Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1bx5CrA3uH3fY5PXQTa_B3odKZ0.cer
File: 1bx5CrA3uH3fY5PXQTa_B3odKZ0.cer (raw, json)
Hash identifier: AjIet62bNFwrAqxdpWZXasjGYrf7HvXAIsj1qMEh+bM=
Subject key identifier: D5:BC:79:0A:B0:37:B8:7D:DF:63:93:D7:41:36:BF:07:7A:1D:29:9D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02959D
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91174ED/143581625D9211F090DF3836C4F9AE02/1bx5CrA3uH3fY5PXQTa_B3odKZ0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91174ED/143581625D9211F090DF3836C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 27 Feb 2026 03:25:14 +0000
Certificate not after: Wed 31 Mar 2027 00:00:00 +0000
Subordinate resources: IP: 202.14.145.0/24
IP: 203.4.148.0/23
IP: 203.16.232.0/23
IP: 203.33.136.0/22
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 14:59:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169373 (0x2959d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Feb 27 03:25:14 2026 GMT
Not After : Mar 31 00:00:00 2027 GMT
Subject: CN=A91174ED, serialNumber=D5BC790AB037B87DDF6393D74136BF077A1D299D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:04:57:cf:13:67:fa:61:70:a3:1a:3c:f1:69:
1c:5a:fd:61:be:bf:c2:1b:f6:8a:1d:7a:3c:98:bb:
1e:48:ad:57:d4:5a:6d:a9:ff:22:a0:9e:f8:0d:6a:
65:d4:36:d3:8c:c1:1f:55:00:79:3d:eb:30:cd:fc:
bf:aa:ba:f2:2a:57:ed:67:70:5c:d0:48:66:7b:73:
e7:22:cd:8f:b3:b0:c5:f5:15:ad:51:50:00:e1:b6:
5f:b0:ff:a5:9d:ac:4b:89:b7:8b:68:92:6a:97:39:
a7:ec:e0:28:49:eb:71:d6:3d:82:4d:79:04:05:97:
f9:b1:7c:57:e7:9d:cf:04:b3:bf:2a:ad:2d:15:bd:
88:22:31:9a:31:74:b3:5a:45:f1:32:55:e7:ed:9b:
42:54:f6:c1:3b:8b:bf:73:4e:97:f2:0a:db:d4:3a:
bc:54:14:60:53:47:0e:3f:fa:69:44:1a:5d:c0:21:
9e:1a:55:31:f0:c6:2c:76:75:ac:51:83:81:43:87:
22:8a:71:2a:db:55:cb:d0:eb:6e:65:02:4e:0b:76:
da:7e:ec:d5:06:c4:5e:b6:d4:b8:5d:03:6b:49:18:
43:4c:e7:92:46:41:e9:e9:17:fc:0b:9e:b4:30:81:
63:36:11:5c:e0:98:6c:54:ea:87:7f:77:41:eb:16:
74:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BC:79:0A:B0:37:B8:7D:DF:63:93:D7:41:36:BF:07:7A:1D:29:9D
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91174ED/143581625D9211F090DF3836C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91174ED/143581625D9211F090DF3836C4F9AE02/1bx5CrA3uH3fY5PXQTa_B3odKZ0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.14.145.0/24
203.4.148.0/23
203.16.232.0/23
203.33.136.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:f4:7d:f4:55:d5:b0:89:94:1a:23:5e:0b:81:61:7c:38:50:
71:3b:35:d8:53:7a:25:db:bb:e2:12:5b:c6:3e:c1:ec:19:7c:
d7:33:ca:a6:20:3f:68:b9:27:8f:3c:91:74:2a:35:70:8e:df:
15:ee:95:98:aa:40:1a:32:12:b1:94:a2:ee:93:67:c9:e8:70:
1e:72:0e:b6:42:82:32:e4:2c:c3:22:e7:cc:6f:8b:93:3c:50:
83:e3:b9:6c:91:78:88:29:f2:97:84:14:c8:57:b4:31:03:31:
6a:dc:db:1b:07:53:9f:d4:53:27:9d:03:04:e4:0b:fe:95:d3:
12:bf:91:0d:06:27:f8:21:e3:dd:74:d3:55:22:76:12:88:bf:
4f:5e:6c:46:2a:f0:cb:5a:1a:0c:e1:2e:de:29:08:a3:7d:f1:
3f:8d:4f:1b:6a:42:d1:11:ea:9d:73:3c:46:7c:10:87:ba:8b:
4a:bc:8e:cd:11:76:6c:09:8b:d7:91:f8:3e:ca:61:49:8e:25:
b5:37:22:5f:5e:06:26:2b:f9:70:b3:a1:73:57:11:f0:1b:1f:
3d:7c:d8:4a:b8:37:7b:d0:61:58:78:0d:7c:86:ae:58:7b:2b:
51:9d:f9:af:54:2a:87:0a:99:ae:2f:29:72:bd:c9:cf:5e:3b:
1f:fd:ea:1b
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgIDApWdMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDIyNzAzMjUxNFoXDTI3MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTc0RUQxMTAvBgNVBAUTKEQ1QkM3OTBBQjAzN0I4N0RERjYzOTNE
NzQxMzZCRjA3N0ExRDI5OUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5BFfPE2f6YXCjGjzxaRxa/WG+v8Ib9oodejyYux5IrVfUWm2p/yKgnvgNamXU
NtOMwR9VAHk96zDN/L+quvIqV+1ncFzQSGZ7c+cizY+zsMX1Fa1RUADhtl+w/6Wd
rEuJt4tokmqXOafs4ChJ63HWPYJNeQQFl/mxfFfnnc8Es78qrS0VvYgiMZoxdLNa
RfEyVeftm0JU9sE7i79zTpfyCtvUOrxUFGBTRw4/+mlEGl3AIZ4aVTHwxix2daxR
g4FDhyKKcSrbVcvQ625lAk4Ldtp+7NUGxF621LhdA2tJGENM55JGQenpF/wLnrQw
gWM2EVzgmGxU6od/d0HrFnRtAgMBAAGjggMFMIIDATAdBgNVHQ4EFgQU1bx5CrA3
uH3fY5PXQTa/B3odKZ0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTE3NEVELzE0MzU4MTYyNUQ5MjExRjA5MERGMzgzNkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExNzRFRC8xNDM1ODE2MjVEOTIxMUYwOTBERjM4MzZDNEY5QUUwMi8xYng1Q3JB
M3VIM2ZZNVBYUVRhX0Izb2RLWjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8EIjAg
MB4EAgABMBgDBADKDpEDBAHLBJQDBAHLEOgDBALLIYgwDQYJKoZIhvcNAQELBQAD
ggEBAK30ffRV1bCJlBojXguBYXw4UHE7NdhTeiXbu+ISW8Y+wewZfNczyqYgP2i5
J488kXQqNXCO3xXulZiqQBoyErGUou6TZ8nocB5yDrZCgjLkLMMi58xvi5M8UIPj
uWyReIgp8peEFMhXtDEDMWrc2xsHU5/UUyedAwTkC/6V0xK/kQ0GJ/gh491001Ui
dhKIv09ebEYq8MtaGgzhLt4pCKN98T+NTxtqQtER6p1zPEZ8EIe6i0q8js0RdmwJ
i9eR+D7KYUmOJbU3Il9eBiYr+XCzoXNXEfAbHz182Eq4N3vQYVh4DXyGrlh7K1Gd
+a9UKocKma4vKXK9yc9eOx/96hs=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:28:07 2026 by rpki-client