Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
File: esDADw_KR57kZeT39UXoyUmT1hw.cer (raw, json)
Hash identifier: dn8f3ieBz62N7ZoTF9TSCNsagQOy6Q99unBSn07145I=
Subject key identifier: 7A:C0:C0:0F:0F:CA:47:9E:E4:65:E4:F7:F5:45:E8:C9:49:93:D6:1C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025F90
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/esDADw_KR57kZeT39UXoyUmT1hw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 26 Aug 2025 00:09:54 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: AS: 45352
IP: 14.102.144.0/21
IP: 14.192.64.0 -- 14.192.66.255
IP: 14.192.70.0/23
IP: 43.252.152.0/22
IP: 45.64.168.0/22
IP: 58.84.8.0/22
IP: 103.3.172.0/22
IP: 103.10.156.0/22
IP: 103.23.45.0/24
IP: 103.40.204.0/22
IP: 118.107.200.0 -- 118.107.211.255
IP: 118.107.232.0 -- 118.107.243.255
IP: 183.81.160.0/21
IP: 192.82.56.0/21
IP: 210.5.40.0/21
IP: 2401:3400::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 16 Sep 2025 19:06:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155536 (0x25f90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 26 00:09:54 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A91D1691, serialNumber=7AC0C00F0FCA479EE465E4F7F545E8C94993D61C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:81:cf:35:3a:06:c2:f6:9c:12:04:c4:46:e7:
d0:05:62:5a:69:1e:77:d1:e2:78:5e:fc:4c:27:1b:
ec:99:08:3c:83:13:7d:b8:ea:f0:a0:56:2a:b6:9b:
56:62:e9:8b:f3:c6:4e:6e:2d:5c:9f:b4:45:57:08:
ac:b5:47:f9:14:28:a7:a8:15:6b:e6:a2:28:2e:5a:
24:73:c5:83:14:78:ed:2c:68:f3:51:e7:18:72:9a:
e0:da:6a:3a:91:d0:ea:37:3c:de:0d:03:1b:54:67:
0f:f9:7a:58:0e:bf:60:08:e2:b0:ca:48:5d:15:e0:
6a:91:80:23:42:70:5e:1b:63:eb:3e:81:bd:25:f6:
51:3f:5e:2d:c7:75:7e:79:9d:34:04:0f:d8:b2:53:
d0:44:f0:1f:ea:8f:19:d6:fb:16:6b:44:17:40:2a:
a5:2d:0f:b3:fa:a7:e4:e8:f6:d5:f3:79:1c:e4:20:
64:e4:90:4a:61:f0:9f:7e:2d:aa:b8:3e:bf:19:3f:
37:38:b2:1e:c6:e8:85:58:f5:4d:46:2a:b9:45:88:
54:96:3e:62:70:0f:6a:1b:b0:71:5e:d4:cf:70:f8:
eb:5e:0f:65:4e:7d:21:03:51:cf:32:d8:8f:ac:01:
2c:f5:30:22:2a:23:01:59:d9:ac:4c:41:32:a9:86:
e6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:C0:C0:0F:0F:CA:47:9E:E4:65:E4:F7:F5:45:E8:C9:49:93:D6:1C
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/esDADw_KR57kZeT39UXoyUmT1hw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
45352
sbgp-ipAddrBlock: critical
IPv4:
14.102.144.0/21
14.192.64.0-14.192.66.255
14.192.70.0/23
43.252.152.0/22
45.64.168.0/22
58.84.8.0/22
103.3.172.0/22
103.10.156.0/22
103.23.45.0/24
103.40.204.0/22
118.107.200.0-118.107.211.255
118.107.232.0-118.107.243.255
183.81.160.0/21
192.82.56.0/21
210.5.40.0/21
IPv6:
2401:3400::/32
Signature Algorithm: sha256WithRSAEncryption
86:1a:76:84:8f:8c:11:f6:bc:b5:e7:da:de:6c:f3:40:b2:fd:
8b:9a:01:ef:db:ce:7b:a1:4e:39:03:69:db:8d:65:32:16:91:
09:20:a0:e4:85:1a:5d:6e:c6:9e:b5:d3:d4:6a:d4:78:ac:4c:
8f:a7:e9:ec:b0:d8:33:80:77:23:a8:8f:77:49:e1:0f:c0:ca:
dc:08:53:a4:a6:6f:a7:7c:10:d8:6e:8f:26:53:1b:35:da:ea:
ff:36:3d:dd:47:f1:b1:99:bf:03:2f:97:5c:04:bc:af:bb:0b:
fa:60:5e:5c:9a:6b:19:f8:6c:16:4e:e3:91:ce:15:ed:22:2f:
98:56:05:aa:54:6c:b5:ca:6f:11:87:9c:20:41:ae:49:a6:4f:
37:0a:a5:f7:1a:14:46:7f:df:e1:66:91:7a:67:26:b1:ff:15:
46:92:83:86:e7:0a:3b:a3:3c:ed:7c:66:a9:be:9e:60:51:9b:
93:7b:dd:16:61:eb:d0:df:a8:00:7f:25:8e:2e:53:c2:a9:bf:
8e:5a:c2:96:3e:cb:7d:3f:04:c6:7c:ab:5b:6f:05:2e:38:63:
f9:b3:52:9f:a6:57:5b:03:a3:5d:5a:ab:18:e6:8c:a1:e9:4b:
df:a9:09:1d:c6:49:e3:72:c4:2c:83:96:42:54:b4:69:5b:e1:
c1:6a:8a:f0
-----BEGIN CERTIFICATE-----
MIIGmDCCBYCgAwIBAgIDAl+QMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgyNjAwMDk1NFoXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDE2OTExMTAvBgNVBAUTKDdBQzBDMDBGMEZDQTQ3OUVFNDY1RTRG
N0Y1NDVFOEM5NDk5M0Q2MUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6gc81OgbC9pwSBMRG59AFYlppHnfR4nhe/EwnG+yZCDyDE3246vCgViq2m1Zi
6Yvzxk5uLVyftEVXCKy1R/kUKKeoFWvmoiguWiRzxYMUeO0saPNR5xhymuDaajqR
0Oo3PN4NAxtUZw/5elgOv2AI4rDKSF0V4GqRgCNCcF4bY+s+gb0l9lE/Xi3HdX55
nTQED9iyU9BE8B/qjxnW+xZrRBdAKqUtD7P6p+To9tXzeRzkIGTkkEph8J9+Laq4
Pr8ZPzc4sh7G6IVY9U1GKrlFiFSWPmJwD2obsHFe1M9w+OteD2VOfSEDUc8y2I+s
ASz1MCIqIwFZ2axMQTKphuaNAgMBAAGjggONMIIDiTAdBgNVHQ4EFgQUesDADw/K
R57kZeT39UXoyUmT1hwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQxNjkxLzVBRkMyNjkyNjUyQjExRTU5N0E4Njg4MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEMTY5MS81QUZDMjY5MjY1MkIxMUU1OTdBODY4ODFDNEY5QUUwMi9lc0RBRHdf
S1I1N2taZVQzOVVYb3lVbVQxaHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDALEoMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwQDDmaQMAwD
BAYOwEADBAAOwEIDBAEOwEYDBAIr/JgDBAItQKgDBAI6VAgDBAJnA6wDBAJnCpwD
BABnFy0DBAJnKMwwDAMEA3ZryAMEAnZr0DAMAwQDdmvoAwQCdmvwAwQDt1GgAwQD
wFI4AwQD0gUoMA0EAgACMAcDBQAkATQAMA0GCSqGSIb3DQEBCwUAA4IBAQCGGnaE
j4wR9ry159rebPNAsv2LmgHv2857oU45A2nbjWUyFpEJIKDkhRpdbsaetdPUatR4
rEyPp+nssNgzgHcjqI93SeEPwMrcCFOkpm+nfBDYbo8mUxs12ur/Nj3dR/Gxmb8D
L5dcBLyvuwv6YF5cmmsZ+GwWTuORzhXtIi+YVgWqVGy1ym8Rh5wgQa5Jpk83CqX3
GhRGf9/hZpF6Zyax/xVGkoOG5wo7ozztfGapvp5gUZuTe90WYevQ36gAfyWOLlPC
qb+OWsKWPst9PwTGfKtbbwUuOGP5s1KfpldbA6NdWqsY5oyh6UvfqQkdxknjcsQs
g5ZCVLRpW+HBaorw
-----END CERTIFICATE-----
Generated at Tue Sep 9 20:20:36 2025 by rpki-client