This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2wiH4lzA0M92iNtd3fQZZTLNR6Y.cer File: 2wiH4lzA0M92iNtd3fQZZTLNR6Y.cer (raw, json) Hash identifier: JZFQe1camh/DS9e3PXmTGIjkJKWwslB70v6vTuKAhA8= Subject key identifier: DB:08:87:E2:5C:C0:D0:CF:76:88:DB:5D:DD:F4:19:65:32:CD:47:A6 Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E Certificate serial: 70DB Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer Manifest: rsync://rpki.apnic.net/member_repository/A914BE8E/49C77488E14611F09164E0A8716F56BC/2wiH4lzA0M92iNtd3fQZZTLNR6Y.mft caRepository: rsync://rpki.apnic.net/member_repository/A914BE8E/49C77488E14611F09164E0A8716F56BC/ Notify URL: https://rrdp.apnic.net/notification.xml Certificate not before: Thu 25 Dec 2025 04:00:50 +0000 Certificate not after: Tue 02 Mar 2027 00:00:00 +0000 Subordinate resources: IP: 138.252.220.0/23 Validation: OK Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 Jan 2026 14:50:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28891 (0x70db) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E Validity Not Before: Dec 25 04:00:50 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=A914BE8E, serialNumber=DB0887E25CC0D0CF7688DB5DDDF4196532CD47A6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:e3:68:27:54:4b:7c:53:56:c9:95:16:47:e8: 7d:af:1a:2c:2a:3e:8a:a1:3e:6f:19:08:f2:d1:5f: 7c:80:0d:d1:84:90:df:4a:a8:bb:09:e0:a6:3c:ca: a6:b8:69:69:3e:f2:f0:de:7e:bd:ce:fa:ee:96:1f: 14:44:b4:ea:58:6e:80:5e:b5:3e:24:4c:65:e0:34: 92:10:7f:74:7a:6e:ae:ce:78:28:ce:a2:85:5a:0a: 0d:01:cc:9c:e3:a1:06:c1:b0:4c:c4:f0:f4:2f:f8: ee:f2:37:a3:ec:55:d5:5c:67:a3:b6:dd:98:e2:5e: 01:e1:08:62:7a:96:f9:92:c3:f1:0e:c5:0c:73:77: a5:5c:de:91:52:13:f6:eb:f8:dd:8d:32:ae:29:49: ac:4a:3f:f1:4f:f9:f1:ba:d8:ce:15:d0:96:f0:4c: 1a:fa:2d:83:e5:53:9e:98:33:7a:27:09:93:c5:cc: 14:4c:d6:f1:db:e3:eb:e6:68:de:a9:c9:40:28:21: 1b:f9:29:d0:e1:fd:d8:bb:18:0f:8f:25:70:19:cb: 93:02:7a:a7:fa:fb:9e:41:86:f4:07:40:5a:cd:f0: 76:8d:e3:0b:6e:9f:43:f1:f0:da:4f:fa:36:55:5f: 02:26:6b:4d:de:d6:05:ef:cb:c7:aa:f0:66:d2:7d: 66:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:08:87:E2:5C:C0:D0:CF:76:88:DB:5D:DD:F4:19:65:32:CD:47:A6 X509v3 Authority Key Identifier: keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: CA Repository - URI:rsync://rpki.apnic.net/member_repository/A914BE8E/49C77488E14611F09164E0A8716F56BC/ RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A914BE8E/49C77488E14611F09164E0A8716F56BC/2wiH4lzA0M92iNtd3fQZZTLNR6Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 138.252.220.0/23 Signature Algorithm: sha256WithRSAEncryption 4b:25:df:a6:6b:0a:c1:7c:32:bd:32:d9:41:b2:01:6e:81:5c: f4:67:de:c3:cc:6f:e8:6e:3e:e7:41:a4:99:43:9e:bb:b3:bc: 50:5a:2c:8f:81:1e:72:02:77:f4:3a:8d:eb:d8:96:d1:38:06: 79:7b:22:c3:63:7c:18:36:10:f0:26:3b:79:ed:0b:68:31:f4: 29:d3:89:63:9f:77:7d:69:7a:1e:3a:98:43:2c:3c:cc:e2:9f: b4:a5:2d:fc:49:9f:85:d7:d5:36:ae:b5:ca:e9:1d:a9:8a:57: 17:a1:35:99:56:35:54:f9:c6:db:4d:da:7c:26:8a:32:53:82: 42:bb:28:55:36:f9:d3:f2:9b:24:2b:53:f7:05:66:e4:45:78: ca:74:3c:ca:bb:ec:d8:99:5b:f7:b5:65:6b:d2:2f:b7:1f:e6: e9:e4:02:bf:1c:cb:c7:65:5f:4e:63:4e:1e:cc:25:3f:ac:0b: 00:57:53:f0:32:c0:e1:03:6a:c9:a7:d7:d4:7c:ce:02:19:0d: 52:4e:62:61:f9:4f:a8:9c:94:a5:19:81:9e:b5:41:c8:0e:57: 39:35:f6:43:97:ad:60:79:e9:ff:42:b4:93:75:ff:61:b7:48: 03:e9:82:ad:53:a5:eb:31:33:86:36:6b:64:27:46:ce:5b:d2: 59:43:64:e5 -----BEGIN CERTIFICATE----- MIIF/TCCBOWgAwIBAgICcNswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkw REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD N0MxRDZFMEUwHhcNMjUxMjI1MDQwMDUwWhcNMjcwMzAyMDAwMDAwWjBGMREwDwYD VQQDDAhBOTE0QkU4RTExMC8GA1UEBRMoREIwODg3RTI1Q0MwRDBDRjc2ODhEQjVE RERGNDE5NjUzMkNENDdBNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AKHjaCdUS3xTVsmVFkfofa8aLCo+iqE+bxkI8tFffIAN0YSQ30qouwngpjzKprhp aT7y8N5+vc767pYfFES06lhugF61PiRMZeA0khB/dHpurs54KM6ihVoKDQHMnOOh BsGwTMTw9C/47vI3o+xV1Vxno7bdmOJeAeEIYnqW+ZLD8Q7FDHN3pVzekVIT9uv4 3Y0yrilJrEo/8U/58brYzhXQlvBMGvotg+VTnpgzeicJk8XMFEzW8dvj6+Zo3qnJ QCghG/kp0OH92LsYD48lcBnLkwJ6p/r7nkGG9AdAWs3wdo3jC26fQ/Hw2k/6NlVf AiZrTd7WBe/Lx6rwZtJ9ZscCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTbCIfiXMDQ z3aI213d9BllMs1HpjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2 MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0 LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEJFOEUvNDlDNzc0ODhFMTQ2MTFGMDkxNjRFMEE4NzE2RjU2QkMvMH4GCCsGAQUF BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MTRCRThFLzQ5Qzc3NDg4RTE0NjExRjA5MTY0RTBBODcxNkY1NkJDLzJ3aUg0bHpB ME05MmlOdGQzZlFaWlRMTlI2WS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAYr83DANBgkqhkiG9w0BAQsFAAOCAQEASyXfpmsKwXwyvTLZQbIB boFc9Gfew8xv6G4+50GkmUOeu7O8UFosj4EecgJ39DqN69iW0TgGeXsiw2N8GDYQ 8CY7ee0LaDH0KdOJY593fWl6HjqYQyw8zOKftKUt/EmfhdfVNq61yukdqYpXF6E1 mVY1VPnG203afCaKMlOCQrsoVTb50/KbJCtT9wVm5EV4ynQ8yrvs2Jlb97Vla9Iv tx/m6eQCvxzLx2VfTmNOHswlP6wLAFdT8DLA4QNqyafX1HzOAhkNUk5iYflPqJyU pRmBnrVByA5XOTX2Q5etYHnp/0K0k3X/YbdIA+mCrVOl6zEzhjZrZCdGzlvSWUNk 5Q== -----END CERTIFICATE-----Generated at Mon Dec 29 16:56:46 2025 by rpki-client