Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2xuW4FqY2Ci_V-oKcVWvHTMiPiw.cer
File: 2xuW4FqY2Ci_V-oKcVWvHTMiPiw.cer (raw, json)
Hash identifier: 9lznk8rDwfkAoiWiDgzpTYjYPvNxoa7Y5p5iZES/3x0=
Subject key identifier: DB:1B:96:E0:5A:98:D8:28:BF:57:EA:0A:71:55:AF:1D:33:22:3E:2C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02721F
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A915201D/85B8C29003F111F0AB85EC52C4F9AE02/2xuW4FqY2Ci_V-oKcVWvHTMiPiw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A915201D/85B8C29003F111F0AB85EC52C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 02 Nov 2025 17:10:29 +0000
Certificate not after: Sun 31 Jan 2027 00:00:00 +0000
Subordinate resources: IP: 203.6.152.0/22
IP: 203.21.15.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 12 Nov 2025 16:10:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160287 (0x2721f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 2 17:10:29 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=A915201D, serialNumber=DB1B96E05A98D828BF57EA0A7155AF1D33223E2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f5:21:dc:37:28:7f:e3:a1:a1:3a:f5:1b:62:
2e:10:98:b8:c1:18:70:31:a9:54:fb:c0:3e:66:7c:
d1:f8:0a:fa:99:47:8a:c4:0e:43:ac:6e:54:a2:bd:
33:98:43:bd:f4:7e:a9:fb:94:df:3a:17:d2:6a:ca:
5a:38:75:64:eb:04:1b:fe:5e:40:37:d9:dd:42:cd:
b2:47:e6:4a:7b:80:e5:cb:a4:31:ae:af:2e:ac:90:
3f:69:ae:cd:ae:7a:49:e0:e8:e8:cf:ba:b1:33:6b:
b7:40:12:73:79:cf:77:23:6e:13:f1:9a:07:9d:e3:
a3:fe:d5:3e:70:37:0e:ac:0b:5a:6c:e1:63:24:7b:
ea:73:65:f2:bd:2c:9c:2b:7e:96:5f:c1:c6:e0:21:
a1:ac:6a:67:c6:8b:2c:86:9e:32:d2:ff:15:82:dd:
5a:bb:24:03:e3:e5:5b:2c:63:75:67:bf:4b:3a:63:
f2:b8:0c:1e:be:dc:fb:13:10:ba:c4:a5:34:4f:72:
0c:c4:a7:59:3a:5a:2a:48:c2:84:6e:ca:f1:fd:d4:
09:c5:05:e9:9e:b5:fd:95:b0:77:44:b2:38:f4:f5:
fa:bb:17:05:e7:94:6f:bd:7a:48:54:97:2b:78:a6:
2c:34:f8:aa:da:ad:79:e1:a5:3b:25:9f:28:5d:98:
b7:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1B:96:E0:5A:98:D8:28:BF:57:EA:0A:71:55:AF:1D:33:22:3E:2C
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A915201D/85B8C29003F111F0AB85EC52C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A915201D/85B8C29003F111F0AB85EC52C4F9AE02/2xuW4FqY2Ci_V-oKcVWvHTMiPiw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.6.152.0/22
203.21.15.0/24
Signature Algorithm: sha256WithRSAEncryption
36:18:cf:09:c4:4a:97:ff:fa:fe:bb:cf:37:58:25:32:37:72:
4b:2e:9b:af:9b:56:0a:da:d5:66:29:46:20:c3:4a:de:57:e5:
74:06:02:68:60:f1:54:5b:ef:fc:8c:2a:e9:54:e2:ff:e5:43:
15:d4:d0:8d:25:b0:de:bd:bd:0c:76:b5:e1:92:34:fa:bb:e3:
db:94:07:45:0b:e5:c7:e9:0a:ea:b1:86:76:74:72:87:3a:3b:
44:fb:84:24:e8:83:71:c6:cb:95:08:a5:01:27:f0:c5:a7:aa:
44:6f:92:90:51:b6:3e:00:84:04:86:1f:ed:b7:38:2a:3f:86:
f7:ff:ce:dd:a3:51:2a:1e:6c:29:06:bb:3c:4d:3e:1a:f9:36:
05:41:9e:5e:ae:48:39:8e:2b:46:bd:ab:9c:fe:6c:69:af:a8:
6c:65:22:31:d8:42:48:cd:a5:d5:07:c1:af:e8:08:35:58:42:
40:58:94:ef:46:0e:98:5a:46:0d:1c:61:f0:4f:59:dd:56:c9:
7f:0a:c6:5a:9c:ff:9b:a2:97:77:62:50:75:f2:e5:22:8c:ee:
87:ad:8f:d8:f0:78:c2:1b:f3:89:d3:bf:6f:f0:38:29:38:96:
fd:e0:45:c9:17:e2:19:ea:26:61:4c:7a:07:2e:07:9c:a8:91:
c8:4a:ed:3d
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgIDAnIfMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MTEwMjE3MTAyOVoXDTI3MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTIwMUQxMTAvBgNVBAUTKERCMUI5NkUwNUE5OEQ4MjhCRjU3RUEw
QTcxNTVBRjFEMzMyMjNFMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDW9SHcNyh/46GhOvUbYi4QmLjBGHAxqVT7wD5mfNH4CvqZR4rEDkOsblSivTOY
Q730fqn7lN86F9Jqylo4dWTrBBv+XkA32d1CzbJH5kp7gOXLpDGury6skD9prs2u
ekng6OjPurEza7dAEnN5z3cjbhPxmged46P+1T5wNw6sC1ps4WMke+pzZfK9LJwr
fpZfwcbgIaGsamfGiyyGnjLS/xWC3Vq7JAPj5VssY3Vnv0s6Y/K4DB6+3PsTELrE
pTRPcgzEp1k6WipIwoRuyvH91AnFBemetf2VsHdEsjj09fq7FwXnlG+9ekhUlyt4
piw0+KrarXnhpTslnyhdmLczAgMBAAGjggL5MIIC9TAdBgNVHQ4EFgQU2xuW4FqY
2Ci/V+oKcVWvHTMiPiwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTUyMDFELzg1QjhDMjkwMDNGMTExRjBBQjg1RUM1MkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1MjAxRC84NUI4QzI5MDAzRjExMUYwQUI4NUVDNTJDNEY5QUUwMi8yeHVXNEZx
WTJDaV9WLW9LY1ZXdkhUTWlQaXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8EFjAU
MBIEAgABMAwDBALLBpgDBADLFQ8wDQYJKoZIhvcNAQELBQADggEBADYYzwnESpf/
+v67zzdYJTI3cksum6+bVgra1WYpRiDDSt5X5XQGAmhg8VRb7/yMKulU4v/lQxXU
0I0lsN69vQx2teGSNPq749uUB0UL5cfpCuqxhnZ0coc6O0T7hCTog3HGy5UIpQEn
8MWnqkRvkpBRtj4AhASGH+23OCo/hvf/zt2jUSoebCkGuzxNPhr5NgVBnl6uSDmO
K0a9q5z+bGmvqGxlIjHYQkjNpdUHwa/oCDVYQkBYlO9GDphaRg0cYfBPWd1WyX8K
xlqc/5uil3diUHXy5SKM7oetj9jweMIb84nTv2/wOCk4lv3gRckX4hnqJmFMegcu
B5yokchK7T0=
-----END CERTIFICATE-----
Generated at Wed Nov 5 17:51:06 2025 by rpki-client