Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/-SffOEirq8qI_z2VoeWxZ1TGOlM.cer
File: -SffOEirq8qI_z2VoeWxZ1TGOlM.cer (raw, json)
Hash identifier: bWxIihG4S3s7Nzy53bX5q10uSw2Rfzep6b1JEESj0iI=
Subject key identifier: F9:27:DF:38:48:AB:AB:CA:88:FF:3D:95:A1:E5:B1:67:54:C6:3A:53
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial: 5341
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest: rsync://rpki-rsync.idnic.net/repo/IDNIC/3/F927DF3848ABABCA88FF3D95A1E5B16754C63A53.mft
caRepository: rsync://rpki-rsync.idnic.net/repo/IDNIC/3/
Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml
Certificate not before: Thu 14 May 2026 00:16:39 +0000
Certificate not after: Mon 31 Aug 2026 00:00:00 +0000
Subordinate resources: AS: 56868
IP: 82.158.128.0/19
IP: 85.137.28.0/23
IP: 151.158.4.0/23
IP: 151.158.10.0/23
IP: 151.158.36.0/23
IP: 151.158.42.0/23
IP: 151.158.54.0 -- 151.158.57.255
IP: 151.158.74.0/23
IP: 151.158.82.0 -- 151.158.85.255
IP: 151.158.92.0/23
IP: 151.158.106.0/23
IP: 151.158.132.0/23
IP: 151.158.150.0/23
IP: 151.158.176.0/24
IP: 151.158.183.0/24
IP: 151.158.186.0/23
IP: 151.158.202.0 -- 151.158.205.255
IP: 151.158.234.0/24
IP: 151.158.236.0/23
IP: 151.158.239.0 -- 151.158.241.255
IP: 151.158.250.0/24
IP: 212.117.48.0/20
IP: 2001:7fa:2::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 20 Jun 2026 02:50:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21313 (0x5341)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Validity
Not Before: May 14 00:16:39 2026 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=A91862140000, serialNumber=F927DF3848ABABCA88FF3D95A1E5B16754C63A53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4c:d0:0b:13:31:0e:50:62:e2:c0:c0:82:ea:
de:d6:33:0e:60:61:e1:6e:cb:a2:5a:d2:5b:5b:b2:
30:41:15:ca:b2:e5:fe:be:c0:69:e3:5a:b5:58:c9:
d3:a9:4f:21:b1:14:76:f8:c6:ba:8c:2f:ac:c5:2f:
51:11:13:89:67:6c:65:a5:04:c2:0a:a9:ef:c5:86:
9d:43:fd:e9:3b:d7:d1:28:d4:47:7b:06:a9:4a:40:
87:3e:26:d2:ea:68:7c:00:30:e4:9a:54:c6:1a:5b:
c8:60:0c:f9:67:f3:f0:7f:86:c2:68:92:b5:fd:a8:
5f:41:a0:d8:1c:0c:55:f6:6e:c3:5d:c9:28:ae:77:
f3:c3:6f:a8:52:98:8d:9e:2c:2d:6f:58:fa:e1:3e:
72:f3:c2:e3:b7:f6:e6:5e:f6:d4:4f:bc:64:30:19:
58:6f:85:40:39:2e:c7:e7:63:16:cd:9a:44:43:1a:
26:0a:21:12:c1:2f:1f:d1:73:44:6a:ff:24:38:d8:
b3:c8:46:30:d3:e4:12:1a:a5:b4:b2:bf:18:ef:86:
d2:86:d7:12:a3:6b:34:ce:df:45:9a:fe:73:b6:8e:
eb:c5:7c:05:fd:32:73:c0:ee:8c:d6:be:4b:d0:3b:
50:37:23:b7:55:21:61:26:20:f4:4c:cf:9a:fc:99:
ca:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:27:DF:38:48:AB:AB:CA:88:FF:3D:95:A1:E5:B1:67:54:C6:3A:53
X509v3 Authority Key Identifier:
keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/3/
RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/3/F927DF3848ABABCA88FF3D95A1E5B16754C63A53.mft
RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
56868
sbgp-ipAddrBlock: critical
IPv4:
82.158.128.0/19
85.137.28.0/23
151.158.4.0/23
151.158.10.0/23
151.158.36.0/23
151.158.42.0/23
151.158.54.0-151.158.57.255
151.158.74.0/23
151.158.82.0-151.158.85.255
151.158.92.0/23
151.158.106.0/23
151.158.132.0/23
151.158.150.0/23
151.158.176.0/24
151.158.183.0/24
151.158.186.0/23
151.158.202.0-151.158.205.255
151.158.234.0/24
151.158.236.0/23
151.158.239.0-151.158.241.255
151.158.250.0/24
212.117.48.0/20
IPv6:
2001:7fa:2::/48
Signature Algorithm: sha256WithRSAEncryption
1e:2a:3e:11:0e:5a:ae:0e:61:64:ac:4d:ee:59:34:f6:6f:61:
50:a9:f2:67:6b:12:a4:c8:a8:49:eb:72:09:52:82:cc:44:ad:
25:7b:c3:88:7a:85:e9:d9:c6:b3:34:4d:31:91:60:12:58:49:
a8:c0:f2:b3:5c:e6:a4:31:04:b8:89:31:7a:fb:e7:52:8e:52:
d5:41:2d:ff:e8:8e:c7:64:f8:71:02:97:53:c0:4e:c0:8f:7e:
34:67:0e:94:69:22:b4:85:ef:ac:c2:22:bb:67:6c:fe:d8:99:
cc:2a:fd:e5:76:75:89:0a:88:a4:bf:60:82:22:51:eb:da:b6:
09:79:6c:79:3f:ce:e7:47:05:66:07:e1:8e:89:27:a6:21:99:
d2:17:5b:9d:97:f0:6e:01:c0:d0:9c:af:b7:83:b2:e7:65:f6:
dc:e9:78:01:fd:de:84:c0:62:e6:d2:b7:1c:b9:b2:38:1d:37:
5f:f1:7c:c8:db:6a:00:a8:f7:82:f2:63:b7:3d:24:4c:85:4b:
25:6d:eb:4d:e9:a4:1f:83:b0:74:ba:8b:73:76:8f:e4:2e:1d:
77:74:38:0f:a7:a3:f2:24:14:72:c4:b8:c3:98:3a:f0:4a:0e:
59:7d:4f:5e:9e:88:46:45:6a:d1:e9:03:4b:81:81:03:81:01:
07:71:0d:7a
-----BEGIN CERTIFICATE-----
MIIGkzCCBXugAwIBAgICU0EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjYwNTE0MDAxNjM5WhcNMjYwODMxMDAwMDAwWjBKMRUwEwYD
VQQDEwxBOTE4NjIxNDAwMDAxMTAvBgNVBAUTKEY5MjdERjM4NDhBQkFCQ0E4OEZG
M0Q5NUExRTVCMTY3NTRDNjNBNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzTNALEzEOUGLiwMCC6t7WMw5gYeFuy6Ja0ltbsjBBFcqy5f6+wGnjWrVY
ydOpTyGxFHb4xrqML6zFL1ERE4lnbGWlBMIKqe/Fhp1D/ek719Eo1Ed7BqlKQIc+
JtLqaHwAMOSaVMYaW8hgDPln8/B/hsJokrX9qF9BoNgcDFX2bsNdySiud/PDb6hS
mI2eLC1vWPrhPnLzwuO39uZe9tRPvGQwGVhvhUA5LsfnYxbNmkRDGiYKIRLBLx/R
c0Rq/yQ42LPIRjDT5BIapbSyvxjvhtKG1xKjazTO30Wa/nO2juvFfAX9MnPA7ozW
vkvQO1A3I7dVIWEmIPRMz5r8mcppAgMBAAGjggOFMIIDgTAdBgNVHQ4EFgQU+Sff
OEirq8qI/z2VoeWxZ1TGOlMwHwYDVR0jBBgwFoAUDPzneFf88B852ZpitKpi5hWe
dvgwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBo
oGagZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0
MUQ2NjExRTJBM0YyN0Y3QzcyRkQxRkYyL0RQem5lRmY4OEI4NTJacGl0S3BpNWhX
ZWR2Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUy
MUE0RjRGQjQvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZnLmNlcjBKBgNVHSAB
Af8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFw
bmljLm5ldC9SUEtJL0NQUy5wZGYwgesGCCsGAQUFBwELBIHeMIHbMDYGCCsGAQUF
BzAFhipyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMy8w
YgYIKwYBBQUHMAqGVnJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9J
RE5JQy8zL0Y5MjdERjM4NDhBQkFCQ0E4OEZGM0Q5NUExRTVCMTY3NTRDNjNBNTMu
bWZ0MD0GCCsGAQUFBzANhjFodHRwczovL3Jwa2ktcnJkcC5pZG5pYy5uZXQvcnJk
cC9ub3RpZmljYXRpb24ueG1sMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDeJDCB
0gYIKwYBBQUHAQcBAf8EgcIwgb8wgasEAgABMIGkAwQFUp6AAwQBVYkcAwQBl54E
AwQBl54KAwQBl54kAwQBl54qMAwDBAGXnjYDBAGXnjgDBAGXnkowDAMEAZeeUgME
AZeeVAMEAZeeXAMEAZeeagMEAZeehAMEAZeelgMEAJeesAMEAJeetwMEAZeeujAM
AwQBl57KAwQBl57MAwQAl57qAwQBl57sMAwDBACXnu8DBAGXnvADBACXnvoDBATU
dTAwDwQCAAIwCQMHACABB/oAAjANBgkqhkiG9w0BAQsFAAOCAQEAHio+EQ5arg5h
ZKxN7lk09m9hUKnyZ2sSpMioSetyCVKCzEStJXvDiHqF6dnGszRNMZFgElhJqMDy
s1zmpDEEuIkxevvnUo5S1UEt/+iOx2T4cQKXU8BOwI9+NGcOlGkitIXvrMIiu2ds
/tiZzCr95XZ1iQqIpL9ggiJR69q2CXlseT/O50cFZgfhjoknpiGZ0hdbnZfwbgHA
0Jyvt4Oy52X23Ol4Af3ehMBi5tK3HLmyOB03X/F8yNtqAKj3gvJjtz0kTIVLJW3r
TemkH4OwdLqLc3aP5C4dd3Q4D6ej8iQUcsS4w5g68EoOWX1PXp6IRkVq0ekDS4GB
A4EBB3ENeg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:38:06 2026 by rpki-client