Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/znNgvRqU6JF702ckM_gh7HgKjSg.cer
File: znNgvRqU6JF702ckM_gh7HgKjSg.cer (raw, json)
Hash identifier: LCXcFsFwfTJ23swBgQ9jIAUgMEuyHCxT9DJrjfCw+4s=
Subject key identifier: CE:73:60:BD:1A:94:E8:91:7B:D3:67:24:33:F8:21:EC:78:0A:8D:28
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 026469
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A915E1F9/AFE4A90A8DE211F0A308AC7CC4F9AE02/znNgvRqU6JF702ckM_gh7HgKjSg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A915E1F9/AFE4A90A8DE211F0A308AC7CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 10 Sep 2025 01:08:45 +0000
Certificate not after: Fri 01 May 2026 00:00:00 +0000
Subordinate resources: AS: 18108
AS: 45868
IP: 111.235.144.0/22
IP: 180.94.220.0/22
IP: 202.49.32.0/24
IP: 203.4.204.0/24
IP: 203.15.228.0/22
IP: 203.17.252.0/24
IP: 203.19.134.0/23
IP: 203.28.13.0/24
IP: 203.33.176.0/24
IP: 203.33.217.0 -- 203.33.219.255
IP: 203.55.216.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 25 Sep 2025 17:49:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156777 (0x26469)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Sep 10 01:08:45 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=A915E1F9, serialNumber=CE7360BD1A94E8917BD3672433F821EC780A8D28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2f:b1:24:b8:c9:8c:ea:9a:31:08:c9:a8:9e:
d0:eb:ae:ab:c2:bf:c4:d4:69:11:d9:52:8b:80:11:
22:69:37:f9:fa:30:31:1f:1c:b9:76:93:0c:9a:11:
74:df:c0:d1:86:09:7d:b5:04:02:84:3f:c1:73:cd:
e7:09:a3:d6:96:1a:9c:66:4b:37:f6:aa:e8:93:61:
e6:06:c5:17:72:58:fc:f8:b0:e1:bf:bd:36:9a:4f:
24:28:80:a9:35:dc:ed:45:a8:5b:aa:88:24:e3:c3:
4f:fc:bc:cd:74:d0:4c:cc:66:3e:3e:1b:90:93:9d:
68:2c:6a:6b:f8:cf:aa:1d:3a:a8:bc:ee:64:3e:9c:
68:6c:b0:b1:6e:cc:db:36:68:c6:e5:d1:75:ed:76:
38:59:4e:5f:0f:19:76:2a:0f:70:24:9d:86:04:11:
d4:9c:ce:08:2e:6d:7c:0f:ce:a7:75:11:d3:d4:95:
bd:bf:33:8f:06:b9:47:e5:29:72:ed:e1:59:b4:ec:
22:5b:79:f9:fb:e2:d8:68:9e:2c:04:97:9e:91:3d:
53:0b:34:5f:99:26:b3:76:50:0e:60:b4:7d:ba:e0:
f5:a3:7e:7e:fa:f2:0a:9e:7b:37:98:d3:9a:94:61:
9b:b4:4f:85:5e:89:da:e9:30:6a:52:a7:07:57:83:
d3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:73:60:BD:1A:94:E8:91:7B:D3:67:24:33:F8:21:EC:78:0A:8D:28
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A915E1F9/AFE4A90A8DE211F0A308AC7CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A915E1F9/AFE4A90A8DE211F0A308AC7CC4F9AE02/znNgvRqU6JF702ckM_gh7HgKjSg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
18108
45868
sbgp-ipAddrBlock: critical
IPv4:
111.235.144.0/22
180.94.220.0/22
202.49.32.0/24
203.4.204.0/24
203.15.228.0/22
203.17.252.0/24
203.19.134.0/23
203.28.13.0/24
203.33.176.0/24
203.33.217.0-203.33.219.255
203.55.216.0/23
Signature Algorithm: sha256WithRSAEncryption
87:66:5e:54:40:1b:f4:09:f1:2f:09:35:ca:9a:38:44:2b:44:
4d:25:a8:ae:74:b2:8d:9b:f0:0c:89:20:c1:ed:29:86:fb:0d:
f9:63:1e:4f:fa:14:15:f9:3c:07:66:4d:9a:10:41:61:1a:ee:
82:33:6e:a3:c5:89:fb:5e:d2:e5:bc:93:4c:58:df:24:30:ac:
6f:48:2f:73:54:82:8b:ad:4f:18:e4:f7:5c:3d:58:b7:a4:a5:
36:bf:86:d3:0b:22:08:60:28:85:20:5a:d7:83:3f:72:c7:52:
bb:62:c3:4d:12:c2:12:0a:4b:1d:84:a0:1d:15:57:6f:5f:7c:
65:e1:05:73:84:86:36:49:96:13:c4:ec:04:c5:eb:a8:4b:0a:
39:d0:b3:1a:cc:2b:12:9e:2f:8b:73:56:8b:62:3e:d6:f2:85:
b9:72:a1:e6:53:63:fb:9d:dd:4f:c0:ef:5f:f6:4d:39:e2:a7:
6a:1a:75:ee:0c:18:92:71:f5:d5:87:c4:fb:a0:3e:00:05:c9:
de:e0:8a:ba:ef:8a:e7:4a:b7:d4:97:9e:bd:d8:39:c1:5a:ce:
d7:66:4e:a6:c1:5a:de:b0:70:15:e2:58:f4:d3:3b:9b:6e:c0:
53:5e:54:90:aa:7b:b0:6c:ef:fb:f7:30:c3:75:64:a8:c9:7c:
d0:d1:c0:2c
-----BEGIN CERTIFICATE-----
MIIGYjCCBUqgAwIBAgIDAmRpMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDkxMDAxMDg0NVoXDTI2MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNUUxRjkxMTAvBgNVBAUTKENFNzM2MEJEMUE5NEU4OTE3QkQzNjcy
NDMzRjgyMUVDNzgwQThEMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCbL7EkuMmM6poxCMmontDrrqvCv8TUaRHZUouAESJpN/n6MDEfHLl2kwyaEXTf
wNGGCX21BAKEP8FzzecJo9aWGpxmSzf2quiTYeYGxRdyWPz4sOG/vTaaTyQogKk1
3O1FqFuqiCTjw0/8vM100EzMZj4+G5CTnWgsamv4z6odOqi87mQ+nGhssLFuzNs2
aMbl0XXtdjhZTl8PGXYqD3AknYYEEdSczggubXwPzqd1EdPUlb2/M48GuUflKXLt
4Vm07CJbefn74thoniwEl56RPVMLNF+ZJrN2UA5gtH264PWjfn768gqeezeY05qU
YZu0T4VeidrpMGpSpwdXg9OXAgMBAAGjggNXMIIDUzAdBgNVHQ4EFgQUznNgvRqU
6JF702ckM/gh7HgKjSgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTVFMUY5L0FGRTRBOTBBOERFMjExRjBBMzA4QUM3Q0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1RTFGOS9BRkU0QTkwQThERTIxMUYwQTMwOEFDN0NDNEY5QUUwMi96bk5ndlJx
VTZKRjcwMmNrTV9naDdIZ0tqU2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQgBAf8EDzAN
oAswCQICRrwCAwCzLDBjBggrBgEFBQcBBwEB/wRUMFIwUAQCAAEwSgMEAm/rkAME
ArRe3AMEAMoxIAMEAMsEzAMEAssP5AMEAMsR/AMEAcsThgMEAMscDQMEAMshsDAM
AwQAyyHZAwQCyyHYAwQByzfYMA0GCSqGSIb3DQEBCwUAA4IBAQCHZl5UQBv0CfEv
CTXKmjhEK0RNJaiudLKNm/AMiSDB7SmG+w35Yx5P+hQV+TwHZk2aEEFhGu6CM26j
xYn7XtLlvJNMWN8kMKxvSC9zVIKLrU8Y5PdcPVi3pKU2v4bTCyIIYCiFIFrXgz9y
x1K7YsNNEsISCksdhKAdFVdvX3xl4QVzhIY2SZYTxOwExeuoSwo50LMazCsSni+L
c1aLYj7W8oW5cqHmU2P7nd1PwO9f9k054qdqGnXuDBiScfXVh8T7oD4ABcne4Iq6
74rnSrfUl5692DnBWs7XZk6mwVresHAV4lj00zubbsBTXlSQqnuwbO/79zDDdWSo
yXzQ0cAs
-----END CERTIFICATE-----
Generated at Thu Sep 18 18:58:23 2025 by rpki-client