Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2dZffzYJDEAbzyDUvIDEPw3Fkz0.cer
File: 2dZffzYJDEAbzyDUvIDEPw3Fkz0.cer (raw, json)
Hash identifier: mJTfRl6+D46CXp2aom61wsXBPDMX1n2Pn1/Eq/hGd3E=
Subject key identifier: D9:D6:5F:7F:36:09:0C:40:1B:CF:20:D4:BC:80:C4:3F:0D:C5:93:3D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023DDB
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91C2B93/3AC874EE014311EF825A6465C4F9AE02/2dZffzYJDEAbzyDUvIDEPw3Fkz0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91C2B93/3AC874EE014311EF825A6465C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 08 Apr 2025 19:36:13 +0000
Certificate not after: Thu 28 May 2026 00:00:00 +0000
Subordinate resources: AS: 137914
IP: 202.27.128.0/23
IP: 202.50.180.0/22
IP: 203.26.160.0/21
IP: 2001:df6:ee80::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 20:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146907 (0x23ddb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 8 19:36:13 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=A91C2B93, serialNumber=D9D65F7F36090C401BCF20D4BC80C43F0DC5933D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a9:54:51:9e:f9:28:be:ef:8b:fd:76:7e:0a:
d4:7a:03:64:b7:0e:f4:9b:d7:bb:21:f3:72:72:1c:
c7:13:11:8c:b7:e6:ac:fd:a6:b1:3c:93:82:f6:28:
46:05:92:20:61:c8:6b:72:05:87:e9:29:c0:4b:55:
49:12:19:da:b4:4c:d3:6c:15:cc:fc:1c:c5:d4:33:
b5:79:ea:51:81:95:8c:27:1d:98:b1:70:b3:21:f8:
c4:c4:bb:0e:39:47:d1:4d:97:7d:76:0e:04:4b:84:
3d:f4:03:f8:af:cd:a4:df:b3:b8:85:32:63:89:2b:
7d:12:37:e7:df:f9:4b:f3:3c:94:50:8b:4f:3f:08:
1d:9a:36:46:99:b1:01:67:06:b8:2a:33:c6:ab:f8:
9b:58:5e:96:35:92:92:cc:e2:1e:ea:2a:d7:53:da:
53:c5:aa:ec:db:07:aa:ba:10:98:da:95:ad:6e:7d:
f2:26:a9:4b:23:11:03:b3:ce:bc:ee:b0:bd:8a:cf:
aa:a6:85:1d:0e:4f:ac:15:c1:66:8e:ae:75:c0:1c:
36:90:7f:28:21:6e:68:cc:71:68:42:b3:73:d8:fb:
a5:8a:c0:98:f0:fa:3c:26:2e:21:d2:8d:19:80:47:
08:b9:bd:76:a8:e1:93:51:16:8c:a1:97:52:53:ff:
82:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D6:5F:7F:36:09:0C:40:1B:CF:20:D4:BC:80:C4:3F:0D:C5:93:3D
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C2B93/3AC874EE014311EF825A6465C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C2B93/3AC874EE014311EF825A6465C4F9AE02/2dZffzYJDEAbzyDUvIDEPw3Fkz0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
137914
sbgp-ipAddrBlock: critical
IPv4:
202.27.128.0/23
202.50.180.0/22
203.26.160.0/21
IPv6:
2001:df6:ee80::/48
Signature Algorithm: sha256WithRSAEncryption
a1:93:ff:65:04:e4:7e:06:a5:ce:14:ba:08:c7:84:3b:88:11:
54:78:6d:f0:86:e4:e9:4e:ca:5d:ec:59:d8:d8:c8:b4:c3:a5:
01:14:ee:18:0c:80:f2:a2:3f:1c:72:93:b0:9d:89:f7:cd:d6:
07:59:1a:4e:d8:14:2f:41:22:31:58:7a:2c:94:3e:fb:7d:0a:
3d:63:5b:14:5c:36:61:6e:98:0d:9b:33:8b:50:8c:cf:2f:3b:
73:67:1b:87:0d:ac:e5:37:4b:ac:e1:ec:1f:96:9e:41:ef:21:
ee:ac:f0:2a:34:36:69:f8:73:8b:8e:e6:d9:fc:39:30:75:65:
44:37:22:33:db:9d:85:01:d9:7c:52:40:e1:29:b0:42:e3:3e:
87:b0:fa:e1:70:5a:65:10:34:6d:e2:fa:c8:95:d9:20:6e:a0:
39:68:c6:9b:9c:60:cf:f3:23:5e:20:78:d6:5f:22:14:49:52:
9f:b1:d6:2d:8c:4a:c2:e7:91:b5:28:56:db:12:0d:6f:1d:7e:
d5:3b:17:0a:2c:46:e3:35:c7:e1:aa:bb:93:92:26:9d:ec:44:
df:81:75:06:62:6e:4f:f4:29:f3:f6:6a:58:f0:15:2d:76:87:
6d:2b:1e:b4:c0:8f:64:04:49:44:4a:93:ec:00:98:c7:a3:e4:
0d:d7:31:3f
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgIDAj3bMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDQwODE5MzYxM1oXDTI2MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzJCOTMxMTAvBgNVBAUTKEQ5RDY1RjdGMzYwOTBDNDAxQkNGMjBE
NEJDODBDNDNGMERDNTkzM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5qVRRnvkovu+L/XZ+CtR6A2S3DvSb17sh83JyHMcTEYy35qz9prE8k4L2KEYF
kiBhyGtyBYfpKcBLVUkSGdq0TNNsFcz8HMXUM7V56lGBlYwnHZixcLMh+MTEuw45
R9FNl312DgRLhD30A/ivzaTfs7iFMmOJK30SN+ff+UvzPJRQi08/CB2aNkaZsQFn
BrgqM8ar+JtYXpY1kpLM4h7qKtdT2lPFquzbB6q6EJjala1uffImqUsjEQOzzrzu
sL2Kz6qmhR0OT6wVwWaOrnXAHDaQfyghbmjMcWhCs3PY+6WKwJjw+jwmLiHSjRmA
Rwi5vXao4ZNRFoyhl1JT/4KzAgMBAAGjggMsMIIDKDAdBgNVHQ4EFgQU2dZffzYJ
DEAbzyDUvIDEPw3Fkz0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUMyQjkzLzNBQzg3NEVFMDE0MzExRUY4MjVBNjQ2NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDMkI5My8zQUM4NzRFRTAxNDMxMUVGODI1QTY0NjVDNEY5QUUwMi8yZFpmZnpZ
SkRFQWJ6eURVdklERVB3M0ZrejAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhq6MDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQByhuAAwQCyjK0
AwQDyxqgMA8EAgACMAkDBwAgAQ327oAwDQYJKoZIhvcNAQELBQADggEBAKGT/2UE
5H4Gpc4UugjHhDuIEVR4bfCG5OlOyl3sWdjYyLTDpQEU7hgMgPKiPxxyk7CdiffN
1gdZGk7YFC9BIjFYeiyUPvt9Cj1jWxRcNmFumA2bM4tQjM8vO3NnG4cNrOU3S6zh
7B+WnkHvIe6s8Co0Nmn4c4uO5tn8OTB1ZUQ3IjPbnYUB2XxSQOEpsELjPoew+uFw
WmUQNG3i+siV2SBuoDloxpucYM/zI14geNZfIhRJUp+x1i2MSsLnkbUoVtsSDW8d
ftU7FwosRuM1x+Gqu5OSJp3sRN+BdQZibk/0KfP2aljwFS12h20rHrTAj2QESURK
k+wAmMej5A3XMT8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:41:27 2025 by rpki-client