Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ui7CgastOxZ_EqMb5h7CfRUbHvs.cer
File: ui7CgastOxZ_EqMb5h7CfRUbHvs.cer (raw, json)
Hash identifier: RXD+fgRESvlOkc3oket4oSor/ZA6aJuxg+ZIc8024vo=
Subject key identifier: BA:2E:C2:81:AB:2D:3B:16:7F:12:A3:1B:E6:1E:C2:7D:15:1B:1E:FB
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 7C4E
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rsync.cernet.net/repo/cernet/1/BA2EC281AB2D3B167F12A31BE61EC27D151B1EFB.mft
caRepository: rsync://rsync.cernet.net/repo/cernet/1/
Notify URL: https://rpki.cernet.net/rrdp/notification.xml
Certificate not before: Wed 03 Jun 2026 06:42:10 +0000
Certificate not after: Wed 30 Sep 2026 00:00:00 +0000
Subordinate resources: IP: 162.105.0.0/16
IP: 166.111.0.0/16
IP: 192.124.154.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 22 Jun 2026 01:32:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31822 (0x7c4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Jun 3 06:42:10 2026 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=A91E5D610001, serialNumber=BA2EC281AB2D3B167F12A31BE61EC27D151B1EFB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d5:e2:7f:7d:ed:57:f7:4f:47:89:ae:88:7d:
8a:1c:10:1f:e1:15:e9:d4:f0:7c:00:4b:c7:c4:08:
54:9d:7d:56:3c:e8:8e:2a:7d:d6:d4:b4:5a:d9:1a:
10:a2:7d:d9:95:07:b1:0a:44:fd:5b:69:d7:c1:8b:
29:7a:05:71:46:55:5c:37:ed:6b:0f:ca:dd:7e:33:
c5:0f:0c:99:18:e8:dc:23:a3:5a:97:c2:59:a1:6e:
24:7f:e6:42:d0:cd:c7:18:ce:05:7e:4b:52:9b:03:
6e:cc:15:3d:18:35:28:69:ea:08:8e:51:32:a4:39:
35:96:3f:62:bb:67:ab:bb:36:cc:21:93:4b:c4:0a:
25:11:4a:b8:12:6a:6e:7f:b7:6c:33:33:ef:86:4b:
b4:31:05:54:b3:41:09:2c:6b:13:f2:77:44:87:7c:
69:ff:ee:6e:dd:ec:e4:3c:f9:4b:ec:a6:f2:33:59:
d5:cd:45:d9:fd:78:95:41:94:e8:86:75:a6:d7:04:
50:4d:4c:44:ae:2c:18:00:52:57:d0:90:d2:9a:e2:
9e:d4:0f:4d:7a:a1:82:9a:76:c8:95:9c:44:06:fd:
c5:e8:b1:b0:db:5e:7b:69:8c:42:74:cc:11:cd:0e:
c7:ae:4a:bb:3b:15:28:e3:fa:35:37:c1:6a:d4:bb:
5e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:2E:C2:81:AB:2D:3B:16:7F:12:A3:1B:E6:1E:C2:7D:15:1B:1E:FB
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rsync.cernet.net/repo/cernet/1/
RPKI Manifest - URI:rsync://rsync.cernet.net/repo/cernet/1/BA2EC281AB2D3B167F12A31BE61EC27D151B1EFB.mft
RPKI Notify - URI:https://rpki.cernet.net/rrdp/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
162.105.0.0/16
166.111.0.0/16
192.124.154.0/24
Signature Algorithm: sha256WithRSAEncryption
07:e7:37:8e:63:0b:bf:2d:a1:b4:08:36:4c:8c:d7:ba:2d:a3:
52:3a:74:a0:b4:22:4d:df:07:f5:a7:28:b6:99:a2:37:d2:cb:
8c:ea:ad:10:c0:6c:32:d8:46:cf:7c:b8:ca:44:f5:a9:6d:03:
33:2d:48:3a:c9:ba:0c:34:ce:ab:3a:05:4b:21:3f:c9:f1:7c:
e4:a9:1e:90:68:f5:23:56:e6:8b:25:c7:7e:81:3b:83:37:75:
7f:33:cf:95:c4:35:d7:e4:4d:01:13:84:8a:21:e1:76:5f:12:
28:ee:11:3c:24:9d:78:fc:83:b3:0e:2b:af:bb:84:6a:58:e4:
c7:ed:88:5c:14:28:01:26:a7:ff:97:19:ab:5f:1d:15:ba:7e:
bb:9d:f8:14:2d:54:85:e7:d0:ad:a4:6a:57:c9:b1:55:ac:d8:
f7:f3:77:db:ae:30:4e:ce:c5:4c:13:03:60:b1:5b:36:d8:9c:
1d:2e:79:09:0b:11:7e:f4:e5:ee:d3:97:fd:3e:78:ee:25:76:
50:fd:a8:12:41:31:4f:c8:6d:48:af:45:23:b8:91:a0:5e:cf:
7a:f6:10:a6:48:f8:08:b1:97:4a:ff:8d:69:61:5e:24:a1:aa:
7f:fc:d4:40:7e:ba:d7:85:73:c9:49:5e:d4:ee:d9:2f:44:b3:
ed:8b:69:c2
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgICfE4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjYwNjAzMDY0MjEwWhcNMjYwOTMwMDAwMDAwWjBKMRUwEwYD
VQQDEwxBOTFFNUQ2MTAwMDExMTAvBgNVBAUTKEJBMkVDMjgxQUIyRDNCMTY3RjEy
QTMxQkU2MUVDMjdEMTUxQjFFRkIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCq1eJ/fe1X909Hia6IfYocEB/hFenU8HwAS8fECFSdfVY86I4qfdbUtFrZ
GhCifdmVB7EKRP1badfBiyl6BXFGVVw37WsPyt1+M8UPDJkY6Nwjo1qXwlmhbiR/
5kLQzccYzgV+S1KbA27MFT0YNShp6giOUTKkOTWWP2K7Z6u7Nswhk0vECiURSrgS
am5/t2wzM++GS7QxBVSzQQksaxPyd0SHfGn/7m7d7OQ8+UvspvIzWdXNRdn9eJVB
lOiGdabXBFBNTESuLBgAUlfQkNKa4p7UD016oYKadsiVnEQG/cXosbDbXntpjEJ0
zBHNDseuSrs7FSjj+jU3wWrUu16xAgMBAAGjggK1MIICsTAdBgNVHQ4EFgQUui7C
gastOxZ/EqMb5h7CfRUbHvswHwYDVR0jBBgwFoAUdAFlqA0QcZcKvAnAK3HBrHwd
bg4wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBo
oGagZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIw
MUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL2RBRmxxQTBRY1pjS3ZBbkFLM0hCckh3
ZGJnNC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUy
MUE0RjRGQjQvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0LmNlcjBKBgNVHSAB
Af8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFw
bmljLm5ldC9SUEtJL0NQUy5wZGYwgeEGCCsGAQUFBwELBIHUMIHRMDMGCCsGAQUF
BzAFhidyc3luYzovL3JzeW5jLmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMS8wXwYI
KwYBBQUHMAqGU3JzeW5jOi8vcnN5bmMuY2VybmV0Lm5ldC9yZXBvL2Nlcm5ldC8x
L0JBMkVDMjgxQUIyRDNCMTY3RjEyQTMxQkU2MUVDMjdEMTUxQjFFRkIubWZ0MDkG
CCsGAQUFBzANhi1odHRwczovL3Jwa2kuY2VybmV0Lm5ldC9ycmRwL25vdGlmaWNh
dGlvbi54bWwwKQYIKwYBBQUHAQcBAf8EGjAYMBYEAgABMBADAwCiaQMDAKZvAwQA
wHyaMA0GCSqGSIb3DQEBCwUAA4IBAQAH5zeOYwu/LaG0CDZMjNe6LaNSOnSgtCJN
3wf1pyi2maI30suM6q0QwGwy2EbPfLjKRPWpbQMzLUg6yboMNM6rOgVLIT/J8Xzk
qR6QaPUjVuaLJcd+gTuDN3V/M8+VxDXX5E0BE4SKIeF2XxIo7hE8JJ14/IOzDiuv
u4RqWOTH7YhcFCgBJqf/lxmrXx0Vun67nfgULVSF59CtpGpXybFVrNj383fbrjBO
zsVMEwNgsVs22JwdLnkJCxF+9OXu05f9PnjuJXZQ/agSQTFPyG1Ir0UjuJGgXs96
9hCmSPgIsZdK/41pYV4koap//NRAfrrXhXPJSV7U7tkvRLPti2nC
-----END CERTIFICATE-----
Generated at Wed Jun 17 12:24:14 2026 by rpki-client