Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aU9WG2PafMV3kxY21HiK0rC0riA.cer
File: aU9WG2PafMV3kxY21HiK0rC0riA.cer (raw, json)
Hash identifier: uZ27bEq3wGSEVJmUqgsOlyvqQLxvgvRbZvzo/TfnOQ8=
Subject key identifier: 69:4F:56:1B:63:DA:7C:C5:77:93:16:36:D4:78:8A:D2:B0:B4:AE:20
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02472C
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A9083/C86CD806D1B011EF8833C933C4F9AE02/aU9WG2PafMV3kxY21HiK0rC0riA.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A9083/C86CD806D1B011EF8833C933C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 19 May 2025 06:21:13 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 134351
IP: 2001:df3:2680::/48
IP: 2401:d560::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 08 Jul 2025 08:36:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149292 (0x2472c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 19 06:21:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A91A9083, serialNumber=694F561B63DA7CC577931636D4788AD2B0B4AE20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:20:67:aa:e2:51:a2:84:c2:cc:01:da:57:72:
e0:7d:56:40:69:a1:e7:0c:d1:3d:c1:70:9b:05:67:
6e:20:99:c8:39:1a:32:6c:ec:2b:89:65:9b:7a:c3:
8e:2c:c7:8e:0d:ef:5a:00:4f:cd:68:6a:24:f6:eb:
ab:7f:73:2c:63:36:91:7c:14:ac:e5:57:f3:c5:92:
07:2f:1a:00:c3:64:57:2e:7e:e8:5e:60:fd:14:5c:
47:b9:78:20:af:fb:45:d1:9e:16:98:bf:8c:49:b8:
e6:c7:90:07:c3:9f:b7:a2:22:92:9f:9b:d5:77:50:
a9:3e:9e:3a:cd:38:b4:35:1e:20:a3:34:29:8c:ef:
03:d3:c7:e7:16:11:d4:73:ab:fd:80:fd:79:fa:ad:
72:8c:0e:40:c2:fe:64:dd:c4:54:31:63:22:33:5b:
12:ef:23:1b:8d:91:8e:6e:78:5f:36:f8:97:01:fa:
4d:55:c6:bb:fb:f8:49:b8:20:19:99:70:67:5d:b5:
8c:44:b7:3a:07:61:ed:f8:25:e7:2a:13:1d:30:d5:
d1:17:9c:6d:28:90:4a:e5:a2:0f:7b:a2:b4:c8:e9:
5d:8d:ae:3d:05:0d:9e:2d:37:8e:8f:3e:6b:8e:3d:
c3:a1:4b:ae:fd:44:df:ab:3a:2b:75:27:1c:20:dc:
51:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:4F:56:1B:63:DA:7C:C5:77:93:16:36:D4:78:8A:D2:B0:B4:AE:20
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A9083/C86CD806D1B011EF8833C933C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A9083/C86CD806D1B011EF8833C933C4F9AE02/aU9WG2PafMV3kxY21HiK0rC0riA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
134351
sbgp-ipAddrBlock: critical
IPv6:
2001:df3:2680::/48
2401:d560::/32
Signature Algorithm: sha256WithRSAEncryption
8d:8a:a1:6e:d1:69:1b:e0:3b:32:b2:3a:8f:bf:32:38:b6:75:
be:d4:15:3a:5b:8f:dd:c3:77:16:f5:24:14:0e:bf:e7:61:d2:
a1:e7:93:df:9d:bf:f1:92:e0:30:e8:22:35:91:17:d8:64:af:
d2:2f:36:90:dc:28:b9:31:85:7a:92:8b:57:17:fe:d7:68:01:
c6:88:4b:e4:99:0e:6a:33:80:5a:9b:cf:ae:d2:5c:2a:d9:23:
4c:2f:bc:86:35:f1:ae:6d:31:89:20:b4:97:b4:0b:b2:f5:66:
9e:0a:63:ee:76:54:48:ed:48:01:03:43:81:5f:e6:2b:34:9d:
5c:c7:a1:01:1d:6f:d3:1a:1f:63:06:0f:b7:84:d4:a1:6a:ae:
99:90:4e:9a:9b:30:52:26:ea:a7:c0:54:d6:37:77:96:13:97:
82:b0:59:fb:ed:0b:da:7c:4f:b5:e3:88:d7:20:48:86:d4:68:
9e:a1:1d:93:3b:bf:72:c3:fc:d3:3e:7a:7c:6c:d4:cd:e5:21:
16:b9:39:c6:87:5e:9e:5a:19:62:d3:43:e6:98:28:1e:b5:55:
e7:95:33:9a:d1:6c:47:f0:3c:bb:b5:c6:f8:26:73:62:91:31:
f7:27:61:f0:90:bb:a4:1c:53:21:1b:2b:8c:58:33:b1:9c:d8:
14:cc:65:4f
-----BEGIN CERTIFICATE-----
MIIGJDCCBQygAwIBAgIDAkcsMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUxOTA2MjExM1oXDTI2MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTkwODMxMTAvBgNVBAUTKDY5NEY1NjFCNjNEQTdDQzU3NzkzMTYz
NkQ0Nzg4QUQyQjBCNEFFMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3IGeq4lGihMLMAdpXcuB9VkBpoecM0T3BcJsFZ24gmcg5GjJs7CuJZZt6w44s
x44N71oAT81oaiT266t/cyxjNpF8FKzlV/PFkgcvGgDDZFcufuheYP0UXEe5eCCv
+0XRnhaYv4xJuObHkAfDn7eiIpKfm9V3UKk+njrNOLQ1HiCjNCmM7wPTx+cWEdRz
q/2A/Xn6rXKMDkDC/mTdxFQxYyIzWxLvIxuNkY5ueF82+JcB+k1Vxrv7+Em4IBmZ
cGddtYxEtzoHYe34JecqEx0w1dEXnG0okErlog97orTI6V2Nrj0FDZ4tN46PPmuO
PcOhS679RN+rOit1Jxwg3FFHAgMBAAGjggMZMIIDFTAdBgNVHQ4EFgQUaU9WG2Pa
fMV3kxY21HiK0rC0riAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE5MDgzL0M4NkNEODA2RDFCMDExRUY4ODMzQzkzM0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBOTA4My9DODZDRDgwNkQxQjAxMUVGODgzM0M5MzNDNEY5QUUwMi9hVTlXRzJQ
YWZNVjNreFkyMUhpSzByQzByaUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgzPMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcAIAEN8yaAAwUA
JAHVYDANBgkqhkiG9w0BAQsFAAOCAQEAjYqhbtFpG+A7MrI6j78yOLZ1vtQVOluP
3cN3FvUkFA6/52HSoeeT352/8ZLgMOgiNZEX2GSv0i82kNwouTGFepKLVxf+12gB
xohL5JkOajOAWpvPrtJcKtkjTC+8hjXxrm0xiSC0l7QLsvVmngpj7nZUSO1IAQND
gV/mKzSdXMehAR1v0xofYwYPt4TUoWqumZBOmpswUibqp8BU1jd3lhOXgrBZ++0L
2nxPteOI1yBIhtRonqEdkzu/csP80z56fGzUzeUhFrk5xodenloZYtND5pgoHrVV
55UzmtFsR/A8u7XG+CZzYpEx9ydh8JC7pBxTIRsrjFgzsZzYFMxlTw==
-----END CERTIFICATE-----
Generated at Tue Jul 1 13:18:37 2025 by rpki-client