This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer File: bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer (raw, json) Hash identifier: KaTZT/P7YrBP5bnLU2rN09b9vo2TRaC9bNKDg/ZkqVQ= Subject key identifier: 6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20 Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F Certificate serial: 027FC4 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer Manifest: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft caRepository: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/ Notify URL: https://rrdp.apnic.net/notification.xml Certificate not before: Sat 20 Dec 2025 13:47:05 +0000 Certificate not after: Tue 02 Mar 2027 00:00:00 +0000 Subordinate resources: AS: 10207 AS: 45577 AS: 132064 AS: 132070 -- 132071 AS: 135390 IP: 101.234.128.0/18 IP: 111.125.160.0/20 IP: 114.111.128.0/19 IP: 122.100.0.0/20 IP: 2406:5800::/32 Validation: OK Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 28 Dec 2025 10:46:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 163780 (0x27fc4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F Validity Not Before: Dec 20 13:47:05 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=A91A546E, serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:85:ee:32:1e:99:0b:fc:41:bd:04:7e:76:c6: cc:fa:ad:49:e6:60:4a:93:04:a9:05:f9:e0:d1:1b: f9:54:14:5f:a6:12:79:40:c0:b3:3d:28:c9:a4:67: ec:f7:7f:02:f4:c5:8b:c8:3a:88:9f:af:f9:60:e2: 64:bb:cf:74:df:5a:e4:51:42:02:44:df:86:70:a7: 0c:2d:77:02:33:d1:1e:37:d9:19:3f:49:a9:bf:4b: 29:5c:d8:15:9b:a3:bd:bc:62:89:5f:1b:c1:70:1d: ac:28:94:6c:52:72:0b:bd:d4:d8:6f:13:72:b8:1b: fd:72:92:38:72:a7:79:0e:3c:d1:62:c8:e0:10:5d: 5b:a9:7b:d1:7c:dd:ff:1b:fd:a6:66:0b:99:0a:4c: 0d:b1:a6:fa:44:9d:ca:3c:22:44:5c:58:ad:8b:a8: 1b:3c:e0:93:3d:ea:7c:df:21:89:6c:5f:fc:94:fc: b3:53:c8:7f:0e:78:7b:0a:3d:df:91:0c:79:f0:94: 3a:92:20:0f:29:e9:b3:94:5b:06:68:bb:e1:55:81: 10:70:61:be:64:35:dd:62:da:54:17:11:23:ee:63: eb:03:05:f5:58:ca:1e:d8:c1:8e:08:e4:ff:f5:03: 5f:2c:f4:b5:b1:c1:df:99:8d:69:66:57:8a:f8:57: 6d:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20 X509v3 Authority Key Identifier: keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/ RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 10207 45577 132064 132070-132071 135390 sbgp-ipAddrBlock: critical IPv4: 101.234.128.0/18 111.125.160.0/20 114.111.128.0/19 122.100.0.0/20 IPv6: 2406:5800::/32 Signature Algorithm: sha256WithRSAEncryption 3c:b7:1e:04:fb:21:29:e2:26:c0:96:2e:ce:fb:24:fe:da:9d: a3:05:0a:84:75:9d:26:3a:e0:9b:4b:cf:41:c8:d4:9e:b6:d9: 44:db:1c:14:35:34:0d:42:ea:77:ab:ca:c7:da:ee:87:6b:6f: 73:9c:57:5b:a9:c9:c2:eb:ed:eb:d6:70:5c:80:70:63:cb:a0: c6:c0:73:3f:10:01:2b:5d:ad:e7:10:75:1c:4c:eb:3a:86:18: bf:b5:b9:82:57:1f:91:5b:5d:82:c9:62:37:94:44:d5:48:50: 40:71:74:60:6d:ab:30:cc:63:23:c7:2c:57:40:7d:70:7e:ae: 7c:61:90:7c:68:4d:78:39:a4:5e:87:9e:15:16:d0:36:b4:f7: 69:f2:12:db:f2:a3:17:54:76:cb:84:89:8e:df:01:ef:af:e7: 1e:03:54:46:2c:79:55:7d:bc:43:90:fd:6a:c9:80:8f:0d:4a: 46:54:0d:1d:2e:08:10:70:f5:3c:c1:c8:b7:01:af:01:90:52: c2:10:b4:dd:e2:05:36:50:a8:4b:c3:2d:b1:fe:6f:09:b7:0d: cc:69:72:e2:f1:c3:05:b5:ba:11:89:2e:c8:28:ec:55:e6:51: 7e:5c:36:75:ad:91:a3:5a:ef:19:f9:c7:c0:01:d6:1e:72:10: ba:dc:3e:c2 -----BEGIN CERTIFICATE----- MIIGVTCCBT2gAwIBAgIDAn/EMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4 QzkwN0FBNzlGMB4XDTI1MTIyMDEzNDcwNVoXDTI3MDMwMjAwMDAwMFowRjERMA8G A1UEAwwIQTkxQTU0NkUxMTAvBgNVBAUTKDZDNUE1ODlGOTI0Q0U5QkVEMUZEODlG NUFGRjYzMEM5Mjc1NzQ0MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDdhe4yHpkL/EG9BH52xsz6rUnmYEqTBKkF+eDRG/lUFF+mEnlAwLM9KMmkZ+z3 fwL0xYvIOoifr/lg4mS7z3TfWuRRQgJE34ZwpwwtdwIz0R432Rk/Sam/Sylc2BWb o728YolfG8FwHawolGxScgu91NhvE3K4G/1ykjhyp3kOPNFiyOAQXVupe9F83f8b /aZmC5kKTA2xpvpEnco8IkRcWK2LqBs84JM96nzfIYlsX/yU/LNTyH8OeHsKPd+R DHnwlDqSIA8p6bOUWwZou+FVgRBwYb5kNd1i2lQXESPuY+sDBfVYyh7YwY4I5P/1 A18s9LWxwd+ZjWlmV4r4V23fAgMBAAGjggNKMIIDRjAdBgNVHQ4EFgQUbFpYn5JM 6b7R/Yn1r/YwySdXRCAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2 NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1 OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0 RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MUE1NDZFLzBDRDQxREE4Qjc2QTExRUE4MTRGNTA4NEM0RjlBRTAyLzB+BggrBgEF BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B OTFBNTQ2RS8wQ0Q0MURBOEI3NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVK TTZiN1JfWW4xcl9Zd3lTZFhSQ0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQgBAf8EJTAj oCEwHwICJ98CAwCyCQIDAgPgMAoCAwID5gIDAgPnAgMCEN4wQAYIKwYBBQUHAQcB Af8EMTAvMB4EAgABMBgDBAZl6oADBARvfaADBAVyb4ADBAR6ZAAwDQQCAAIwBwMF ACQGWAAwDQYJKoZIhvcNAQELBQADggEBADy3HgT7ISniJsCWLs77JP7anaMFCoR1 nSY64JtLz0HI1J622UTbHBQ1NA1C6nerysfa7odrb3OcV1upycLr7evWcFyAcGPL oMbAcz8QAStdrecQdRxM6zqGGL+1uYJXH5FbXYLJYjeURNVIUEBxdGBtqzDMYyPH LFdAfXB+rnxhkHxoTXg5pF6HnhUW0Da092nyEtvyoxdUdsuEiY7fAe+v5x4DVEYs eVV9vEOQ/WrJgI8NSkZUDR0uCBBw9TzByLcBrwGQUsIQtN3iBTZQqEvDLbH+bwm3 DcxpcuLxwwW1uhGJLsgo7FXmUX5cNnWtkaNa7xn5x8AB1h5yELrcPsI= -----END CERTIFICATE-----Generated at Sun Dec 21 13:10:29 2025 by rpki-client