Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer
File: QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer (raw, json)
Hash identifier: 4BDeHMhC4h3huD2TqJC64mDZtcmUOud4oQ4TwZhJwWk=
Subject key identifier: 41:6D:6C:D6:03:90:FB:7C:96:ED:79:D7:8C:E7:6F:54:AF:CF:44:58
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial: 4CB4
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 01 Aug 2025 09:38:41 +0000
Certificate not after: Wed 30 Sep 2026 00:00:00 +0000
Subordinate resources: IP: 2001:7fa:5::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19636 (0x4cb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Validity
Not Before: Aug 1 09:38:41 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=A91E5D61, serialNumber=416D6CD60390FB7C96ED79D78CE76F54AFCF4458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4c:42:ed:8e:b1:64:99:78:3f:87:26:96:bf:
1c:f7:54:6b:81:4b:ae:fa:a4:44:66:e8:52:56:e5:
e0:ea:22:ff:a1:43:76:7f:c1:1d:8d:ab:b9:18:13:
17:fe:ec:c4:28:a7:b2:30:14:10:d5:de:35:ca:b8:
84:c6:d0:d9:62:50:8a:c9:33:67:98:06:f8:44:7e:
01:40:f3:df:11:e2:e9:96:77:b2:40:94:41:c8:a3:
dc:9f:d0:2e:44:5e:05:ba:ed:64:53:82:70:63:b9:
00:02:9e:b6:b5:0d:63:5f:42:90:c8:8e:e2:2d:4c:
52:c9:67:d6:08:ba:42:53:bc:fc:fc:c6:85:01:5a:
c0:93:6e:7e:17:4d:64:ec:67:28:d0:9d:56:2a:1f:
f8:f8:bf:3f:16:43:1c:39:7e:c5:4e:bc:05:f2:91:
4d:9f:5c:8c:34:45:e2:15:01:11:88:78:1b:a1:4d:
b1:ed:18:8b:c4:50:e5:b4:93:0e:75:34:b0:32:44:
04:4f:ea:c1:0b:85:7a:05:67:24:60:72:c1:67:cc:
3c:9a:eb:07:93:f7:b5:4c:56:a7:a9:3c:a8:ee:aa:
10:36:ce:a7:22:3b:62:e0:f4:5a:8c:a4:c7:4e:5a:
68:40:9f:45:ed:94:8d:ea:7b:d6:81:f6:08:a9:34:
fa:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:6D:6C:D6:03:90:FB:7C:96:ED:79:D7:8C:E7:6F:54:AF:CF:44:58
X509v3 Authority Key Identifier:
keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:7fa:5::/48
Signature Algorithm: sha256WithRSAEncryption
c6:17:8f:b3:67:83:b0:13:fd:3c:db:35:eb:38:16:6f:4e:36:
85:42:64:0a:7e:e7:eb:90:b3:20:0e:16:c9:94:3c:c3:31:8c:
ec:e6:36:45:d8:fc:b0:f9:b8:b8:20:a3:bc:64:b5:33:a1:e8:
cb:0d:8b:3f:06:db:2a:7d:ff:08:da:53:74:d1:7e:ea:13:8c:
7a:dd:5e:e8:94:8c:71:a6:05:66:b0:a5:01:c0:ce:17:cc:92:
a5:43:52:3a:bd:cf:0a:b2:02:43:46:e2:75:a8:ca:f5:2d:1c:
98:b0:83:a1:aa:ff:e5:41:22:85:bf:d9:23:14:3e:a0:02:09:
d0:f3:8c:3c:25:b1:1f:4d:c4:69:15:8a:f3:ae:9c:24:d6:76:
35:9f:85:7a:7e:c0:db:eb:88:45:e1:52:01:ce:29:51:56:42:
25:87:dd:d5:96:50:4f:e0:88:0c:65:94:a9:4b:e6:48:56:58:
33:cb:fb:ba:1d:ac:af:29:7d:f4:57:6f:f5:5c:1c:c1:e2:14:
69:84:1f:67:27:a5:4c:ef:b2:ab:3c:5a:c4:de:de:d7:03:f6:
ec:81:cf:d9:2a:3a:25:28:ed:a0:99:8b:8b:b6:03:3d:8f:b4:
97:2e:b1:75:7e:2d:2e:c8:cd:06:2e:60:4e:e9:45:5a:75:59:
38:5c:18:15
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgICTLQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjUwODAxMDkzODQxWhcNMjYwOTMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFFNUQ2MTExMC8GA1UEBRMoNDE2RDZDRDYwMzkwRkI3Qzk2RUQ3OUQ3
OENFNzZGNTRBRkNGNDQ1ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANBMQu2OsWSZeD+HJpa/HPdUa4FLrvqkRGboUlbl4Ooi/6FDdn/BHY2ruRgTF/7s
xCinsjAUENXeNcq4hMbQ2WJQiskzZ5gG+ER+AUDz3xHi6ZZ3skCUQcij3J/QLkRe
BbrtZFOCcGO5AAKetrUNY19CkMiO4i1MUsln1gi6QlO8/PzGhQFawJNufhdNZOxn
KNCdViof+Pi/PxZDHDl+xU68BfKRTZ9cjDRF4hUBEYh4G6FNse0Yi8RQ5bSTDnU0
sDJEBE/qwQuFegVnJGBywWfMPJrrB5P3tUxWp6k8qO6qEDbOpyI7YuD0Woykx05a
aECfRe2Ujep71oH2CKk0+okCAwEAAaOCAvYwggLyMB0GA1UdDgQWBBRBbWzWA5D7
fJbtedeM529Ur89EWDAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTVENjEvMkE3QzdEOTgxRDc5MTFFMjg3OUUzOEM1MDhCMDJDRDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU1RDYxLzJBN0M3RDk4MUQ3OTExRTI4NzlFMzhDNTA4QjAyQ0QyL1FXMXMxZ09R
LTN5VzdYblhqT2R2VktfUFJGZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACABB/oABTANBgkqhkiG9w0BAQsFAAOCAQEAxhePs2eDsBP9PNs1
6zgWb042hUJkCn7n65CzIA4WyZQ8wzGM7OY2Rdj8sPm4uCCjvGS1M6Hoyw2LPwbb
Kn3/CNpTdNF+6hOMet1e6JSMcaYFZrClAcDOF8ySpUNSOr3PCrICQ0bidajK9S0c
mLCDoar/5UEihb/ZIxQ+oAIJ0POMPCWxH03EaRWK866cJNZ2NZ+Fen7A2+uIReFS
Ac4pUVZCJYfd1ZZQT+CIDGWUqUvmSFZYM8v7uh2sryl99Fdv9VwcweIUaYQfZyel
TO+yqzxaxN7e1wP27IHP2So6JSjtoJmLi7YDPY+0ly6xdX4tLsjNBi5gTulFWnVZ
OFwYFQ==
-----END CERTIFICATE-----
Generated at Mon Aug 11 10:31:03 2025 by rpki-client