Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer
File: KbaocCpK1kSocQZLZAet5JPmOo0.cer (raw, json)
Hash identifier: PFZnJaIBwU1bnZcfC7bT1U1PpnAxGLeefbJWzKy9G2U=
Subject key identifier: 29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6939
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 31 Jul 2025 16:36:44 +0000
Certificate not after: Wed 30 Sep 2026 00:00:00 +0000
Subordinate resources: IP: 168.245.188.0/22
IP: 198.246.223.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 11 Aug 2025 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26937 (0x6939)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Jul 31 16:36:44 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=A919EAF3, serialNumber=29B6A8702A4AD644A871064B6407ADE493E63A8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:cf:e1:bd:7f:38:00:70:74:25:c4:67:da:60:
c1:1d:08:41:cf:77:c5:c1:d5:74:6f:0f:ff:a2:7a:
cf:6b:cf:20:cc:6a:69:a9:d8:f3:d8:59:e4:38:dc:
fc:a7:46:5a:78:1d:00:ef:44:6e:41:05:5e:aa:b1:
48:4e:aa:f2:b6:7d:58:2b:0d:9b:1b:d6:72:24:d7:
e4:f9:a0:89:53:92:07:13:ee:b1:5d:82:a3:7e:ca:
77:7b:46:25:ca:7d:78:01:d6:02:c9:68:fb:2e:f2:
4d:80:f3:b1:cb:d0:12:6e:96:85:b9:6d:1f:02:e0:
f8:d9:f3:6e:cf:d0:8e:60:89:15:c8:53:00:24:36:
c6:10:79:3a:da:dd:ff:b3:c2:23:36:b8:60:72:20:
3b:71:d0:43:4d:af:9e:8e:09:de:b8:6e:25:36:10:
81:f1:c7:6b:57:cc:6b:00:04:b6:2b:e7:55:20:dd:
43:8f:9d:4b:fe:08:86:ce:df:c3:49:db:e3:71:67:
e8:f1:35:02:68:37:a4:f5:a6:a3:38:d5:84:89:d9:
c6:0f:eb:49:ca:ba:e6:cd:78:fc:27:cb:ff:71:8b:
b3:b3:19:5e:12:2e:df:a9:9f:42:02:75:e1:e6:4a:
1f:61:e0:5c:b1:33:52:d6:c8:81:65:2d:09:40:5e:
de:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
168.245.188.0/22
198.246.223.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:53:4b:e4:87:85:51:79:ad:cf:d5:24:d7:77:40:96:9a:b1:
1b:c4:b9:95:7f:b0:2c:9a:b0:2c:f9:43:6f:0c:37:8c:09:0e:
7d:74:e9:cc:6e:27:8c:6e:4a:94:9b:37:fd:58:1a:83:a1:f0:
c8:1c:f6:ce:92:25:41:51:34:78:18:a7:dd:9e:eb:51:4f:04:
3e:ed:9c:90:7e:72:1d:82:92:8d:b9:46:9a:19:cc:85:2d:a3:
6e:dc:8e:b1:2c:36:7b:60:6c:f9:bc:f4:7c:50:e5:a9:8a:c2:
06:58:74:83:9e:cd:b9:1b:8b:fb:56:ab:8f:06:99:29:84:65:
0c:7c:56:27:00:93:1b:dc:45:a4:9a:a9:1c:cc:80:95:14:ce:
b4:81:9c:6b:d3:34:1c:a7:a7:d8:ab:59:72:61:af:7a:94:8b:
08:8b:20:6a:49:56:2f:2f:57:2b:6e:ed:13:c8:31:06:52:9b:
91:84:8e:6a:77:70:1f:8d:31:6a:0f:99:e1:8d:cb:1c:b1:f5:
7c:85:e7:c6:66:8f:14:22:85:9a:5b:c6:49:d8:ca:b2:8c:b7:
7b:ee:5a:7d:54:e8:85:31:a5:15:7f:56:93:e6:59:a6:16:15:
6e:ba:b8:f4:17:69:18:63:b0:8b:72:4a:2f:76:69:21:66:81:
73:59:41:78
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgICaTkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNzMxMTYzNjQ0WhcNMjYwOTMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE5RUFGMzExMC8GA1UEBRMoMjlCNkE4NzAyQTRBRDY0NEE4NzEwNjRC
NjQwN0FERTQ5M0U2M0E4RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM7P4b1/OABwdCXEZ9pgwR0IQc93xcHVdG8P/6J6z2vPIMxqaanY89hZ5Djc/KdG
WngdAO9EbkEFXqqxSE6q8rZ9WCsNmxvWciTX5PmgiVOSBxPusV2Co37Kd3tGJcp9
eAHWAslo+y7yTYDzscvQEm6WhbltHwLg+Nnzbs/QjmCJFchTACQ2xhB5Otrd/7PC
Iza4YHIgO3HQQ02vno4J3rhuJTYQgfHHa1fMawAEtivnVSDdQ4+dS/4Ihs7fw0nb
43Fn6PE1Amg3pPWmozjVhInZxg/rScq65s14/CfL/3GLs7MZXhIu36mfQgJ14eZK
H2HgXLEzUtbIgWUtCUBe3mUCAwEAAaOCAvkwggL1MB0GA1UdDgQWBBQptqhwKkrW
RKhxBktkB63kk+Y6jTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVBRjMvOTNCQjUwMkU2RDE4MTFFN0E4MTVEQTgwQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTlFQUYzLzkzQkI1MDJFNkQxODExRTdBODE1REE4MEM0RjlBRTAyL0tiYW9jQ3BL
MWtTb2NRWkxaQWV0NUpQbU9vMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQWMBQw
EgQCAAEwDAMEAqj1vAMEAMb23zANBgkqhkiG9w0BAQsFAAOCAQEAp1NL5IeFUXmt
z9Uk13dAlpqxG8S5lX+wLJqwLPlDbww3jAkOfXTpzG4njG5KlJs3/Vgag6HwyBz2
zpIlQVE0eBin3Z7rUU8EPu2ckH5yHYKSjblGmhnMhS2jbtyOsSw2e2Bs+bz0fFDl
qYrCBlh0g57NuRuL+1arjwaZKYRlDHxWJwCTG9xFpJqpHMyAlRTOtIGca9M0HKen
2KtZcmGvepSLCIsgaklWLy9XK27tE8gxBlKbkYSOandwH40xag+Z4Y3LHLH1fIXn
xmaPFCKFmlvGSdjKsoy3e+5afVTohTGlFX9Wk+ZZphYVbrq49BdpGGOwi3JKL3Zp
IWaBc1lBeA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:26:41 2025 by rpki-client