Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nZwAihKi96YP7_liJmsFAqHKC6I.cer
File: nZwAihKi96YP7_liJmsFAqHKC6I.cer (raw, json)
Hash identifier: c6Mof4BGP4Dy4GInhvytSrPZzLBNh4htELukqi8tQ9E=
Subject key identifier: 9D:9C:00:8A:12:A2:F7:A6:0F:EF:F9:62:26:6B:05:02:A1:CA:0B:A2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 026089
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91AB85A/185C39B603CD11ECABCE697BC4F9AE02/nZwAihKi96YP7_liJmsFAqHKC6I.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91AB85A/185C39B603CD11ECABCE697BC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 28 Aug 2025 21:19:37 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: AS: 146956
IP: 103.172.28.0/23
IP: 2001:df7:5e80::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 15 Sep 2025 02:50:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155785 (0x26089)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 28 21:19:37 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A91AB85A, serialNumber=9D9C008A12A2F7A60FEFF962266B0502A1CA0BA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5d:73:a9:bd:e3:76:30:ec:a7:f9:11:b1:6d:
59:59:23:a6:71:ef:b0:c3:4f:4d:42:3f:65:c6:d3:
b2:aa:d4:63:74:6d:68:23:5e:4f:07:5c:95:c8:33:
4f:36:60:f8:33:4a:58:bf:f0:13:59:ca:3b:bb:73:
fe:b8:95:ba:0a:00:7b:bd:6a:0a:2d:98:85:23:fc:
2f:df:20:c6:13:d8:25:65:e3:ac:1d:6c:eb:b6:77:
68:df:41:2b:ee:de:ad:ea:12:40:21:b9:48:33:db:
26:a3:95:77:8a:19:9f:b5:ba:d6:6d:65:55:9b:19:
78:76:52:41:1b:ac:d4:05:75:d5:7d:5d:b1:53:f4:
5e:4e:dc:65:3c:4f:f4:ab:99:ef:f6:eb:e8:d9:69:
1f:ff:51:9a:88:2f:92:62:9d:0e:33:e4:19:fe:bd:
88:41:0b:b4:03:ce:fb:9c:72:d0:7f:55:65:2e:af:
06:bd:25:e7:30:74:6e:88:5a:4b:86:25:b4:ab:3f:
04:ed:34:85:55:7e:d2:8c:82:2c:57:01:74:63:7c:
40:99:2a:36:e3:de:37:0d:3e:29:ff:a4:4d:ae:67:
6c:05:24:85:2a:2d:a4:9a:91:81:51:08:83:84:b2:
73:dd:d0:14:48:b1:b9:af:18:7d:dc:47:a0:b8:d5:
fe:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:9C:00:8A:12:A2:F7:A6:0F:EF:F9:62:26:6B:05:02:A1:CA:0B:A2
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91AB85A/185C39B603CD11ECABCE697BC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91AB85A/185C39B603CD11ECABCE697BC4F9AE02/nZwAihKi96YP7_liJmsFAqHKC6I.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
146956
sbgp-ipAddrBlock: critical
IPv4:
103.172.28.0/23
IPv6:
2001:df7:5e80::/48
Signature Algorithm: sha256WithRSAEncryption
1c:2e:9b:58:cd:0d:c2:66:f7:5d:b3:b5:dc:ad:64:04:86:d5:
d5:dd:89:a2:aa:01:da:20:8c:54:ba:fe:75:eb:ad:34:a9:5a:
65:7c:b9:cd:84:fd:72:79:a5:0c:85:0c:a1:a4:5d:a3:15:30:
d7:cf:a0:e8:44:6a:fb:e8:70:fc:e6:0a:cd:f9:69:62:5d:0a:
c8:cf:d5:3e:62:5b:ef:96:7f:e6:9a:99:f3:7a:d7:08:eb:61:
04:75:01:e5:30:12:74:73:06:3b:83:dc:7f:6c:b8:0c:08:94:
18:da:02:a9:e2:a4:44:cd:84:c5:25:37:8d:ce:71:40:59:15:
ca:3d:bc:87:2e:f1:73:95:f1:34:17:16:ad:58:8f:a1:f0:ad:
15:7c:77:36:12:b8:9e:7b:d2:3a:f3:a1:c9:73:c7:2b:52:65:
8c:b0:0a:01:3e:c0:63:93:38:1b:db:03:b1:4e:53:3f:2d:de:
4a:4d:f9:c9:56:53:cb:06:84:fc:14:c5:19:86:c9:e5:95:8c:
2c:bc:05:fe:3a:d9:2f:2d:bd:5f:3b:60:3f:e7:4d:8b:36:b5:
15:33:95:c0:2d:a3:40:ac:66:9b:e2:27:f0:cc:e2:2b:11:ad:
1d:1e:62:3c:17:14:66:47:d5:27:9a:d2:75:b0:a3:4a:83:6c:
30:8e:88:27
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAmCJMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgyODIxMTkzN1oXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQUI4NUExMTAvBgNVBAUTKDlEOUMwMDhBMTJBMkY3QTYwRkVGRjk2
MjI2NkIwNTAyQTFDQTBCQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCXXOpveN2MOyn+RGxbVlZI6Zx77DDT01CP2XG07Kq1GN0bWgjXk8HXJXIM082
YPgzSli/8BNZyju7c/64lboKAHu9agotmIUj/C/fIMYT2CVl46wdbOu2d2jfQSvu
3q3qEkAhuUgz2yajlXeKGZ+1utZtZVWbGXh2UkEbrNQFddV9XbFT9F5O3GU8T/Sr
me/26+jZaR//UZqIL5JinQ4z5Bn+vYhBC7QDzvucctB/VWUurwa9JecwdG6IWkuG
JbSrPwTtNIVVftKMgixXAXRjfECZKjbj3jcNPin/pE2uZ2wFJIUqLaSakYFRCIOE
snPd0BRIsbmvGH3cR6C41f4zAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUnZwAihKi
96YP7/liJmsFAqHKC6IwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUFCODVBLzE4NUMzOUI2MDNDRDExRUNBQkNFNjk3QkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBQjg1QS8xODVDMzlCNjAzQ0QxMUVDQUJDRTY5N0JDNEY5QUUwMi9uWndBaWhL
aTk2WVA3X2xpSm1zRkFxSEtDNkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAj4MMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ6wcMA8EAgAC
MAkDBwAgAQ33XoAwDQYJKoZIhvcNAQELBQADggEBABwum1jNDcJm912ztdytZASG
1dXdiaKqAdogjFS6/nXrrTSpWmV8uc2E/XJ5pQyFDKGkXaMVMNfPoOhEavvocPzm
Cs35aWJdCsjP1T5iW++Wf+aamfN61wjrYQR1AeUwEnRzBjuD3H9suAwIlBjaAqni
pETNhMUlN43OcUBZFco9vIcu8XOV8TQXFq1Yj6HwrRV8dzYSuJ570jrzoclzxytS
ZYywCgE+wGOTOBvbA7FOUz8t3kpN+clWU8sGhPwUxRmGyeWVjCy8Bf462S8tvV87
YD/nTYs2tRUzlcAto0CsZpviJ/DM4isRrR0eYjwXFGZH1Sea0nWwo0qDbDCOiCc=
-----END CERTIFICATE-----
Generated at Mon Sep 8 04:19:51 2025 by rpki-client