Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/3iZtavC5PenIaScyCi6du8nPnMI.cer
File: 3iZtavC5PenIaScyCi6du8nPnMI.cer (raw, json)
Hash identifier: DyZDDPdHMyoIU/56cGe07ad4J5zPAfpoCLQIE3dlmq8=
Subject key identifier: DE:26:6D:6A:F0:B9:3D:E9:C8:69:27:32:0A:2E:9D:BB:C9:CF:9C:C2
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial: 5128
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91CD314/365974C6097A11F1804F5EA1103D8C67/3iZtavC5PenIaScyCi6du8nPnMI.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91CD314/365974C6097A11F1804F5EA1103D8C67/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 27 Feb 2026 03:03:27 +0000
Certificate not after: Sat 01 May 2027 00:00:00 +0000
Subordinate resources: IP: 151.158.170.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 14:59:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20776 (0x5128)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Validity
Not Before: Feb 27 03:03:27 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=A91CD314, serialNumber=DE266D6AF0B93DE9C86927320A2E9DBBC9CF9CC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:68:6d:55:cb:55:75:5d:10:f0:e6:91:3c:4a:
4a:6a:8a:5b:a5:c0:dc:24:3d:42:92:86:10:56:3c:
5d:a8:c6:31:ae:f3:73:72:d8:da:79:ac:19:22:2b:
39:0f:05:f1:99:18:86:b0:a7:11:2c:44:2a:ef:cd:
87:a7:78:0b:36:3c:31:0d:9f:54:19:92:7c:00:4e:
f6:11:dc:0a:fe:1a:f7:af:56:c3:d2:76:b7:0f:93:
9a:25:f6:0b:8e:b2:39:8c:b9:8d:a2:6f:41:9c:82:
3d:fd:77:da:af:8c:65:94:b1:f2:74:80:b1:59:67:
90:5c:20:f2:93:86:fd:b9:93:6b:3b:2a:9c:cf:39:
62:7f:08:9c:d4:9f:15:40:0c:de:87:eb:35:64:df:
9c:62:67:de:9f:53:48:75:b2:6f:a5:1e:06:5c:ac:
86:62:9c:23:9c:42:20:9f:2b:b3:7a:2b:ef:d5:9d:
e9:44:7c:12:83:03:c7:6e:cb:f6:fb:a6:7b:dd:71:
e4:7f:8d:de:43:a7:9d:f6:bc:01:66:a6:10:ce:bf:
f1:45:4a:5f:cd:c2:35:d0:8b:2d:b5:60:ce:3d:9d:
74:fa:6f:52:34:0c:c4:70:cc:e0:d3:36:dd:3a:af:
b8:b6:25:23:bb:af:35:64:a6:06:2a:84:71:ce:db:
db:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:26:6D:6A:F0:B9:3D:E9:C8:69:27:32:0A:2E:9D:BB:C9:CF:9C:C2
X509v3 Authority Key Identifier:
keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CD314/365974C6097A11F1804F5EA1103D8C67/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CD314/365974C6097A11F1804F5EA1103D8C67/3iZtavC5PenIaScyCi6du8nPnMI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
151.158.170.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:5e:6b:2e:72:78:4e:15:43:d9:d3:22:a0:9b:6c:3e:7c:58:
0b:03:68:b1:94:16:21:e0:56:f3:9c:5d:67:12:a8:b4:97:0e:
55:cc:cb:33:15:dd:74:56:ab:78:d1:3f:8c:e4:d6:90:8b:ed:
e6:1f:78:ff:26:09:31:91:16:4c:e0:a6:42:4f:af:5f:f7:81:
37:76:e3:4c:36:d1:43:66:80:01:48:d1:d8:1e:39:af:da:8f:
ad:e8:26:7e:08:58:6e:ce:8c:ce:6c:f7:53:1a:de:59:e4:5c:
ea:23:7f:3e:e4:e5:dd:73:25:12:f7:93:fd:9f:1b:14:53:06:
e6:ea:9e:f4:89:ea:17:4b:d2:f9:2d:28:59:66:c9:17:74:83:
df:51:53:9f:b5:af:c2:72:f8:c1:4d:01:9f:f0:3f:f4:d9:0e:
c9:32:c2:c8:5c:fc:ad:1d:bb:20:72:ca:f3:a6:62:be:25:f3:
e5:21:ac:f8:2d:83:f4:ee:62:22:bb:81:1f:db:01:78:fc:a6:
58:69:5d:e6:40:3b:f8:49:f4:04:1c:58:1e:d4:2f:8c:05:5e:
f0:44:e5:b6:f2:6e:43:5c:b3:7f:13:7e:10:92:44:2e:e0:9a:
db:b4:00:ca:cc:27:06:92:c9:54:6a:50:bd:b9:2f:b6:9b:56:
ae:d0:20:30
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICUSgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjYwMjI3MDMwMzI3WhcNMjcwNTAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDRDMxNDExMC8GA1UEBRMoREUyNjZENkFGMEI5M0RFOUM4NjkyNzMy
MEEyRTlEQkJDOUNGOUNDMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AJhobVXLVXVdEPDmkTxKSmqKW6XA3CQ9QpKGEFY8XajGMa7zc3LY2nmsGSIrOQ8F
8ZkYhrCnESxEKu/Nh6d4CzY8MQ2fVBmSfABO9hHcCv4a969Ww9J2tw+TmiX2C46y
OYy5jaJvQZyCPf132q+MZZSx8nSAsVlnkFwg8pOG/bmTazsqnM85Yn8InNSfFUAM
3ofrNWTfnGJn3p9TSHWyb6UeBlyshmKcI5xCIJ8rs3or79Wd6UR8EoMDx27L9vum
e91x5H+N3kOnnfa8AWamEM6/8UVKX83CNdCLLbVgzj2ddPpvUjQMxHDM4NM23Tqv
uLYlI7uvNWSmBiqEcc7b2xECAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTeJm1q8Lk9
6chpJzIKLp27yc+cwjAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0QzMTQvMzY1OTc0QzYwOTdBMTFGMTgwNEY1RUExMTAzRDhDNjcvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNEMzE0LzM2NTk3NEM2MDk3QTExRjE4MDRGNUVBMTEwM0Q4QzY3LzNpWnRhdkM1
UGVuSWFTY3lDaTZkdThuUG5NSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZeeqjANBgkqhkiG9w0BAQsFAAOCAQEAW15rLnJ4ThVD2dMioJts
PnxYCwNosZQWIeBW85xdZxKotJcOVczLMxXddFareNE/jOTWkIvt5h94/yYJMZEW
TOCmQk+vX/eBN3bjTDbRQ2aAAUjR2B45r9qPregmfghYbs6Mzmz3UxreWeRc6iN/
PuTl3XMlEveT/Z8bFFMG5uqe9InqF0vS+S0oWWbJF3SD31FTn7WvwnL4wU0Bn/A/
9NkOyTLCyFz8rR27IHLK86ZiviXz5SGs+C2D9O5iIruBH9sBePymWGld5kA7+En0
BBxYHtQvjAVe8ETltvJuQ1yzfxN+EJJELuCa27QAyswnBpLJVGpQvbkvtptWrtAg
MA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:08:39 2026 by rpki-client