Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH0JJ9s7F44vZUoyaFV_5bXWcpw.cer
File: ZH0JJ9s7F44vZUoyaFV_5bXWcpw.cer (raw, json)
Hash identifier: VyUoVTYknJG4w0kJGJ7vvvuJ1smqo5qqRp10n37mNOU=
Subject key identifier: 64:7D:09:27:DB:3B:17:8E:2F:65:4A:32:68:55:7F:E5:B5:D6:72:9C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0262D3
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A919A777/0BA572B0EC4F11EEA1B38866C4F9AE02/ZH0JJ9s7F44vZUoyaFV_5bXWcpw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A919A777/0BA572B0EC4F11EEA1B38866C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 02 Sep 2025 21:00:39 +0000
Certificate not after: Tue 01 Dec 2026 00:00:00 +0000
Subordinate resources: AS: 134835
AS: 135309
AS: 139859
IP: 45.120.156.0/22
IP: 45.125.164.0/22
IP: 103.56.216.0/22
IP: 103.194.40.0/22
IP: 103.200.96.0/22
IP: 103.204.172.0/22
IP: 122.128.96.0/22
IP: 202.168.152.0/22
IP: 2403:ad80::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 15 Sep 2025 05:15:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156371 (0x262d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Sep 2 21:00:39 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=A919A777, serialNumber=647D0927DB3B178E2F654A3268557FE5B5D6729C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1f:ef:47:b4:39:27:d7:e4:df:cf:15:67:7e:
27:82:1b:47:a0:c1:b6:86:e7:c4:38:45:a4:71:cf:
3d:d6:18:9f:15:db:6c:59:b4:a2:52:18:ce:28:1b:
53:52:58:7c:b0:46:fc:bc:df:76:d7:5c:33:4d:8f:
6e:94:f9:15:59:31:c4:86:fa:c7:77:d3:46:56:2b:
16:f2:73:aa:b8:5d:06:f7:b1:4d:6d:5c:bf:5a:b0:
88:af:ed:db:f3:19:77:1b:57:50:8d:82:97:35:1f:
06:c5:ef:75:bf:36:14:b3:b7:43:a9:4e:b4:52:f8:
7c:0f:5c:6b:d2:cc:c0:33:98:2c:8d:2c:89:04:30:
e6:18:e3:d6:88:e3:25:43:ec:4e:0f:71:54:73:88:
f6:0d:d1:b2:93:46:ff:bd:50:35:c9:7c:80:e3:23:
c3:f0:65:49:17:27:1b:05:eb:45:c9:71:5e:f7:f9:
54:b3:fd:b0:60:3f:cd:81:85:2c:86:a3:2e:80:94:
e9:a1:e6:2b:c2:2f:9a:ba:a9:c8:d4:0c:c3:52:b5:
b7:75:89:2d:39:6a:4c:85:fd:ff:00:e8:5e:da:c1:
85:8d:40:57:51:f9:a5:c0:13:f3:4d:f4:8a:10:10:
8c:a2:e0:c6:27:e8:3f:30:87:03:46:0b:ec:bd:65:
35:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:7D:09:27:DB:3B:17:8E:2F:65:4A:32:68:55:7F:E5:B5:D6:72:9C
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919A777/0BA572B0EC4F11EEA1B38866C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919A777/0BA572B0EC4F11EEA1B38866C4F9AE02/ZH0JJ9s7F44vZUoyaFV_5bXWcpw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
134835
135309
139859
sbgp-ipAddrBlock: critical
IPv4:
45.120.156.0/22
45.125.164.0/22
103.56.216.0/22
103.194.40.0/22
103.200.96.0/22
103.204.172.0/22
122.128.96.0/22
202.168.152.0/22
IPv6:
2403:ad80::/32
Signature Algorithm: sha256WithRSAEncryption
74:90:87:6f:40:1e:80:bb:1c:a6:85:80:e4:66:d3:d5:0a:a2:
ee:aa:44:6c:e3:7d:96:66:72:28:27:58:02:7f:0f:dd:02:e2:
30:72:d1:63:a2:07:bc:46:ab:9a:d1:5c:20:20:2f:3b:d1:9d:
fc:4a:2e:96:5a:31:8b:39:eb:45:7f:1e:0f:79:ad:9b:5a:55:
e4:8f:0e:92:7b:56:67:f3:cb:4d:ce:a7:05:5b:93:76:ff:75:
ad:e5:46:60:55:15:6c:33:b5:6a:b6:82:63:ac:bb:fb:b0:36:
a5:2d:17:fc:ec:29:a7:42:21:7f:41:11:b0:3c:1c:e1:f9:b0:
97:72:a9:d4:8c:1c:db:41:c2:6d:c5:d1:94:8f:b1:d6:5f:ac:
44:f5:49:51:01:b1:9e:4c:f6:54:8e:f6:9f:3a:dd:3e:5b:42:
ca:d4:ca:47:3e:8d:ac:6b:4d:ff:d7:c1:32:f3:e1:15:7b:48:
e0:8f:c6:5d:a7:cc:9a:50:54:2c:e3:cc:6b:f6:63:5e:cc:c5:
6d:a7:56:9d:85:ed:83:7f:b2:97:13:23:b2:09:f7:66:7e:8e:
4f:8c:9d:c7:8b:15:b8:e0:03:b5:ad:2f:48:6d:5e:1b:27:d3:
e1:60:2e:51:a2:10:de:95:06:a1:ac:b0:99:96:88:b0:45:04:
3b:f9:f9:d6
-----BEGIN CERTIFICATE-----
MIIGXTCCBUWgAwIBAgIDAmLTMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDkwMjIxMDAzOVoXDTI2MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOUE3NzcxMTAvBgNVBAUTKDY0N0QwOTI3REIzQjE3OEUyRjY1NEEz
MjY4NTU3RkU1QjVENjcyOUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCTH+9HtDkn1+TfzxVnfieCG0egwbaG58Q4RaRxzz3WGJ8V22xZtKJSGM4oG1NS
WHywRvy833bXXDNNj26U+RVZMcSG+sd300ZWKxbyc6q4XQb3sU1tXL9asIiv7dvz
GXcbV1CNgpc1HwbF73W/NhSzt0OpTrRS+HwPXGvSzMAzmCyNLIkEMOYY49aI4yVD
7E4PcVRziPYN0bKTRv+9UDXJfIDjI8PwZUkXJxsF60XJcV73+VSz/bBgP82BhSyG
oy6AlOmh5ivCL5q6qcjUDMNStbd1iS05akyF/f8A6F7awYWNQFdR+aXAE/NN9IoQ
EIyi4MYn6D8whwNGC+y9ZTVXAgMBAAGjggNSMIIDTjAdBgNVHQ4EFgQUZH0JJ9s7
F44vZUoyaFV/5bXWcpwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTlBNzc3LzBCQTU3MkIwRUM0RjExRUVBMUIzODg2NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5QTc3Ny8wQkE1NzJCMEVDNEYxMUVFQTFCMzg4NjZDNEY5QUUwMi9aSDBKSjlz
N0Y0NHZaVW95YUZWXzViWFdjcHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQgBAf8EFTAT
oBEwDwIDAg6zAgMCEI0CAwIiUzBYBggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAME
Ai14nAMEAi19pAMEAmc42AMEAmfCKAMEAmfIYAMEAmfMrAMEAnqAYAMEAsqomDAN
BAIAAjAHAwUAJAOtgDANBgkqhkiG9w0BAQsFAAOCAQEAdJCHb0AegLscpoWA5GbT
1Qqi7qpEbON9lmZyKCdYAn8P3QLiMHLRY6IHvEarmtFcICAvO9Gd/Eoulloxiznr
RX8eD3mtm1pV5I8OkntWZ/PLTc6nBVuTdv91reVGYFUVbDO1araCY6y7+7A2pS0X
/Owpp0Ihf0ERsDwc4fmwl3Kp1Iwc20HCbcXRlI+x1l+sRPVJUQGxnkz2VI72nzrd
PltCytTKRz6NrGtN/9fBMvPhFXtI4I/GXafMmlBULOPMa/ZjXszFbadWnYXtg3+y
lxMjsgn3Zn6OT4ydx4sVuOADta0vSG1eGyfT4WAuUaIQ3pUGoaywmZaIsEUEO/n5
1g==
-----END CERTIFICATE-----
Generated at Mon Sep 8 07:06:53 2025 by rpki-client