Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5OTCQkd4XDQv81kH9-EcSrs5i4M.cer
File: 5OTCQkd4XDQv81kH9-EcSrs5i4M.cer (raw, json)
Hash identifier: AP7/vqPUYimsX+jKxeK5DY3wTjhPsMD5BQ3zrjmjqp0=
Subject key identifier: E4:E4:C2:42:47:78:5C:34:2F:F3:59:07:F7:E1:1C:4A:BB:39:8B:83
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6D0A
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 30 Oct 2025 01:22:57 +0000
Certificate not after: Wed 30 Dec 2026 00:00:00 +0000
Subordinate resources: IP: 160.187.14.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 11 Nov 2025 16:39:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27914 (0x6d0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Oct 30 01:22:57 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=A91E85F1, serialNumber=E4E4C24247785C342FF35907F7E11C4ABB398B83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ee:a1:e3:48:fe:8d:7b:4d:9b:1b:14:12:18:
10:d3:8e:e5:59:97:6a:37:39:d3:b2:4a:f8:e8:07:
25:15:7c:0c:97:bf:48:bb:9f:00:03:b5:af:83:2f:
3d:f5:c0:d8:8a:19:06:a8:69:49:ee:3d:63:62:11:
8c:d6:c6:a9:05:64:22:d3:35:4c:46:76:b2:af:57:
06:7a:18:c2:29:a2:e1:fa:f9:a5:4b:0f:19:2c:3e:
9c:08:53:d5:b2:79:4e:a7:49:63:ac:ae:22:0f:b6:
7e:0e:df:bd:91:20:5e:c1:f3:1a:8b:d7:66:87:52:
af:bf:c4:68:b9:e4:d3:b0:3c:cd:2e:54:69:1d:c0:
1e:ff:4d:b0:13:7a:e3:02:1a:c7:5b:98:28:92:dc:
90:b2:f5:54:5d:4d:d2:db:c1:bf:5c:3c:be:11:24:
38:1e:8b:69:fe:bb:53:17:1b:dc:78:18:ca:f4:2c:
86:45:cb:b5:bd:d3:98:3a:75:de:e6:0f:52:ee:7d:
3b:a6:c9:0a:5e:15:3c:65:64:e8:5e:8e:4e:0d:2d:
98:8a:ad:45:ae:6e:31:a6:a6:b5:e1:3a:21:db:ad:
35:6b:a6:16:be:b8:22:79:b5:d6:5f:e3:77:59:1f:
1b:3e:6f:36:87:e9:0d:bb:73:7d:8c:ac:47:f6:38:
e9:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E4:C2:42:47:78:5C:34:2F:F3:59:07:F7:E1:1C:4A:BB:39:8B:83
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.187.14.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:2f:28:5d:99:e9:a6:61:9d:56:7b:3b:de:be:f8:d9:78:c3:
e9:9f:f1:d3:95:f1:c0:6c:5a:19:6c:41:06:ed:31:45:9d:d1:
51:6a:35:76:db:f8:be:eb:4f:57:36:8a:b2:04:2f:b8:2d:fb:
f9:ad:7f:38:24:27:e5:d3:c8:4d:3d:8a:dc:40:e2:14:3f:0d:
65:2f:dd:b4:da:44:04:6c:d1:d6:42:4c:c7:dd:96:d3:f8:8e:
d9:2b:da:9d:1d:df:21:e4:59:90:1a:fa:e4:cd:f8:f9:29:4c:
bb:7c:04:18:b2:eb:5d:dd:0c:84:1f:ad:ed:bb:46:bb:39:7a:
48:70:53:ba:fd:b4:38:d4:6c:f6:4e:56:84:8a:ee:79:5e:17:
26:3a:97:53:f5:1e:ea:a1:eb:fc:3d:e5:1a:98:d9:a1:d7:4d:
bf:43:fc:27:37:3e:5e:40:f6:56:40:4e:8e:e5:0a:25:66:0a:
da:5f:87:e5:3c:b9:df:c0:96:6a:56:0e:a6:00:f7:05:f1:74:
21:fb:ca:47:99:18:09:38:7c:9d:70:c7:d7:86:ed:04:f8:2c:
b8:91:2e:71:3b:f4:38:b5:c4:23:2e:d5:2d:33:9a:5e:b5:5a:
43:6a:e7:5a:2f:70:fb:cd:2c:0e:f7:7f:e0:a5:48:43:bd:7a:
a8:0c:6a:66
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICbQowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUxMDMwMDEyMjU3WhcNMjYxMjMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFFODVGMTExMC8GA1UEBRMoRTRFNEMyNDI0Nzc4NUMzNDJGRjM1OTA3
RjdFMTFDNEFCQjM5OEI4MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMruoeNI/o17TZsbFBIYENOO5VmXajc507JK+OgHJRV8DJe/SLufAAO1r4MvPfXA
2IoZBqhpSe49Y2IRjNbGqQVkItM1TEZ2sq9XBnoYwimi4fr5pUsPGSw+nAhT1bJ5
TqdJY6yuIg+2fg7fvZEgXsHzGovXZodSr7/EaLnk07A8zS5UaR3AHv9NsBN64wIa
x1uYKJLckLL1VF1N0tvBv1w8vhEkOB6Laf67Uxcb3HgYyvQshkXLtb3TmDp13uYP
Uu59O6bJCl4VPGVk6F6OTg0tmIqtRa5uMaamteE6IdutNWumFr64Inm11l/jd1kf
Gz5vNofpDbtzfYysR/Y46esCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTk5MJCR3hc
NC/zWQf34RxKuzmLgzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTg1RjEvNjIyMDYzM0MwREZDMTFGMEExRDk4MDUzQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU4NUYxLzYyMjA2MzNDMERGQzExRjBBMUQ5ODA1M0M0RjlBRTAyLzVPVENRa2Q0
WERRdjgxa0g5LUVjU3JzNWk0TS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaC7DjANBgkqhkiG9w0BAQsFAAOCAQEAoi8oXZnppmGdVns73r74
2XjD6Z/x05XxwGxaGWxBBu0xRZ3RUWo1dtv4vutPVzaKsgQvuC37+a1/OCQn5dPI
TT2K3EDiFD8NZS/dtNpEBGzR1kJMx92W0/iO2SvanR3fIeRZkBr65M34+SlMu3wE
GLLrXd0MhB+t7btGuzl6SHBTuv20ONRs9k5WhIrueV4XJjqXU/Ue6qHr/D3lGpjZ
oddNv0P8Jzc+XkD2VkBOjuUKJWYK2l+H5Ty538CWalYOpgD3BfF0IfvKR5kYCTh8
nXDH14btBPgsuJEucTv0OLXEIy7VLTOaXrVaQ2rnWi9w+80sDvd/4KVIQ716qAxq
Zg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 19:00:54 2025 by rpki-client