Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vY48wqk9XbzYQnUJc4oxS_kMiH0.cer
File: vY48wqk9XbzYQnUJc4oxS_kMiH0.cer (raw, json)
Hash identifier: rx00O9bVb87JTsSY1kmLuHigj0llyUuzE1qllEYxiIo=
Subject key identifier: BD:8E:3C:C2:A9:3D:5D:BC:D8:42:75:09:73:8A:31:4B:F9:0C:88:7D
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6D68
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91BFE76/D9E4C4CCB92711F0B80EC45EC4F9AE02/vY48wqk9XbzYQnUJc4oxS_kMiH0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91BFE76/D9E4C4CCB92711F0B80EC45EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 04 Nov 2025 02:42:11 +0000
Certificate not after: Wed 30 Dec 2026 00:00:00 +0000
Subordinate resources: IP: 138.252.8.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 11 Nov 2025 14:35:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28008 (0x6d68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Nov 4 02:42:11 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=A91BFE76, serialNumber=BD8E3CC2A93D5DBCD8427509738A314BF90C887D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:57:06:e8:d2:ca:8f:9e:d4:5d:c4:c8:2f:a6:
cd:71:db:b0:7d:ad:37:a8:40:ed:9f:55:ad:df:0a:
e3:19:57:a9:f7:dc:8c:27:a6:e2:09:ad:5f:9c:60:
93:46:a2:bb:df:5f:fb:78:26:97:24:73:40:db:0f:
90:3d:19:61:47:46:2e:6e:51:ca:32:7b:51:50:62:
12:ea:a8:34:5f:3e:88:d3:8a:0a:07:72:ac:30:ee:
26:e7:6d:b1:7e:2a:31:f0:46:cd:7e:a9:d5:d9:0c:
4f:7d:f8:32:4d:35:76:46:06:0e:f9:2f:79:31:70:
fc:fe:d3:0e:fa:20:09:b2:da:dc:cc:c6:0a:35:75:
f6:74:d1:e6:e1:8c:b8:92:9e:8d:35:8c:e6:e3:e5:
44:df:e7:8d:b6:88:57:d6:73:b0:6c:23:0f:f3:39:
97:fc:ab:c4:42:89:ef:e7:d3:73:f7:2e:ca:a4:38:
3f:82:ed:ac:6f:60:8e:74:5d:44:59:24:e2:b7:0f:
ab:20:b0:4b:0a:93:e1:64:7e:a6:23:68:51:1f:3e:
4a:e3:21:4a:22:69:21:04:d4:9a:82:70:b0:0c:f5:
f6:8e:eb:46:a7:ed:3f:68:75:6b:08:e9:b9:da:f2:
6d:35:07:32:ad:0a:3b:b7:16:f5:dc:2d:d2:29:c5:
3b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:8E:3C:C2:A9:3D:5D:BC:D8:42:75:09:73:8A:31:4B:F9:0C:88:7D
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91BFE76/D9E4C4CCB92711F0B80EC45EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91BFE76/D9E4C4CCB92711F0B80EC45EC4F9AE02/vY48wqk9XbzYQnUJc4oxS_kMiH0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
138.252.8.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:46:62:cb:43:42:3f:3d:9a:4b:93:be:6d:a4:33:e7:80:9b:
04:d2:11:67:e7:2d:89:40:71:0e:4a:77:14:bf:80:a1:e8:81:
cf:a2:8b:64:48:79:b8:9c:96:74:66:40:b6:71:1e:57:3f:43:
38:25:7a:fb:6b:1a:cf:49:4d:af:dc:7e:c5:25:3b:ad:4e:6d:
42:4c:2e:70:c6:bf:ec:2e:1b:18:a4:30:59:da:3e:42:22:dd:
4a:6c:47:b6:3a:0f:55:d7:1f:4a:54:46:c9:18:8a:1a:c8:07:
3e:08:1c:34:20:8a:d8:f3:ab:85:e5:d6:60:bb:c1:25:30:e4:
a4:4c:ba:89:5d:fe:0c:b1:3a:bf:43:d5:c5:bb:9e:09:6c:b2:
f0:88:b0:bc:f1:f7:3c:39:21:f6:f9:c3:40:6a:a7:fe:6e:7f:
21:d8:fe:af:61:0b:f2:29:3c:28:ad:e9:c9:24:7f:32:e2:72:
e7:29:60:34:17:db:e6:90:43:8a:c4:34:b0:86:10:0c:97:13:
ff:c6:8e:51:5e:09:dc:32:e0:5f:e0:6c:8a:27:b3:88:cf:3f:
31:b6:9f:82:bb:6b:eb:49:d8:41:9b:71:fd:e9:0c:8d:76:36:
40:6f:fd:ec:a3:ba:a0:a0:34:a9:0e:b0:96:06:16:eb:65:67:
9e:19:ec:38
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICbWgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUxMTA0MDI0MjExWhcNMjYxMjMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFCRkU3NjExMC8GA1UEBRMoQkQ4RTNDQzJBOTNENURCQ0Q4NDI3NTA5
NzM4QTMxNEJGOTBDODg3RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANpXBujSyo+e1F3EyC+mzXHbsH2tN6hA7Z9Vrd8K4xlXqffcjCem4gmtX5xgk0ai
u99f+3gmlyRzQNsPkD0ZYUdGLm5RyjJ7UVBiEuqoNF8+iNOKCgdyrDDuJudtsX4q
MfBGzX6p1dkMT334Mk01dkYGDvkveTFw/P7TDvogCbLa3MzGCjV19nTR5uGMuJKe
jTWM5uPlRN/njbaIV9ZzsGwjD/M5l/yrxEKJ7+fTc/cuyqQ4P4LtrG9gjnRdRFkk
4rcPqyCwSwqT4WR+piNoUR8+SuMhSiJpIQTUmoJwsAz19o7rRqftP2h1awjpudry
bTUHMq0KO7cW9dwt0inFOzcCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBS9jjzCqT1d
vNhCdQlzijFL+QyIfTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkZFNzYvRDlFNEM0Q0NCOTI3MTFGMEI4MEVDNDVFQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUJGRTc2L0Q5RTRDNENDQjkyNzExRjBCODBFQzQ1RUM0RjlBRTAyL3ZZNDh3cWs5
WGJ6WVFuVUpjNG94U19rTWlIMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAYr8CDANBgkqhkiG9w0BAQsFAAOCAQEAP0Ziy0NCPz2aS5O+baQz
54CbBNIRZ+ctiUBxDkp3FL+AoeiBz6KLZEh5uJyWdGZAtnEeVz9DOCV6+2saz0lN
r9x+xSU7rU5tQkwucMa/7C4bGKQwWdo+QiLdSmxHtjoPVdcfSlRGyRiKGsgHPggc
NCCK2POrheXWYLvBJTDkpEy6iV3+DLE6v0PVxbueCWyy8IiwvPH3PDkh9vnDQGqn
/m5/Idj+r2EL8ik8KK3pySR/MuJy5ylgNBfb5pBDisQ0sIYQDJcT/8aOUV4J3DLg
X+BsiieziM8/Mbafgrtr60nYQZtx/ekMjXY2QG/97KO6oKA0qQ6wlgYW62Vnnhns
OA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:58:56 2025 by rpki-client