Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nGj0A_AkAXvdJtbdDSAnpAK58oE.cer
File: nGj0A_AkAXvdJtbdDSAnpAK58oE.cer (raw, json)
Hash identifier: mPHSqtv8axlTpx21igM4zfyj5nbtqPEb/jbN/oWrkN0=
Subject key identifier: 9C:68:F4:03:F0:24:01:7B:DD:26:D6:DD:0D:20:27:A4:02:B9:F2:81
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6D2F
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91B190F/BFA96FAA7BEC11EF999FBC19C4F9AE02/nGj0A_AkAXvdJtbdDSAnpAK58oE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91B190F/BFA96FAA7BEC11EF999FBC19C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 31 Oct 2025 22:28:09 +0000
Certificate not after: Wed 30 Dec 2026 00:00:00 +0000
Subordinate resources: IP: 160.187.118.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 11 Nov 2025 14:35:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27951 (0x6d2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Oct 31 22:28:09 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=A91B190F, serialNumber=9C68F403F024017BDD26D6DD0D2027A402B9F281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a3:72:c7:e6:08:45:15:66:87:f4:54:6f:a2:
c5:e3:e1:bd:ec:2b:b5:50:de:2a:7f:4c:98:f0:13:
04:9f:45:d3:67:42:d3:3b:ce:09:c8:a8:38:f1:b7:
72:7c:21:44:36:b5:4b:fe:89:2b:2c:13:6a:f4:c1:
e8:63:13:58:aa:3a:6d:1d:16:6d:0d:29:50:8c:3d:
67:50:f0:7d:1c:2b:81:f8:67:81:ba:80:27:9d:8e:
d2:c1:dc:89:17:e2:f9:2a:f5:14:bc:68:ca:59:60:
36:5e:23:d4:42:c9:c0:6a:e4:9c:6b:8f:b3:ac:11:
9a:ce:3a:36:9f:2a:37:3c:54:be:1a:ad:c0:a4:4b:
e0:9b:e4:19:a0:e0:10:66:7b:2d:bd:1c:6d:a3:33:
a7:c9:8e:28:b2:6e:db:47:4f:bf:c6:05:a3:62:46:
3d:42:b6:04:ed:7b:b0:27:93:e3:6c:68:c8:89:c9:
b0:64:a5:17:b2:14:2b:1b:8b:e4:67:f3:70:66:9e:
71:b4:dd:6c:82:3e:24:72:57:54:30:2e:5a:76:14:
56:78:08:03:23:3e:c4:74:87:ae:c9:6f:d7:39:b6:
dc:3d:22:a5:d9:43:53:3b:c5:12:32:a6:b0:21:eb:
20:80:96:a6:68:90:a1:cd:60:71:c6:21:f1:b5:9b:
c2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:68:F4:03:F0:24:01:7B:DD:26:D6:DD:0D:20:27:A4:02:B9:F2:81
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B190F/BFA96FAA7BEC11EF999FBC19C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B190F/BFA96FAA7BEC11EF999FBC19C4F9AE02/nGj0A_AkAXvdJtbdDSAnpAK58oE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.187.118.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:34:22:4d:93:04:d0:a9:00:eb:75:37:16:bc:f9:42:de:50:
0d:f1:a8:c5:4f:c8:11:31:92:3a:04:33:60:1d:82:63:8a:0c:
fb:f9:3b:92:d7:1d:81:f8:e8:fe:84:9c:cb:08:dc:5b:5a:94:
dd:ed:1b:bc:32:f9:b5:d1:1b:8c:95:03:66:10:fd:9d:60:57:
49:13:f4:c3:50:0f:b7:c8:99:6f:a1:81:e8:ca:9d:f6:73:26:
d8:36:74:c6:8a:99:b7:cc:f7:1c:7b:8f:22:f2:b8:e7:f3:dc:
b9:79:fd:cf:5e:e4:5c:65:e5:6c:10:c8:13:6f:05:a4:9e:28:
7b:24:ee:f0:56:22:0f:c5:1c:94:43:05:90:8c:e4:42:69:ef:
36:ef:33:6a:6b:de:0b:85:f3:7c:c8:81:9e:12:fa:bc:29:ec:
98:85:13:03:59:0d:07:f6:41:e6:56:6b:2d:0d:6c:bc:27:87:
8d:6d:d5:27:f0:03:21:18:33:e3:f0:e1:ff:ce:dd:97:4d:bf:
fd:ea:4b:ea:f5:93:37:7e:a4:62:a2:95:f1:84:3b:36:b7:ab:
be:1e:1c:64:7e:bc:00:d6:e8:9b:4a:65:64:b4:c3:d8:bc:37:
f1:41:40:93:68:40:fd:67:f2:97:1e:5a:fa:26:9e:fa:c7:8e:
80:5a:e9:70
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICbS8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUxMDMxMjIyODA5WhcNMjYxMjMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFCMTkwRjExMC8GA1UEBRMoOUM2OEY0MDNGMDI0MDE3QkREMjZENkRE
MEQyMDI3QTQwMkI5RjI4MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMCjcsfmCEUVZof0VG+ixePhvewrtVDeKn9MmPATBJ9F02dC0zvOCcioOPG3cnwh
RDa1S/6JKywTavTB6GMTWKo6bR0WbQ0pUIw9Z1DwfRwrgfhngbqAJ52O0sHciRfi
+Sr1FLxoyllgNl4j1ELJwGrknGuPs6wRms46Np8qNzxUvhqtwKRL4JvkGaDgEGZ7
Lb0cbaMzp8mOKLJu20dPv8YFo2JGPUK2BO17sCeT42xoyInJsGSlF7IUKxuL5Gfz
cGaecbTdbII+JHJXVDAuWnYUVngIAyM+xHSHrslv1zm23D0ipdlDUzvFEjKmsCHr
IICWpmiQoc1gccYh8bWbwnUCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBScaPQD8CQB
e90m1t0NICekArnygTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjE5MEYvQkZBOTZGQUE3QkVDMTFFRjk5OUZCQzE5QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUIxOTBGL0JGQTk2RkFBN0JFQzExRUY5OTlGQkMxOUM0RjlBRTAyL25HajBBX0Fr
QVh2ZEp0YmREU0FucEFLNThvRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaC7djANBgkqhkiG9w0BAQsFAAOCAQEADzQiTZME0KkA63U3Frz5
Qt5QDfGoxU/IETGSOgQzYB2CY4oM+/k7ktcdgfjo/oScywjcW1qU3e0bvDL5tdEb
jJUDZhD9nWBXSRP0w1APt8iZb6GB6Mqd9nMm2DZ0xoqZt8z3HHuPIvK45/PcuXn9
z17kXGXlbBDIE28FpJ4oeyTu8FYiD8UclEMFkIzkQmnvNu8zamveC4XzfMiBnhL6
vCnsmIUTA1kNB/ZB5lZrLQ1svCeHjW3VJ/ADIRgz4/Dh/87dl02//epL6vWTN36k
YqKV8YQ7Nrervh4cZH68ANbom0plZLTD2Lw38UFAk2hA/Wfylx5a+iae+seOgFrp
cA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 16:06:31 2025 by rpki-client