Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iChZ1SMB8BVx2dTPlT9F4HXgmpg.cer
File: iChZ1SMB8BVx2dTPlT9F4HXgmpg.cer (raw, json)
Hash identifier: 1owbidGhuDkWqeiIf0PZgbkKBXxCYnffO6idfFRkZPk=
Subject key identifier: 88:28:59:D5:23:01:F0:15:71:D9:D4:CF:95:3F:45:E0:75:E0:9A:98
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025DEB
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/iChZ1SMB8BVx2dTPlT9F4HXgmpg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 18 Aug 2025 05:25:32 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: AS: 45158
AS: 56133
AS: 63926
AS: 64098
AS: 132836
AS: 133029
AS: 133407
AS: 133736
AS: 134720
AS: 135888
IP: 43.245.132.0/22
IP: 59.153.8.0/22
IP: 103.31.88.0/22
IP: 103.47.0.0/24
IP: 103.55.132.0/24
IP: 103.55.134.0/23
IP: 103.61.128.0/22
IP: 103.79.4.0/22
IP: 103.79.172.0/22
IP: 103.98.86.0/23
IP: 103.197.232.0/22
IP: 103.251.172.0/22
IP: 120.29.240.0/21
IP: 144.48.232.0/22
IP: 160.202.140.0/22
IP: 202.179.144.0/22
IP: 203.166.216.0/24
IP: 203.189.124.0/22
IP: 221.120.164.0/22
IP: 2400:1240::/32
IP: 2401:8140::/32
IP: 2402:4c80::/32
IP: 2403:780::/32
IP: 2407:1e00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 11:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155115 (0x25deb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 18 05:25:32 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A919D588, serialNumber=882859D52301F01571D9D4CF953F45E075E09A98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:4b:e9:bf:b3:8d:07:2b:e4:80:a0:69:91:1f:
8f:2e:14:9d:9c:bb:67:ef:f3:d6:47:5d:62:44:73:
7a:91:07:eb:34:06:4c:73:60:e6:70:83:e7:1d:a9:
80:5f:b6:20:50:97:58:1b:b4:3a:0c:62:95:32:3d:
99:26:62:e6:58:c9:62:50:49:ba:cd:82:41:ec:3e:
e1:23:e0:05:e4:01:b8:00:69:9c:8e:39:52:28:9c:
d3:17:f0:9a:a9:52:98:1d:0b:e4:ec:6f:fb:85:b3:
b8:56:e7:d3:ca:9d:20:00:2e:c4:2f:1b:6e:cf:8b:
28:eb:ae:9c:6e:23:df:8e:7b:fb:df:89:9d:e1:6b:
c8:8b:7e:58:5b:72:96:5f:6f:83:8c:0a:b1:e6:1f:
2e:4a:a8:57:7f:a1:2b:de:ef:ce:f5:b9:b9:c5:62:
0c:5d:82:c1:e4:43:22:43:5b:a0:80:e9:b4:18:1f:
c5:5b:e7:8f:6f:a3:cf:b2:71:c4:42:54:a2:41:66:
e9:f4:41:2f:32:e7:75:10:e9:8f:40:61:8e:9e:7c:
57:11:c7:18:89:e7:7d:17:7a:d3:fa:78:87:17:f8:
db:fb:80:e4:f5:44:e0:a0:b3:14:41:b5:0c:02:9b:
0f:2e:9e:3a:37:f9:15:51:1a:7d:1d:1f:e2:4a:32:
23:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:28:59:D5:23:01:F0:15:71:D9:D4:CF:95:3F:45:E0:75:E0:9A:98
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/iChZ1SMB8BVx2dTPlT9F4HXgmpg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
45158
56133
63926
64098
132836
133029
133407
133736
134720
135888
sbgp-ipAddrBlock: critical
IPv4:
43.245.132.0/22
59.153.8.0/22
103.31.88.0/22
103.47.0.0/24
103.55.132.0/24
103.55.134.0/23
103.61.128.0/22
103.79.4.0/22
103.79.172.0/22
103.98.86.0/23
103.197.232.0/22
103.251.172.0/22
120.29.240.0/21
144.48.232.0/22
160.202.140.0/22
202.179.144.0/22
203.166.216.0/24
203.189.124.0/22
221.120.164.0/22
IPv6:
2400:1240::/32
2401:8140::/32
2402:4c80::/32
2403:780::/32
2407:1e00::/32
Signature Algorithm: sha256WithRSAEncryption
d7:71:12:d0:c0:ca:4b:f8:34:3a:65:3d:38:3e:ff:36:b8:23:
09:84:21:4f:3d:c9:ed:e8:74:e6:fe:e6:e2:86:12:bc:7e:f3:
4b:dc:1c:0c:19:91:fb:33:d2:4e:1c:d8:58:71:f2:00:f2:f6:
4a:94:7a:b5:76:53:ab:3f:7c:1c:86:58:9a:70:d0:ad:d8:64:
fd:e9:2f:c1:ce:8c:89:57:8c:d6:eb:7c:22:32:63:78:ed:3c:
db:3a:30:ab:e0:17:68:b4:66:89:30:3b:4c:5b:55:79:d7:aa:
f9:41:d6:9d:cf:1a:02:9b:6c:d5:75:55:6a:00:77:54:2e:45:
f0:69:b7:3c:51:40:37:b7:15:5a:aa:38:12:44:f3:2e:5f:6b:
39:67:42:4c:f7:03:63:1c:22:54:de:b3:0c:97:7a:3c:29:49:
77:4a:9d:cb:d1:1e:ab:09:34:b8:f5:54:16:3d:58:b3:61:5b:
c3:6f:19:5b:af:9a:91:0d:59:aa:4d:b6:45:8f:e1:88:1d:62:
8d:53:ff:19:17:bb:b6:2f:2f:48:2c:1f:a4:be:c5:68:51:dc:
ba:aa:49:a5:c3:fc:b4:43:52:f2:f8:49:9c:f6:f5:6d:ce:d2:
22:93:76:be:94:bf:ad:a7:08:d5:1d:c9:fd:d3:95:9e:79:91:
fd:d8:31:d3
-----BEGIN CERTIFICATE-----
MIIG4TCCBcmgAwIBAgIDAl3rMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgxODA1MjUzMloXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOUQ1ODgxMTAvBgNVBAUTKDg4Mjg1OUQ1MjMwMUYwMTU3MUQ5RDRD
Rjk1M0Y0NUUwNzVFMDlBOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDTS+m/s40HK+SAoGmRH48uFJ2cu2fv89ZHXWJEc3qRB+s0BkxzYOZwg+cdqYBf
tiBQl1gbtDoMYpUyPZkmYuZYyWJQSbrNgkHsPuEj4AXkAbgAaZyOOVIonNMX8Jqp
UpgdC+Tsb/uFs7hW59PKnSAALsQvG27PiyjrrpxuI9+Oe/vfiZ3ha8iLflhbcpZf
b4OMCrHmHy5KqFd/oSve7871ubnFYgxdgsHkQyJDW6CA6bQYH8Vb549vo8+yccRC
VKJBZun0QS8y53UQ6Y9AYY6efFcRxxiJ530XetP6eIcX+Nv7gOT1ROCgsxRBtQwC
mw8unjo3+RVRGn0dH+JKMiNlAgMBAAGjggPWMIID0jAdBgNVHQ4EFgQUiChZ1SMB
8BVx2dTPlT9F4HXgmpgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTlENTg4L0JGN0Q1RTc2N0JGMzExRjBBMDVGQUQ4MkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5RDU4OC9CRjdENUU3NjdCRjMxMUYwQTA1RkFEODJDNEY5QUUwMi9pQ2haMVNN
QjhCVngyZFRQbFQ5RjRIWGdtcGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQgBAf8EODA2
oDQwMgIDALBmAgMA20UCAwD5tgIDAPpiAgMCBuQCAwIHpQIDAgkfAgMCCmgCAwIO
QAIDAhLQMIG4BggrBgEFBQcBBwEB/wSBqDCBpTB4BAIAATByAwQCK/WEAwQCO5kI
AwQCZx9YAwQAZy8AAwQAZzeEAwQBZzeGAwQCZz2AAwQCZ08EAwQCZ0+sAwQBZ2JW
AwQCZ8XoAwQCZ/usAwQDeB3wAwQCkDDoAwQCoMqMAwQCyrOQAwQAy6bYAwQCy718
AwQC3XikMCkEAgACMCMDBQAkABJAAwUAJAGBQAMFACQCTIADBQAkAweAAwUAJAce
ADANBgkqhkiG9w0BAQsFAAOCAQEA13ES0MDKS/g0OmU9OD7/NrgjCYQhTz3J7eh0
5v7m4oYSvH7zS9wcDBmR+zPSThzYWHHyAPL2SpR6tXZTqz98HIZYmnDQrdhk/ekv
wc6MiVeM1ut8IjJjeO082zowq+AXaLRmiTA7TFtVedeq+UHWnc8aApts1XVVagB3
VC5F8Gm3PFFAN7cVWqo4EkTzLl9rOWdCTPcDYxwiVN6zDJd6PClJd0qdy9Eeqwk0
uPVUFj1Ys2Fbw28ZW6+akQ1Zqk22RY/hiB1ijVP/GRe7ti8vSCwfpL7FaFHcuqpJ
pcP8tENS8vhJnPb1bc7SIpN2vpS/racI1R3J/dOVnnmR/dgx0w==
-----END CERTIFICATE-----
Generated at Fri Aug 22 14:31:55 2025 by rpki-client