Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pZ2DbhwxYjzFhkSKp1K3RoU7hB0.cer
File: pZ2DbhwxYjzFhkSKp1K3RoU7hB0.cer (raw, json)
Hash identifier: 73OpEzHufU0K1ch6BaZu+1YsvwdrVpF5bdRR2Sdm+Hw=
Subject key identifier: A5:9D:83:6E:1C:31:62:3C:C5:86:44:8A:A7:52:B7:46:85:3B:84:1D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025EDA
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D1E4C/7DADA56CD94D11EAA604AC53C4F9AE02/pZ2DbhwxYjzFhkSKp1K3RoU7hB0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D1E4C/7DADA56CD94D11EAA604AC53C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 21 Aug 2025 19:40:44 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: AS: 140981
IP: 103.154.48.0/23
IP: 2001:df4:6880::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 11:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155354 (0x25eda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 21 19:40:44 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A91D1E4C, serialNumber=A59D836E1C31623CC586448AA752B746853B841D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e7:b7:b7:9a:b1:87:fc:8f:75:f7:db:0d:a0:
f8:c6:d4:84:3d:0b:49:b8:3d:05:c1:7b:50:a6:fd:
d4:17:f8:f8:0b:dd:f7:b2:8e:48:60:5f:1e:2a:42:
50:bd:a7:8a:0e:10:ad:5a:e7:b6:1e:88:78:60:52:
2e:48:10:fc:f5:17:f0:6e:ca:3f:31:19:0e:c0:48:
b8:c1:90:36:99:de:a7:cf:f8:08:ad:af:9d:06:b4:
56:dd:01:72:8c:53:38:9c:5a:99:be:99:ea:89:5b:
a3:78:7f:bf:82:48:1a:47:af:f9:1b:28:31:e3:be:
cc:0c:a5:97:0f:2b:4d:af:0f:3e:28:e4:69:2c:14:
36:f6:8b:05:b9:6e:f0:95:e0:17:7b:47:38:e9:54:
14:0a:51:36:12:04:f7:06:8e:77:04:13:01:05:4d:
16:68:6b:4f:dd:e0:74:03:81:9e:75:b8:70:e9:fd:
a9:84:a6:f2:c3:a6:2f:e1:69:04:cc:16:fd:83:f3:
38:06:2e:58:b3:d1:ce:ae:6f:2f:01:c7:25:19:bb:
b8:18:83:2e:01:a9:6a:2d:07:fd:20:a5:e2:b8:ea:
92:f4:32:21:fa:29:f2:18:c6:68:fe:ec:90:10:21:
7e:ab:00:a6:a8:86:71:4c:d1:1e:3f:ea:71:ed:f7:
a7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:9D:83:6E:1C:31:62:3C:C5:86:44:8A:A7:52:B7:46:85:3B:84:1D
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D1E4C/7DADA56CD94D11EAA604AC53C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D1E4C/7DADA56CD94D11EAA604AC53C4F9AE02/pZ2DbhwxYjzFhkSKp1K3RoU7hB0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
140981
sbgp-ipAddrBlock: critical
IPv4:
103.154.48.0/23
IPv6:
2001:df4:6880::/48
Signature Algorithm: sha256WithRSAEncryption
ac:08:6c:11:38:fe:43:00:47:68:87:e5:d7:02:f6:a1:e7:82:
4a:b2:26:26:59:89:06:b4:9a:cc:7b:46:5a:6c:cf:cf:c5:80:
6b:52:3d:27:53:0b:a0:9a:77:57:9b:d5:8b:ac:a4:31:35:3a:
85:5f:89:69:26:e1:38:cb:39:53:d6:28:24:c0:24:e5:cf:0d:
df:8f:46:69:01:41:c4:55:5e:3f:6e:9e:dd:07:99:12:72:9b:
60:d6:39:83:0c:a0:12:4d:0e:44:d0:50:24:51:bd:b0:2d:8b:
cb:e9:62:f4:0d:c7:51:f8:07:56:04:da:4a:b4:03:6a:25:7d:
9a:fb:70:af:b4:c1:2a:b6:23:46:53:61:5a:8c:79:00:c0:3a:
ad:c0:cd:e2:7c:50:c5:6e:d9:5c:09:15:84:59:79:aa:c5:5c:
93:bd:bf:a4:48:07:b8:66:bf:d4:15:e9:13:d7:0c:ef:4d:53:
88:50:01:bf:e0:92:6a:60:26:02:ab:d9:c0:3a:a1:14:2d:61:
c1:be:82:7f:38:cf:0c:40:ca:6a:f4:36:16:1d:d1:1f:cf:28:
d5:6e:5e:11:5d:fd:0a:e0:77:f1:27:c2:53:a8:91:4c:85:b9:
66:1a:44:6a:56:d3:f2:88:c0:b1:53:97:56:b0:3a:22:1c:45:
7c:d7:87:e2
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAl7aMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgyMTE5NDA0NFoXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDFFNEMxMTAvBgNVBAUTKEE1OUQ4MzZFMUMzMTYyM0NDNTg2NDQ4
QUE3NTJCNzQ2ODUzQjg0MUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC357e3mrGH/I9199sNoPjG1IQ9C0m4PQXBe1Cm/dQX+PgL3feyjkhgXx4qQlC9
p4oOEK1a57YeiHhgUi5IEPz1F/Buyj8xGQ7ASLjBkDaZ3qfP+Aitr50GtFbdAXKM
UzicWpm+meqJW6N4f7+CSBpHr/kbKDHjvswMpZcPK02vDz4o5GksFDb2iwW5bvCV
4Bd7RzjpVBQKUTYSBPcGjncEEwEFTRZoa0/d4HQDgZ51uHDp/amEpvLDpi/haQTM
Fv2D8zgGLliz0c6uby8BxyUZu7gYgy4BqWotB/0gpeK46pL0MiH6KfIYxmj+7JAQ
IX6rAKaohnFM0R4/6nHt96cvAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUpZ2Dbhwx
YjzFhkSKp1K3RoU7hB0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQxRTRDLzdEQURBNTZDRDk0RDExRUFBNjA0QUM1M0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEMUU0Qy83REFEQTU2Q0Q5NEQxMUVBQTYwNEFDNTNDNEY5QUUwMi9wWjJEYmh3
eFlqekZoa1NLcDFLM1JvVTdoQjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAia1MDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ5owMA8EAgAC
MAkDBwAgAQ30aIAwDQYJKoZIhvcNAQELBQADggEBAKwIbBE4/kMAR2iH5dcC9qHn
gkqyJiZZiQa0msx7Rlpsz8/FgGtSPSdTC6Cad1eb1YuspDE1OoVfiWkm4TjLOVPW
KCTAJOXPDd+PRmkBQcRVXj9unt0HmRJym2DWOYMMoBJNDkTQUCRRvbAti8vpYvQN
x1H4B1YE2kq0A2olfZr7cK+0wSq2I0ZTYVqMeQDAOq3AzeJ8UMVu2VwJFYRZearF
XJO9v6RIB7hmv9QV6RPXDO9NU4hQAb/gkmpgJgKr2cA6oRQtYcG+gn84zwxAymr0
NhYd0R/PKNVuXhFd/Qrgd/EnwlOokUyFuWYaRGpW0/KIwLFTl1awOiIcRXzXh+I=
-----END CERTIFICATE-----
Generated at Fri Aug 22 14:22:36 2025 by rpki-client