Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hAGMCD0Qo55_aFxBrhZjcMbXesQ.cer
File: hAGMCD0Qo55_aFxBrhZjcMbXesQ.cer (raw, json)
Hash identifier: KoFY/A/rFtDQ11/eZpuPhWBlV5IJMV6sPI6y5Pd2vqw=
Subject key identifier: 84:01:8C:08:3D:10:A3:9E:7F:68:5C:41:AE:16:63:70:C6:D7:7A:C4
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 024FBB
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91505AB/05243AC64C2811E7968AD211C4F9AE02/hAGMCD0Qo55_aFxBrhZjcMbXesQ.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91505AB/05243AC64C2811E7968AD211C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 23 Jun 2025 14:47:41 +0000
Certificate not after: Mon 31 Aug 2026 00:00:00 +0000
Subordinate resources: AS: 133450
IP: 103.94.128.0/22
IP: 2401:3fc0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 08 Jul 2025 12:28:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 151483 (0x24fbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jun 23 14:47:41 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=A91505AB, serialNumber=84018C083D10A39E7F685C41AE166370C6D77AC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f4:01:08:1b:67:a5:43:2a:10:a3:a2:cd:51:
b0:77:0f:89:7f:dd:56:3f:6c:38:71:cd:54:0e:84:
45:60:9a:c3:f3:a3:06:37:ec:a7:73:85:03:29:d4:
64:d9:ce:47:67:ef:5a:47:69:d3:69:71:91:e1:e0:
46:f0:24:1d:a9:fb:30:c4:7f:e6:c3:37:a0:ec:09:
40:5b:b8:61:57:65:93:7f:5c:d5:c2:7b:ac:b1:31:
52:a5:a9:bf:94:29:5d:49:2b:25:ef:89:e4:9e:a2:
ae:6d:50:52:80:5e:cc:9e:4c:32:42:d2:f2:f8:91:
b7:7e:8d:5f:3e:71:b3:2e:0f:ac:08:c2:39:41:bf:
7d:aa:ae:d8:39:0b:b8:24:18:6f:8d:50:2a:09:99:
ed:ea:6b:38:50:2f:a8:3f:0a:03:bd:4f:6b:4d:d1:
39:ca:2e:45:51:d4:dc:a7:ac:77:19:9a:f8:ae:6f:
91:bf:2f:02:c6:ad:f1:0f:1d:4f:59:82:e4:5e:5f:
49:0b:5b:5e:9e:da:45:98:0c:0b:67:52:c5:0f:14:
dd:6c:4e:8a:e1:79:51:8a:cc:f2:71:61:4f:85:dc:
7a:21:3d:7a:f0:64:42:34:5e:3e:90:5a:43:ae:1c:
bd:88:38:56:59:14:d7:34:fe:51:60:bb:de:ab:9f:
2c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:01:8C:08:3D:10:A3:9E:7F:68:5C:41:AE:16:63:70:C6:D7:7A:C4
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91505AB/05243AC64C2811E7968AD211C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91505AB/05243AC64C2811E7968AD211C4F9AE02/hAGMCD0Qo55_aFxBrhZjcMbXesQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
133450
sbgp-ipAddrBlock: critical
IPv4:
103.94.128.0/22
IPv6:
2401:3fc0::/32
Signature Algorithm: sha256WithRSAEncryption
a3:d2:30:ab:6b:4c:35:6a:2d:28:7d:9f:d1:13:f4:4c:37:4e:
1b:d2:c8:19:f2:fe:6d:49:fe:71:cc:8e:bd:f1:93:2c:86:4c:
69:3f:1d:76:65:57:c0:ce:c3:97:7c:fb:a2:dc:6a:2a:79:9a:
ab:0c:18:82:8d:98:8f:75:e0:93:85:1e:01:88:f4:71:9e:48:
37:cb:d2:59:a1:5d:72:da:25:f3:cb:13:6c:8f:14:60:fc:11:
ec:7e:80:65:cd:f0:50:79:b0:6f:f9:69:62:57:6b:aa:1b:e9:
46:b5:a6:a6:4a:77:ad:c7:8a:7e:85:ac:9f:e1:b7:9f:a7:14:
a2:f4:be:9c:da:f7:4f:a3:bc:68:8b:6c:4c:9d:2b:0d:bf:f9:
37:1d:15:2e:0d:ba:0f:0b:2d:9e:0b:ef:43:66:f3:67:15:de:
3b:a5:84:01:64:63:7d:1b:b4:dd:ef:0c:ca:f1:87:51:99:cf:
2c:af:3d:9d:b9:95:4c:34:75:e7:05:49:b4:32:58:a9:f6:65:
2d:59:03:de:47:6d:44:7f:30:19:ee:aa:ff:06:fd:5f:3b:12:
d1:00:2b:91:6a:ff:ae:4b:57:22:f4:0c:38:5f:7d:a5:4b:b4:
6e:a2:5c:5b:3b:f4:9a:e6:39:56:26:11:e0:89:46:15:4d:77:
86:bf:1e:ba
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAk+7MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDYyMzE0NDc0MVoXDTI2MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTA1QUIxMTAvBgNVBAUTKDg0MDE4QzA4M0QxMEEzOUU3RjY4NUM0
MUFFMTY2MzcwQzZENzdBQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDH9AEIG2elQyoQo6LNUbB3D4l/3VY/bDhxzVQOhEVgmsPzowY37KdzhQMp1GTZ
zkdn71pHadNpcZHh4EbwJB2p+zDEf+bDN6DsCUBbuGFXZZN/XNXCe6yxMVKlqb+U
KV1JKyXvieSeoq5tUFKAXsyeTDJC0vL4kbd+jV8+cbMuD6wIwjlBv32qrtg5C7gk
GG+NUCoJme3qazhQL6g/CgO9T2tN0TnKLkVR1NynrHcZmviub5G/LwLGrfEPHU9Z
guReX0kLW16e2kWYDAtnUsUPFN1sTorheVGKzPJxYU+F3HohPXrwZEI0Xj6QWkOu
HL2IOFZZFNc0/lFgu96rnyyHAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUhAGMCD0Q
o55/aFxBrhZjcMbXesQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTUwNUFCLzA1MjQzQUM2NEMyODExRTc5NjhBRDIxMUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1MDVBQi8wNTI0M0FDNjRDMjgxMUU3OTY4QUQyMTFDNEY5QUUwMi9oQUdNQ0Qw
UW81NV9hRnhCcmhaamNNYlhlc1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAglKMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ16AMA0EAgAC
MAcDBQAkAT/AMA0GCSqGSIb3DQEBCwUAA4IBAQCj0jCra0w1ai0ofZ/RE/RMN04b
0sgZ8v5tSf5xzI698ZMshkxpPx12ZVfAzsOXfPui3GoqeZqrDBiCjZiPdeCThR4B
iPRxnkg3y9JZoV1y2iXzyxNsjxRg/BHsfoBlzfBQebBv+WliV2uqG+lGtaamSnet
x4p+hayf4befpxSi9L6c2vdPo7xoi2xMnSsNv/k3HRUuDboPCy2eC+9DZvNnFd47
pYQBZGN9G7Td7wzK8YdRmc8srz2duZVMNHXnBUm0Mlip9mUtWQPeR21EfzAZ7qr/
Bv1fOxLRACuRav+uS1ci9Aw4X32lS7RuolxbO/Sa5jlWJhHgiUYVTXeGvx66
-----END CERTIFICATE-----
Generated at Tue Jul 1 13:41:58 2025 by rpki-client