Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XwBNV-s29CZy5m8wBfZGm2KJFxs.cer
File: XwBNV-s29CZy5m8wBfZGm2KJFxs.cer (raw, json)
Hash identifier: eJsktGL/JF9wIKhI7EnepK6kKwi04Y3fQW0mMQQXKP8=
Subject key identifier: 5F:00:4D:57:EB:36:F4:26:72:E6:6F:30:05:F6:46:9B:62:89:17:1B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0249B3
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91C1025/956F662C9D8411EF817E1420C4F9AE02/XwBNV-s29CZy5m8wBfZGm2KJFxs.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91C1025/956F662C9D8411EF817E1420C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 29 May 2025 23:43:30 +0000
Certificate not after: Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 153167
IP: 2401:b3a0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 06 Jun 2025 07:11:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149939 (0x249b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 29 23:43:30 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=A91C1025, serialNumber=5F004D57EB36F42672E66F3005F6469B6289171B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:24:36:e3:6d:42:ee:e3:de:af:9b:13:43:b6:
4d:b5:f0:10:0c:9f:c6:71:57:0f:7e:8a:41:46:d9:
5a:5c:25:93:17:09:f3:a1:35:01:48:02:08:7f:43:
58:af:9c:a8:39:59:a5:a2:d1:ca:8c:0f:e2:42:ae:
de:5b:d2:4b:4e:e6:6d:40:d8:50:89:49:f7:2a:66:
9b:57:28:dd:3e:4b:66:fc:69:6d:a2:24:48:7a:5a:
52:eb:c6:00:bd:0c:4f:3a:4d:de:41:88:af:d4:59:
2d:1d:ff:b7:10:be:5d:e9:d6:5c:d5:65:79:b2:05:
f3:16:a3:4d:90:8d:6e:82:31:0a:24:d2:7d:03:30:
e0:44:89:3a:00:e6:28:9c:93:d5:5b:2a:cd:8b:5b:
c8:1c:ab:30:d2:15:0f:63:ca:55:da:26:c6:c3:1e:
37:51:c4:a9:ee:08:96:9a:fd:2e:e8:ca:bd:20:55:
94:b3:1c:f5:a5:5d:99:0e:65:c5:a4:eb:18:da:87:
e1:ff:13:18:f9:1a:55:df:b8:e4:b6:11:dd:25:aa:
10:53:40:98:ee:6f:35:c2:7c:33:d2:d3:1a:fb:6c:
78:03:a4:0e:dd:c8:b6:28:c6:e1:3d:aa:82:96:d8:
50:a2:d6:0d:6b:a0:cf:56:2c:79:f2:c4:e7:6c:57:
63:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:00:4D:57:EB:36:F4:26:72:E6:6F:30:05:F6:46:9B:62:89:17:1B
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C1025/956F662C9D8411EF817E1420C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C1025/956F662C9D8411EF817E1420C4F9AE02/XwBNV-s29CZy5m8wBfZGm2KJFxs.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
153167
sbgp-ipAddrBlock: critical
IPv6:
2401:b3a0::/32
Signature Algorithm: sha256WithRSAEncryption
05:49:5a:f1:3a:c4:03:f5:03:0b:4b:57:81:57:57:01:a7:f9:
18:74:de:2e:14:53:51:29:dd:86:8a:e0:6c:c6:86:a0:00:99:
2f:c4:f7:c4:32:21:2c:48:29:90:6c:a4:86:cd:3f:54:fc:d3:
76:74:01:5c:0c:58:90:17:44:e4:e5:af:55:5c:e3:62:5e:2f:
d1:62:30:c2:6f:57:79:0a:10:b2:99:f1:a3:2c:3b:71:17:e9:
87:ae:0a:0e:19:f9:9d:93:cd:bf:e7:47:23:c7:e5:e4:a5:cb:
f3:2d:47:a6:da:4c:2e:c3:98:df:cf:bc:06:26:92:06:43:ff:
96:3e:0c:de:30:05:b9:2e:c6:5e:df:c9:57:bd:e1:e5:74:42:
ba:74:21:3c:ea:ef:0b:7c:cb:c2:92:bf:5f:8a:86:ca:fc:40:
51:e0:3b:4c:d1:fc:5f:91:ed:79:df:c0:fa:13:1c:13:26:0e:
d8:5e:1f:bf:1b:62:d9:2e:14:b2:99:28:38:12:04:89:96:0c:
0d:8e:40:35:2a:27:0a:e3:f8:83:e8:60:10:13:28:68:0b:32:
ec:8e:73:0e:77:64:06:2f:57:d1:8a:0e:5d:c6:03:8f:ad:91:
e0:b4:73:33:17:ff:16:9a:ef:14:3c:84:59:ef:92:71:de:11:
14:76:cc:d3
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIDAkmzMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUyOTIzNDMzMFoXDTI2MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzEwMjUxMTAvBgNVBAUTKDVGMDA0RDU3RUIzNkY0MjY3MkU2NkYz
MDA1RjY0NjlCNjI4OTE3MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDjJDbjbULu496vmxNDtk218BAMn8ZxVw9+ikFG2VpcJZMXCfOhNQFIAgh/Q1iv
nKg5WaWi0cqMD+JCrt5b0ktO5m1A2FCJSfcqZptXKN0+S2b8aW2iJEh6WlLrxgC9
DE86Td5BiK/UWS0d/7cQvl3p1lzVZXmyBfMWo02QjW6CMQok0n0DMOBEiToA5iic
k9VbKs2LW8gcqzDSFQ9jylXaJsbDHjdRxKnuCJaa/S7oyr0gVZSzHPWlXZkOZcWk
6xjah+H/Exj5GlXfuOS2Ed0lqhBTQJjubzXCfDPS0xr7bHgDpA7dyLYoxuE9qoKW
2FCi1g1roM9WLHnyxOdsV2PxAgMBAAGjggMQMIIDDDAdBgNVHQ4EFgQUXwBNV+s2
9CZy5m8wBfZGm2KJFxswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUMxMDI1Lzk1NkY2NjJDOUQ4NDExRUY4MTdFMTQyMEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDMTAyNS85NTZGNjYyQzlEODQxMUVGODE3RTE0MjBDNEY5QUUwMi9Yd0JOVi1z
MjlDWnk1bTh3QmZaR20yS0pGeHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlZPMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAGzoDANBgkq
hkiG9w0BAQsFAAOCAQEABUla8TrEA/UDC0tXgVdXAaf5GHTeLhRTUSndhorgbMaG
oACZL8T3xDIhLEgpkGykhs0/VPzTdnQBXAxYkBdE5OWvVVzjYl4v0WIwwm9XeQoQ
spnxoyw7cRfph64KDhn5nZPNv+dHI8fl5KXL8y1HptpMLsOY38+8BiaSBkP/lj4M
3jAFuS7GXt/JV73h5XRCunQhPOrvC3zLwpK/X4qGyvxAUeA7TNH8X5Hted/A+hMc
EyYO2F4fvxti2S4UspkoOBIEiZYMDY5ANSonCuP4g+hgEBMoaAsy7I5zDndkBi9X
0YoOXcYDj62R4LRzMxf/FprvFDyEWe+Scd4RFHbM0w==
-----END CERTIFICATE-----
Generated at Fri May 30 09:50:20 2025 by rpki-client