Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x_AoN9JFy4-rzUdBz6K0paL3Pq0.cer
File: x_AoN9JFy4-rzUdBz6K0paL3Pq0.cer (raw, json)
Hash identifier: zT5/3pLt5+3q79u3O+smLkBUMZo17NjYXjyebzIyoT4=
Subject key identifier: C7:F0:28:37:D2:45:CB:8F:AB:CD:47:41:CF:A2:B4:A5:A2:F7:3E:AD
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0249C4
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/x_AoN9JFy4-rzUdBz6K0paL3Pq0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 30 May 2025 07:11:54 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 153349
IP: 2001:df4:5ac0::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 18 Jun 2025 18:06:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149956 (0x249c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 30 07:11:54 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A91D8BB1, serialNumber=C7F02837D245CB8FABCD4741CFA2B4A5A2F73EAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:eb:ae:83:91:3e:30:fe:b9:e4:3f:4b:10:2b:
d5:a8:fe:df:a1:e2:c7:30:1b:c1:41:2e:72:11:6f:
19:b2:f3:95:7b:88:99:a3:a1:06:64:d3:de:95:01:
cf:78:23:84:09:a4:f7:f0:b1:67:51:c9:00:24:40:
dc:1d:51:70:c4:3b:3a:ad:c2:bf:b4:90:bc:6b:48:
ab:91:48:f0:ae:db:60:ae:23:51:64:cd:76:b6:f4:
71:c3:25:dd:33:de:51:10:59:57:5e:9a:c6:b8:29:
46:50:7d:10:f8:a4:d7:b0:72:4e:32:f2:5e:07:f5:
24:63:8f:ce:6a:58:3e:13:63:fe:f7:5c:c6:c9:e1:
bc:50:41:60:99:65:43:95:f8:44:2e:45:20:e1:89:
a0:19:3f:b3:cd:ef:e4:81:54:06:18:dc:d6:62:41:
27:37:42:bb:c6:e8:a3:88:2c:57:f8:58:11:ce:fc:
eb:65:8e:78:4a:4a:33:5f:d1:44:15:36:fa:d0:c6:
2d:9d:0a:57:70:83:ef:75:b9:18:c8:60:a3:f4:cb:
74:26:12:b6:b0:71:d3:03:14:fd:31:af:c4:c3:5d:
fc:4b:80:a0:87:9f:48:48:be:48:a6:b3:7a:31:53:
f3:11:05:68:bf:14:6b:83:2e:aa:04:5a:58:23:b7:
b1:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F0:28:37:D2:45:CB:8F:AB:CD:47:41:CF:A2:B4:A5:A2:F7:3E:AD
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/x_AoN9JFy4-rzUdBz6K0paL3Pq0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
153349
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:5ac0::/48
Signature Algorithm: sha256WithRSAEncryption
23:28:f1:18:0b:96:df:cc:8d:c0:6f:69:4a:98:c1:c6:80:25:
5d:f9:ae:59:a7:d1:5f:91:d0:89:bb:6a:95:38:2a:ad:81:ca:
f5:fe:8b:5d:9a:7f:ba:32:c3:96:e2:26:a7:b1:2b:ab:00:6b:
f5:21:aa:97:3d:73:d6:ac:f3:95:43:76:63:14:9e:ed:e3:23:
8d:4b:6b:90:dd:ab:b4:09:7d:49:df:ab:61:03:70:8a:28:b2:
f3:ba:1d:67:57:fc:48:5f:93:0b:06:fe:e0:ba:1d:62:f8:7c:
11:8d:1b:6c:0f:19:ba:f7:85:7c:3f:58:5e:bd:cc:a7:42:a6:
0b:3d:48:85:a3:05:9a:d2:ea:e7:fa:c4:9f:0c:4f:bf:40:74:
a6:9b:93:d1:e7:7c:78:8b:d6:46:ad:83:ea:95:b5:af:35:82:
29:01:91:53:9b:b1:0c:dc:e7:6f:a8:d7:3e:fc:ed:f1:36:f0:
bb:c9:47:6c:4f:63:3d:3d:a7:b8:57:09:59:36:c8:4d:41:f9:
5a:e8:6a:82:08:04:de:3a:3e:61:27:c8:3d:e8:cd:a1:e0:03:
59:8b:0a:5a:d3:c6:48:cc:c9:cc:c5:d2:7f:d7:47:10:8e:0e:
65:9d:98:03:11:4f:c1:1b:e0:1d:da:1d:f8:cf:6b:65:f7:50:
a8:d3:26:e8
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgIDAknEMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUzMDA3MTE1NFoXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDhCQjExMTAvBgNVBAUTKEM3RjAyODM3RDI0NUNCOEZBQkNENDc0
MUNGQTJCNEE1QTJGNzNFQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCr666DkT4w/rnkP0sQK9Wo/t+h4scwG8FBLnIRbxmy85V7iJmjoQZk096VAc94
I4QJpPfwsWdRyQAkQNwdUXDEOzqtwr+0kLxrSKuRSPCu22CuI1FkzXa29HHDJd0z
3lEQWVdemsa4KUZQfRD4pNewck4y8l4H9SRjj85qWD4TY/73XMbJ4bxQQWCZZUOV
+EQuRSDhiaAZP7PN7+SBVAYY3NZiQSc3QrvG6KOILFf4WBHO/OtljnhKSjNf0UQV
NvrQxi2dCldwg+91uRjIYKP0y3QmErawcdMDFP0xr8TDXfxLgKCHn0hIvkims3ox
U/MRBWi/FGuDLqoEWlgjt7EfAgMBAAGjggMSMIIDDjAdBgNVHQ4EFgQUx/AoN9JF
y4+rzUdBz6K0paL3Pq0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQ4QkIxLzVBRDc2OUIwM0QyNTExRjA4MEM0ODk1NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEOEJCMS81QUQ3NjlCMDNEMjUxMUYwODBDNDg5NTVDNEY5QUUwMi94X0FvTjlK
Rnk0LXJ6VWRCejZLMHBhTDNQcTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlcFMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN9FrAMA0G
CSqGSIb3DQEBCwUAA4IBAQAjKPEYC5bfzI3Ab2lKmMHGgCVd+a5Zp9FfkdCJu2qV
OCqtgcr1/otdmn+6MsOW4iansSurAGv1IaqXPXPWrPOVQ3ZjFJ7t4yONS2uQ3au0
CX1J36thA3CKKLLzuh1nV/xIX5MLBv7guh1i+HwRjRtsDxm694V8P1hevcynQqYL
PUiFowWa0urn+sSfDE+/QHSmm5PR53x4i9ZGrYPqlbWvNYIpAZFTm7EM3OdvqNc+
/O3xNvC7yUdsT2M9Pae4VwlZNshNQfla6GqCCATeOj5hJ8g96M2h4ANZiwpa08ZI
zMnMxdJ/10cQjg5lnZgDEU/BG+Ad2h34z2tl91Co0ybo
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:23:53 2025 by rpki-client