Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l1vVXWFcmGCsz9hgmYU7yxmpm-Q.cer
File: l1vVXWFcmGCsz9hgmYU7yxmpm-Q.cer (raw, json)
Hash identifier: lkJQ7EahAfVQFJ8cLsZyRbYwGWg175r8r4WjKXnEYgw=
Subject key identifier: 97:5B:D5:5D:61:5C:98:60:AC:CF:D8:60:99:85:3B:CB:19:A9:9B:E4
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0272A1
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91CBB09/611DABA07CE811ECAC894839C4F9AE02/l1vVXWFcmGCsz9hgmYU7yxmpm-Q.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91CBB09/611DABA07CE811ECAC894839C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 03 Nov 2025 22:23:37 +0000
Certificate not after: Wed 30 Dec 2026 00:00:00 +0000
Subordinate resources: AS: 148991
IP: 103.175.150.0/23
IP: 2400:1ae0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 11 Nov 2025 14:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160417 (0x272a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 3 22:23:37 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=A91CBB09, serialNumber=975BD55D615C9860ACCFD86099853BCB19A99BE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:4b:8c:e2:c5:1f:76:8e:c9:f7:31:13:1e:bc:
31:8c:0f:cf:7d:09:e6:8b:68:78:8f:54:54:3f:52:
cf:57:35:10:b2:83:5b:40:ba:a0:b7:65:4b:35:f8:
41:d7:4f:6e:19:f8:9c:5b:29:c6:89:1c:ba:73:63:
a7:b6:7c:99:c5:d4:e4:1c:0b:79:21:d9:01:98:75:
00:26:9e:60:0e:a3:35:ae:d4:ad:1c:bd:a0:a5:c2:
2d:a2:c2:37:e2:fa:62:0e:a5:ee:49:e9:5b:a0:79:
dd:30:81:92:65:6b:19:98:f4:2c:ae:25:fb:a2:70:
b6:81:de:92:da:67:5c:e2:5f:9d:b7:b7:31:d8:f2:
5f:59:e9:a8:91:8a:e3:ae:39:9b:3c:d1:d9:d3:da:
fa:0e:6b:2e:22:25:9e:3e:d6:4f:0e:20:34:63:5b:
f4:1f:55:f0:cc:a6:d0:77:95:e9:eb:08:79:d3:e4:
f9:6e:c3:ea:3c:1b:32:6a:8c:f8:e2:d4:69:9b:9f:
68:a1:c5:40:71:f7:87:af:02:86:72:e1:92:d3:2f:
74:49:22:f6:33:11:f8:fc:d6:62:c3:d9:81:04:1f:
14:cc:56:a9:30:a7:c1:32:6e:89:0a:7b:b4:34:fa:
1b:00:02:08:b5:a7:cb:41:cb:68:6f:12:98:ae:3a:
5b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:5B:D5:5D:61:5C:98:60:AC:CF:D8:60:99:85:3B:CB:19:A9:9B:E4
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CBB09/611DABA07CE811ECAC894839C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CBB09/611DABA07CE811ECAC894839C4F9AE02/l1vVXWFcmGCsz9hgmYU7yxmpm-Q.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
148991
sbgp-ipAddrBlock: critical
IPv4:
103.175.150.0/23
IPv6:
2400:1ae0::/32
Signature Algorithm: sha256WithRSAEncryption
a4:c0:6a:aa:45:9e:94:a2:08:e3:84:07:3f:b5:01:33:9a:29:
71:8f:81:88:d0:9d:10:79:0d:c0:a5:de:8d:d3:8b:0d:50:73:
69:fb:2a:8e:19:26:ed:2e:e2:28:74:b0:3e:a0:a5:4a:be:49:
d2:d1:ea:d6:e1:0d:69:be:0c:fa:49:65:51:75:ff:61:27:c4:
00:90:0e:68:1e:bb:e2:95:ee:3d:ff:a1:87:66:cc:52:de:08:
4a:24:94:e6:e4:0c:82:3e:ef:d6:e5:97:5e:23:71:84:dd:71:
20:a8:4a:24:7b:c8:53:b9:95:7e:39:6a:fb:69:f7:da:d3:9a:
c9:63:12:16:47:99:1f:0f:3d:79:04:af:98:61:9d:39:bf:38:
9a:d6:22:ed:32:c5:e9:a8:ba:f3:1c:f6:5e:17:dc:d3:b6:c5:
9f:33:19:ba:1c:2c:ae:58:d3:39:7a:2d:83:9d:26:e3:2b:aa:
83:9c:83:32:b3:5b:83:52:1c:93:61:56:ae:68:37:78:10:79:
f3:d0:cd:00:e4:cd:85:8e:e8:fa:00:dc:73:74:3f:3b:01:dd:
21:d0:b0:5e:06:c0:96:34:6b:0e:84:cb:1b:f3:16:d7:6b:c4:
78:9d:85:7f:76:7f:b4:2b:63:e0:d8:f5:80:b2:72:c1:88:25:
31:04:38:13
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAnKhMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MTEwMzIyMjMzN1oXDTI2MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQ0JCMDkxMTAvBgNVBAUTKDk3NUJENTVENjE1Qzk4NjBBQ0NGRDg2
MDk5ODUzQkNCMTlBOTlCRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDvS4zixR92jsn3MRMevDGMD899CeaLaHiPVFQ/Us9XNRCyg1tAuqC3ZUs1+EHX
T24Z+JxbKcaJHLpzY6e2fJnF1OQcC3kh2QGYdQAmnmAOozWu1K0cvaClwi2iwjfi
+mIOpe5J6Vuged0wgZJlaxmY9CyuJfuicLaB3pLaZ1ziX523tzHY8l9Z6aiRiuOu
OZs80dnT2voOay4iJZ4+1k8OIDRjW/QfVfDMptB3lenrCHnT5Pluw+o8GzJqjPji
1Gmbn2ihxUBx94evAoZy4ZLTL3RJIvYzEfj81mLD2YEEHxTMVqkwp8EybokKe7Q0
+hsAAgi1p8tBy2hvEpiuOlt9AgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUl1vVXWFc
mGCsz9hgmYU7yxmpm+QwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNCQjA5LzYxMURBQkEwN0NFODExRUNBQzg5NDgzOUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDQkIwOS82MTFEQUJBMDdDRTgxMUVDQUM4OTQ4MzlDNEY5QUUwMi9sMXZWWFdG
Y21HQ3N6OWhnbVlVN3l4bXBtLVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkX/MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ6+WMA0EAgAC
MAcDBQAkABrgMA0GCSqGSIb3DQEBCwUAA4IBAQCkwGqqRZ6UogjjhAc/tQEzmilx
j4GI0J0QeQ3Apd6N04sNUHNp+yqOGSbtLuIodLA+oKVKvknS0erW4Q1pvgz6SWVR
df9hJ8QAkA5oHrvile49/6GHZsxS3ghKJJTm5AyCPu/W5ZdeI3GE3XEgqEoke8hT
uZV+OWr7affa05rJYxIWR5kfDz15BK+YYZ05vzia1iLtMsXpqLrzHPZeF9zTtsWf
Mxm6HCyuWNM5ei2DnSbjK6qDnIMys1uDUhyTYVauaDd4EHnz0M0A5M2Fjuj6ANxz
dD87Ad0h0LBeBsCWNGsOhMsb8xbXa8R4nYV/dn+0K2Pg2PWAsnLBiCUxBDgT
-----END CERTIFICATE-----
Generated at Tue Nov 4 16:06:18 2025 by rpki-client