Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/WA5Ga31PqGSdLgsnN16ihsbFRYQ.cer
File: WA5Ga31PqGSdLgsnN16ihsbFRYQ.cer (raw, json)
Hash identifier: ePWSU6Ij5CAT5T/KnUljsIDcA7dgN4Y6nZ8onzdbPEA=
Subject key identifier: 58:0E:46:6B:7D:4F:A8:64:9D:2E:0B:27:37:5E:A2:86:C6:C5:45:84
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial: 4B35
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91C7B15/326EB0B48DEB11ED93FAAD0FC4F9AE02/WA5Ga31PqGSdLgsnN16ihsbFRYQ.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91C7B15/326EB0B48DEB11ED93FAAD0FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 15 Apr 2025 19:43:11 +0000
Certificate not after: Thu 28 May 2026 00:00:00 +0000
Subordinate resources: IP: 195.114.14.0/23
IP: 195.114.126.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 03 May 2025 14:50:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19253 (0x4b35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Validity
Not Before: Apr 15 19:43:11 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=A91C7B15, serialNumber=580E466B7D4FA8649D2E0B27375EA286C6C54584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:56:ad:fe:3d:d1:74:27:dd:1d:85:27:3f:29:
8b:67:0e:a7:b1:de:a2:b2:7a:da:35:83:97:85:d3:
21:d6:eb:64:4e:a5:8c:ae:e6:10:2f:a5:37:02:6b:
74:b5:7c:07:9e:fd:51:d3:66:e1:f1:cd:de:22:14:
44:2d:75:3a:50:cf:a1:0b:09:5a:6e:7b:c7:c2:a1:
d9:fe:06:27:ea:84:d0:2d:98:4c:71:4b:28:08:99:
9b:08:b5:af:97:db:46:b7:39:74:7d:3b:fa:e4:3f:
65:52:da:a0:78:44:50:35:70:21:cc:a9:10:92:f4:
25:fb:a9:13:a6:39:f4:5f:95:a2:05:13:e1:a2:ff:
94:f7:77:6b:9c:03:ec:d3:c5:52:2d:98:e5:ce:72:
e8:3b:c5:d5:c4:fc:c2:9a:cb:dc:aa:b8:20:49:37:
f1:28:05:dc:17:62:f7:3f:2a:b1:7b:a6:47:3f:7f:
2a:90:a8:a8:86:70:28:33:55:01:09:0a:12:e6:59:
ed:68:5e:d0:5f:eb:8b:0e:6b:72:ea:6f:95:c6:63:
9c:23:44:91:dd:fc:c5:ac:c7:dd:0f:9a:25:72:0b:
0e:59:14:50:95:b4:a7:c2:c5:48:01:5b:7b:7f:e0:
b2:b1:75:97:e0:b7:63:33:00:68:48:78:f8:c3:e5:
3c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:0E:46:6B:7D:4F:A8:64:9D:2E:0B:27:37:5E:A2:86:C6:C5:45:84
X509v3 Authority Key Identifier:
keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C7B15/326EB0B48DEB11ED93FAAD0FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C7B15/326EB0B48DEB11ED93FAAD0FC4F9AE02/WA5Ga31PqGSdLgsnN16ihsbFRYQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
195.114.14.0/23
195.114.126.0/23
Signature Algorithm: sha256WithRSAEncryption
25:5a:71:72:a3:a4:bd:f7:cc:f8:64:a3:7d:8a:33:17:e4:21:
df:a0:df:8a:b7:81:c1:c5:08:18:92:b9:10:bd:98:bd:e7:4b:
92:27:13:25:d5:be:b8:0d:40:e9:3f:07:d3:e8:e2:3d:32:ec:
66:1f:28:f8:56:d8:71:45:eb:e0:3b:0d:84:cd:8b:81:00:a1:
0f:33:42:eb:b9:1c:1b:0d:1c:a3:a0:48:a3:17:61:55:2b:b4:
3d:02:f0:f1:9b:03:42:d2:55:df:42:d6:31:e8:dd:83:76:3f:
f4:89:c1:86:74:7a:68:68:3f:05:26:eb:e9:5e:81:0a:28:3b:
86:0f:44:c6:4f:79:c9:da:2c:ef:e8:a4:ab:03:88:db:44:2d:
b3:8a:71:ad:11:16:66:e1:4a:c8:20:d6:1e:8f:e9:5f:e7:0b:
3e:1e:fa:46:a5:2f:46:22:01:74:01:f9:b1:64:96:93:ae:e6:
5a:20:02:1e:56:23:46:de:db:ac:5d:63:73:82:74:a5:1f:f5:
df:b2:b0:c0:33:24:d5:c7:7c:c7:0b:4f:d9:d0:cb:e7:2c:cf:
75:d8:54:94:e4:10:f6:5c:6d:9b:b5:86:fa:05:94:84:d9:1c:
18:5f:40:0f:33:f1:d1:00:a5:ea:a5:66:e2:96:85:87:52:8a:
7e:68:57:b2
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgICSzUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjUwNDE1MTk0MzExWhcNMjYwNTI4MDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDN0IxNTExMC8GA1UEBRMoNTgwRTQ2NkI3RDRGQTg2NDlEMkUwQjI3
Mzc1RUEyODZDNkM1NDU4NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AJZWrf490XQn3R2FJz8pi2cOp7HeorJ62jWDl4XTIdbrZE6ljK7mEC+lNwJrdLV8
B579UdNm4fHN3iIURC11OlDPoQsJWm57x8Kh2f4GJ+qE0C2YTHFLKAiZmwi1r5fb
Rrc5dH07+uQ/ZVLaoHhEUDVwIcypEJL0JfupE6Y59F+VogUT4aL/lPd3a5wD7NPF
Ui2Y5c5y6DvF1cT8wprL3Kq4IEk38SgF3Bdi9z8qsXumRz9/KpCoqIZwKDNVAQkK
EuZZ7Whe0F/riw5rcupvlcZjnCNEkd38xazH3Q+aJXILDlkUUJW0p8LFSAFbe3/g
srF1l+C3YzMAaEh4+MPlPFcCAwEAAaOCAvkwggL1MB0GA1UdDgQWBBRYDkZrfU+o
ZJ0uCyc3XqKGxsVFhDAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzdCMTUvMzI2RUIwQjQ4REVCMTFFRDkzRkFBRDBGQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM3QjE1LzMyNkVCMEI0OERFQjExRUQ5M0ZBQUQwRkM0RjlBRTAyL1dBNUdhMzFQ
cUdTZExnc25OMTZpaHNiRlJZUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQWMBQw
EgQCAAEwDAMEAcNyDgMEAcNyfjANBgkqhkiG9w0BAQsFAAOCAQEAJVpxcqOkvffM
+GSjfYozF+Qh36DfireBwcUIGJK5EL2YvedLkicTJdW+uA1A6T8H0+jiPTLsZh8o
+FbYcUXr4DsNhM2LgQChDzNC67kcGw0co6BIoxdhVSu0PQLw8ZsDQtJV30LWMejd
g3Y/9InBhnR6aGg/BSbr6V6BCig7hg9Exk95ydos7+ikqwOI20Qts4pxrREWZuFK
yCDWHo/pX+cLPh76RqUvRiIBdAH5sWSWk67mWiACHlYjRt7brF1jc4J0pR/137Kw
wDMk1cd8xwtP2dDL5yzPddhUlOQQ9lxtm7WG+gWUhNkcGF9ADzPx0QCl6qVm4paF
h1KKfmhXsg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:46:01 2025 by rpki-client