Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zcGHpkK01-xQ3K5ZoAZvFI1RCAE.cer
File: zcGHpkK01-xQ3K5ZoAZvFI1RCAE.cer (raw, json)
Hash identifier: 85xoFtoa0di9cv0LwPOTSoSX8XE2zHaeXYzUxDtmmCE=
Subject key identifier: CD:C1:87:A6:42:B4:D7:EC:50:DC:AE:59:A0:06:6F:14:8D:51:08:01
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025DA9
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A912672E/AF466574337211ED8EEAD61EC4F9AE02/zcGHpkK01-xQ3K5ZoAZvFI1RCAE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A912672E/AF466574337211ED8EEAD61EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 15 Aug 2025 12:57:01 +0000
Certificate not after: Tue 01 Dec 2026 00:00:00 +0000
Subordinate resources: AS: 150306
IP: 103.234.118.0/23
IP: 2001:df1:42c0::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 11:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155049 (0x25da9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 15 12:57:01 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=A912672E, serialNumber=CDC187A642B4D7EC50DCAE59A0066F148D510801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:57:fa:b8:45:58:e6:d8:e7:64:3e:41:eb:72:
54:7b:c4:ba:0d:74:fa:60:e3:b8:cc:c6:17:ea:b3:
3b:a5:4d:bc:1d:a4:ce:f2:ba:95:92:33:a1:bc:44:
62:2e:6a:22:77:57:46:ef:55:48:e2:94:be:d8:67:
68:2f:d0:dd:68:94:32:0b:e2:b3:94:9e:5f:25:49:
98:df:8f:be:0f:ad:ed:55:70:e0:2c:a5:22:98:21:
ba:d6:2a:70:97:35:60:5e:d6:f7:ce:5b:2c:9e:ed:
6e:be:d5:c1:d0:df:93:f4:ee:75:fc:9c:4c:b1:65:
b5:eb:25:f2:fa:47:c9:00:7a:dd:95:09:d4:fe:b6:
45:08:e4:b5:9e:10:ee:8f:87:e2:18:fd:d1:43:0d:
63:49:df:77:cb:1b:b8:3b:b3:77:fa:19:97:86:68:
3b:c5:90:aa:76:15:58:be:1e:3b:23:f0:7b:30:ac:
5e:e5:fe:c6:db:a0:6c:d8:d5:46:aa:c3:88:3c:e0:
09:ad:36:fd:df:f7:66:98:47:b4:ee:be:6a:a7:41:
ff:7c:4e:3d:93:d9:2c:21:9b:12:65:c2:28:19:07:
0c:29:26:7d:85:e0:da:9c:2d:dd:ef:65:2f:fa:70:
15:78:45:28:a1:a7:00:09:f8:dd:0b:7b:2c:f3:3a:
77:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:C1:87:A6:42:B4:D7:EC:50:DC:AE:59:A0:06:6F:14:8D:51:08:01
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912672E/AF466574337211ED8EEAD61EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912672E/AF466574337211ED8EEAD61EC4F9AE02/zcGHpkK01-xQ3K5ZoAZvFI1RCAE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
150306
sbgp-ipAddrBlock: critical
IPv4:
103.234.118.0/23
IPv6:
2001:df1:42c0::/48
Signature Algorithm: sha256WithRSAEncryption
24:85:97:ee:52:f9:a2:8d:7e:10:9f:d5:86:41:72:1c:dd:e8:
c1:84:a7:39:97:19:85:cb:62:8a:17:32:53:ff:67:92:43:ad:
50:4b:73:d9:5f:36:43:3d:02:c1:12:8e:c4:6b:dc:07:06:d9:
76:a6:51:84:e4:a1:35:14:25:79:60:12:76:4c:3d:75:1a:0c:
59:26:87:1e:09:cb:90:c3:8f:1a:b5:af:c7:9d:57:ac:d7:14:
24:ef:14:29:47:88:0d:7a:07:ab:49:3d:04:92:0c:98:7f:ff:
6a:57:93:6d:55:6e:b5:87:40:11:66:7f:90:20:53:7e:99:8a:
93:93:ad:c3:e0:79:6b:e3:1a:29:93:16:04:ed:96:05:a2:c2:
db:7e:6e:dc:62:a1:5c:ae:cb:ee:ad:f7:b6:8b:2f:e7:3c:7b:
99:f0:7f:4a:ee:cc:07:2b:4f:78:aa:30:fa:8e:f6:dd:01:65:
d8:61:fd:26:ef:c0:80:ff:66:f3:2a:d9:0a:55:a1:da:c5:9e:
35:81:64:da:47:13:4c:76:2d:3d:a5:c5:f9:cc:cb:1b:6b:66:
d1:85:18:8b:8f:df:15:a1:67:44:37:ae:b2:f4:55:a9:cf:49:
bd:d0:13:5b:56:66:f3:b3:fe:52:37:34:5b:cb:6e:21:13:c8:
24:91:2c:fd
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAl2pMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgxNTEyNTcwMVoXDTI2MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjY3MkUxMTAvBgNVBAUTKENEQzE4N0E2NDJCNEQ3RUM1MERDQUU1
OUEwMDY2RjE0OEQ1MTA4MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFV/q4RVjm2OdkPkHrclR7xLoNdPpg47jMxhfqszulTbwdpM7yupWSM6G8RGIu
aiJ3V0bvVUjilL7YZ2gv0N1olDIL4rOUnl8lSZjfj74Pre1VcOAspSKYIbrWKnCX
NWBe1vfOWyye7W6+1cHQ35P07nX8nEyxZbXrJfL6R8kAet2VCdT+tkUI5LWeEO6P
h+IY/dFDDWNJ33fLG7g7s3f6GZeGaDvFkKp2FVi+Hjsj8HswrF7l/sbboGzY1Uaq
w4g84AmtNv3f92aYR7TuvmqnQf98Tj2T2SwhmxJlwigZBwwpJn2F4NqcLd3vZS/6
cBV4RSihpwAJ+N0LeyzzOnebAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUzcGHpkK0
1+xQ3K5ZoAZvFI1RCAEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTI2NzJFL0FGNDY2NTc0MzM3MjExRUQ4RUVBRDYxRUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyNjcyRS9BRjQ2NjU3NDMzNzIxMUVEOEVFQUQ2MUVDNEY5QUUwMi96Y0dIcGtL
MDEteFEzSzVab0FadkZJMVJDQUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAksiMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ+p2MA8EAgAC
MAkDBwAgAQ3xQsAwDQYJKoZIhvcNAQELBQADggEBACSFl+5S+aKNfhCf1YZBchzd
6MGEpzmXGYXLYooXMlP/Z5JDrVBLc9lfNkM9AsESjsRr3AcG2XamUYTkoTUUJXlg
EnZMPXUaDFkmhx4Jy5DDjxq1r8edV6zXFCTvFClHiA16B6tJPQSSDJh//2pXk21V
brWHQBFmf5AgU36ZipOTrcPgeWvjGimTFgTtlgWiwtt+btxioVyuy+6t97aLL+c8
e5nwf0ruzAcrT3iqMPqO9t0BZdhh/SbvwID/ZvMq2QpVodrFnjWBZNpHE0x2LT2l
xfnMyxtrZtGFGIuP3xWhZ0Q3rrL0VanPSb3QE1tWZvOz/lI3NFvLbiETyCSRLP0=
-----END CERTIFICATE-----
Generated at Fri Aug 22 14:24:17 2025 by rpki-client