Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ok2WODNZy0lmoVuakGkT61RWZXs.cer
File: ok2WODNZy0lmoVuakGkT61RWZXs.cer (raw, json)
Hash identifier: 3jdzJdi8aVOHYPGSs6KcBxTsuy/gJN+k6lMKDJ+jz+M=
Subject key identifier: A2:4D:96:38:33:59:CB:49:66:A1:5B:9A:90:69:13:EB:54:56:65:7B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 024885
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 25 May 2025 20:02:48 +0000
Certificate not after: Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 153812
IP: 163.227.144.0/23
IP: 2402:420::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 06 Jun 2025 07:11:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149637 (0x24885)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 25 20:02:48 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=A91C9C03, serialNumber=A24D96383359CB4966A15B9A906913EB5456657B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:96:4d:f8:b8:82:7e:14:f2:1a:be:af:cc:af:
16:1e:0c:e2:55:25:a1:7d:1d:73:3b:43:4f:cd:bf:
12:89:0c:73:85:54:de:9f:8a:e2:69:b4:39:58:bc:
f7:89:39:9e:a1:6b:54:74:71:a9:f6:8b:0f:a3:18:
2a:38:fe:d4:44:12:d7:1c:d6:20:da:02:36:07:1d:
3f:76:0a:3b:68:50:eb:be:97:47:05:3e:8c:31:18:
b0:18:ca:3a:5e:f2:c0:95:b3:84:3b:b6:80:43:c9:
25:9a:dd:d1:7d:b9:6f:d3:89:f7:f1:8d:7e:1e:ca:
77:5c:4e:d2:04:c9:52:5d:ce:e2:7a:1c:bf:86:ff:
30:61:f3:3e:bb:a2:08:0a:7d:21:81:90:28:60:5f:
35:d1:f5:68:19:b2:34:b7:82:49:58:85:b8:bf:1e:
26:07:52:a7:8d:9b:43:73:57:ae:3d:3e:dc:62:1a:
0c:ce:be:1e:eb:e2:cf:b0:9f:9a:64:14:a3:81:6d:
5c:29:0a:7b:bf:14:e7:c9:4d:da:d4:cc:38:1a:1d:
16:b9:b7:51:64:50:ba:5c:e4:c3:5e:48:77:0b:2a:
3a:ee:dd:67:75:f6:d3:ce:37:8d:e9:7d:94:f8:ba:
17:aa:ea:71:79:44:67:db:33:4a:df:2a:c5:8a:84:
1e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:4D:96:38:33:59:CB:49:66:A1:5B:9A:90:69:13:EB:54:56:65:7B
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
153812
sbgp-ipAddrBlock: critical
IPv4:
163.227.144.0/23
IPv6:
2402:420::/32
Signature Algorithm: sha256WithRSAEncryption
18:58:8b:ec:02:68:ae:44:46:91:70:a2:b8:d4:aa:8b:95:02:
db:6a:36:48:4b:4b:f4:fa:39:5c:f4:58:9f:bb:62:1a:ce:30:
83:2c:7d:44:1e:cf:7b:a7:7d:73:a4:86:34:cd:b1:8a:d2:f3:
d6:0f:74:73:d4:97:b2:fa:c3:83:4b:46:93:fd:c2:34:bc:f1:
84:e4:1f:8a:cf:fe:51:49:46:fd:2b:f8:1a:45:f7:2b:30:c6:
da:c3:d7:0e:51:be:8d:0a:74:be:74:65:2f:c0:78:17:b2:3b:
77:de:08:f1:27:d9:cc:83:0b:e3:49:25:35:8a:6d:1a:6d:ea:
0b:68:15:82:dd:76:68:95:f1:3b:b8:83:34:87:98:dd:c2:06:
e5:fd:bc:5f:5a:bf:f0:e0:97:3d:27:75:a6:69:47:20:13:31:
ca:dd:61:9e:0f:84:04:77:4a:a9:25:c1:2a:e3:99:e8:ff:17:
75:7d:81:34:36:a3:1d:e7:03:ac:8c:eb:5c:0b:7f:a4:34:39:
a6:cf:26:b4:16:92:ab:5a:c4:5a:9b:85:47:92:86:75:e9:62:
82:78:47:a4:01:34:34:27:93:09:a3:63:79:65:74:56:1d:86:
c5:2f:28:a0:5f:81:c4:6b:a1:49:d4:c1:69:25:c2:26:fe:fa:
31:0b:a3:e0
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAkiFMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUyNTIwMDI0OFoXDTI2MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzlDMDMxMTAvBgNVBAUTKEEyNEQ5NjM4MzM1OUNCNDk2NkExNUI5
QTkwNjkxM0VCNTQ1NjY1N0IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCalk34uIJ+FPIavq/MrxYeDOJVJaF9HXM7Q0/NvxKJDHOFVN6fiuJptDlYvPeJ
OZ6ha1R0can2iw+jGCo4/tREEtcc1iDaAjYHHT92CjtoUOu+l0cFPowxGLAYyjpe
8sCVs4Q7toBDySWa3dF9uW/TiffxjX4eyndcTtIEyVJdzuJ6HL+G/zBh8z67oggK
fSGBkChgXzXR9WgZsjS3gklYhbi/HiYHUqeNm0NzV649PtxiGgzOvh7r4s+wn5pk
FKOBbVwpCnu/FOfJTdrUzDgaHRa5t1FkULpc5MNeSHcLKjru3Wd19tPON43pfZT4
uheq6nF5RGfbM0rfKsWKhB6PAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUok2WODNZ
y0lmoVuakGkT61RWZXswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM5QzAzLzM3RDE4QTE2MzlBMzExRjBCQUQ3MkMzQ0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDOUMwMy8zN0QxOEExNjM5QTMxMUYwQkFENzJDM0NDNEY5QUUwMi9vazJXT0RO
WnkwbG1vVnVha0drVDYxUldaWHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAljUMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBo+OQMA0EAgAC
MAcDBQAkAgQgMA0GCSqGSIb3DQEBCwUAA4IBAQAYWIvsAmiuREaRcKK41KqLlQLb
ajZIS0v0+jlc9Fifu2IazjCDLH1EHs97p31zpIY0zbGK0vPWD3Rz1Jey+sODS0aT
/cI0vPGE5B+Kz/5RSUb9K/gaRfcrMMbaw9cOUb6NCnS+dGUvwHgXsjt33gjxJ9nM
gwvjSSU1im0abeoLaBWC3XZolfE7uIM0h5jdwgbl/bxfWr/w4Jc9J3WmaUcgEzHK
3WGeD4QEd0qpJcEq45no/xd1fYE0NqMd5wOsjOtcC3+kNDmmzya0FpKrWsRam4VH
koZ16WKCeEekATQ0J5MJo2N5ZXRWHYbFLyigX4HEa6FJ1MFpJcIm/voxC6Pg
-----END CERTIFICATE-----
Generated at Fri May 30 08:37:16 2025 by rpki-client