 61.19.0.0/16
IP: 103.10.228.0/22
IP: 110.77.128.0 -- 110.78.255.255
IP: 114.131.0.0/16
IP: 116.58.224.0/19
IP: 119.42.64.0/18
IP: 122.154.0.0/15
IP: 202.3.68.0/22
IP: 202.6.107.0/24
IP: 202.47.224.0/19
IP: 202.129.0.0/18
IP: 202.139.192.0/19
IP: 2001:c38::/31
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 01 Nov 2025 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159339 (0x26e6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 22 00:04:23 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A9125475, serialNumber=4440F6C422E9500C7D46A62D7DEB70D33A88750E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:70:e0:83:f4:54:9a:aa:e3:e8:06:7f:9b:98:
70:d6:cb:27:f0:82:8c:51:b3:53:4c:07:8a:31:71:
e8:10:7c:02:12:49:cc:58:96:20:bc:88:00:71:5b:
05:4e:66:1a:36:ed:3a:06:97:2f:25:69:4f:c7:55:
7e:33:1b:d7:2b:27:1c:30:20:a9:a2:88:5e:17:83:
4b:c5:5f:af:ad:24:89:0c:17:49:a5:50:b0:68:01:
b6:d3:94:46:8b:1c:82:bf:cc:fb:3e:05:ca:3f:29:
b0:75:4a:64:3d:1a:a1:12:65:92:ef:ab:0c:16:cb:
43:06:cd:f1:73:06:6d:a0:12:21:35:1f:70:35:1b:
98:78:05:e9:eb:d4:5b:09:b4:c9:8e:26:96:a8:8a:
94:8a:92:aa:7a:55:8d:70:5c:28:63:3d:bc:1b:74:
0d:9b:d2:28:f1:78:fb:c7:e1:7d:11:d9:d1:6d:60:
d6:64:38:f7:28:82:b7:93:6c:1e:9e:49:a5:ca:a0:
42:9e:ae:c5:4c:08:c4:76:89:5f:aa:73:26:a8:57:
30:ad:62:3e:4b:be:a5:08:08:22:06:c5:8b:ac:e5:
9f:6b:cc:bd:bd:bc:1a:63:85:e8:c1:83:ca:03:43:
8c:f0:91:2d:e5:b5:ef:71:95:c3:be:28:2c:73:14:
26:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
4651-4652
9335
9931
18252
131089-131090
134565
135566
139474
139591
152463
sbgp-ipAddrBlock: critical
IPv4:
61.7.128.0/17
61.19.0.0/16
103.10.228.0/22
110.77.128.0-110.78.255.255
114.131.0.0/16
116.58.224.0/19
119.42.64.0/18
122.154.0.0/15
202.3.68.0/22
202.6.107.0/24
202.47.224.0/19
202.129.0.0/18
202.139.192.0/19
IPv6:
2001:c38::/31
Signature Algorithm: sha256WithRSAEncryption
0a:22:8b:45:82:7c:df:91:a7:61:2a:14:2a:61:f3:78:9d:8e:
d3:64:dd:1a:59:ad:9e:2f:52:ca:e8:43:f4:58:94:b9:dd:c4:
ba:8c:81:e1:b9:ba:0d:6b:b7:8e:1a:f9:5b:68:0c:0b:a8:20:
33:b4:96:cc:9b:3a:18:c6:c4:a2:ad:ac:11:2b:27:32:63:89:
e9:f0:24:7e:ef:3e:6b:61:a2:52:12:b7:d6:95:0a:82:74:4e:
9d:73:23:97:34:84:51:7c:ec:9c:a7:27:96:91:2b:8d:95:02:
63:8e:74:a7:e5:5d:ad:e4:40:54:7f:25:b0:f3:42:2a:71:f9:
0b:70:2d:2a:bd:69:41:e8:c8:26:e4:40:90:26:b1:e7:7a:c9:
15:2b:52:66:78:8c:20:07:92:3a:cb:af:50:f3:16:df:36:3f:
14:02:fc:bd:d4:6a:4f:6e:41:6e:59:3b:d6:c7:69:a8:1a:64:
bb:f9:d0:51:ad:c6:47:d9:0a:a6:21:b6:e7:18:fb:2b:2e:78:
49:15:f6:7c:e8:7d:87:6e:35:a0:72:02:9b:d4:ff:70:91:b2:
8d:f2:f3:5d:d9:be:8b:25:ce:f4:eb:8e:99:5e:04:47:61:1a:
38:43:db:3b:28:1c:38:b0:96:a9:7d:36:e5:07:1e:4a:43:2a:
59:86:45:7a
-----BEGIN CERTIFICATE-----
MIIGqzCCBZOgAwIBAgIDAm5rMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MTAyMjAwMDQyM1oXDTI2MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjU0NzUxMTAvBgNVBAUTKDQ0NDBGNkM0MjJFOTUwMEM3RDQ2QTYy
RDdERUI3MEQzM0E4ODc1MEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDlcOCD9FSaquPoBn+bmHDWyyfwgoxRs1NMB4oxcegQfAISScxYliC8iABxWwVO
Zho27ToGly8laU/HVX4zG9crJxwwIKmiiF4Xg0vFX6+tJIkMF0mlULBoAbbTlEaL
HIK/zPs+Bco/KbB1SmQ9GqESZZLvqwwWy0MGzfFzBm2gEiE1H3A1G5h4Benr1FsJ
tMmOJpaoipSKkqp6VY1wXChjPbwbdA2b0ijxePvH4X0R2dFtYNZkOPcogreTbB6e
SaXKoEKersVMCMR2iV+qcyaoVzCtYj5LvqUICCIGxYus5Z9rzL29vBpjhejBg8oD
Q4zwkS3lte9xlcO+KCxzFCb1AgMBAAGjggOgMIIDnDAdBgNVHQ4EFgQURED2xCLp
UAx9RqYtfetw0zqIdQ4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTI1NDc1L0FCNDQ3OTcyMUQ3ODExRTJBREI2RjJDNDA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyNTQ3NS9BQjQ0Nzk3MjFENzgxMUUyQURCNkYyQzQwOEIwMkNEMi9SRUQyeENM
cFVBeDlScVl0ZmV0dzB6cUlkUTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUAYIKwYBBQUHAQgBAf8EQTA/
oD0wOzAIAgISKwICEiwCAiR3AgImywICR0wwCgIDAgARAgMCABICAwINpQIDAhGO
AgMCINICAwIhRwIDAlOPMHoGCCsGAQUFBwEHAQH/BGswaTBYBAIAATBSAwQHPQeA
AwMAPRMDBAJnCuQwCwMEB25NgAMDAG5OAwMAcoMDBAV0OuADBAZ3KkADAwF6mgME
AsoDRAMEAMoGawMEBcov4AMEBsqBAAMEBcqLwDANBAIAAjAHAwUBIAEMODANBgkq
hkiG9w0BAQsFAAOCAQEACiKLRYJ835GnYSoUKmHzeJ2O02TdGlmtni9SyuhD9FiU
ud3EuoyB4bm6DWu3jhr5W2gMC6ggM7SWzJs6GMbEoq2sESsnMmOJ6fAkfu8+a2Gi
UhK31pUKgnROnXMjlzSEUXzsnKcnlpErjZUCY450p+VdreRAVH8lsPNCKnH5C3At
Kr1pQejIJuRAkCax53rJFStSZniMIAeSOsuvUPMW3zY/FAL8vdRqT25Bblk71sdp
qBpku/nQUa3GR9kKpiG25xj7Ky54SRX2fOh9h241oHICm9T/cJGyjfLzXdm+iyXO
9OuOmV4ER2EaOEPbOygcOLCWqX025QceSkMqWYZFeg==
-----END CERTIFICATE-----
Generated at Sat Oct 25 04:40:11 2025 by rpki-client