Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/Hr-HiCR2Rfmq8BbQIPTPwuITwpY.cer
File: Hr-HiCR2Rfmq8BbQIPTPwuITwpY.cer (raw, json)
Hash identifier: N3K43HQ/71yH1EYBdCTczHSEnBEw7InDHa8/CUUIimA=
Subject key identifier: 1E:BF:87:88:24:76:45:F9:AA:F0:16:D0:20:F4:CF:C2:E2:13:C2:96
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial: 513E
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest: rsync://rpki.apnic.net/member_repository/A912C770/4ACF96D610DE11F181719257083D8C67/Hr-HiCR2Rfmq8BbQIPTPwuITwpY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A912C770/4ACF96D610DE11F181719257083D8C67/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 27 Feb 2026 03:03:55 +0000
Certificate not after: Fri 28 May 2027 00:00:00 +0000
Subordinate resources: IP: 151.158.214.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 13:59:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20798 (0x513e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Validity
Not Before: Feb 27 03:03:55 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=A912C770, serialNumber=1EBF8788247645F9AAF016D020F4CFC2E213C296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3d:76:ca:a2:a8:0c:6c:02:af:58:53:83:79:
8c:fc:76:52:0b:3c:da:01:1b:14:00:58:1f:1c:04:
4f:b8:e1:2c:6d:69:a1:2b:d9:2b:f8:63:47:2d:ff:
74:f3:7a:f3:78:00:4d:67:87:a6:d2:e3:3f:81:a7:
5b:5b:4f:0c:1d:94:4b:9a:81:a3:9a:1a:82:fa:66:
a8:64:05:0c:ff:8c:56:a8:40:4a:da:10:85:96:4d:
33:dd:42:b5:94:95:c9:9e:b4:a4:84:b9:4b:5b:12:
e5:ed:b8:1e:fb:c4:52:e5:c6:91:cb:c3:09:63:01:
39:1f:0d:10:bd:1f:75:35:21:8c:23:55:7e:ff:79:
0f:13:ed:71:d8:80:4d:a7:e8:65:fd:37:a8:a7:46:
d7:a7:30:a3:47:22:4b:03:c0:47:dc:f9:83:40:9f:
03:e7:de:8a:29:69:bb:5b:19:f8:be:59:eb:44:81:
77:bf:60:5c:3b:71:87:5f:1b:ee:71:cf:60:8b:fb:
d6:f7:8b:f2:44:99:f3:9b:97:4a:fd:4b:e5:1d:f3:
d9:93:08:34:41:79:da:4b:3b:e8:a2:d5:27:41:4e:
02:8b:34:8b:8e:d6:01:85:13:8f:91:d5:88:ff:63:
21:c8:34:69:f8:ce:87:d5:77:e6:71:8c:3f:d6:68:
be:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:BF:87:88:24:76:45:F9:AA:F0:16:D0:20:F4:CF:C2:E2:13:C2:96
X509v3 Authority Key Identifier:
keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912C770/4ACF96D610DE11F181719257083D8C67/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912C770/4ACF96D610DE11F181719257083D8C67/Hr-HiCR2Rfmq8BbQIPTPwuITwpY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
151.158.214.0/23
Signature Algorithm: sha256WithRSAEncryption
77:9b:34:60:8a:17:54:b5:eb:33:e9:ec:52:e4:1e:21:2c:83:
53:ce:c6:b3:5b:77:60:fb:33:09:a2:e1:85:2b:04:03:3e:1a:
4d:37:5a:e5:40:a2:f2:e7:71:f8:ce:16:5d:78:a7:3f:1d:c7:
0e:a7:50:07:45:6b:a9:20:c2:52:ab:f9:a9:e3:74:d0:77:be:
12:08:c7:56:d1:75:01:b0:b6:7f:99:29:fd:94:8f:6f:11:b0:
08:d7:b7:37:77:16:82:b1:90:07:c6:92:2b:98:c2:07:89:2c:
70:87:17:d4:1d:d0:33:cf:f4:1f:29:78:63:3c:e1:a5:f7:47:
18:6e:a9:63:62:31:6c:22:00:9f:08:b1:39:95:c6:e7:7b:b4:
4d:83:9e:9a:d9:3f:19:4f:5e:b0:17:c1:55:7f:44:b4:51:49:
cc:91:ff:57:c6:52:4b:2e:65:d4:78:11:f0:5d:4d:6a:c1:3c:
ef:69:1c:cc:9a:0c:81:dd:d7:dc:f1:58:d8:3e:43:94:c8:c8:
bd:87:a7:18:1e:2e:51:b7:a5:33:56:70:bf:51:e9:57:6d:54:
e1:ef:4c:f4:d8:82:4f:3a:47:bc:c6:cf:7c:af:42:7f:da:2d:
1f:8b:74:e5:c7:48:2e:95:1f:45:a5:9a:38:f9:86:a0:5f:c8:
98:36:4f:ad
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICUT4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjYwMjI3MDMwMzU1WhcNMjcwNTI4MDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEyQzc3MDExMC8GA1UEBRMoMUVCRjg3ODgyNDc2NDVGOUFBRjAxNkQw
MjBGNENGQzJFMjEzQzI5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AK49dsqiqAxsAq9YU4N5jPx2Ugs82gEbFABYHxwET7jhLG1poSvZK/hjRy3/dPN6
83gATWeHptLjP4GnW1tPDB2US5qBo5oagvpmqGQFDP+MVqhAStoQhZZNM91CtZSV
yZ60pIS5S1sS5e24HvvEUuXGkcvDCWMBOR8NEL0fdTUhjCNVfv95DxPtcdiATafo
Zf03qKdG16cwo0ciSwPAR9z5g0CfA+feiilpu1sZ+L5Z60SBd79gXDtxh18b7nHP
YIv71veL8kSZ85uXSv1L5R3z2ZMINEF52ks76KLVJ0FOAos0i47WAYUTj5HViP9j
Icg0afjOh9V35nGMP9ZovusCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQev4eIJHZF
+arwFtAg9M/C4hPCljAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkM3NzAvNEFDRjk2RDYxMERFMTFGMTgxNzE5MjU3MDgzRDhDNjcvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTJDNzcwLzRBQ0Y5NkQ2MTBERTExRjE4MTcxOTI1NzA4M0Q4QzY3L0hyLUhpQ1Iy
UmZtcThCYlFJUFRQd3VJVHdwWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZee1jANBgkqhkiG9w0BAQsFAAOCAQEAd5s0YIoXVLXrM+nsUuQe
ISyDU87Gs1t3YPszCaLhhSsEAz4aTTda5UCi8udx+M4WXXinPx3HDqdQB0VrqSDC
Uqv5qeN00He+EgjHVtF1AbC2f5kp/ZSPbxGwCNe3N3cWgrGQB8aSK5jCB4kscIcX
1B3QM8/0Hyl4YzzhpfdHGG6pY2IxbCIAnwixOZXG53u0TYOemtk/GU9esBfBVX9E
tFFJzJH/V8ZSSy5l1HgR8F1NasE872kczJoMgd3X3PFY2D5DlMjIvYenGB4uUbel
M1Zwv1HpV21U4e9M9NiCTzpHvMbPfK9Cf9otH4t05cdILpUfRaWaOPmGoF/ImDZP
rQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 16:21:33 2026 by rpki-client