Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer
File: hIWjnta2ISjt9PmbLCqBH1wgFXA.cer (raw, json)
Hash identifier: 31sh9tRmpd230YYoISFNcdVHhn8zGISmjLieh+38ubc=
Subject key identifier: 84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0245BC
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.mft
caRepository: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 13 May 2025 01:12:22 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: AS: 23892
AS: 38794
AS: 45197
AS: 45248
AS: 45764
AS: 45788
AS: 45796
AS: 55325
AS: 55927
AS: 56085
AS: 132062
AS: 132086
AS: 132821
AS: 132838
AS: 134402
AS: 135617
AS: 135670
AS: 135676
AS: 137423
AS: 137489
AS: 137885
AS: 138691
AS: 138911
AS: 139191
AS: 140032
AS: 140662
AS: 141715
AS: 150119
AS: 150432
AS: 150703
AS: 152461
AS: 153645
IP: 43.240.112.0/22
IP: 43.249.56.0 -- 43.249.71.255
IP: 43.249.104.0 -- 43.249.115.255
IP: 43.251.204.0/22
IP: 43.252.180.0/22
IP: 45.64.88.0/22
IP: 45.117.208.0/22
IP: 45.122.48.0/22
IP: 45.127.60.0/22
IP: 103.4.228.0/22
IP: 103.23.120.0/22
IP: 103.28.240.0/23
IP: 103.40.132.0 -- 103.40.151.255
IP: 103.40.180.0 -- 103.40.191.255
IP: 103.225.24.0/22
IP: 103.240.60.0/22
IP: 103.245.112.0/22
IP: 115.31.128.0/18
IP: 116.193.144.0/21
IP: 117.121.208.0/20
IP: 119.13.24.0/21
IP: 119.63.64.0/19
IP: 124.197.48.0/21
IP: 125.254.52.0/22
IP: 150.107.220.0/22
IP: 202.27.110.0/24
IP: 202.94.240.0/20
IP: 202.148.176.0/20
IP: 203.114.68.0/22
IP: 203.188.224.0/21
IP: 223.27.192.0/18
IP: 2001:df0:1e::/48
IP: 2400:3480::/32
IP: 2400:cd00::/32
IP: 2402:9b00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 03 Jun 2025 07:19:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148924 (0x245bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 13 01:12:22 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A912442A, serialNumber=8485A39ED6B62128EDF4F99B2C2A811F5C201570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6f:10:13:ce:ca:0e:e7:5b:7b:e4:73:a6:b4:
07:b2:7d:d6:da:02:33:b6:95:bb:34:2e:cd:69:50:
bc:7a:10:23:53:12:dc:e4:59:f3:6d:d7:cf:95:f6:
3b:e9:8f:c2:12:60:a3:63:ea:34:c7:57:4e:2e:4b:
32:a5:5e:8f:f2:5d:00:44:ea:30:22:63:74:bc:ba:
9a:5f:5e:0d:04:55:f3:a8:9c:c1:f6:70:40:e1:77:
90:a9:c1:11:b7:28:2b:ba:5b:91:17:ab:87:a9:48:
0c:8c:8d:f1:17:fa:ad:ab:a0:66:8d:7c:4d:32:35:
ae:59:2b:ab:9a:7b:d2:b6:39:89:d9:9d:fb:a9:94:
c6:08:63:b5:00:95:ff:e3:db:93:1e:65:94:32:1a:
f9:35:9e:ce:f1:fd:df:2d:38:41:9a:16:de:2b:0b:
ae:66:a8:b0:32:af:37:78:bc:5b:bd:db:8b:7c:24:
14:07:f2:12:d8:29:a5:f4:6d:f9:44:84:13:1c:f2:
40:97:27:8f:67:16:4e:bb:d8:ca:5c:70:94:87:56:
d4:a4:61:16:e3:57:bd:43:95:6b:f4:4e:34:12:35:
be:61:7d:d2:d1:95:49:4b:51:86:29:aa:89:8f:64:
e3:69:62:34:3c:eb:05:14:3a:77:55:cc:0f:3e:38:
f1:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
23892
38794
45197
45248
45764
45788
45796
55325
55927
56085
132062
132086
132821
132838
134402
135617
135670
135676
137423
137489
137885
138691
138911
139191
140032
140662
141715
150119
150432
150703
152461
153645
sbgp-ipAddrBlock: critical
IPv4:
43.240.112.0/22
43.249.56.0-43.249.71.255
43.249.104.0-43.249.115.255
43.251.204.0/22
43.252.180.0/22
45.64.88.0/22
45.117.208.0/22
45.122.48.0/22
45.127.60.0/22
103.4.228.0/22
103.23.120.0/22
103.28.240.0/23
103.40.132.0-103.40.151.255
103.40.180.0-103.40.191.255
103.225.24.0/22
103.240.60.0/22
103.245.112.0/22
115.31.128.0/18
116.193.144.0/21
117.121.208.0/20
119.13.24.0/21
119.63.64.0/19
124.197.48.0/21
125.254.52.0/22
150.107.220.0/22
202.27.110.0/24
202.94.240.0/20
202.148.176.0/20
203.114.68.0/22
203.188.224.0/21
223.27.192.0/18
IPv6:
2001:df0:1e::/48
2400:3480::/32
2400:cd00::/32
2402:9b00::/32
Signature Algorithm: sha256WithRSAEncryption
9f:94:10:81:93:71:3b:88:08:54:2d:f2:bd:5c:46:30:a6:e7:
d4:8e:6e:38:dc:3e:67:e0:4d:24:42:da:3f:11:24:72:aa:57:
3a:18:07:66:97:45:d1:23:e6:ce:e3:d9:d9:8a:99:27:78:bc:
39:ec:90:fc:e7:2b:28:00:9e:3b:66:6a:09:15:59:d8:6f:85:
ae:44:9a:8a:4e:27:70:ba:f6:db:54:c8:12:bd:45:c1:7a:74:
7e:5a:72:30:a7:9a:55:43:af:1e:bd:a1:64:86:f8:ed:84:ea:
1c:c1:69:87:f9:5b:8a:5a:ea:62:8b:5a:db:19:d2:fe:00:e6:
db:8b:33:4f:eb:2b:f8:40:89:3e:02:d7:0e:59:67:6f:27:dc:
9e:6c:cb:06:cb:6c:ac:5b:b1:5b:63:5e:83:61:98:84:25:98:
a8:45:e4:91:f9:56:1a:e7:db:38:3a:e1:b5:f7:0c:86:7e:69:
6a:f3:c2:47:93:67:de:f2:cf:a8:9c:01:69:93:d1:a1:ff:83:
05:c3:f8:51:17:b0:c8:95:27:96:4d:4f:3b:0f:3f:9a:1f:03:
95:9e:5a:95:7f:0b:1d:0a:ec:d8:e4:b9:12:f2:87:ac:d0:c4:
a6:46:ad:26:2e:0b:8a:d3:27:ed:f2:bc:67:4e:c6:c0:ad:e7:
6f:4d:c0:ac
-----BEGIN CERTIFICATE-----
MIIHuzCCBqOgAwIBAgIDAkW8MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUxMzAxMTIyMloXDTI2MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjQ0MkExMTAvBgNVBAUTKDg0ODVBMzlFRDZCNjIxMjhFREY0Rjk5
QjJDMkE4MTFGNUMyMDE1NzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCvbxATzsoO51t75HOmtAeyfdbaAjO2lbs0Ls1pULx6ECNTEtzkWfNt18+V9jvp
j8ISYKNj6jTHV04uSzKlXo/yXQBE6jAiY3S8uppfXg0EVfOonMH2cEDhd5CpwRG3
KCu6W5EXq4epSAyMjfEX+q2roGaNfE0yNa5ZK6uae9K2OYnZnfuplMYIY7UAlf/j
25MeZZQyGvk1ns7x/d8tOEGaFt4rC65mqLAyrzd4vFu924t8JBQH8hLYKaX0bflE
hBMc8kCXJ49nFk672MpccJSHVtSkYRbjV71DlWv0TjQSNb5hfdLRlUlLUYYpqomP
ZONpYjQ86wUUOndVzA8+OPFTAgMBAAGjggSwMIIErDAdBgNVHQ4EFgQUhIWjnta2
ISjt9PmbLCqBH1wgFXAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTI0NDJBLzIwRjJDQjAwRUI5QzExRUNBNjgyMTIwQ0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyNDQyQS8yMEYyQ0IwMEVCOUMxMUVDQTY4MjEyMENDNEY5QUUwMi9oSVdqbnRh
MklTanQ5UG1iTENxQkgxd2dGWEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbgGCCsGAQUFBwEIAQH/BIGo
MIGloIGiMIGfAgJdVAIDAJeKAgMAsI0CAwCwwAIDALLEAgMAstwCAwCy5AIDANgd
AgMA2ncCAwDbFQIDAgPeAgMCA/YCAwIG1QIDAgbmAgMCDQICAwIRwQIDAhH2AgMC
EfwCAwIYzwIDAhkRAgMCGp0CAwIdwwIDAh6fAgMCH7cCAwIjAAIDAiV2AgMCKZMC
AwJKZwIDAkugAgMCTK8CAwJTjQIDAlgtMIIBHwYIKwYBBQUHAQcBAf8EggEOMIIB
CjCB4QQCAAEwgdoDBAIr8HAwDAMEAyv5OAMEAyv5QDAMAwQDK/loAwQCK/lwAwQC
K/vMAwQCK/y0AwQCLUBYAwQCLXXQAwQCLXowAwQCLX88AwQCZwTkAwQCZxd4AwQB
ZxzwMAwDBAJnKIQDBANnKJAwDAMEAmcotAMEBmcogAMEAmfhGAMEAmfwPAMEAmf1
cAMEBnMfgAMEA3TBkAMEBHV50AMEA3cNGAMEBXc/QAMEA3zFMAMEAn3+NAMEApZr
3AMEAMobbgMEBMpe8AMEBMqUsAMEAstyRAMEA8u84AMEBt8bwDAkBAIAAjAeAwcA
IAEN8AAeAwUAJAA0gAMFACQAzQADBQAkApsAMA0GCSqGSIb3DQEBCwUAA4IBAQCf
lBCBk3E7iAhULfK9XEYwpufUjm443D5n4E0kQto/ESRyqlc6GAdml0XRI+bO49nZ
ipkneLw57JD85ysoAJ47ZmoJFVnYb4WuRJqKTidwuvbbVMgSvUXBenR+WnIwp5pV
Q68evaFkhvjthOocwWmH+VuKWupii1rbGdL+AObbizNP6yv4QIk+AtcOWWdvJ9ye
bMsGy2ysW7FbY16DYZiEJZioReSR+VYa59s4OuG19wyGfmlq88JHk2fe8s+onAFp
k9Gh/4MFw/hRF7DIlSeWTU87Dz+aHwOVnlqVfwsdCuzY5LkS8oes0MSmRq0mLguK
0yft8rxnTsbAredvTcCs
-----END CERTIFICATE-----
Generated at Fri May 30 08:46:42 2025 by rpki-client