Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xz1k3PExlPsNcfKfs3wtk_jUhyA.cer
File: Xz1k3PExlPsNcfKfs3wtk_jUhyA.cer (raw, json)
Hash identifier: UAFVeDXpVGvewk3XRtwM0cOtRp3kpLDlG4J6LGuZICc=
Subject key identifier: 5F:3D:64:DC:F1:31:94:FB:0D:71:F2:9F:B3:7C:2D:93:F8:D4:87:20
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02B618
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki-rps.cnnic.cn/repo/A1109746307418816533/0/5F3D64DCF13194FB0D71F29FB37C2D93F8D48720.mft
caRepository: rsync://rpki-rps.cnnic.cn/repo/A1109746307418816533/0/
Notify URL: https://rrdp-rps.cnnic.cn/rrdp/notification.xml
Certificate not before: Thu 21 May 2026 08:12:43 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: IP: 42.128.0.0/12
IP: 42.160.0.0/12
IP: 42.208.0.0/12
IP: 110.56.0.0/13
IP: 111.128.0.0/11
IP: 175.48.0.0 -- 175.95.255.255
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 May 2026 04:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177688 (0x2b618)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 21 08:12:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=A9185BF00000, serialNumber=5F3D64DCF13194FB0D71F29FB37C2D93F8D48720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3b:1c:c5:05:de:33:10:4f:af:e7:5d:c2:b0:
bc:a1:cc:23:6c:73:d8:90:58:e2:65:bb:8e:4e:ae:
bd:fb:f6:6b:1c:7f:1f:cd:19:70:c7:b7:0c:8b:5b:
03:b0:9b:9e:77:c0:73:7c:a0:33:6f:09:ce:07:83:
0b:0d:ea:e8:3b:61:6f:4a:c6:c8:90:2c:cf:3e:66:
08:86:14:90:14:01:08:d3:ea:aa:4f:fb:ea:1f:35:
06:9f:6b:cf:1e:cc:08:d3:79:91:03:a1:d4:62:12:
7d:f0:c3:ee:0f:55:d4:f8:5e:68:9e:d7:ba:f4:b6:
42:69:46:1a:81:9d:03:4a:0b:28:d0:f4:e4:f3:80:
7b:34:32:81:93:a0:5f:2c:15:68:6d:ce:e6:df:4c:
31:42:88:34:fd:44:1c:7f:e4:7a:e8:40:a3:d3:4f:
5b:26:00:e0:b8:68:d1:21:82:95:02:70:54:51:90:
c3:2c:90:f5:c6:ae:39:fe:2d:3f:66:7b:af:ee:ea:
7c:d0:c0:cb:b5:3c:26:f6:49:91:1e:cb:4e:06:38:
2d:85:0d:94:0c:73:cf:3d:b0:28:6a:7d:06:d5:c9:
9a:65:9d:3f:78:aa:31:f8:1d:c1:35:7a:fd:94:6d:
39:05:2f:11:1f:87:d7:8b:38:3e:1b:40:8d:f3:d1:
52:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:3D:64:DC:F1:31:94:FB:0D:71:F2:9F:B3:7C:2D:93:F8:D4:87:20
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki-rps.cnnic.cn/repo/A1109746307418816533/0/
RPKI Manifest - URI:rsync://rpki-rps.cnnic.cn/repo/A1109746307418816533/0/5F3D64DCF13194FB0D71F29FB37C2D93F8D48720.mft
RPKI Notify - URI:https://rrdp-rps.cnnic.cn/rrdp/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
42.128.0.0/12
42.160.0.0/12
42.208.0.0/12
110.56.0.0/13
111.128.0.0/11
175.48.0.0-175.95.255.255
Signature Algorithm: sha256WithRSAEncryption
01:4b:13:1c:e3:28:f7:c4:0d:37:b3:86:0c:16:d2:e9:36:af:
57:2c:02:a6:c0:68:c4:4f:4e:7f:b7:79:1d:c9:3c:9c:e0:17:
66:b4:cc:7a:8e:96:66:0e:50:b3:85:fd:9d:06:1a:e8:66:8f:
e2:8b:7d:6c:dc:98:a0:b5:d6:94:6d:7c:20:0d:55:fe:69:19:
3c:92:34:8e:bb:d8:c8:47:7e:2e:f7:f5:76:91:b9:28:35:6f:
6d:a3:e6:d6:e4:cb:64:39:e9:84:34:48:fa:26:e4:11:c5:df:
39:bf:0b:ff:87:37:29:5a:14:06:be:80:15:13:96:7b:34:65:
da:c0:1c:2b:45:aa:88:52:e3:f0:5d:2f:4c:ad:9c:ce:60:b0:
eb:89:3c:77:f8:02:c1:c5:ac:36:69:87:74:c6:53:70:12:c0:
b4:e5:b0:b4:a6:27:86:d5:fa:81:1f:f7:0c:0a:4f:29:e7:a5:
17:de:4d:40:a7:5e:8b:53:17:6f:9d:c8:14:0e:2d:77:b5:33:
b6:9e:b1:21:7b:1a:55:b6:45:95:fb:98:44:34:a6:76:0b:16:
5c:81:57:e2:4c:45:00:a8:1e:b9:c5:c0:4f:6d:ae:a2:6f:6e:
cb:fd:25:4e:30:8a:d0:7c:f8:bd:3e:dd:e9:f4:ca:92:79:d6:
14:5b:9c:e4
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIDArYYMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDUyMTA4MTI0M1oXDTI3MDcwMTAwMDAwMFowSjEVMBMG
A1UEAxMMQTkxODVCRjAwMDAwMTEwLwYDVQQFEyg1RjNENjREQ0YxMzE5NEZCMEQ3
MUYyOUZCMzdDMkQ5M0Y4RDQ4NzIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzjscxQXeMxBPr+ddwrC8ocwjbHPYkFjiZbuOTq69+/ZrHH8fzRlwx7cM
i1sDsJued8BzfKAzbwnOB4MLDeroO2FvSsbIkCzPPmYIhhSQFAEI0+qqT/vqHzUG
n2vPHswI03mRA6HUYhJ98MPuD1XU+F5onte69LZCaUYagZ0DSgso0PTk84B7NDKB
k6BfLBVobc7m30wxQog0/UQcf+R66ECj009bJgDguGjRIYKVAnBUUZDDLJD1xq45
/i0/Znuv7up80MDLtTwm9kmRHstOBjgthQ2UDHPPPbAoan0G1cmaZZ0/eKox+B3B
NXr9lG05BS8RH4fXizg+G0CN89FSzwIDAQABo4IC6zCCAucwHQYDVR0OBBYEFF89
ZNzxMZT7DXHyn7N8LZP41IcgMB8GA1UdIwQYMBaAFA5lpPX9NrW9aOs8kjQIl4yQ
eqefMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1
ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9EbVdrOWYwMnRiMW82enlTTkFpWGpK
QjZwNTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3RTExRTdBOTZBMzk1
MjFBNEY0RkI0L0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1OC5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMIIBAQYIKwYBBQUHAQsEgfQwgfEwQgYIKwYB
BQUHMAWGNnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTEwOTc0NjMw
NzQxODgxNjUzMy8wLzBuBggrBgEFBQcwCoZicnN5bmM6Ly9ycGtpLXJwcy5jbm5p
Yy5jbi9yZXBvL0ExMTA5NzQ2MzA3NDE4ODE2NTMzLzAvNUYzRDY0RENGMTMxOTRG
QjBENzFGMjlGQjM3QzJEOTNGOEQ0ODcyMC5tZnQwOwYIKwYBBQUHMA2GL2h0dHBz
Oi8vcnJkcC1ycHMuY25uaWMuY24vcnJkcC9ub3RpZmljYXRpb24ueG1sMD4GCCsG
AQUFBwEHAQH/BC8wLTArBAIAATAlAwMEKoADAwQqoAMDBCrQAwMDbjgDAwVvgDAK
AwMErzADAwWvQDANBgkqhkiG9w0BAQsFAAOCAQEAAUsTHOMo98QNN7OGDBbS6Tav
VywCpsBoxE9Of7d5Hck8nOAXZrTMeo6WZg5Qs4X9nQYa6GaP4ot9bNyYoLXWlG18
IA1V/mkZPJI0jrvYyEd+Lvf1dpG5KDVvbaPm1uTLZDnphDRI+ibkEcXfOb8L/4c3
KVoUBr6AFROWezRl2sAcK0WqiFLj8F0vTK2czmCw64k8d/gCwcWsNmmHdMZTcBLA
tOWwtKYnhtX6gR/3DApPKeelF95NQKdei1MXb53IFA4td7Uztp6xIXsaVbZFlfuY
RDSmdgsWXIFX4kxFAKgeucXAT22uom9uy/0lTjCK0Hz4vT7d6fTKknnWFFuc5A==
-----END CERTIFICATE-----
Generated at Sat May 23 07:08:23 2026 by rpki-client