Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kHsDit7Hw_qcZJMOZBmy-7q5yBw.cer
File: kHsDit7Hw_qcZJMOZBmy-7q5yBw.cer (raw, json)
Hash identifier: W+VR4X9aoX8a7t3Vcl/ebvi7nD2URjDD+ax2SoErJuc=
Subject key identifier: 90:7B:03:8A:DE:C7:C3:FA:9C:64:93:0E:64:19:B2:FB:BA:B9:C8:1C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02708C
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A913A7A6/4DB9443A73B611EA9B8C1F5CC4F9AE02/kHsDit7Hw_qcZJMOZBmy-7q5yBw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A913A7A6/4DB9443A73B611EA9B8C1F5CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 30 Oct 2025 14:27:48 +0000
Certificate not after: Wed 30 Dec 2026 00:00:00 +0000
Subordinate resources: AS: 58877
IP: 203.22.220.0/23
IP: 2405:2d00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 10 Nov 2025 09:20:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159884 (0x2708c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 30 14:27:48 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=A913A7A6, serialNumber=907B038ADEC7C3FA9C64930E6419B2FBBAB9C81C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e3:d1:75:52:de:d9:4d:44:05:33:c7:b2:35:
d8:10:2b:1f:0b:40:a2:e4:b5:28:8b:9e:21:c4:d7:
5f:8d:c1:55:b0:5b:b2:89:1a:76:f9:c7:a7:6f:2b:
5b:51:bd:34:f6:bb:41:9c:9e:a2:97:f2:5e:fa:d5:
6d:da:e8:ab:5d:5c:52:fc:41:8b:30:1d:54:1d:d5:
2f:77:81:3d:8f:b2:30:83:5d:00:07:b7:c0:c6:bc:
c6:0e:1a:00:9d:a9:b6:1e:a2:0a:32:ba:ac:e9:f9:
6f:04:91:d6:de:fc:e0:aa:8d:40:c5:f8:70:d2:1e:
65:00:ef:c8:90:cc:79:12:d8:1c:98:f2:32:18:a0:
ce:8e:51:0b:5f:dd:cd:ab:1c:59:8f:4d:d7:e7:74:
f8:de:4a:54:c9:e3:dd:55:04:84:42:02:79:01:64:
48:89:98:b5:24:6f:3e:36:43:cf:cf:df:0a:ab:62:
da:70:38:de:79:07:7e:7c:02:e3:35:ee:57:51:f9:
c7:6a:d8:4c:3b:4a:2b:d8:a5:b4:a1:f5:46:61:6e:
d4:87:bc:f8:69:53:c1:35:0c:35:08:5d:9b:77:c1:
dc:2f:c9:cb:0e:bd:94:37:40:29:ca:ac:fa:33:ca:
7b:df:bd:9e:81:e3:70:a7:c3:af:79:37:b2:11:c1:
86:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:7B:03:8A:DE:C7:C3:FA:9C:64:93:0E:64:19:B2:FB:BA:B9:C8:1C
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913A7A6/4DB9443A73B611EA9B8C1F5CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913A7A6/4DB9443A73B611EA9B8C1F5CC4F9AE02/kHsDit7Hw_qcZJMOZBmy-7q5yBw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
58877
sbgp-ipAddrBlock: critical
IPv4:
203.22.220.0/23
IPv6:
2405:2d00::/32
Signature Algorithm: sha256WithRSAEncryption
c3:b5:f4:3c:10:52:61:14:b2:60:c5:2f:47:e6:86:3d:a3:e4:
36:a6:2e:19:f3:f7:5e:69:ec:71:62:58:a7:2f:2b:6c:dc:12:
f9:54:73:b7:82:72:54:e0:79:7c:10:91:b0:18:04:81:d0:4c:
69:76:6f:93:2b:d0:32:4c:53:8f:61:1b:02:c6:b0:8e:69:cf:
69:07:a2:2f:8c:53:4d:66:0a:d0:4d:19:b6:36:1c:da:87:79:
f4:cb:01:f6:86:7d:06:4a:3b:f5:fb:94:77:3b:12:03:fd:09:
e0:66:7d:a2:b2:2c:5c:cf:10:4c:98:33:59:44:3f:96:ae:d0:
7a:50:70:dd:cc:15:a3:30:c0:f1:61:be:f0:b3:8d:08:fd:35:
f3:f5:50:aa:6d:5f:67:83:20:7d:8f:37:82:0a:da:23:4c:bd:
86:d6:09:c5:c7:e1:28:db:bf:96:14:43:8a:f5:18:f8:81:bc:
18:07:75:fb:db:f1:d1:19:45:9b:9e:ab:c3:1d:f9:fe:7e:64:
7a:cf:4d:f1:38:97:1d:8a:9e:1b:49:85:75:cc:28:7f:a0:af:
63:9e:da:b6:19:c0:47:f8:96:a8:de:0f:c2:01:4b:73:73:9a:
b9:4d:37:74:dd:b7:f4:c9:0a:e1:71:6d:90:9b:f4:08:2f:a1:
03:15:94:f0
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAnCMMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MTAzMDE0Mjc0OFoXDTI2MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0E3QTYxMTAvBgNVBAUTKDkwN0IwMzhBREVDN0MzRkE5QzY0OTMw
RTY0MTlCMkZCQkFCOUM4MUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDO49F1Ut7ZTUQFM8eyNdgQKx8LQKLktSiLniHE11+NwVWwW7KJGnb5x6dvK1tR
vTT2u0GcnqKX8l761W3a6KtdXFL8QYswHVQd1S93gT2PsjCDXQAHt8DGvMYOGgCd
qbYeogoyuqzp+W8Ekdbe/OCqjUDF+HDSHmUA78iQzHkS2ByY8jIYoM6OUQtf3c2r
HFmPTdfndPjeSlTJ491VBIRCAnkBZEiJmLUkbz42Q8/P3wqrYtpwON55B358AuM1
7ldR+cdq2Ew7SivYpbSh9UZhbtSHvPhpU8E1DDUIXZt3wdwvycsOvZQ3QCnKrPoz
ynvfvZ6B43Cnw695N7IRwYZRAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUkHsDit7H
w/qcZJMOZBmy+7q5yBwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNBN0E2LzREQjk0NDNBNzNCNjExRUE5QjhDMUY1Q0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzQTdBNi80REI5NDQzQTczQjYxMUVBOUI4QzFGNUNDNEY5QUUwMi9rSHNEaXQ3
SHdfcWNaSk1PWkJteS03cTV5QncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAOX9MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQByxbcMA0EAgAC
MAcDBQAkBS0AMA0GCSqGSIb3DQEBCwUAA4IBAQDDtfQ8EFJhFLJgxS9H5oY9o+Q2
pi4Z8/deaexxYlinLyts3BL5VHO3gnJU4Hl8EJGwGASB0Expdm+TK9AyTFOPYRsC
xrCOac9pB6IvjFNNZgrQTRm2Nhzah3n0ywH2hn0GSjv1+5R3OxID/QngZn2isixc
zxBMmDNZRD+WrtB6UHDdzBWjMMDxYb7ws40I/TXz9VCqbV9ngyB9jzeCCtojTL2G
1gnFx+Eo27+WFEOK9Rj4gbwYB3X72/HRGUWbnqvDHfn+fmR6z03xOJcdip4bSYV1
zCh/oK9jntq2GcBH+Jao3g/CAUtzc5q5TTd03bf0yQrhcW2Qm/QIL6EDFZTw
-----END CERTIFICATE-----
Generated at Mon Nov 3 11:16:29 2025 by rpki-client