Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k3hpHVqDzAJrjR8jKAYAg3G-3AQ.cer
File: k3hpHVqDzAJrjR8jKAYAg3G-3AQ.cer (raw, json)
Hash identifier: TZ00ltv4CNgqXSmUqPyTAWaV0Hx7EgPf9HsUR7lULDc=
Subject key identifier: 93:78:69:1D:5A:83:CC:02:6B:8D:1F:23:28:06:00:83:71:BE:DC:04
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 026F75
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9164FD2/B94B4F7C0C3611EB85233121C4F9AE02/k3hpHVqDzAJrjR8jKAYAg3G-3AQ.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9164FD2/B94B4F7C0C3611EB85233121C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 27 Oct 2025 14:32:24 +0000
Certificate not after: Wed 30 Dec 2026 00:00:00 +0000
Subordinate resources: IP: 103.9.51.0/24
IP: 103.81.162.0/24
IP: 103.195.143.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 10 Nov 2025 09:20:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159605 (0x26f75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 27 14:32:24 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=A9164FD2, serialNumber=9378691D5A83CC026B8D1F232806008371BEDC04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:64:41:e7:e0:64:66:35:8a:55:2f:93:21:ee:
67:f3:fe:37:b3:c0:fb:95:6a:ac:4a:82:23:bf:c8:
17:53:76:db:01:e4:88:0b:2a:86:7b:65:6b:b4:63:
6e:1b:dd:bd:8f:ac:dc:07:f8:3a:02:a8:98:34:34:
b0:96:a8:1d:a3:a2:27:6f:68:3a:8a:9a:1e:4d:25:
be:1f:54:4d:94:60:03:1a:10:de:b0:bd:f1:10:5d:
d8:1e:c8:bf:1c:7f:57:33:9c:67:90:e9:40:32:d4:
0e:f3:81:27:3f:74:5a:6c:1d:d6:0d:44:01:fd:33:
f2:69:cc:45:1c:4c:3b:03:b7:c6:32:3c:15:68:af:
f1:1c:aa:8f:e7:6e:e9:25:ad:7d:5d:78:9e:aa:7d:
5a:b3:a9:e8:3e:b2:7f:0e:f8:fa:cb:be:c2:91:52:
7b:0b:4e:b3:c9:b1:af:be:a8:a3:cf:c5:de:df:52:
71:58:6f:52:6b:c7:e3:80:c0:fc:06:80:54:37:26:
c6:57:30:66:cf:d3:08:2a:16:b5:91:3d:17:b8:b2:
50:2e:d6:71:54:fc:85:22:cf:f6:a0:6e:d2:45:51:
24:c1:5e:74:b5:0d:dd:e0:6d:3e:a2:31:8c:f7:92:
2c:4d:e9:d4:a8:5b:80:b0:54:29:50:6e:f4:72:e2:
5e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:78:69:1D:5A:83:CC:02:6B:8D:1F:23:28:06:00:83:71:BE:DC:04
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9164FD2/B94B4F7C0C3611EB85233121C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9164FD2/B94B4F7C0C3611EB85233121C4F9AE02/k3hpHVqDzAJrjR8jKAYAg3G-3AQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.9.51.0/24
103.81.162.0/24
103.195.143.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:cd:81:c0:3c:42:1b:02:25:d2:6d:84:3b:15:89:78:dd:39:
c0:ba:52:29:84:55:cc:2c:9f:bb:82:8b:00:14:d4:b4:b1:64:
bc:a0:12:53:73:68:30:3d:aa:7e:00:22:16:fa:5f:7b:29:16:
f2:79:19:4a:bc:2f:9a:b7:94:39:45:48:d1:42:21:57:84:73:
8c:b1:5c:c0:e8:d3:ac:2e:d1:4f:1f:5c:3b:d8:58:5b:3b:8e:
8e:fd:23:ed:81:39:2b:2b:ae:10:e0:4c:67:8c:b9:23:30:2f:
c1:6f:85:0e:1d:59:12:5c:24:ff:29:88:45:5d:0d:ef:9e:53:
45:f2:76:6d:06:65:61:70:d7:a3:46:cc:68:da:30:3c:76:e7:
91:6f:27:eb:d9:7e:2c:95:6d:65:71:e3:40:17:a5:df:4a:a5:
6a:ec:81:e7:ab:fb:74:fd:fa:4f:85:6b:d5:67:62:0e:c6:39:
5e:e5:e4:38:20:06:0a:05:26:32:e2:98:90:d2:6b:97:73:1e:
12:82:0e:04:f7:a5:ed:09:f6:d4:c9:c4:0a:ca:da:de:9d:24:
7d:19:bc:bf:9f:ee:8b:d6:1e:23:8b:e9:2b:cd:e1:cf:38:45:
0e:bf:c5:b3:3f:a9:23:50:ad:fa:a2:b5:73:2e:23:65:b7:07:
87:d8:bd:7d
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgIDAm91MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MTAyNzE0MzIyNFoXDTI2MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNjRGRDIxMTAvBgNVBAUTKDkzNzg2OTFENUE4M0NDMDI2QjhEMUYy
MzI4MDYwMDgzNzFCRURDMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDUZEHn4GRmNYpVL5Mh7mfz/jezwPuVaqxKgiO/yBdTdtsB5IgLKoZ7ZWu0Y24b
3b2PrNwH+DoCqJg0NLCWqB2joidvaDqKmh5NJb4fVE2UYAMaEN6wvfEQXdgeyL8c
f1cznGeQ6UAy1A7zgSc/dFpsHdYNRAH9M/JpzEUcTDsDt8YyPBVor/Ecqo/nbukl
rX1deJ6qfVqzqeg+sn8O+PrLvsKRUnsLTrPJsa++qKPPxd7fUnFYb1Jrx+OAwPwG
gFQ3JsZXMGbP0wgqFrWRPRe4slAu1nFU/IUiz/agbtJFUSTBXnS1Dd3gbT6iMYz3
kixN6dSoW4CwVClQbvRy4l7XAgMBAAGjggL/MIIC+zAdBgNVHQ4EFgQUk3hpHVqD
zAJrjR8jKAYAg3G+3AQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTY0RkQyL0I5NEI0RjdDMEMzNjExRUI4NTIzMzEyMUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2NEZEMi9COTRCNEY3QzBDMzYxMUVCODUyMzMxMjFDNEY5QUUwMi9rM2hwSFZx
RHpBSnJqUjhqS0FZQWczRy0zQVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8EHDAa
MBgEAgABMBIDBABnCTMDBABnUaIDBABnw48wDQYJKoZIhvcNAQELBQADggEBAHrN
gcA8QhsCJdJthDsViXjdOcC6UimEVcwsn7uCiwAU1LSxZLygElNzaDA9qn4AIhb6
X3spFvJ5GUq8L5q3lDlFSNFCIVeEc4yxXMDo06wu0U8fXDvYWFs7jo79I+2BOSsr
rhDgTGeMuSMwL8FvhQ4dWRJcJP8piEVdDe+eU0Xydm0GZWFw16NGzGjaMDx255Fv
J+vZfiyVbWVx40AXpd9KpWrsgeer+3T9+k+Fa9VnYg7GOV7l5DggBgoFJjLimJDS
a5dzHhKCDgT3pe0J9tTJxArK2t6dJH0ZvL+f7ovWHiOL6SvN4c84RQ6/xbM/qSNQ
rfqitXMuI2W3B4fYvX0=
-----END CERTIFICATE-----
Generated at Mon Nov 3 11:14:26 2025 by rpki-client