Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/W4LojAFBMoI9Ag1cMKa_ttW1AiE.cer
File: W4LojAFBMoI9Ag1cMKa_ttW1AiE.cer (raw, json)
Hash identifier: 08x05FW0RNEI0Sb6zNlJQesCjalzaWVYY6droO32WPE=
Subject key identifier: 5B:82:E8:8C:01:41:32:82:3D:02:0D:5C:30:A6:BF:B6:D5:B5:02:21
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0261B5
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911069A/961B2A4666F511EEA4384F74C4F9AE02/W4LojAFBMoI9Ag1cMKa_ttW1AiE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911069A/961B2A4666F511EEA4384F74C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 01 Sep 2025 12:20:53 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: AS: 38624
IP: 117.120.32.0/21
IP: 2401:45c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Sep 2025 08:53:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156085 (0x261b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Sep 1 12:20:53 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A911069A, serialNumber=5B82E88C014132823D020D5C30A6BFB6D5B50221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:93:43:84:e5:f4:a3:c8:e3:cd:93:85:fa:eb:
31:66:6e:88:09:c7:6d:81:a4:3d:00:f0:65:ab:61:
71:44:a3:76:21:f2:99:e8:6a:10:22:42:6a:37:fe:
49:f8:9f:59:cb:ac:da:5f:01:91:71:0c:cb:72:80:
f2:a8:11:67:1d:a2:7a:66:cc:b9:c8:1b:68:8f:fc:
9e:3b:f7:8a:e7:d9:7b:b2:fb:83:06:dc:2c:72:ce:
2a:77:16:49:15:bc:c5:b7:d2:76:c0:9a:3e:32:c7:
94:e5:bb:77:dd:9a:b0:04:ed:8e:f2:57:4f:24:19:
22:95:1a:bb:07:db:15:eb:a7:70:d5:f6:00:b8:6c:
ce:60:fd:bc:25:06:b6:28:39:f9:88:fb:1d:85:74:
dc:69:32:85:fc:05:0a:9d:82:1d:70:c6:57:d1:0a:
5d:41:99:46:a5:a6:b4:5d:5b:ea:e0:04:48:78:47:
9a:ca:22:6c:a0:20:35:e9:4c:41:cf:75:c2:8c:c5:
97:65:32:27:ad:ac:2b:cc:49:7d:73:c0:86:c2:d6:
0e:0d:c7:5e:38:7b:38:fb:7b:e4:10:a8:0a:bb:1a:
c7:a3:53:8d:02:c7:46:4a:12:db:af:9f:ba:65:27:
f3:a3:0b:a0:ca:09:9a:f5:77:8a:5e:92:b0:b6:7f:
47:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:82:E8:8C:01:41:32:82:3D:02:0D:5C:30:A6:BF:B6:D5:B5:02:21
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911069A/961B2A4666F511EEA4384F74C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911069A/961B2A4666F511EEA4384F74C4F9AE02/W4LojAFBMoI9Ag1cMKa_ttW1AiE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
38624
sbgp-ipAddrBlock: critical
IPv4:
117.120.32.0/21
IPv6:
2401:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
96:7f:01:5c:c0:c3:29:78:0a:f2:45:c5:0c:12:a4:a9:41:9d:
75:69:38:80:21:89:1d:67:98:aa:c3:d9:03:a6:30:c4:10:86:
cd:2e:8b:f3:c9:75:06:2c:1c:8d:24:05:29:d0:17:a9:8b:b4:
df:89:96:fe:49:3e:ab:ef:c1:14:27:86:34:59:3d:c8:c1:dd:
20:fc:51:24:58:1a:bc:f5:82:a5:19:2f:5d:da:bd:77:b5:c7:
6f:c8:72:cb:5b:73:9e:12:4f:b2:a1:9d:bd:ff:af:ce:c2:ca:
c1:92:03:04:38:15:09:03:44:35:d9:13:40:cb:ae:a3:bb:38:
e9:93:10:83:1d:fa:9b:4e:46:56:8f:28:e3:1c:1a:77:91:8b:
69:6f:1e:11:1a:24:b9:93:b1:8c:70:ae:92:6e:6e:55:74:05:
0f:dd:b5:90:7a:0d:12:d3:45:18:d6:e9:1d:e8:88:47:1d:50:
6e:82:a5:b7:aa:cf:5a:5d:26:e8:04:40:38:ed:0e:93:22:da:
e8:86:58:db:92:41:96:4d:6e:91:be:52:9a:c6:b4:ea:dc:c1:
95:4e:24:eb:74:a1:cd:1a:33:34:30:ab:47:96:65:39:30:4e:
2c:df:5a:3e:42:b2:1f:0f:2c:b9:ea:f7:d4:c6:fd:93:0a:7e:
14:97:77:70
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAmG1MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDkwMTEyMjA1M1oXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTA2OUExMTAvBgNVBAUTKDVCODJFODhDMDE0MTMyODIzRDAyMEQ1
QzMwQTZCRkI2RDVCNTAyMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDxk0OE5fSjyOPNk4X66zFmbogJx22BpD0A8GWrYXFEo3Yh8pnoahAiQmo3/kn4
n1nLrNpfAZFxDMtygPKoEWcdonpmzLnIG2iP/J4794rn2Xuy+4MG3Cxyzip3FkkV
vMW30nbAmj4yx5Tlu3fdmrAE7Y7yV08kGSKVGrsH2xXrp3DV9gC4bM5g/bwlBrYo
OfmI+x2FdNxpMoX8BQqdgh1wxlfRCl1BmUalprRdW+rgBEh4R5rKImygIDXpTEHP
dcKMxZdlMietrCvMSX1zwIbC1g4Nx144ezj7e+QQqAq7GsejU40Cx0ZKEtuvn7pl
J/OjC6DKCZr1d4pekrC2f0elAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUW4LojAFB
MoI9Ag1cMKa/ttW1AiEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTEwNjlBLzk2MUIyQTQ2NjZGNTExRUVBNDM4NEY3NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExMDY5QS85NjFCMkE0NjY2RjUxMUVFQTQzODRGNzRDNEY5QUUwMi9XNExvakFG
Qk1vSTlBZzFjTUthX3R0VzFBaUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAJbgMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDdXggMA0EAgAC
MAcDBQAkAUXAMA0GCSqGSIb3DQEBCwUAA4IBAQCWfwFcwMMpeAryRcUMEqSpQZ11
aTiAIYkdZ5iqw9kDpjDEEIbNLovzyXUGLByNJAUp0Bepi7TfiZb+ST6r78EUJ4Y0
WT3Iwd0g/FEkWBq89YKlGS9d2r13tcdvyHLLW3OeEk+yoZ29/6/OwsrBkgMEOBUJ
A0Q12RNAy66juzjpkxCDHfqbTkZWjyjjHBp3kYtpbx4RGiS5k7GMcK6Sbm5VdAUP
3bWQeg0S00UY1ukd6IhHHVBugqW3qs9aXSboBEA47Q6TItrohljbkkGWTW6RvlKa
xrTq3MGVTiTrdKHNGjM0MKtHlmU5ME4s31o+QrIfDyy56vfUxv2TCn4Ul3dw
-----END CERTIFICATE-----
Generated at Sat Sep 6 13:47:44 2025 by rpki-client