Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hXm-LYNFaC8nrucGK71O92ZOVxs.cer
File: hXm-LYNFaC8nrucGK71O92ZOVxs.cer (raw, json)
Hash identifier: VH4on/59aXIdZtM8tfL5/XBxOzftCDrDbnF+CDHrJyI=
Subject key identifier: 85:79:BE:2D:83:45:68:2F:27:AE:E7:06:2B:BD:4E:F7:66:4E:57:1B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 024887
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 26 May 2025 00:39:25 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: AS: 153518
IP: 114.129.34.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 03 Jun 2025 07:19:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149639 (0x24887)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 26 00:39:25 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=A91D0B6B, serialNumber=8579BE2D8345682F27AEE7062BBD4EF7664E571B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:41:32:c6:41:ce:49:36:4e:9a:e3:d0:67:bb:
66:b7:bb:cb:9e:69:74:92:b9:0a:fe:5c:6b:eb:d7:
40:74:2c:64:99:70:fb:5e:3f:cc:bd:28:cc:77:c1:
27:5a:95:6a:52:df:09:37:76:89:00:9c:f6:c2:2f:
34:92:0c:8c:fa:22:fd:f3:1f:e1:02:d4:43:f2:32:
e2:4e:d6:ac:dc:55:6f:bb:32:c2:04:b6:91:41:d3:
a7:2f:91:4c:6c:2e:0d:0a:9b:d0:a3:27:f5:ce:e6:
67:40:e9:02:0f:38:7c:ca:1f:1b:f5:50:75:52:7b:
4a:a5:3e:2c:9b:aa:cd:c8:05:11:94:ae:d8:06:0e:
10:4c:d4:bb:05:a2:f9:4a:76:f8:b7:cb:c9:bf:f4:
2d:77:54:33:93:de:57:b6:25:4d:0e:4d:d1:e2:8a:
de:5c:78:7f:9c:cd:cc:ed:ad:ee:b0:e1:43:d9:41:
79:50:dd:6c:92:65:f7:f9:26:14:be:16:4b:68:eb:
97:9a:75:70:22:e2:64:d7:1a:20:8f:4c:c1:8d:e4:
e2:d0:54:60:1e:fb:28:84:20:89:f9:11:dc:f4:e7:
fe:54:ee:8d:7c:40:d7:9c:dc:d3:a3:02:15:44:bd:
d9:05:5a:19:e5:22:6e:19:fd:93:4a:ad:a3:e3:35:
c6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:79:BE:2D:83:45:68:2F:27:AE:E7:06:2B:BD:4E:F7:66:4E:57:1B
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
153518
sbgp-ipAddrBlock: critical
IPv4:
114.129.34.0/23
Signature Algorithm: sha256WithRSAEncryption
52:8d:a5:09:99:79:02:5d:51:0f:2a:91:1f:b7:fe:c0:93:3a:
dc:ea:f8:9d:e5:85:6b:fc:75:e7:21:8b:63:3c:9b:08:83:24:
da:fc:4d:4b:c9:dc:3b:f1:7b:bc:4c:3a:07:b3:8f:04:dc:f7:
c1:84:35:c9:aa:5a:a7:2d:ea:7c:5e:ea:31:a4:58:c9:1e:88:
32:9a:8a:e1:26:ce:f3:03:40:fa:e5:fd:cf:79:0a:f1:5b:00:
78:39:dd:4a:d8:35:cb:2c:d8:f6:c1:83:62:4a:ee:1a:f7:97:
01:c2:90:6a:83:c4:e0:b8:d9:7d:eb:d1:6e:7c:93:1a:76:40:
f4:18:e9:0d:76:d9:a2:78:aa:bf:17:ac:6e:b1:06:01:d3:50:
cf:54:c0:47:09:21:05:f1:52:90:ee:38:d7:fb:66:5c:f2:d0:
86:32:37:75:0f:f8:23:ce:de:09:71:7b:97:34:3d:3f:fa:41:
a3:93:4e:7b:5f:78:69:07:ef:1b:ff:54:e4:9e:a4:69:d3:88:
62:fb:e8:a1:a6:67:c7:08:c0:80:18:37:e7:42:e7:14:67:3d:
fc:91:df:27:98:bf:4c:3e:5d:d4:0f:1d:ba:0a:54:f2:3d:b3:
86:2d:b8:48:43:11:9a:03:9f:c7:63:57:4e:f4:55:9c:df:d1:
1c:31:0a:49
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAkiHMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUyNjAwMzkyNVoXDTI2MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDBCNkIxMTAvBgNVBAUTKDg1NzlCRTJEODM0NTY4MkYyN0FFRTcw
NjJCQkQ0RUY3NjY0RTU3MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD1QTLGQc5JNk6a49Bnu2a3u8ueaXSSuQr+XGvr10B0LGSZcPteP8y9KMx3wSda
lWpS3wk3dokAnPbCLzSSDIz6Iv3zH+EC1EPyMuJO1qzcVW+7MsIEtpFB06cvkUxs
Lg0Km9CjJ/XO5mdA6QIPOHzKHxv1UHVSe0qlPiybqs3IBRGUrtgGDhBM1LsFovlK
dvi3y8m/9C13VDOT3le2JU0OTdHiit5ceH+czcztre6w4UPZQXlQ3WySZff5JhS+
Fkto65eadXAi4mTXGiCPTMGN5OLQVGAe+yiEIIn5Edz05/5U7o18QNec3NOjAhVE
vdkFWhnlIm4Z/ZNKraPjNcaNAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUhXm+LYNF
aC8nrucGK71O92ZOVxswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQwQjZCLzdFQzAwNzZDRkUzRjExRUY4RkEyNzc1MkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEMEI2Qi83RUMwMDc2Q0ZFM0YxMUVGOEZBMjc3NTJDNEY5QUUwMi9oWG0tTFlO
RmFDOG5ydWNHSzcxTzkyWk9WeHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAleuMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBcoEiMA0GCSqG
SIb3DQEBCwUAA4IBAQBSjaUJmXkCXVEPKpEft/7Akzrc6vid5YVr/HXnIYtjPJsI
gyTa/E1Lydw78Xu8TDoHs48E3PfBhDXJqlqnLep8XuoxpFjJHogymorhJs7zA0D6
5f3PeQrxWwB4Od1K2DXLLNj2wYNiSu4a95cBwpBqg8TguNl969FufJMadkD0GOkN
dtmieKq/F6xusQYB01DPVMBHCSEF8VKQ7jjX+2Zc8tCGMjd1D/gjzt4JcXuXND0/
+kGjk057X3hpB+8b/1TknqRp04hi++ihpmfHCMCAGDfnQucUZz38kd8nmL9MPl3U
Dx26ClTyPbOGLbhIQxGaA5/HY1dO9FWc39EcMQpJ
-----END CERTIFICATE-----
Generated at Fri May 30 09:46:46 2025 by rpki-client