Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
File: ntkFUQfHD4W7kajaAnC1ynYK61Q.cer (raw, json)
Hash identifier: SJzmalKy1pa5bKgQWyegIqeuESBNGjvqCJ/lf9RuoLI=
Subject key identifier: 9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0238FB
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 21 Mar 2025 17:24:33 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 4661
AS: 9557
AS: 17557
AS: 45595
AS: 140307
IP: 39.32.0.0/11
IP: 58.181.96.0/19
IP: 59.103.0.0/16
IP: 103.28.152.0/22
IP: 116.71.0.0/16
IP: 119.152.0.0/13
IP: 182.176.0.0/12
IP: 202.70.144.0/20
IP: 202.125.128.0/19
IP: 203.99.160.0/19
IP: 203.135.0.0/18
IP: 221.120.192.0/18
IP: 2001:df0:279::/48
IP: 2001:df2:b940::/48
IP: 2404:7000::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 03 Jun 2025 07:19:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145659 (0x238fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Mar 21 17:24:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A91A0832, serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:26:dc:45:d3:9d:e7:0d:cd:a2:52:d8:4b:55:
bc:27:05:4f:44:74:94:87:63:bc:d5:a8:1b:c4:38:
cb:78:83:b9:c5:c0:bc:3c:63:e0:3e:e9:54:d5:96:
e4:3f:c9:da:33:3d:01:e7:0c:c8:39:d2:14:96:7e:
95:65:11:36:e4:ae:4d:71:6d:3c:e9:7a:01:a6:5d:
3f:11:ec:eb:76:82:a6:d1:36:e3:d1:a9:8b:a8:d9:
62:bb:86:62:85:cc:23:64:46:68:3c:17:23:c8:db:
9c:1a:f0:33:7f:87:52:65:0e:bb:f4:2a:60:d4:ac:
ee:d6:a5:8d:95:b7:25:d7:f5:38:d5:34:11:ac:f6:
59:5c:6e:c2:46:e9:f3:cc:c8:ff:a3:81:03:8e:bc:
cd:4b:8b:97:3a:00:2a:a8:09:01:77:46:8f:18:1d:
0a:21:35:08:f4:35:a3:d5:ef:54:98:62:ff:b7:7d:
5f:d4:23:4f:fe:f8:57:4c:09:7d:ce:1b:d4:13:bd:
00:6e:15:c2:11:0e:33:05:3e:29:87:2e:fd:f7:41:
21:b5:cc:a3:c4:ba:2f:44:cf:3d:19:8d:1c:0c:6d:
58:75:da:9c:b7:0e:bd:22:8b:1c:ef:42:e5:cf:47:
04:0a:3b:15:20:d5:6c:5f:fc:af:72:88:c8:19:7a:
67:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
4661
9557
17557
45595
140307
sbgp-ipAddrBlock: critical
IPv4:
39.32.0.0/11
58.181.96.0/19
59.103.0.0/16
103.28.152.0/22
116.71.0.0/16
119.152.0.0/13
182.176.0.0/12
202.70.144.0/20
202.125.128.0/19
203.99.160.0/19
203.135.0.0/18
221.120.192.0/18
IPv6:
2001:df0:279::/48
2001:df2:b940::/48
2404:7000::/32
Signature Algorithm: sha256WithRSAEncryption
62:06:49:87:ba:d9:b1:85:ee:98:32:79:dc:9c:3c:b9:a2:9e:
4d:fa:47:75:21:59:7e:fd:99:c4:89:6f:9b:0a:92:fa:19:f1:
ad:b0:b5:51:20:8e:62:c3:46:a5:5e:60:cc:72:0b:46:9a:ba:
c4:b8:84:10:04:e6:b0:ca:cf:01:dd:97:14:96:eb:3e:0f:d7:
45:a9:58:55:14:f8:4e:6e:5b:79:b6:7a:4b:52:41:b3:d8:7e:
64:9a:e9:8f:69:84:59:db:13:3d:51:74:24:4d:67:13:b7:89:
07:c0:e9:64:97:3f:cc:4b:ea:15:08:cd:e7:d1:c2:29:e3:b5:
69:b3:ea:2f:9c:4d:8c:95:c9:05:4c:b4:81:f6:3d:91:16:2e:
3f:37:24:5b:9a:a7:8a:a3:8d:43:c5:c9:3b:bd:92:12:94:42:
ec:75:7a:45:6b:33:f6:71:c1:25:3f:78:34:44:37:77:41:d8:
cc:34:a0:9d:07:c5:06:ad:5f:61:52:f6:dc:87:b7:48:6d:d8:
f8:17:cc:b5:1f:94:b0:5c:71:a6:31:33:76:36:75:b4:61:1c:
b7:f5:e8:5d:a4:02:d5:c0:52:e4:02:a6:86:92:0a:38:dc:32:
1f:d1:34:f3:30:8b:5f:7a:43:26:bc:3e:4e:fe:c8:a2:6b:69:
a1:67:3f:67
-----BEGIN CERTIFICATE-----
MIIGiTCCBXGgAwIBAgIDAjj7MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDMyMTE3MjQzM1oXDTI2MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThE
QTAyNzBCNUNBNzYwQUVCNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLJtxF053nDc2iUthLVbwnBU9EdJSHY7zVqBvEOMt4g7nFwLw8Y+A+6VTVluQ/
ydozPQHnDMg50hSWfpVlETbkrk1xbTzpegGmXT8R7Ot2gqbRNuPRqYuo2WK7hmKF
zCNkRmg8FyPI25wa8DN/h1JlDrv0KmDUrO7WpY2VtyXX9TjVNBGs9llcbsJG6fPM
yP+jgQOOvM1Li5c6ACqoCQF3Ro8YHQohNQj0NaPV71SYYv+3fV/UI0/++FdMCX3O
G9QTvQBuFcIRDjMFPimHLv33QSG1zKPEui9Ezz0ZjRwMbVh12py3Dr0iixzvQuXP
RwQKOxUg1Wxf/K9yiMgZeme9AgMBAAGjggN+MIIDejAdBgNVHQ4EFgQUntkFUQfH
D4W7kajaAnC1ynYK61QwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUEwODMyLzlEQUY3ODBFMUQ5NDExRTI5OTAxRjNGODA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBMDgzMi85REFGNzgwRTFEOTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFm
SEQ0VzdrYWphQW5DMXluWUs2MVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQgBAf8EHDAa
oBgwFgICEjUCAiVVAgJElQIDALIbAgMCJBMwfQYIKwYBBQUHAQcBAf8EbjBsMEkE
AgABMEMDAwUnIAMEBTq1YAMDADtnAwQCZxyYAwMAdEcDAwN3mAMDBLawAwQEykaQ
AwQFyn2AAwQFy2OgAwQGy4cAAwQG3XjAMB8EAgACMBkDBwAgAQ3wAnkDBwAgAQ3y
uUADBQAkBHAAMA0GCSqGSIb3DQEBCwUAA4IBAQBiBkmHutmxhe6YMnncnDy5op5N
+kd1IVl+/ZnEiW+bCpL6GfGtsLVRII5iw0alXmDMcgtGmrrEuIQQBOawys8B3ZcU
lus+D9dFqVhVFPhOblt5tnpLUkGz2H5kmumPaYRZ2xM9UXQkTWcTt4kHwOlklz/M
S+oVCM3n0cIp47Vps+ovnE2MlckFTLSB9j2RFi4/NyRbmqeKo41Dxck7vZISlELs
dXpFazP2ccElP3g0RDd3QdjMNKCdB8UGrV9hUvbch7dIbdj4F8y1H5SwXHGmMTN2
NnW0YRy39ehdpALVwFLkAqaGkgo43DIf0TTzMItfekMmvD5O/siia2mhZz9n
-----END CERTIFICATE-----
Generated at Fri May 30 09:35:24 2025 by rpki-client