Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yL8GWnSCLvjMYvSlTlnVhxILb0c.cer
File: yL8GWnSCLvjMYvSlTlnVhxILb0c.cer (raw, json)
Hash identifier: XFPD9YkTjoAsk0ZbDcrB9QlafuVWZ8QevrP1UDPLgAc=
Subject key identifier: C8:BF:06:5A:74:82:2E:F8:CC:62:F4:A5:4E:59:D5:87:12:0B:6F:47
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 027067
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 30 Oct 2025 01:24:31 +0000
Certificate not after: Wed 30 Dec 2026 00:00:00 +0000
Subordinate resources: AS: 153322
IP: 2001:df4:3ec0::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 10 Nov 2025 09:20:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159847 (0x27067)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 30 01:24:31 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=A91E85F1, serialNumber=C8BF065A74822EF8CC62F4A54E59D587120B6F47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0c:d8:0c:9c:0f:af:2d:01:77:72:38:1b:b2:
4f:28:ef:7d:18:0c:a6:3b:bb:0b:93:78:fd:d1:74:
20:4e:e5:b6:4b:3d:cf:4d:45:d2:38:19:d0:3e:84:
c9:d4:ae:95:af:d9:a1:96:f7:d3:4d:8e:c1:e5:55:
04:ba:57:0d:7e:cb:5d:09:15:9d:8e:84:ff:7c:18:
c2:25:3e:72:dd:01:a0:f3:aa:c9:60:38:6f:96:1a:
f7:2a:0d:39:c0:67:83:41:52:ee:d5:3f:21:ce:0b:
47:ca:3a:2f:fe:55:0f:db:a9:21:af:24:31:22:8a:
02:37:df:bc:72:f7:61:fa:8d:f0:9e:00:49:2a:7a:
97:2d:8b:36:91:63:65:67:ac:cc:f4:2b:8f:9c:1b:
e4:0f:01:55:55:6d:53:1b:70:3f:ca:79:d5:3d:7d:
40:36:bb:77:fd:36:3e:3f:03:42:71:aa:67:f9:ef:
41:c8:94:48:60:02:25:f4:95:b3:c1:8c:6b:74:a4:
29:75:8a:a9:87:3a:d8:98:12:b0:e3:e7:d6:a7:09:
ed:38:48:73:a9:f5:b4:1f:e7:05:3c:f1:66:57:c6:
6b:d2:a4:8d:79:0e:0d:ab:5f:c9:f7:bb:14:ad:62:
28:0b:dd:2d:61:f1:a3:bd:ee:98:22:77:a0:25:e8:
cd:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:BF:06:5A:74:82:2E:F8:CC:62:F4:A5:4E:59:D5:87:12:0B:6F:47
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
153322
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:3ec0::/48
Signature Algorithm: sha256WithRSAEncryption
30:83:ad:3e:4b:b2:83:ad:84:78:a3:b1:6a:c0:9d:a5:4b:62:
8f:75:3e:f3:e4:77:41:bf:86:c3:a4:5a:8d:89:37:4a:36:68:
b0:49:07:85:9b:f9:73:03:36:f1:1a:ea:42:13:f3:9f:63:95:
42:5e:db:4d:41:ff:f9:f8:c6:18:d5:5c:0c:6d:0d:74:7e:cb:
9c:ff:2b:98:7d:a4:23:3c:c5:82:e5:7d:26:97:83:23:79:ce:
d6:9e:f4:98:d7:67:06:8f:27:75:59:57:fb:68:ea:5c:50:9e:
69:5c:b7:6c:45:4d:01:c5:83:4b:d5:84:28:a1:0d:c9:f8:13:
58:d6:ed:d6:53:a3:d6:93:b3:6f:7b:22:74:a0:06:2b:79:e1:
a3:d2:0e:69:0d:72:09:2e:1b:ad:64:48:6f:8a:5a:25:8f:92:
a1:6f:8f:6b:e8:75:ea:8a:2d:1e:dc:b5:bc:e0:3e:b2:f7:de:
d0:05:b6:ab:6a:08:ab:28:1d:e9:cf:88:47:54:3c:b7:f3:5f:
66:df:23:7e:5c:60:89:c8:6f:03:9f:92:e2:07:60:a9:04:05:
0f:de:b3:81:e0:e3:18:37:f3:dd:94:7b:3d:48:38:e3:7b:cf:
20:50:a0:c9:ab:9e:6e:00:c2:9a:eb:b5:db:fb:c4:5f:55:bf:
5d:95:f1:1a
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgIDAnBnMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MTAzMDAxMjQzMVoXDTI2MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTg1RjExMTAvBgNVBAUTKEM4QkYwNjVBNzQ4MjJFRjhDQzYyRjRB
NTRFNTlENTg3MTIwQjZGNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC0DNgMnA+vLQF3cjgbsk8o730YDKY7uwuTeP3RdCBO5bZLPc9NRdI4GdA+hMnU
rpWv2aGW99NNjsHlVQS6Vw1+y10JFZ2OhP98GMIlPnLdAaDzqslgOG+WGvcqDTnA
Z4NBUu7VPyHOC0fKOi/+VQ/bqSGvJDEiigI337xy92H6jfCeAEkqepctizaRY2Vn
rMz0K4+cG+QPAVVVbVMbcD/KedU9fUA2u3f9Nj4/A0Jxqmf570HIlEhgAiX0lbPB
jGt0pCl1iqmHOtiYErDj59anCe04SHOp9bQf5wU88WZXxmvSpI15Dg2rX8n3uxSt
YigL3S1h8aO97pgid6Al6M3xAgMBAAGjggMSMIIDDjAdBgNVHQ4EFgQUyL8GWnSC
LvjMYvSlTlnVhxILb0cwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU4NUYxLzZBQTRENjBBMERGQzExRjBBMUQ5ODA1M0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFODVGMS82QUE0RDYwQTBERkMxMUYwQTFEOTgwNTNDNEY5QUUwMi95TDhHV25T
Q0x2ak1ZdlNsVGxuVmh4SUxiMGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlbqMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN9D7AMA0G
CSqGSIb3DQEBCwUAA4IBAQAwg60+S7KDrYR4o7FqwJ2lS2KPdT7z5HdBv4bDpFqN
iTdKNmiwSQeFm/lzAzbxGupCE/OfY5VCXttNQf/5+MYY1VwMbQ10fsuc/yuYfaQj
PMWC5X0ml4Mjec7WnvSY12cGjyd1WVf7aOpcUJ5pXLdsRU0BxYNL1YQooQ3J+BNY
1u3WU6PWk7NveyJ0oAYreeGj0g5pDXIJLhutZEhvilolj5Khb49r6HXqii0e3LW8
4D6y997QBbaragirKB3pz4hHVDy3819m3yN+XGCJyG8Dn5LiB2CpBAUP3rOB4OMY
N/PdlHs9SDjje88gUKDJq55uAMKa67Xb+8RfVb9dlfEa
-----END CERTIFICATE-----
Generated at Mon Nov 3 11:13:33 2025 by rpki-client