Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rYT0vL6zyTZfKCcVO6ac7SqZEuI.cer
File: rYT0vL6zyTZfKCcVO6ac7SqZEuI.cer (raw, json)
Hash identifier: MNK2GrbEBgEL9e4lfhY+VHJkLw9tUxxAE172f3Lh0LY=
Subject key identifier: AD:84:F4:BC:BE:B3:C9:36:5F:28:27:15:3B:A6:9C:ED:2A:99:12:E2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 026463
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91EF8B6/40E7FABA3AA611EAAC8F1875C4F9AE02/rYT0vL6zyTZfKCcVO6ac7SqZEuI.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91EF8B6/40E7FABA3AA611EAAC8F1875C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 09 Sep 2025 22:10:57 +0000
Certificate not after: Tue 01 Dec 2026 00:00:00 +0000
Subordinate resources: AS: 132438
IP: 103.73.44.0/23
IP: 2406:ec80::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 26 Sep 2025 01:13:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156771 (0x26463)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Sep 9 22:10:57 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=A91EF8B6, serialNumber=AD84F4BCBEB3C9365F2827153BA69CED2A9912E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a7:bc:bf:24:ff:95:a0:7d:86:15:28:ca:c7:
0a:ef:ff:be:84:9c:15:71:06:4a:5c:c0:0a:8e:e5:
15:8d:eb:47:6a:d1:aa:11:d7:a1:8a:00:c4:e9:74:
c3:6f:7c:aa:54:c9:59:b4:bf:39:1a:6d:46:5b:06:
7f:1d:44:36:f6:51:0f:bb:42:27:ba:90:8f:91:11:
20:e6:02:85:b7:2e:f3:d2:e9:3e:14:4b:75:0a:66:
26:3c:9f:43:63:08:f6:95:1d:cf:33:08:24:67:c7:
d7:b2:cc:f2:10:2a:0f:90:2a:b7:19:88:bf:2e:a2:
07:32:17:e5:6e:b3:66:2e:42:04:10:c9:a9:67:a9:
12:e6:fb:92:35:21:a2:a6:32:a1:b4:fd:7d:7c:04:
43:15:62:da:93:e9:33:fe:06:45:54:dd:61:ab:c5:
a8:cd:46:8a:1f:43:7f:3a:f4:ca:cd:68:62:e9:c5:
1d:86:ba:bc:c3:06:a5:c7:9a:7c:96:33:e0:e9:b1:
2a:19:e5:80:f8:b4:11:1b:cb:9b:96:54:59:c1:01:
fb:cb:26:62:0d:e3:3f:a2:b9:46:53:6b:ba:8f:3b:
ba:22:33:09:01:5e:4a:67:a6:1e:a3:6e:c0:3c:87:
97:08:cc:fe:d3:50:5e:97:cb:25:78:c4:83:b6:fb:
1a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:84:F4:BC:BE:B3:C9:36:5F:28:27:15:3B:A6:9C:ED:2A:99:12:E2
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91EF8B6/40E7FABA3AA611EAAC8F1875C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91EF8B6/40E7FABA3AA611EAAC8F1875C4F9AE02/rYT0vL6zyTZfKCcVO6ac7SqZEuI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
132438
sbgp-ipAddrBlock: critical
IPv4:
103.73.44.0/23
IPv6:
2406:ec80::/32
Signature Algorithm: sha256WithRSAEncryption
d5:b5:04:62:d5:ca:86:c5:ae:82:21:1b:7b:8a:96:7b:f8:d3:
79:30:d9:84:7f:7d:b5:38:0d:15:d4:bf:6c:a9:f4:39:58:e5:
0a:20:a7:b9:49:55:fc:9f:14:f8:56:ed:77:e0:a7:38:f0:45:
74:e8:ed:13:6b:c4:e8:95:d0:9b:f5:20:28:10:df:a3:6f:06:
9c:c2:6f:1f:1e:64:97:4a:cb:14:be:0c:89:d1:50:cb:6f:48:
cc:6a:f1:d4:a5:90:88:68:e4:c3:6a:5f:4d:fc:05:18:f2:97:
d5:40:12:1d:7c:19:36:62:9f:9e:81:98:8b:88:14:7c:72:0f:
81:b3:af:ac:3a:8a:7e:b1:1b:a7:c4:48:48:b7:6d:e4:b4:5d:
22:8b:a0:62:7b:fc:42:2e:c5:b3:06:e7:52:7d:2d:fd:e2:3f:
fa:a7:77:b7:ae:91:9f:69:e7:a1:e2:d8:56:9b:25:b1:bb:27:
76:a1:fc:12:9e:8c:73:c3:e8:f0:ae:cc:44:da:ac:84:6d:c0:
b9:ef:7c:2f:a1:6d:5d:fd:1f:58:f9:f6:62:0c:29:29:b3:65:
fa:0a:7b:2f:08:25:ff:6d:31:5b:39:a6:d7:b7:59:df:50:83:
5f:c1:06:9c:3b:98:92:63:5a:8c:b3:2f:48:f2:f5:98:e4:46:
61:92:d5:d6
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAmRjMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDkwOTIyMTA1N1oXDTI2MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRUY4QjYxMTAvBgNVBAUTKEFEODRGNEJDQkVCM0M5MzY1RjI4Mjcx
NTNCQTY5Q0VEMkE5OTEyRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCxp7y/JP+VoH2GFSjKxwrv/76EnBVxBkpcwAqO5RWN60dq0aoR16GKAMTpdMNv
fKpUyVm0vzkabUZbBn8dRDb2UQ+7Qie6kI+RESDmAoW3LvPS6T4US3UKZiY8n0Nj
CPaVHc8zCCRnx9eyzPIQKg+QKrcZiL8uogcyF+Vus2YuQgQQyalnqRLm+5I1IaKm
MqG0/X18BEMVYtqT6TP+BkVU3WGrxajNRoofQ3869MrNaGLpxR2GurzDBqXHmnyW
M+DpsSoZ5YD4tBEby5uWVFnBAfvLJmIN4z+iuUZTa7qPO7oiMwkBXkpnph6jbsA8
h5cIzP7TUF6XyyV4xIO2+xoxAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUrYT0vL6z
yTZfKCcVO6ac7SqZEuIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUVGOEI2LzQwRTdGQUJBM0FBNjExRUFBQzhGMTg3NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFRjhCNi80MEU3RkFCQTNBQTYxMUVBQUM4RjE4NzVDNEY5QUUwMi9yWVQwdkw2
enlUWmZLQ2NWTzZhYzdTcVpFdUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgVWMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ0ksMA0EAgAC
MAcDBQAkBuyAMA0GCSqGSIb3DQEBCwUAA4IBAQDVtQRi1cqGxa6CIRt7ipZ7+NN5
MNmEf321OA0V1L9sqfQ5WOUKIKe5SVX8nxT4Vu134Kc48EV06O0Ta8ToldCb9SAo
EN+jbwacwm8fHmSXSssUvgyJ0VDLb0jMavHUpZCIaOTDal9N/AUY8pfVQBIdfBk2
Yp+egZiLiBR8cg+Bs6+sOop+sRunxEhIt23ktF0ii6Bie/xCLsWzBudSfS394j/6
p3e3rpGfaeeh4thWmyWxuyd2ofwSnoxzw+jwrsxE2qyEbcC573wvoW1d/R9Y+fZi
DCkps2X6CnsvCCX/bTFbOabXt1nfUINfwQacO5iSY1qMsy9I8vWY5EZhktXW
-----END CERTIFICATE-----
Generated at Fri Sep 19 03:39:07 2025 by rpki-client