Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fHiVltWjewRcnZ8TpCAMHodHf3Q.cer
File: fHiVltWjewRcnZ8TpCAMHodHf3Q.cer (raw, json)
Hash identifier: dQjvlFVX+liGD1w9Oi4zrZWbTTwKnzzXqprgNReA7PE=
Subject key identifier: 7C:78:95:96:D5:A3:7B:04:5C:9D:9F:13:A4:20:0C:1E:87:47:7F:74
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6D6E
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E9CD4/D47F490CB95511F09A7F6D71C4F9AE02/fHiVltWjewRcnZ8TpCAMHodHf3Q.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E9CD4/D47F490CB95511F09A7F6D71C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 04 Nov 2025 08:11:19 +0000
Certificate not after: Sun 31 Jan 2027 00:00:00 +0000
Subordinate resources: IP: 138.252.140.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 11 Nov 2025 14:35:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28014 (0x6d6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Nov 4 08:11:19 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=A91E9CD4, serialNumber=7C789596D5A37B045C9D9F13A4200C1E87477F74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6b:b0:73:08:f9:6a:c5:37:5a:ba:59:be:c3:
be:25:45:3d:3a:43:59:17:e0:1f:a1:ed:06:34:7a:
86:b5:bd:57:65:99:ec:6c:bf:1f:2f:ae:98:0b:8b:
0e:8d:fc:bc:d7:d9:c3:10:d9:5d:a6:87:6a:23:0d:
3e:b9:22:69:00:2f:4d:21:f1:16:9c:5d:b4:1a:bb:
5e:66:84:5f:8a:9c:e6:46:c5:e9:be:47:86:9c:8c:
3a:2c:9e:2e:6e:b3:9e:22:49:91:8f:f8:b4:6a:07:
27:db:44:15:87:7d:5e:7c:8d:c4:8b:65:01:1b:89:
79:ff:0d:c9:7b:64:9d:0d:62:26:27:85:cb:41:a8:
25:20:fa:55:81:05:71:0d:b0:57:09:e5:10:4f:5f:
72:ef:c7:52:db:dc:c5:e7:fc:40:2a:bd:c7:20:df:
12:d5:be:4c:d7:bd:7f:7b:16:2d:9d:35:18:be:17:
0e:4d:4e:ac:7c:39:61:62:11:3a:4d:09:4c:4c:e4:
62:76:d1:d2:a3:33:6b:6f:8d:6b:99:8e:aa:c3:2b:
55:c8:65:78:ea:68:ae:33:cc:0a:cf:80:c8:e9:0c:
f2:2f:b8:bd:fc:94:41:18:e8:4e:6f:91:44:5a:b3:
52:e1:c4:1c:f5:68:c8:1d:3d:a5:8c:f4:04:78:30:
16:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:78:95:96:D5:A3:7B:04:5C:9D:9F:13:A4:20:0C:1E:87:47:7F:74
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E9CD4/D47F490CB95511F09A7F6D71C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E9CD4/D47F490CB95511F09A7F6D71C4F9AE02/fHiVltWjewRcnZ8TpCAMHodHf3Q.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
138.252.140.0/23
Signature Algorithm: sha256WithRSAEncryption
05:c0:bd:0e:bf:35:34:87:22:dc:0d:cb:4e:a2:65:fb:65:d3:
4a:ac:2c:70:79:f5:5c:5c:a4:a9:8c:dc:ca:fa:a9:c0:3e:fe:
35:56:22:3e:20:fb:8a:b1:27:4e:64:13:d0:0a:d8:46:d1:ec:
7c:32:b9:bc:d0:f5:7d:45:a1:32:69:6a:56:f6:3a:1d:71:4c:
2c:6e:76:d1:c1:3a:87:1f:98:41:0d:f7:28:67:04:9b:87:e4:
1e:97:6f:e7:88:f1:cf:a0:89:b3:5d:2e:28:51:bf:a1:4e:73:
4b:3e:16:e1:f3:58:47:5c:d1:80:6b:af:c9:7b:7c:1f:21:3d:
a1:f1:fa:59:b6:d0:d7:c5:5c:86:df:8a:31:9d:6e:7e:ff:f9:
fe:a4:0b:6c:8a:94:ad:1e:b9:7a:e7:cc:4c:02:d2:97:21:ae:
bf:e2:90:83:b3:e8:8e:76:88:cb:dc:d1:a6:01:92:10:2a:b7:
fa:ef:08:d1:c7:3d:61:2d:73:33:58:37:af:6a:6b:e2:63:ad:
38:4e:eb:b7:be:25:f9:f9:bb:30:ef:74:fd:39:51:59:9b:c7:
e0:ea:49:cc:de:b3:c7:8e:b2:53:36:69:4e:4d:23:00:f3:e2:
03:70:5d:2d:b3:61:d5:ac:94:7a:1b:3a:76:1f:32:2f:ac:c9:
78:c3:cf:dc
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICbW4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUxMTA0MDgxMTE5WhcNMjcwMTMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFFOUNENDExMC8GA1UEBRMoN0M3ODk1OTZENUEzN0IwNDVDOUQ5RjEz
QTQyMDBDMUU4NzQ3N0Y3NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AJ5rsHMI+WrFN1q6Wb7DviVFPTpDWRfgH6HtBjR6hrW9V2WZ7Gy/Hy+umAuLDo38
vNfZwxDZXaaHaiMNPrkiaQAvTSHxFpxdtBq7XmaEX4qc5kbF6b5HhpyMOiyeLm6z
niJJkY/4tGoHJ9tEFYd9XnyNxItlARuJef8NyXtknQ1iJieFy0GoJSD6VYEFcQ2w
VwnlEE9fcu/HUtvcxef8QCq9xyDfEtW+TNe9f3sWLZ01GL4XDk1OrHw5YWIROk0J
TEzkYnbR0qMza2+Na5mOqsMrVchleOporjPMCs+AyOkM8i+4vfyUQRjoTm+RRFqz
UuHEHPVoyB09pYz0BHgwFo0CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBR8eJWW1aN7
BFydnxOkIAweh0d/dDAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTlDRDQvRDQ3RjQ5MENCOTU1MTFGMDlBN0Y2RDcxQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU5Q0Q0L0Q0N0Y0OTBDQjk1NTExRjA5QTdGNkQ3MUM0RjlBRTAyL2ZIaVZsdFdq
ZXdSY25aOFRwQ0FNSG9kSGYzUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAYr8jDANBgkqhkiG9w0BAQsFAAOCAQEABcC9Dr81NIci3A3LTqJl
+2XTSqwscHn1XFykqYzcyvqpwD7+NVYiPiD7irEnTmQT0ArYRtHsfDK5vND1fUWh
MmlqVvY6HXFMLG520cE6hx+YQQ33KGcEm4fkHpdv54jxz6CJs10uKFG/oU5zSz4W
4fNYR1zRgGuvyXt8HyE9ofH6WbbQ18Vcht+KMZ1ufv/5/qQLbIqUrR65eufMTALS
lyGuv+KQg7PojnaIy9zRpgGSECq3+u8I0cc9YS1zM1g3r2pr4mOtOE7rt74l+fm7
MO90/TlRWZvH4OpJzN6zx46yUzZpTk0jAPPiA3BdLbNh1ayUehs6dh8yL6zJeMPP
3A==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:59:03 2025 by rpki-client