Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ovb2YTEslb8FoLUjCxNx1GIv1ic.cer
File: ovb2YTEslb8FoLUjCxNx1GIv1ic.cer (raw, json)
Hash identifier: fQOhDqr/qZUxqfwWJumtTv9z/8A/TxL5V5ZrM42Q4wE=
Subject key identifier: A2:F6:F6:61:31:2C:95:BF:05:A0:B5:23:0B:13:71:D4:62:2F:D6:27
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 7506
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 27 Feb 2026 02:48:49 +0000
Certificate not after: Wed 31 Mar 2027 00:00:00 +0000
Subordinate resources: IP: 161.142.0.0/16
IP: 192.228.128.0/17
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 14:59:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29958 (0x7506)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Feb 27 02:48:49 2026 GMT
Not After : Mar 31 00:00:00 2027 GMT
Subject: CN=A91E7BC4, serialNumber=A2F6F661312C95BF05A0B5230B1371D4622FD627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:cb:8c:c9:6a:11:2c:07:ba:bd:05:90:e5:c5:
56:0c:f1:a2:4f:9c:37:a3:4d:b0:51:09:7a:63:b6:
82:cf:d1:5b:b4:2f:c0:e8:32:82:b6:61:4d:6b:c7:
0b:d6:bf:db:d0:26:d1:96:13:18:c0:6f:2c:fa:e6:
8a:a4:0a:d4:df:a7:0d:6f:42:2e:63:7a:88:ca:c1:
2c:ae:6e:1d:f4:1d:99:0c:c9:7d:98:8a:b0:e6:e9:
d9:3b:f6:b1:e9:55:72:1d:9c:05:91:75:f9:fd:7d:
4f:7a:a3:ff:6f:3a:0b:b8:10:d3:a4:17:c2:5f:75:
71:a5:9c:13:48:fa:7d:a6:53:2a:7f:34:3b:d0:1c:
df:3d:b5:2c:f0:ca:c4:9a:85:0c:07:6e:f6:65:d8:
c3:ca:f9:ff:5a:f2:b7:30:6c:ae:0d:8d:51:43:ec:
be:c5:13:03:b3:c1:35:e5:e9:a7:09:97:34:01:c5:
4a:5a:d1:6e:13:8a:b2:f7:32:56:29:14:86:80:fe:
a5:5d:79:33:72:0d:81:9b:bf:25:3d:bc:d0:cc:65:
db:72:a5:87:17:2c:09:d3:04:82:4f:d8:c8:9d:62:
0f:81:df:9d:00:43:11:07:78:5d:98:40:b0:c5:9d:
96:59:26:9b:fa:df:3d:55:7f:7f:8d:ba:96:0a:5a:
e1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:F6:F6:61:31:2C:95:BF:05:A0:B5:23:0B:13:71:D4:62:2F:D6:27
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.142.0.0/16
192.228.128.0/17
Signature Algorithm: sha256WithRSAEncryption
ae:d8:d8:43:86:57:7f:99:be:6e:87:94:52:5a:9a:e3:4e:12:
53:1d:8f:a4:51:c5:5c:15:9b:0b:69:d7:db:6f:6b:c6:57:96:
9f:12:7c:8e:3f:50:ba:59:67:a6:f9:ef:d2:ed:77:8a:b3:61:
a0:fb:fd:d5:9c:56:ba:fb:47:16:f3:b3:ba:95:11:e5:6f:b2:
64:35:d4:de:72:24:7f:83:d9:59:87:86:c7:f6:64:d7:da:a8:
4b:92:0a:a4:a0:68:df:40:4b:da:71:b7:65:4f:27:fd:26:13:
40:5c:23:e8:ae:3e:54:63:02:ca:bd:76:13:c8:e0:50:bd:c4:
7d:f2:c1:a3:a4:d3:e6:aa:7b:9c:39:3d:71:0c:f5:35:bf:0d:
7a:c0:54:44:de:f8:bd:d9:ed:9a:bc:50:26:11:93:b9:2b:75:
a9:0c:da:b5:fe:62:ed:41:c6:e0:87:6d:b5:48:81:6a:0e:6a:
5e:b8:2d:b8:8a:0b:74:14:6a:77:dc:58:b4:a9:42:e6:b4:b6:
c9:a0:41:37:5f:a1:68:b1:56:74:73:7e:58:63:36:ad:4b:97:
51:e5:04:b3:fa:65:ce:e6:5d:f0:1d:7d:bb:36:8e:fb:8a:67:
08:4e:0f:64:70:34:98:23:04:75:9b:a8:49:09:9d:e4:78:44:
0e:8a:ac:13
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgICdQYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjYwMjI3MDI0ODQ5WhcNMjcwMzMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFFN0JDNDExMC8GA1UEBRMoQTJGNkY2NjEzMTJDOTVCRjA1QTBCNTIz
MEIxMzcxRDQ2MjJGRDYyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKnLjMlqESwHur0FkOXFVgzxok+cN6NNsFEJemO2gs/RW7QvwOgygrZhTWvHC9a/
29Am0ZYTGMBvLPrmiqQK1N+nDW9CLmN6iMrBLK5uHfQdmQzJfZiKsObp2Tv2selV
ch2cBZF1+f19T3qj/286C7gQ06QXwl91caWcE0j6faZTKn80O9Ac3z21LPDKxJqF
DAdu9mXYw8r5/1rytzBsrg2NUUPsvsUTA7PBNeXppwmXNAHFSlrRbhOKsvcyVikU
hoD+pV15M3INgZu/JT280Mxl23KlhxcsCdMEgk/YyJ1iD4HfnQBDEQd4XZhAsMWd
llkmm/rfPVV/f426lgpa4UMCAwEAAaOCAvgwggL0MB0GA1UdDgQWBBSi9vZhMSyV
vwWgtSMLE3HUYi/WJzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTdCQzQvMjYxRDI4MzBENTBEMTFFOUJBRDZDMjI2QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU3QkM0LzI2MUQyODMwRDUwRDExRTlCQUQ2QzIyNkM0RjlBRTAyL292YjJZVEVz
bGI4Rm9MVWpDeE54MUdJdjFpYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAkBggrBgEFBQcBBwEB/wQVMBMw
EQQCAAEwCwMDAKGOAwQHwOSAMA0GCSqGSIb3DQEBCwUAA4IBAQCu2NhDhld/mb5u
h5RSWprjThJTHY+kUcVcFZsLadfbb2vGV5afEnyOP1C6WWem+e/S7XeKs2Gg+/3V
nFa6+0cW87O6lRHlb7JkNdTeciR/g9lZh4bH9mTX2qhLkgqkoGjfQEvacbdlTyf9
JhNAXCPorj5UYwLKvXYTyOBQvcR98sGjpNPmqnucOT1xDPU1vw16wFRE3vi92e2a
vFAmEZO5K3WpDNq1/mLtQcbgh221SIFqDmpeuC24igt0FGp33Fi0qULmtLbJoEE3
X6FosVZ0c35YYzatS5dR5QSz+mXO5l3wHX27No77imcITg9kcDSYIwR1m6hJCZ3k
eEQOiqwT
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:28:42 2026 by rpki-client