Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer
File: vFNsAPhfWQQdnEwpYfciQr9g1R4.cer (raw, json)
Hash identifier: 06cNGt9T8BxmX8PYEIwrXo04tAQ+isCU+rZoKHN72NI=
Subject key identifier: BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02B4E0
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/vFNsAPhfWQQdnEwpYfciQr9g1R4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 15 May 2026 04:50:53 +0000
Certificate not after: Tue 02 Mar 2027 00:00:00 +0000
Subordinate resources: AS: 23942
AS: 59325
AS: 133584
AS: 134170
AS: 137074
AS: 141013
IP: 43.224.188.0/22
IP: 43.226.4.0/22
IP: 45.64.80.0/22
IP: 103.18.64.0/22
IP: 103.25.176.0/22
IP: 103.43.212.0/22
IP: 103.104.16.0/22
IP: 103.113.40.0/22
IP: 103.125.244.0/22
IP: 116.89.244.0/22
IP: 203.28.64.0/22
IP: 203.144.0.0/22
IP: 2401:fdc0::/32
IP: 2406:e100::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 May 2026 04:46:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177376 (0x2b4e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 15 04:50:53 2026 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=A9164860, serialNumber=BC536C00F85F59041D9C4C2961F72242BF60D51E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:de:e8:24:ae:65:2e:d4:e9:f2:a3:c2:50:fb:
34:82:85:ff:01:5a:ff:18:18:9f:14:33:58:99:f9:
97:ca:ba:c4:55:55:b1:79:08:4b:aa:36:56:47:c4:
86:6d:3d:78:c2:60:55:4d:30:8c:ab:82:1c:83:80:
78:87:4a:1e:c6:be:8d:f7:5d:eb:7c:4f:9f:03:d7:
cf:80:19:cc:96:74:ea:9e:9f:e0:5f:d4:a8:bb:4e:
f8:9b:6a:96:7d:e5:e6:bc:27:41:10:d2:96:97:2c:
d8:87:27:19:fb:96:e5:c6:fb:5f:12:4c:c2:cf:d7:
71:04:8c:b5:4c:f2:31:bc:4d:13:4d:c5:4e:62:30:
0b:af:40:7b:ef:7c:a9:38:f7:48:01:28:b3:fc:6d:
f7:0f:7a:c4:54:5e:26:99:82:b2:b5:f5:a0:14:4a:
b7:58:b3:62:0e:c3:05:18:53:dc:93:5b:2a:2e:f8:
01:a3:29:83:71:7b:26:a1:f7:24:24:2f:38:b9:d6:
ac:eb:d0:46:6f:8a:2f:34:0c:48:01:9d:d0:77:60:
09:99:fa:ef:d4:16:54:29:47:7c:ee:8d:1e:2f:f3:
38:fe:27:a9:5f:d1:2f:2a:a1:64:98:82:e8:43:57:
11:54:70:53:cc:3e:f6:90:fc:1f:81:be:29:87:6b:
0f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/vFNsAPhfWQQdnEwpYfciQr9g1R4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
23942
59325
133584
134170
137074
141013
sbgp-ipAddrBlock: critical
IPv4:
43.224.188.0/22
43.226.4.0/22
45.64.80.0/22
103.18.64.0/22
103.25.176.0/22
103.43.212.0/22
103.104.16.0/22
103.113.40.0/22
103.125.244.0/22
116.89.244.0/22
203.28.64.0/22
203.144.0.0/22
IPv6:
2401:fdc0::/32
2406:e100::/32
Signature Algorithm: sha256WithRSAEncryption
af:d0:49:b1:fb:0b:85:3b:54:f7:8c:9d:be:2e:ab:9a:08:34:
18:a1:14:1a:4d:25:e4:23:41:e5:a6:fa:0f:ce:3a:82:71:f8:
d8:86:29:3e:91:b3:40:21:d3:91:df:d0:3e:45:75:33:37:05:
78:82:40:f5:93:f8:95:5a:29:14:20:7c:e6:0b:66:d6:07:a3:
48:0a:0d:7a:ae:b5:cf:01:66:2f:bc:bf:fb:bd:4a:3b:5a:7d:
d8:f7:90:64:a0:c0:3a:12:c1:c6:a2:4a:6e:05:31:3b:6f:07:
41:a3:22:94:bb:9c:dc:61:c4:3b:58:b6:4e:9c:5f:1a:d7:d9:
d5:aa:e0:8c:0f:cc:66:e7:23:04:79:41:ee:8a:58:84:e4:8a:
f0:9d:d6:b8:ba:24:24:31:82:c9:e6:dc:67:76:9f:6e:dd:3e:
a4:16:eb:85:61:7a:1e:7d:07:a0:bc:b5:ea:40:5e:8c:f4:cd:
83:92:2b:49:86:4a:54:1b:02:75:a7:de:ce:e3:38:5c:ad:db:
1b:32:5d:b1:a5:49:45:f8:70:73:64:f7:ad:f0:bc:92:a7:60:
44:af:96:5c:d8:d9:da:06:ec:84:14:89:3f:0e:cc:a1:1c:83:
ca:73:c1:bc:77:48:fa:b1:e2:1f:d6:ea:98:5f:33:c0:0e:c7:
6d:e0:6c:ed
-----BEGIN CERTIFICATE-----
MIIGijCCBXKgAwIBAgIDArTgMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDUxNTA0NTA1M1oXDTI3MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNjQ4NjAxMTAvBgNVBAUTKEJDNTM2QzAwRjg1RjU5MDQxRDlDNEMy
OTYxRjcyMjQyQkY2MEQ1MUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJ3ugkrmUu1Onyo8JQ+zSChf8BWv8YGJ8UM1iZ+ZfKusRVVbF5CEuqNlZHxIZt
PXjCYFVNMIyrghyDgHiHSh7Gvo33Xet8T58D18+AGcyWdOqen+Bf1Ki7TvibapZ9
5ea8J0EQ0paXLNiHJxn7luXG+18STMLP13EEjLVM8jG8TRNNxU5iMAuvQHvvfKk4
90gBKLP8bfcPesRUXiaZgrK19aAUSrdYs2IOwwUYU9yTWyou+AGjKYNxeyah9yQk
Lzi51qzr0EZvii80DEgBndB3YAmZ+u/UFlQpR3zujR4v8zj+J6lf0S8qoWSYguhD
VxFUcFPMPvaQ/B+BvimHaw/BAgMBAAGjggN/MIIDezAdBgNVHQ4EFgQUvFNsAPhf
WQQdnEwpYfciQr9g1R4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTY0ODYwL0I0MDFDOTgyRTk3MDExRThCMDM1OTM1OUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2NDg2MC9CNDAxQzk4MkU5NzAxMUU4QjAzNTkzNTlDNEY5QUUwMi92Rk5zQVBo
ZldRUWRuRXdwWWZjaVFyOWcxUjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMgYIKwYBBQUHAQgBAf8EIzAh
oB8wHQICXYYCAwDnvQIDAgnQAgMCDBoCAwIXcgIDAibVMHcGCCsGAQUFBwEHAQH/
BGgwZjBOBAIAATBIAwQCK+C8AwQCK+IEAwQCLUBQAwQCZxJAAwQCZxmwAwQCZyvU
AwQCZ2gQAwQCZ3EoAwQCZ330AwQCdFn0AwQCyxxAAwQCy5AAMBQEAgACMA4DBQAk
Af3AAwUAJAbhADANBgkqhkiG9w0BAQsFAAOCAQEAr9BJsfsLhTtU94ydvi6rmgg0
GKEUGk0l5CNB5ab6D846gnH42IYpPpGzQCHTkd/QPkV1MzcFeIJA9ZP4lVopFCB8
5gtm1gejSAoNeq61zwFmL7y/+71KO1p92PeQZKDAOhLBxqJKbgUxO28HQaMilLuc
3GHEO1i2TpxfGtfZ1argjA/MZucjBHlB7opYhOSK8J3WuLokJDGCyebcZ3afbt0+
pBbrhWF6Hn0HoLy16kBejPTNg5IrSYZKVBsCdafezuM4XK3bGzJdsaVJRfhwc2T3
rfC8kqdgRK+WXNjZ2gbshBSJPw7MoRyDynPBvHdI+rHiH9bqmF8zwA7HbeBs7Q==
-----END CERTIFICATE-----
Generated at Thu May 21 08:41:58 2026 by rpki-client