Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dBZmaL52tzdXYxblXZ5kOeZxz0c.cer
File: dBZmaL52tzdXYxblXZ5kOeZxz0c.cer (raw, json)
Hash identifier: qda43k7E48Nf+vI4XIWgyU409Y+rkvL1ehOQRXAjPwk=
Subject key identifier: 74:16:66:68:BE:76:B7:37:57:63:16:E5:5D:9E:64:39:E6:71:CF:47
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 024659
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91CD281/FB4216E8F27011EF9BF8B535C4F9AE02/dBZmaL52tzdXYxblXZ5kOeZxz0c.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91CD281/FB4216E8F27011EF9BF8B535C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 15 May 2025 07:00:40 +0000
Certificate not after: Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 203.29.94.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 03 Jun 2025 07:19:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149081 (0x24659)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 15 07:00:40 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=A91CD281, serialNumber=74166668BE76B737576316E55D9E6439E671CF47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:70:db:05:11:42:f0:6d:d2:93:2a:e6:8c:5f:
d7:18:1b:b8:75:67:2b:6b:82:55:28:d2:54:ad:0a:
af:21:78:0f:fc:d6:23:bd:9d:57:29:e7:db:e7:51:
a9:15:10:04:50:aa:4e:d6:df:fc:8e:b6:b9:55:7f:
9d:69:e4:8c:86:84:cb:9b:73:43:a0:65:c8:93:5b:
95:dd:f4:49:6e:1a:2e:a9:84:02:91:9b:d3:f8:e9:
f1:48:b2:ca:4c:bd:8c:7f:ae:65:9f:a7:38:fd:79:
ef:cc:c2:7b:42:f8:06:9e:2e:27:78:1e:f2:0b:d7:
13:2c:d2:76:86:f3:44:80:9e:f8:c0:8f:a2:01:0a:
d9:b3:f7:33:e1:6d:f0:6c:98:ef:70:49:48:bd:f0:
4e:f4:3c:24:bc:e9:fb:c7:ab:2d:70:b4:9e:da:49:
f0:b4:8f:8b:05:a9:11:c6:de:cd:74:9d:2c:b2:e9:
b1:1c:af:70:20:32:34:a3:fb:2f:90:0a:d6:62:37:
43:bd:53:db:1a:b5:6f:26:a2:10:43:f5:11:c1:39:
c9:55:d2:8c:d4:90:c7:b6:33:11:0b:ed:8b:2c:25:
07:bf:1d:d6:b8:03:19:ab:71:8a:a1:9b:72:41:9d:
c7:21:4d:24:f6:d7:70:8f:1a:72:3a:9a:5c:14:fd:
8d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:16:66:68:BE:76:B7:37:57:63:16:E5:5D:9E:64:39:E6:71:CF:47
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CD281/FB4216E8F27011EF9BF8B535C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CD281/FB4216E8F27011EF9BF8B535C4F9AE02/dBZmaL52tzdXYxblXZ5kOeZxz0c.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.29.94.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:ca:49:e6:70:5d:cb:30:a9:9d:23:16:8d:25:7c:5c:e4:13:
6f:53:21:7f:ee:6e:f2:0f:18:00:f1:12:85:15:a2:f0:11:b6:
ca:71:be:37:f1:68:3f:52:85:54:9b:1e:5a:4a:8e:45:fe:e1:
3c:d3:4a:ef:59:dc:d6:17:cc:67:16:a1:85:bd:29:fa:ba:2a:
93:4b:c6:03:37:91:f3:46:0b:fb:1c:23:50:56:8c:25:37:22:
90:35:2b:5d:d4:3f:6b:cd:e7:c9:f3:64:2f:06:e6:80:1a:96:
ca:b4:ae:a4:12:80:f3:3f:45:87:34:10:6a:37:0a:0a:f6:40:
db:9a:99:8f:2f:0d:97:99:60:33:2e:b8:83:5f:74:fc:50:ca:
18:a4:5b:52:e0:07:9d:9d:fb:6a:c8:ce:f7:1e:3d:c1:be:00:
4d:ae:3d:b8:90:66:bf:0b:8c:4f:89:ea:3b:49:a2:fc:03:35:
01:be:0b:d8:69:c8:07:ab:37:8f:37:c9:d0:8b:8b:0f:bd:2d:
b5:c4:19:47:f7:46:2d:90:5c:42:66:e7:b3:6b:c5:f5:8b:84:
60:11:b9:ea:ab:3e:50:b9:ef:cb:eb:e5:db:5b:d3:b2:6e:41:
52:5d:68:65:93:d4:bd:69:95:e2:5c:c1:ca:32:95:39:84:3e:
3f:0b:45:b8
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAkZZMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUxNTA3MDA0MFoXDTI2MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQ0QyODExMTAvBgNVBAUTKDc0MTY2NjY4QkU3NkI3Mzc1NzYzMTZF
NTVEOUU2NDM5RTY3MUNGNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCZcNsFEULwbdKTKuaMX9cYG7h1ZytrglUo0lStCq8heA/81iO9nVcp59vnUakV
EARQqk7W3/yOtrlVf51p5IyGhMubc0OgZciTW5Xd9EluGi6phAKRm9P46fFIsspM
vYx/rmWfpzj9ee/MwntC+AaeLid4HvIL1xMs0naG80SAnvjAj6IBCtmz9zPhbfBs
mO9wSUi98E70PCS86fvHqy1wtJ7aSfC0j4sFqRHG3s10nSyy6bEcr3AgMjSj+y+Q
CtZiN0O9U9satW8mohBD9RHBOclV0ozUkMe2MxEL7YssJQe/Hda4AxmrcYqhm3JB
ncchTST213CPGnI6mlwU/Y1xAgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQUdBZmaL52
tzdXYxblXZ5kOeZxz0cwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNEMjgxL0ZCNDIxNkU4RjI3MDExRUY5QkY4QjUzNUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDRDI4MS9GQjQyMTZFOEYyNzAxMUVGOUJGOEI1MzVDNEY5QUUwMi9kQlptYUw1
MnR6ZFhZeGJsWFo1a09lWnh6MGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBADLHV4wDQYJKoZIhvcNAQELBQADggEBALrKSeZwXcswqZ0jFo0l
fFzkE29TIX/ubvIPGADxEoUVovARtspxvjfxaD9ShVSbHlpKjkX+4TzTSu9Z3NYX
zGcWoYW9Kfq6KpNLxgM3kfNGC/scI1BWjCU3IpA1K13UP2vN58nzZC8G5oAalsq0
rqQSgPM/RYc0EGo3Cgr2QNuamY8vDZeZYDMuuINfdPxQyhikW1LgB52d+2rIzvce
PcG+AE2uPbiQZr8LjE+J6jtJovwDNQG+C9hpyAerN483ydCLiw+9LbXEGUf3Ri2Q
XEJm57NrxfWLhGARueqrPlC578vr5dtb07JuQVJdaGWT1L1pleJcwcoylTmEPj8L
Rbg=
-----END CERTIFICATE-----
Generated at Fri May 30 08:37:17 2025 by rpki-client