Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oCcZWkgg89cmSk1X7pqdTCoQySM.cer
File: oCcZWkgg89cmSk1X7pqdTCoQySM.cer (raw, json)
Hash identifier: L7yLwqfPueH2F8bFhxY5nqAULbSJdBgxMhnSRYcs2rc=
Subject key identifier: A0:27:19:5A:48:20:F3:D7:26:4A:4D:57:EE:9A:9D:4C:2A:10:C9:23
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6CEC
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91C1621/35EDA92ECF0D11EF92F1EC36C4F9AE02/oCcZWkgg89cmSk1X7pqdTCoQySM.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91C1621/35EDA92ECF0D11EF92F1EC36C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 28 Oct 2025 14:16:05 +0000
Certificate not after: Sun 31 Jan 2027 00:00:00 +0000
Subordinate resources: IP: 161.248.150.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 11 Nov 2025 14:35:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27884 (0x6cec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Oct 28 14:16:05 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=A91C1621, serialNumber=A027195A4820F3D7264A4D57EE9A9D4C2A10C923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:16:d1:2a:57:06:70:e5:13:ec:df:73:48:f7:
a3:c6:cc:7a:37:88:79:25:57:26:24:da:3f:85:92:
87:8f:bc:ba:6e:59:e8:1f:be:98:33:76:71:c6:6e:
36:cd:aa:92:3a:49:1a:a2:b4:4d:c5:74:7f:8e:5c:
ab:58:0f:a6:99:a3:20:d7:0a:85:d1:a3:e1:51:21:
a9:52:b4:8d:41:a2:90:b2:5c:95:44:e3:31:43:0f:
9f:8c:19:4a:02:a5:f9:86:9e:f4:ef:11:dd:28:e9:
c6:2e:e1:08:c7:fd:73:96:dc:a7:a4:bd:36:0e:0b:
7d:0d:bb:96:aa:aa:88:f6:bf:0c:ab:18:62:f4:93:
c2:d0:39:64:62:d1:b1:75:ff:8f:1c:59:1f:75:12:
6a:00:cc:8c:1e:9a:ac:a7:78:4d:28:f5:37:cd:70:
f3:10:a9:fe:da:61:19:a9:b6:11:41:2d:ff:1e:ed:
5f:ee:b0:73:72:46:66:72:f6:e2:61:1f:7a:59:e3:
03:75:1a:47:a3:79:a2:4d:ab:fc:ec:d0:25:31:37:
43:4c:b0:2c:93:df:46:66:a6:05:88:fe:46:d3:56:
2c:50:ab:34:a7:c0:d8:70:db:10:e1:cd:79:f2:6b:
5b:b3:ac:67:46:32:18:c1:7d:ea:ec:3a:f8:a8:c5:
ab:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:27:19:5A:48:20:F3:D7:26:4A:4D:57:EE:9A:9D:4C:2A:10:C9:23
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C1621/35EDA92ECF0D11EF92F1EC36C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C1621/35EDA92ECF0D11EF92F1EC36C4F9AE02/oCcZWkgg89cmSk1X7pqdTCoQySM.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.150.0/23
Signature Algorithm: sha256WithRSAEncryption
77:b3:de:c5:ab:aa:0d:d8:e8:09:3a:69:44:67:5a:3b:03:0f:
28:6f:cd:8b:af:cc:97:85:4c:be:47:f3:2a:09:5e:e1:66:53:
1e:ef:79:fe:4a:76:4d:2f:61:08:17:42:94:57:ec:04:6d:ea:
6d:9d:02:22:3a:4d:59:e3:17:e8:6c:3f:ac:21:b0:2d:ca:6c:
76:95:ad:fd:c0:9c:fd:ec:8b:c5:e5:a5:c0:64:3a:8c:24:0d:
91:29:55:c3:c9:06:ee:5e:51:15:de:f3:50:40:49:e3:9b:31:
9b:89:e0:a7:23:38:aa:64:98:c4:17:65:24:83:b7:3b:36:a0:
fd:5c:e9:13:e5:13:40:c7:ce:9d:53:20:7e:26:d1:1e:c8:ce:
47:8b:a0:78:87:4c:63:24:af:70:ff:3a:71:8e:f5:b5:f7:8e:
c9:8a:49:18:80:82:30:34:23:54:fa:8d:49:07:57:bc:11:8f:
4f:ac:88:26:08:3e:de:ce:9e:ac:a9:3a:c5:fe:66:57:91:9f:
a9:97:a8:1e:e4:a6:fb:a5:2f:3d:e8:0e:0a:98:5f:9c:77:ca:
50:ea:54:91:3b:b8:55:97:77:e8:4e:aa:f4:27:31:55:13:ec:
5d:7f:10:f6:71:83:eb:9c:00:a0:ed:24:b9:97:c6:b3:99:34:
7f:83:cc:93
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICbOwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUxMDI4MTQxNjA1WhcNMjcwMTMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDMTYyMTExMC8GA1UEBRMoQTAyNzE5NUE0ODIwRjNENzI2NEE0RDU3
RUU5QTlENEMyQTEwQzkyMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AJ4W0SpXBnDlE+zfc0j3o8bMejeIeSVXJiTaP4WSh4+8um5Z6B++mDN2ccZuNs2q
kjpJGqK0TcV0f45cq1gPppmjINcKhdGj4VEhqVK0jUGikLJclUTjMUMPn4wZSgKl
+Yae9O8R3Sjpxi7hCMf9c5bcp6S9Ng4LfQ27lqqqiPa/DKsYYvSTwtA5ZGLRsXX/
jxxZH3USagDMjB6arKd4TSj1N81w8xCp/tphGam2EUEt/x7tX+6wc3JGZnL24mEf
elnjA3UaR6N5ok2r/OzQJTE3Q0ywLJPfRmamBYj+RtNWLFCrNKfA2HDbEOHNefJr
W7OsZ0YyGMF96uw6+KjFq60CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBSgJxlaSCDz
1yZKTVfump1MKhDJIzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzE2MjEvMzVFREE5MkVDRjBEMTFFRjkyRjFFQzM2QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUMxNjIxLzM1RURBOTJFQ0YwRDExRUY5MkYxRUMzNkM0RjlBRTAyL29DY1pXa2dn
ODljbVNrMVg3cHFkVENvUXlTTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaH4ljANBgkqhkiG9w0BAQsFAAOCAQEAd7PexauqDdjoCTppRGda
OwMPKG/Ni6/Ml4VMvkfzKgle4WZTHu95/kp2TS9hCBdClFfsBG3qbZ0CIjpNWeMX
6Gw/rCGwLcpsdpWt/cCc/eyLxeWlwGQ6jCQNkSlVw8kG7l5RFd7zUEBJ45sxm4ng
pyM4qmSYxBdlJIO3Ozag/VzpE+UTQMfOnVMgfibRHsjOR4ugeIdMYySvcP86cY71
tfeOyYpJGICCMDQjVPqNSQdXvBGPT6yIJgg+3s6erKk6xf5mV5GfqZeoHuSm+6Uv
PegOCphfnHfKUOpUkTu4VZd36E6q9CcxVRPsXX8Q9nGD65wAoO0kuZfGs5k0f4PM
kw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 16:06:47 2025 by rpki-client