Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nWx1DOA5PCAKv4pnHB8sIGoMtHE.cer
File: nWx1DOA5PCAKv4pnHB8sIGoMtHE.cer (raw, json)
Hash identifier: P4NR1Tyi6QhmNDS8xrOIpGAtT0RM+VRHV0MZXaRML8Y=
Subject key identifier: 9D:6C:75:0C:E0:39:3C:20:0A:BF:8A:67:1C:1F:2C:20:6A:0C:B4:71
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02B0A1
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91113E7/9D3A20002F5611EFA23E5A23C4F9AE02/nWx1DOA5PCAKv4pnHB8sIGoMtHE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91113E7/9D3A20002F5611EFA23E5A23C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 30 Apr 2026 12:21:08 +0000
Certificate not after: Fri 30 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 152703
IP: 103.16.4.0/23
IP: 2401:9520::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 May 2026 04:46:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176289 (0x2b0a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 30 12:21:08 2026 GMT
Not After : Jul 30 00:00:00 2027 GMT
Subject: CN=A91113E7, serialNumber=9D6C750CE0393C200ABF8A671C1F2C206A0CB471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:17:a9:7f:4e:dc:87:b9:a0:9f:7c:8f:ef:e9:
f8:ae:a2:2a:75:74:25:12:ee:ae:ef:63:f9:1a:16:
c8:75:0a:e8:e9:0d:15:56:0a:60:d1:b3:30:0e:8a:
f4:69:d3:57:63:e3:0e:dc:2c:b8:44:55:26:fb:b3:
54:4b:48:c1:37:00:e8:9c:c2:20:22:5d:d0:6a:e5:
22:84:58:5b:81:78:54:b8:b4:08:8e:88:21:f5:1f:
22:85:13:e7:40:02:d8:69:0d:36:9b:59:85:ec:c2:
46:72:38:aa:25:38:45:37:42:06:f6:17:e7:1b:a6:
e2:e9:0d:ca:9e:45:7e:4e:b3:e9:3d:3e:46:26:e9:
a3:2e:3a:2b:20:78:f2:18:8a:e7:bb:3f:50:ad:6e:
6f:6d:ba:25:a1:8e:a7:76:09:ee:34:47:b5:ab:7c:
07:a1:d3:8c:ad:52:e6:8c:15:b7:bf:78:38:22:a4:
ec:26:62:5d:ce:c8:25:90:cb:e0:74:c8:9b:c3:8a:
14:54:be:9c:34:15:7b:c6:dd:b9:81:7f:b9:0f:74:
ce:d5:60:ac:1c:5b:5f:d3:05:62:5a:5c:3c:c1:07:
4b:b9:8a:76:94:98:40:98:0b:a9:86:96:1d:94:ad:
a2:17:0b:1a:a0:20:fc:5d:48:19:32:0a:25:ba:eb:
27:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:6C:75:0C:E0:39:3C:20:0A:BF:8A:67:1C:1F:2C:20:6A:0C:B4:71
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91113E7/9D3A20002F5611EFA23E5A23C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91113E7/9D3A20002F5611EFA23E5A23C4F9AE02/nWx1DOA5PCAKv4pnHB8sIGoMtHE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
152703
sbgp-ipAddrBlock: critical
IPv4:
103.16.4.0/23
IPv6:
2401:9520::/32
Signature Algorithm: sha256WithRSAEncryption
0c:07:e7:fb:e7:bc:aa:dc:2c:17:97:cc:75:a9:da:d6:c9:af:
73:35:d8:dd:3f:21:ee:23:59:72:e6:7c:86:2b:8d:b6:56:51:
02:c0:28:1f:65:a2:3b:7e:70:00:e3:6c:23:09:52:d0:c4:1b:
f4:64:d0:5c:42:47:3a:d3:64:cb:a8:6a:86:40:46:7e:2f:47:
22:ac:a5:a7:32:ae:da:b5:ef:49:8a:d2:34:6a:90:e7:e5:6b:
14:39:b6:47:9b:52:ef:eb:31:60:4b:d9:18:94:8f:05:0a:bc:
8f:72:1a:a1:e5:39:96:43:df:1a:a3:14:0d:63:2b:72:05:4c:
ee:ad:7c:bb:60:b0:35:8b:25:bb:f2:37:96:38:15:b5:15:85:
6d:e4:df:11:4a:6d:db:f6:db:07:da:ac:4e:5a:2a:db:cd:02:
e9:d5:8f:e1:73:75:ff:5f:68:21:00:b8:d9:4b:7a:6d:60:e3:
a7:21:d9:32:22:62:c5:ad:de:6d:08:bd:6c:dd:39:e2:1f:5d:
bf:de:a1:2e:08:9b:a5:e7:14:ba:a0:c9:63:82:53:2d:44:42:
98:1b:d9:d2:42:13:1a:22:94:3f:59:96:b1:cb:49:35:99:3e:
2f:6b:23:d0:ca:3c:60:c4:d9:54:68:5d:f3:de:58:84:7d:b6:
7a:48:cb:bb
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDArChMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDQzMDEyMjEwOFoXDTI3MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTEzRTcxMTAvBgNVBAUTKDlENkM3NTBDRTAzOTNDMjAwQUJGOEE2
NzFDMUYyQzIwNkEwQ0I0NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCxF6l/TtyHuaCffI/v6fiuoip1dCUS7q7vY/kaFsh1CujpDRVWCmDRszAOivRp
01dj4w7cLLhEVSb7s1RLSME3AOicwiAiXdBq5SKEWFuBeFS4tAiOiCH1HyKFE+dA
AthpDTabWYXswkZyOKolOEU3Qgb2F+cbpuLpDcqeRX5Os+k9PkYm6aMuOisgePIY
iue7P1Ctbm9tuiWhjqd2Ce40R7WrfAeh04ytUuaMFbe/eDgipOwmYl3OyCWQy+B0
yJvDihRUvpw0FXvG3bmBf7kPdM7VYKwcW1/TBWJaXDzBB0u5inaUmECYC6mGlh2U
raIXCxqgIPxdSBkyCiW66ydfAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUnWx1DOA5
PCAKv4pnHB8sIGoMtHEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTExM0U3LzlEM0EyMDAwMkY1NjExRUZBMjNFNUEyM0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExMTNFNy85RDNBMjAwMDJGNTYxMUVGQTIzRTVBMjNDNEY5QUUwMi9uV3gxRE9B
NVBDQUt2NHBuSEI4c0lHb010SEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlR/MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZxAEMA0EAgAC
MAcDBQAkAZUgMA0GCSqGSIb3DQEBCwUAA4IBAQAMB+f757yq3CwXl8x1qdrWya9z
NdjdPyHuI1ly5nyGK422VlECwCgfZaI7fnAA42wjCVLQxBv0ZNBcQkc602TLqGqG
QEZ+L0cirKWnMq7ate9JitI0apDn5WsUObZHm1Lv6zFgS9kYlI8FCryPchqh5TmW
Q98aoxQNYytyBUzurXy7YLA1iyW78jeWOBW1FYVt5N8RSm3b9tsH2qxOWirbzQLp
1Y/hc3X/X2ghALjZS3ptYOOnIdkyImLFrd5tCL1s3TniH12/3qEuCJul5xS6oMlj
glMtREKYG9nSQhMaIpQ/WZaxy0k1mT4vayPQyjxgxNlUaF3z3liEfbZ6SMu7
-----END CERTIFICATE-----
Generated at Thu May 21 09:37:00 2026 by rpki-client