Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oktqYgRLcAZfBQY4hGDkry8X8_8.cer
File: oktqYgRLcAZfBQY4hGDkry8X8_8.cer (raw, json)
Hash identifier: M34l9h4jYT5SDdut1G+T3KSn0WMaxzFLB8ibobvM2NQ=
Subject key identifier: A2:4B:6A:62:04:4B:70:06:5F:05:06:38:84:60:E4:AF:2F:17:F3:FF
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025E66
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/oktqYgRLcAZfBQY4hGDkry8X8_8.mft
caRepository: rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 19 Aug 2025 18:23:11 +0000
Certificate not after: Wed 30 Sep 2026 00:00:00 +0000
Subordinate resources: AS: 23647
AS: 24123
AS: 24503
AS: 38533
AS: 45811
AS: 45845
IP: 103.235.196.0/22
IP: 103.250.135.0/24
IP: 163.53.24.0/23
IP: 202.51.64.0 -- 202.51.73.255
IP: 202.51.76.0/23
IP: 202.51.79.0 -- 202.51.81.255
IP: 202.51.86.0/24
IP: 202.51.88.0/23
IP: 202.51.92.0 -- 202.51.94.255
IP: 2405:6600::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 11:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155238 (0x25e66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 19 18:23:11 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=A918F550, serialNumber=A24B6A62044B70065F0506388460E4AF2F17F3FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3b:e7:52:a0:59:2c:89:5b:97:51:f4:08:f0:
d0:a0:e8:c7:6d:d0:5b:18:6f:4e:7c:cd:59:7b:b6:
88:be:d5:76:81:54:e6:ea:a0:4a:2b:19:60:74:28:
b8:79:eb:06:ec:9f:f7:4d:55:69:f4:ce:2b:2f:ad:
d9:7e:e6:c1:94:9e:15:59:17:9d:92:d6:db:2a:0c:
fa:e7:62:7e:15:e8:34:fa:38:00:f0:bb:2f:77:af:
fc:2f:aa:3b:20:75:6f:74:cc:a9:08:04:25:c2:a0:
c0:ce:7c:c6:31:67:a9:3d:5f:3a:86:09:95:da:97:
9d:19:db:d0:43:7d:00:c3:d5:d3:e1:be:cb:88:25:
d9:78:29:1b:48:ef:8c:79:b8:d8:9d:0d:4b:b4:24:
63:0a:c3:e1:ae:8c:d4:94:66:71:80:9b:9d:03:7b:
4e:29:10:72:2e:d0:2c:b2:11:72:78:ff:74:9e:d6:
55:7f:3d:4e:ba:8d:55:8b:16:f8:bb:64:0e:f3:df:
ae:ba:90:fb:fb:b8:24:db:87:5d:66:16:f9:f1:26:
a9:98:d4:9a:55:3c:42:0b:e7:8d:1a:3a:2c:e4:07:
be:d0:55:fd:be:58:c0:01:85:f4:a1:c9:d1:e5:06:
be:b4:4c:62:9a:4d:3a:6b:ca:a8:87:b6:d8:d6:0b:
17:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:4B:6A:62:04:4B:70:06:5F:05:06:38:84:60:E4:AF:2F:17:F3:FF
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/oktqYgRLcAZfBQY4hGDkry8X8_8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
23647
24123
24503
38533
45811
45845
sbgp-ipAddrBlock: critical
IPv4:
103.235.196.0/22
103.250.135.0/24
163.53.24.0/23
202.51.64.0-202.51.73.255
202.51.76.0/23
202.51.79.0-202.51.81.255
202.51.86.0/24
202.51.88.0/23
202.51.92.0-202.51.94.255
IPv6:
2405:6600::/32
Signature Algorithm: sha256WithRSAEncryption
19:7a:67:83:29:08:0e:06:6b:54:f8:4c:96:df:97:5b:f1:e0:
54:2b:66:a5:be:eb:2c:26:c4:a9:7c:05:f7:da:85:5f:08:38:
96:03:69:47:2a:b2:1c:ae:9e:c4:9c:87:e6:4c:20:68:a4:fd:
9e:33:ce:0a:07:11:42:d9:bb:a8:a6:6e:90:8a:26:57:24:78:
c7:97:f1:df:3d:32:a8:c8:12:23:eb:c8:b0:d4:f8:d4:ee:22:
40:48:42:49:be:8e:a7:67:61:5e:6a:9d:3f:27:ff:1f:dc:94:
74:d9:b2:41:2d:39:1f:a0:9d:2a:4c:48:61:7f:b1:95:d4:b8:
10:06:a7:29:b1:c9:52:a4:d4:e1:e7:b3:97:c2:ac:4b:d1:32:
6a:0d:5c:8d:8d:0b:9f:67:56:9c:75:1c:22:e6:76:6d:f7:4c:
38:9e:b5:0b:41:5d:e8:4d:d4:bf:21:f7:e8:d9:e0:d6:7e:c3:
15:e0:ca:08:ab:d8:85:e7:0f:80:eb:06:83:69:bd:6b:36:6d:
20:17:f7:9e:78:08:38:72:3c:4e:d8:9e:f4:d9:bc:67:b7:24:
c6:e6:97:0a:9b:0b:fc:04:a6:ea:aa:87:f4:33:dc:38:84:3b:
7e:47:40:50:29:74:63:f5:13:9a:25:e9:73:ee:92:cc:af:90:
dd:04:9e:62
-----BEGIN CERTIFICATE-----
MIIGhzCCBW+gAwIBAgIDAl5mMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgxOTE4MjMxMVoXDTI2MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOEY1NTAxMTAvBgNVBAUTKEEyNEI2QTYyMDQ0QjcwMDY1RjA1MDYz
ODg0NjBFNEFGMkYxN0YzRkYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFO+dSoFksiVuXUfQI8NCg6Mdt0FsYb058zVl7toi+1XaBVObqoEorGWB0KLh5
6wbsn/dNVWn0zisvrdl+5sGUnhVZF52S1tsqDPrnYn4V6DT6OADwuy93r/wvqjsg
dW90zKkIBCXCoMDOfMYxZ6k9XzqGCZXal50Z29BDfQDD1dPhvsuIJdl4KRtI74x5
uNidDUu0JGMKw+GujNSUZnGAm50De04pEHIu0CyyEXJ4/3Se1lV/PU66jVWLFvi7
ZA7z3666kPv7uCTbh11mFvnxJqmY1JpVPEIL540aOizkB77QVf2+WMABhfShydHl
Br60TGKaTTpryqiHttjWCxfbAgMBAAGjggN8MIIDeDAdBgNVHQ4EFgQUoktqYgRL
cAZfBQY4hGDkry8X8/8wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThGNTUwLzhCOUJEMjAyMUQ4NTExRTJCNDEyMzBEQzA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4RjU1MC84QjlCRDIwMjFEODUxMUUyQjQxMjMwREMwOEIwMkNEMi9va3RxWWdS
TGNBWmZCUVk0aEdEa3J5OFg4XzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQgBAf8EITAf
oB0wGwICXF8CAl47AgJftwIDAJaFAgMAsvMCAwCzFTB2BggrBgEFBQcBBwEB/wRn
MGUwVAQCAAEwTgMEAmfrxAMEAGf6hwMEAaM1GDAMAwQGyjNAAwQByjNIAwQByjNM
MAwDBADKM08DBAHKM1ADBADKM1YDBAHKM1gwDAMEAsozXAMEAMozXjANBAIAAjAH
AwUAJAVmADANBgkqhkiG9w0BAQsFAAOCAQEAGXpngykIDgZrVPhMlt+XW/HgVCtm
pb7rLCbEqXwF99qFXwg4lgNpRyqyHK6exJyH5kwgaKT9njPOCgcRQtm7qKZukIom
VyR4x5fx3z0yqMgSI+vIsNT41O4iQEhCSb6Op2dhXmqdPyf/H9yUdNmyQS05H6Cd
KkxIYX+xldS4EAanKbHJUqTU4eezl8KsS9Eyag1cjY0Ln2dWnHUcIuZ2bfdMOJ61
C0Fd6E3UvyH36Nng1n7DFeDKCKvYhecPgOsGg2m9azZtIBf3nngIOHI8Ttie9Nm8
Z7ckxuaXCpsL/ASm6qqH9DPcOIQ7fkdAUCl0Y/UTmiXpc+6SzK+Q3QSeYg==
-----END CERTIFICATE-----
Generated at Fri Aug 22 14:17:52 2025 by rpki-client