Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hyN_9okCTZT9tJ7CXFsSDQu5Qpc.cer
File: hyN_9okCTZT9tJ7CXFsSDQu5Qpc.cer (raw, json)
Hash identifier: 50fC4flXLT7Nfz9438Rj0fiyDtz6EcAFqkrPmOGkSRI=
Subject key identifier: 87:23:7F:F6:89:02:4D:94:FD:B4:9E:C2:5C:5B:12:0D:0B:B9:42:97
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 026594
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91FFA15/701F53D21D8711EAA8169B6CC4F9AE02/hyN_9okCTZT9tJ7CXFsSDQu5Qpc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91FFA15/701F53D21D8711EAA8169B6CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 15 Sep 2025 21:44:18 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: AS: 136905
IP: 103.98.128.0/22
IP: 2401:9a40::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 25 Sep 2025 15:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157076 (0x26594)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Sep 15 21:44:18 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A91FFA15, serialNumber=87237FF689024D94FDB49EC25C5B120D0BB94297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:7b:9e:38:39:f0:5c:36:87:0f:11:05:e6:70:
26:e5:76:c6:77:ce:be:77:68:3b:4f:d8:5a:53:22:
c2:ed:0a:d3:2c:6d:d2:76:56:16:b9:27:f0:55:9e:
e7:bc:31:f7:ec:c8:d0:e5:c4:f0:3e:fb:84:0d:9c:
3f:1c:52:75:f6:49:07:04:ed:54:01:2f:58:ee:dd:
db:80:b2:66:a9:c1:db:06:87:7d:25:de:bc:0e:6b:
bf:5b:36:e2:25:f0:ac:26:b0:01:3b:8f:f7:a9:b6:
b8:cb:9d:bb:6d:c3:8e:9d:d0:6c:ce:66:d9:ab:3b:
a7:a9:f4:eb:90:64:54:a9:e0:a2:d1:55:19:7a:dd:
66:bc:f2:d9:1e:0e:87:9c:a8:87:98:a3:e9:0e:dc:
ba:0f:20:e4:39:5d:51:71:f5:5c:b6:51:0f:20:44:
61:61:59:24:25:35:15:8c:14:3b:fd:98:77:d3:93:
ca:19:c8:f4:dd:ce:f3:06:0a:92:8a:fe:a8:fc:80:
1c:96:a3:de:ea:67:ba:45:39:6d:34:d8:31:e1:ff:
85:38:30:d0:43:5b:13:d9:3d:10:c2:18:2b:8a:a2:
cb:e0:91:52:3b:f3:a1:dc:3c:d3:b7:60:05:d0:28:
95:a5:5a:3b:5e:86:7e:77:97:02:96:b0:f8:a0:ea:
0e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:23:7F:F6:89:02:4D:94:FD:B4:9E:C2:5C:5B:12:0D:0B:B9:42:97
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91FFA15/701F53D21D8711EAA8169B6CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91FFA15/701F53D21D8711EAA8169B6CC4F9AE02/hyN_9okCTZT9tJ7CXFsSDQu5Qpc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
136905
sbgp-ipAddrBlock: critical
IPv4:
103.98.128.0/22
IPv6:
2401:9a40::/32
Signature Algorithm: sha256WithRSAEncryption
85:00:5a:f2:5d:be:6d:aa:3e:b1:a2:a6:33:19:42:7d:c9:84:
30:66:41:b9:2d:72:7b:e7:6c:93:0e:8e:65:40:8f:e6:25:f9:
89:7a:e5:e0:5b:37:ab:3c:f3:6c:ad:7f:0e:93:1d:ea:17:77:
28:e5:07:95:48:6e:79:92:ae:38:ea:a2:33:45:ad:ee:2c:46:
4d:bf:e7:74:56:5f:f6:bd:a0:f0:5c:11:66:6c:ac:2e:2f:82:
78:27:a4:cf:a4:e9:36:f1:b9:70:37:10:f6:b1:2b:0d:54:35:
e7:4c:4a:23:14:79:f2:f8:fc:be:c9:33:4c:f8:d4:9f:a2:32:
47:98:82:0b:8f:20:94:12:d9:b8:e6:a5:54:d2:9f:02:c3:e1:
80:c3:cd:08:d9:ae:6b:29:38:5c:6d:b5:0a:3f:5a:9a:a7:52:
20:70:6d:38:0a:ae:6f:1a:31:cd:de:7d:27:7b:5a:78:25:34:
72:53:a2:fc:34:51:0b:92:5b:3f:e3:50:06:bd:b6:ac:ae:07:
92:69:91:5a:4c:78:98:da:4c:2d:d6:7f:c6:6d:70:b1:61:41:
01:9c:0b:de:13:11:0f:7a:4a:28:f6:2e:c4:4d:28:2a:e8:cd:
35:70:48:6d:c5:e4:9a:1d:37:9d:b4:22:ae:e7:89:00:2d:a9:
29:6a:0c:9c
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAmWUMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDkxNTIxNDQxOFoXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRkZBMTUxMTAvBgNVBAUTKDg3MjM3RkY2ODkwMjREOTRGREI0OUVD
MjVDNUIxMjBEMEJCOTQyOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDYe544OfBcNocPEQXmcCbldsZ3zr53aDtP2FpTIsLtCtMsbdJ2Vha5J/BVnue8
MffsyNDlxPA++4QNnD8cUnX2SQcE7VQBL1ju3duAsmapwdsGh30l3rwOa79bNuIl
8KwmsAE7j/eptrjLnbttw46d0GzOZtmrO6ep9OuQZFSp4KLRVRl63Wa88tkeDoec
qIeYo+kO3LoPIOQ5XVFx9Vy2UQ8gRGFhWSQlNRWMFDv9mHfTk8oZyPTdzvMGCpKK
/qj8gByWo97qZ7pFOW002DHh/4U4MNBDWxPZPRDCGCuKosvgkVI786HcPNO3YAXQ
KJWlWjtehn53lwKWsPig6g61AgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUhyN/9okC
TZT9tJ7CXFsSDQu5QpcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUZGQTE1LzcwMUY1M0QyMUQ4NzExRUFBODE2OUI2Q0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGRkExNS83MDFGNTNEMjFEODcxMUVBQTgxNjlCNkNDNEY5QUUwMi9oeU5fOW9r
Q1RaVDl0SjdDWEZzU0RRdTVRcGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhbJMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ2KAMA0EAgAC
MAcDBQAkAZpAMA0GCSqGSIb3DQEBCwUAA4IBAQCFAFryXb5tqj6xoqYzGUJ9yYQw
ZkG5LXJ752yTDo5lQI/mJfmJeuXgWzerPPNsrX8Okx3qF3co5QeVSG55kq446qIz
Ra3uLEZNv+d0Vl/2vaDwXBFmbKwuL4J4J6TPpOk28blwNxD2sSsNVDXnTEojFHny
+Py+yTNM+NSfojJHmIILjyCUEtm45qVU0p8Cw+GAw80I2a5rKThcbbUKP1qap1Ig
cG04Cq5vGjHN3n0ne1p4JTRyU6L8NFELkls/41AGvbasrgeSaZFaTHiY2kwt1n/G
bXCxYUEBnAveExEPekoo9i7ETSgq6M01cEhtxeSaHTedtCKu54kALakpagyc
-----END CERTIFICATE-----
Generated at Thu Sep 18 17:22:07 2025 by rpki-client