Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TDOcq_yApfQZ3zPfsGiFwcNIiy0.cer
File: TDOcq_yApfQZ3zPfsGiFwcNIiy0.cer (raw, json)
Hash identifier: mTvrGAbs/HLTXOrm0txMQFVsJcySSEFcKuU0I/zQH+k=
Subject key identifier: 4C:33:9C:AB:FC:80:A5:F4:19:DF:33:DF:B0:68:85:C1:C3:48:8B:2D
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 694B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91C31B7/F2A5732E1E6B11EFAC0E914EC4F9AE02/TDOcq_yApfQZ3zPfsGiFwcNIiy0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91C31B7/F2A5732E1E6B11EFAC0E914EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 01 Aug 2025 05:04:14 +0000
Certificate not after: Mon 01 Dec 2025 00:00:00 +0000
Subordinate resources: IP: 160.22.18.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 11 Aug 2025 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26955 (0x694b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Aug 1 05:04:14 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=A91C31B7, serialNumber=4C339CABFC80A5F419DF33DFB06885C1C3488B2D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e9:e3:77:10:73:e4:bf:cf:d7:86:f8:f2:ff:
fc:7c:eb:dc:5b:29:35:3d:e9:49:ca:62:ec:13:79:
ab:50:8f:2d:5d:03:5c:38:73:6e:1e:86:6e:cb:e6:
50:81:9e:54:38:06:7e:b4:4b:1f:54:67:ef:e2:64:
98:e7:5a:2a:22:9c:ea:31:07:65:6a:d7:63:c9:ca:
c6:01:f5:43:fb:cc:75:7e:4e:9f:eb:4c:0d:77:87:
f8:9d:a8:01:53:e3:7d:80:03:62:14:38:fb:b5:09:
e3:4b:bb:27:d0:10:f4:4c:14:c8:dd:03:10:db:1d:
c7:d8:10:50:bb:3a:85:75:a6:29:69:f1:3b:26:36:
5a:bb:16:13:86:d4:70:66:a8:07:a2:e0:aa:9d:22:
b4:d6:52:d4:ce:bb:20:a9:2c:3b:aa:92:f4:6c:31:
f5:97:56:ad:c0:89:f0:79:86:75:c3:c9:c9:28:82:
b7:47:9e:a2:24:9c:d1:60:ad:b9:0c:47:69:6b:ac:
cd:25:3b:3a:2f:21:cf:20:10:f0:2e:ca:5e:b0:56:
a9:7d:41:ac:d5:aa:17:13:c9:05:46:50:d6:fd:27:
e3:c0:64:0b:51:6f:d2:ee:3a:66:4d:3e:a7:c7:45:
9c:23:f8:07:f4:f0:4a:c0:08:e4:13:b0:ed:36:34:
e7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:33:9C:AB:FC:80:A5:F4:19:DF:33:DF:B0:68:85:C1:C3:48:8B:2D
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C31B7/F2A5732E1E6B11EFAC0E914EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C31B7/F2A5732E1E6B11EFAC0E914EC4F9AE02/TDOcq_yApfQZ3zPfsGiFwcNIiy0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.22.18.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:3a:df:79:ce:dc:c4:c9:38:a4:8a:80:c8:c3:c4:76:23:59:
c5:86:bf:b7:fa:67:18:90:14:af:ea:43:0d:58:04:26:eb:17:
65:a6:68:56:1a:a2:75:a8:b9:dd:87:58:0c:c0:e8:ee:82:ed:
73:8b:ab:7c:7d:ff:b9:0f:db:7d:ba:48:2c:f6:58:d8:a8:79:
22:4f:00:a4:f3:a6:a3:30:e4:14:0e:6e:56:60:0d:a0:2f:50:
be:93:c5:14:ba:89:f9:cd:8a:ce:cb:77:ca:54:41:f2:bd:c9:
c7:8f:59:6d:c1:49:0f:a3:a0:ca:c0:ff:9c:4f:0d:cf:6f:ac:
ef:f5:e5:36:05:82:c8:da:3e:a5:74:ff:be:c5:46:ad:3f:c7:
3f:4d:33:d6:fe:2c:2e:a6:19:22:2a:50:b3:dd:51:95:f8:e6:
5a:31:4b:77:21:e1:ba:e7:13:3a:01:28:e4:a4:12:e1:51:d4:
09:52:82:79:4a:a9:19:e2:93:78:85:62:bb:38:65:52:5e:1d:
e2:c3:b4:84:15:62:e5:18:42:18:ac:5c:4d:94:73:68:6d:74:
58:21:d0:b3:ac:fd:7c:f2:56:00:92:36:cb:41:5e:5e:45:2d:
cf:b3:f6:25:74:df:40:bf:1e:07:84:9e:e2:4a:ba:94:9c:50:
51:a1:c4:24
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICaUswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwODAxMDUwNDE0WhcNMjUxMjAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDMzFCNzExMC8GA1UEBRMoNEMzMzlDQUJGQzgwQTVGNDE5REYzM0RG
QjA2ODg1QzFDMzQ4OEIyRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANrp43cQc+S/z9eG+PL//Hzr3FspNT3pScpi7BN5q1CPLV0DXDhzbh6GbsvmUIGe
VDgGfrRLH1Rn7+JkmOdaKiKc6jEHZWrXY8nKxgH1Q/vMdX5On+tMDXeH+J2oAVPj
fYADYhQ4+7UJ40u7J9AQ9EwUyN0DENsdx9gQULs6hXWmKWnxOyY2WrsWE4bUcGao
B6Lgqp0itNZS1M67IKksO6qS9Gwx9ZdWrcCJ8HmGdcPJySiCt0eeoiSc0WCtuQxH
aWuszSU7Oi8hzyAQ8C7KXrBWqX1BrNWqFxPJBUZQ1v0n48BkC1Fv0u46Zk0+p8dF
nCP4B/TwSsAI5BOw7TY05+0CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRMM5yr/ICl
9BnfM9+waIXBw0iLLTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzMxQjcvRjJBNTczMkUxRTZCMTFFRkFDMEU5MTRFQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUMzMUI3L0YyQTU3MzJFMUU2QjExRUZBQzBFOTE0RUM0RjlBRTAyL1RET2NxX3lB
cGZRWjN6UGZzR2lGd2NOSWl5MC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaAWEjANBgkqhkiG9w0BAQsFAAOCAQEAKzrfec7cxMk4pIqAyMPE
diNZxYa/t/pnGJAUr+pDDVgEJusXZaZoVhqidai53YdYDMDo7oLtc4urfH3/uQ/b
fbpILPZY2Kh5Ik8ApPOmozDkFA5uVmANoC9QvpPFFLqJ+c2Kzst3ylRB8r3Jx49Z
bcFJD6OgysD/nE8Nz2+s7/XlNgWCyNo+pXT/vsVGrT/HP00z1v4sLqYZIipQs91R
lfjmWjFLdyHhuucTOgEo5KQS4VHUCVKCeUqpGeKTeIViuzhlUl4d4sO0hBVi5RhC
GKxcTZRzaG10WCHQs6z9fPJWAJI2y0FeXkUtz7P2JXTfQL8eB4Se4kq6lJxQUaHE
JA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:12:22 2025 by rpki-client