This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wd3DlpuYY8-1oVUoqko5GvIzf0M.cer File: Wd3DlpuYY8-1oVUoqko5GvIzf0M.cer (raw, json) Hash identifier: O8PFeyeTkq7BJJpFsS+g/1JGLUSI3cTfmfPYVdP5VMc= Subject key identifier: 59:DD:C3:96:9B:98:63:CF:B5:A1:55:28:AA:4A:39:1A:F2:33:7F:43 Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F Certificate serial: 027EAE Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer Manifest: rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/Wd3DlpuYY8-1oVUoqko5GvIzf0M.mft caRepository: rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/ Notify URL: https://rrdp.apnic.net/notification.xml Certificate not before: Tue 16 Dec 2025 17:19:43 +0000 Certificate not after: Sun 31 Jan 2027 00:00:00 +0000 Subordinate resources: AS: 45139 AS: 132348 IP: 111.221.16.0 -- 111.221.27.255 IP: 111.221.29.0 -- 111.221.31.255 IP: 111.221.64.0/18 IP: 163.57.0.0/16 IP: 202.89.224.0/21 IP: 2001:df0:7::/48 IP: 2001:df0:d7:: -- 2001:df0:d9:ffff:ffff:ffff:ffff:ffff IP: 2404:f800::/30 Validation: OK Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Dec 2025 06:22:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 163502 (0x27eae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F Validity Not Before: Dec 16 17:19:43 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=A91A3E3F, serialNumber=59DDC3969B9863CFB5A15528AA4A391AF2337F43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:2f:a8:32:33:81:e9:f1:68:65:32:30:f6:dc: 31:de:17:6b:c2:59:78:b0:53:3e:64:c2:ec:ea:7f: 6c:f3:89:f3:e6:b8:ba:3b:6c:7b:7f:a8:80:0a:90: ed:31:6a:ef:8a:a2:ff:36:94:b5:2b:7f:48:60:d9: 71:cf:6f:73:2f:e1:60:fc:d0:b8:35:f7:db:74:29: fc:49:ee:05:75:3b:cf:f3:50:a5:5d:ce:e5:15:eb: 56:11:2e:2c:02:0f:fb:7f:22:ed:c2:2f:fa:7e:17: 51:56:44:e3:e0:fa:29:2f:98:00:28:f5:f5:d3:b5: ae:b6:bb:3d:21:74:35:00:dc:78:49:d3:1c:00:74: 8d:19:fe:b5:24:0d:0a:aa:66:b2:ec:5c:b7:d0:ff: b6:8c:63:58:09:4f:60:f2:43:c2:e1:6e:52:a7:9e: 21:c5:a0:13:78:55:fe:27:85:4d:79:f9:f3:20:49: 3f:95:31:8f:21:f7:a2:ed:00:83:e6:2d:55:8b:83: 07:d0:07:af:ca:fe:34:ee:5c:94:20:76:fc:0f:fa: 8f:d5:82:63:ef:48:9c:c3:5b:67:7d:55:cd:99:c3: da:d8:b3:d9:ee:2e:03:84:67:e6:9d:db:98:70:f5: 42:26:40:0c:ea:91:c4:ac:1b:5d:01:0f:56:0e:10: b8:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:DD:C3:96:9B:98:63:CF:B5:A1:55:28:AA:4A:39:1A:F2:33:7F:43 X509v3 Authority Key Identifier: keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/ RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/Wd3DlpuYY8-1oVUoqko5GvIzf0M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 45139 132348 sbgp-ipAddrBlock: critical IPv4: 111.221.16.0-111.221.27.255 111.221.29.0-111.221.31.255 111.221.64.0/18 163.57.0.0/16 202.89.224.0/21 IPv6: 2001:df0:7::/48 2001:df0:d7::-2001:df0:d9:ffff:ffff:ffff:ffff:ffff 2404:f800::/30 Signature Algorithm: sha256WithRSAEncryption 1e:5a:dd:4b:c8:4c:20:12:76:a2:b5:5e:47:9d:0e:97:07:c9: 9e:ec:0d:c8:71:a6:bc:6f:9d:a1:17:a2:cc:e8:0c:c3:08:4e: 1c:9c:77:b7:41:a3:5c:68:49:86:15:d2:3a:28:18:69:65:4f: 64:5d:05:61:bc:80:b7:ad:cb:e6:fd:9b:d6:f6:51:bb:36:3f: 15:1b:52:6e:83:6f:70:36:b8:31:2e:57:b2:02:5e:f1:91:c3: 9b:35:1b:c4:ce:41:ea:0c:c0:08:f0:1f:d7:9a:50:b1:6f:37: 16:c9:2f:46:e8:c6:aa:68:fa:87:4e:39:55:22:16:ab:1e:49: cd:fb:4d:28:5b:55:c8:e6:5f:16:5d:f5:bb:91:1a:c3:54:75: 00:59:83:8e:09:ac:cc:55:69:86:bb:ea:6a:72:f4:e2:c7:b0: 43:3f:a0:89:30:44:58:48:0a:01:50:9e:4d:e8:e3:b2:eb:0b: a1:ce:1a:66:76:e7:5e:00:f4:2b:de:58:39:29:60:4a:64:56: e8:99:df:b7:cf:65:a6:ae:e1:63:fe:bf:76:27:4e:ee:fd:f6: 46:ec:a3:20:59:ac:e5:4f:36:79:c5:34:4f:71:22:17:2b:d7: 72:6d:ac:17:b6:f4:6d:3d:64:cb:f3:e5:68:c2:7f:36:99:b1: 9f:e1:ca:d8 -----BEGIN CERTIFICATE----- MIIGcjCCBVqgAwIBAgIDAn6uMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4 QzkwN0FBNzlGMB4XDTI1MTIxNjE3MTk0M1oXDTI3MDEzMTAwMDAwMFowRjERMA8G A1UEAxMIQTkxQTNFM0YxMTAvBgNVBAUTKDU5RERDMzk2OUI5ODYzQ0ZCNUExNTUy OEFBNEEzOTFBRjIzMzdGNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC+L6gyM4Hp8WhlMjD23DHeF2vCWXiwUz5kwuzqf2zzifPmuLo7bHt/qIAKkO0x au+Kov82lLUrf0hg2XHPb3Mv4WD80Lg199t0KfxJ7gV1O8/zUKVdzuUV61YRLiwC D/t/Iu3CL/p+F1FWROPg+ikvmAAo9fXTta62uz0hdDUA3HhJ0xwAdI0Z/rUkDQqq ZrLsXLfQ/7aMY1gJT2DyQ8LhblKnniHFoBN4Vf4nhU15+fMgST+VMY8h96LtAIPm LVWLgwfQB6/K/jTuXJQgdvwP+o/VgmPvSJzDW2d9Vc2Zw9rYs9nuLgOEZ+ad25hw 9UImQAzqkcSsG10BD1YOELjvAgMBAAGjggNnMIIDYzAdBgNVHQ4EFgQUWd3DlpuY Y8+1oVUoqko5GvIzf0MwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2 NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1 OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0 RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MUEzRTNGL0ZCREZGRUMwNzY4NjExRURBNkNCM0Y0MUM0RjlBRTAyLzB+BggrBgEF BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B OTFBM0UzRi9GQkRGRkVDMDc2ODYxMUVEQTZDQjNGNDFDNEY5QUUwMi9XZDNEbHB1 WVk4LTFvVlVvcWtvNUd2SXpmME0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO oAwwCgIDALBTAgMCBPwwcgYIKwYBBQUHAQcBAf8EYzBhMDMEAgABMC0wDAMEBG/d EAMEAm/dGDAMAwQAb90dAwQFb90AAwQGb91AAwMAozkDBAPKWeAwKgQCAAIwJAMH ACABDfAABzASAwcAIAEN8ADXAwcBIAEN8ADYAwUCJAT4ADANBgkqhkiG9w0BAQsF AAOCAQEAHlrdS8hMIBJ2orVeR50OlwfJnuwNyHGmvG+doReizOgMwwhOHJx3t0Gj XGhJhhXSOigYaWVPZF0FYbyAt63L5v2b1vZRuzY/FRtSboNvcDa4MS5XsgJe8ZHD mzUbxM5B6gzACPAf15pQsW83FskvRujGqmj6h045VSIWqx5JzftNKFtVyOZfFl31 u5Eaw1R1AFmDjgmszFVphrvqanL04sewQz+giTBEWEgKAVCeTejjsusLoc4aZnbn XgD0K95YOSlgSmRW6Jnft89lpq7hY/6/didO7v32RuyjIFms5U82ecU0T3EiFyvX cm2sF7b0bT1ky/PlaMJ/Npmxn+HK2A== -----END CERTIFICATE-----Generated at Fri Dec 19 07:53:56 2025 by rpki-client