Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGSQ23RcleyGYUmf_IJkZnumf4o.cer
File: MGSQ23RcleyGYUmf_IJkZnumf4o.cer (raw, json)
Hash identifier: JdLNEU0aU+rZNwrDEFCFDBrK9OmU6hVwmdwIMqHYJa0=
Subject key identifier: 30:64:90:DB:74:5C:95:EC:86:61:49:9F:FC:82:64:66:7B:A6:7F:8A
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 7805
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 01 Mar 2026 07:46:45 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 161.248.100.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 14:59:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30725 (0x7805)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Mar 1 07:46:45 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A91CE7A4, serialNumber=306490DB745C95EC8661499FFC8264667BA67F8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d8:a9:87:fa:ed:53:97:f2:4f:58:67:a1:17:
7e:7b:80:2d:24:39:04:ff:99:6b:3e:d2:fe:28:b3:
ee:99:1c:ae:72:5f:b3:96:9e:8f:df:58:81:5b:e0:
f5:56:98:f6:55:de:bf:24:3e:8e:60:05:cc:23:33:
bd:c8:28:97:23:6c:68:7d:e3:56:6b:6c:a7:44:25:
8d:16:c5:b4:89:68:ff:21:0a:ea:ff:8b:6d:dc:a7:
dc:a3:2f:83:f4:20:d8:82:f7:13:64:11:f3:21:f4:
0c:8b:90:50:02:5d:53:90:29:e8:3f:53:ff:17:c3:
51:58:dc:b5:9d:12:de:b2:63:72:e0:81:f1:51:8b:
a2:fa:a5:2b:0c:ee:52:8c:56:4b:d7:3e:54:bd:66:
67:6a:45:45:76:ea:4c:c8:47:a9:5b:49:14:f5:ae:
5a:4f:d2:3f:8a:42:e5:a5:ec:fa:65:91:68:38:33:
61:21:01:de:c7:61:30:f8:4c:f0:31:28:0f:fa:90:
37:36:f4:ed:d7:d0:36:ba:a6:26:6b:6b:04:1c:f0:
a8:90:9b:44:ac:36:9f:76:a1:23:e9:27:16:c5:84:
72:c8:e3:33:4d:6e:51:bf:a4:f1:af:8e:f1:a0:d4:
ea:f0:be:be:fe:a9:48:89:e5:45:1d:ee:47:0f:17:
d3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:64:90:DB:74:5C:95:EC:86:61:49:9F:FC:82:64:66:7B:A6:7F:8A
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.100.0/23
Signature Algorithm: sha256WithRSAEncryption
23:f6:38:34:84:c7:a7:e5:5a:dd:df:db:c3:b6:19:81:7c:ce:
68:cc:66:62:9a:28:cd:a6:5a:a4:c4:f5:c9:4d:e1:56:7b:18:
ef:c1:4d:4e:dc:44:a2:a5:74:5f:54:03:cc:65:ec:fe:ba:05:
62:82:e2:3a:d8:9f:e0:c7:10:89:52:5e:e6:b2:24:63:36:c5:
47:3b:34:27:7f:7f:b0:14:67:b3:c6:80:5a:01:48:d9:5a:21:
a1:d3:a0:60:ca:b9:a7:5b:57:79:03:95:20:bb:31:38:bb:dd:
98:75:a3:3c:37:cb:69:a7:19:45:9d:96:bb:5d:d1:af:fc:b6:
b0:d6:65:7b:a3:e3:0a:67:35:20:52:6f:65:28:be:d5:53:e7:
00:de:ab:8b:23:56:b5:04:ac:cd:f7:4b:52:24:89:64:36:0e:
e7:b9:d7:dd:3c:28:54:cf:68:4c:27:e9:23:9d:3f:46:40:88:
9b:cf:95:21:0b:07:f2:2e:ab:84:31:d9:94:0f:3c:38:b4:3f:
2a:bf:c0:83:dc:d0:37:6a:9d:7b:12:ef:c3:f7:f1:ed:f2:24:
7b:34:9c:41:15:5f:1b:95:ef:30:fa:75:53:98:09:48:ec:c8:
21:fb:a0:5d:7b:7e:4c:b5:f2:9b:54:fc:bf:93:27:29:9b:9e:
d9:d5:ff:c5
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICeAUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjYwMzAxMDc0NjQ1WhcNMjYwNzAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDRTdBNDExMC8GA1UEBRMoMzA2NDkwREI3NDVDOTVFQzg2NjE0OTlG
RkM4MjY0NjY3QkE2N0Y4QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKrYqYf67VOX8k9YZ6EXfnuALSQ5BP+Zaz7S/iiz7pkcrnJfs5aej99YgVvg9VaY
9lXevyQ+jmAFzCMzvcgolyNsaH3jVmtsp0QljRbFtIlo/yEK6v+Lbdyn3KMvg/Qg
2IL3E2QR8yH0DIuQUAJdU5Ap6D9T/xfDUVjctZ0S3rJjcuCB8VGLovqlKwzuUoxW
S9c+VL1mZ2pFRXbqTMhHqVtJFPWuWk/SP4pC5aXs+mWRaDgzYSEB3sdhMPhM8DEo
D/qQNzb07dfQNrqmJmtrBBzwqJCbRKw2n3ahI+knFsWEcsjjM01uUb+k8a+O8aDU
6vC+vv6pSInlRR3uRw8X04MCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQwZJDbdFyV
7IZhSZ/8gmRme6Z/ijAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0U3QTQvQjg5MERGRDJDQzBGMTFFRkEyNzhGRDRDQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNFN0E0L0I4OTBERkQyQ0MwRjExRUZBMjc4RkQ0Q0M0RjlBRTAyL01HU1EyM1Jj
bGV5R1lVbWZfSUprWm51bWY0by5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaH4ZDANBgkqhkiG9w0BAQsFAAOCAQEAI/Y4NITHp+Va3d/bw7YZ
gXzOaMxmYpoozaZapMT1yU3hVnsY78FNTtxEoqV0X1QDzGXs/roFYoLiOtif4McQ
iVJe5rIkYzbFRzs0J39/sBRns8aAWgFI2VohodOgYMq5p1tXeQOVILsxOLvdmHWj
PDfLaacZRZ2Wu13Rr/y2sNZle6PjCmc1IFJvZSi+1VPnAN6riyNWtQSszfdLUiSJ
ZDYO57nX3TwoVM9oTCfpI50/RkCIm8+VIQsH8i6rhDHZlA88OLQ/Kr/Ag9zQN2qd
exLvw/fx7fIkezScQRVfG5XvMPp1U5gJSOzIIfugXXt+TLXym1T8v5MnKZue2dX/
xQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:21:47 2026 by rpki-client