Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/38qP2qX--Ujg7Pb5xwNjm1ZTnZk.cer
File: 38qP2qX--Ujg7Pb5xwNjm1ZTnZk.cer (raw, json)
Hash identifier: ZXQGo9L0NFle0P6pQo8itmFVraNZjQdKDABKbAsFcOw=
Subject key identifier: DF:CA:8F:DA:A5:FE:F9:48:E0:EC:F6:F9:C7:03:63:9B:56:53:9D:99
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025ACB
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91516FF/2DA55912141611F0A8523219C4F9AE02/38qP2qX--Ujg7Pb5xwNjm1ZTnZk.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91516FF/2DA55912141611F0A8523219C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 04 Aug 2025 00:05:23 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 153315
IP: 103.207.30.0/23
IP: 202.40.164.0/22
IP: 2401:c0e0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154315 (0x25acb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 4 00:05:23 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A91516FF, serialNumber=DFCA8FDAA5FEF948E0ECF6F9C703639B56539D99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e1:04:56:10:c0:4a:0d:f4:e0:18:c4:72:88:
97:f0:77:0e:9b:93:6b:3f:1f:a3:6f:19:88:ca:14:
f1:2a:b3:16:49:20:04:23:71:c7:b0:bf:b4:8b:3f:
34:4a:ff:37:b8:14:53:97:40:e2:75:10:4c:f3:f4:
b1:c8:c1:87:e3:56:b6:08:08:07:86:0e:03:0f:8a:
b2:26:82:b8:aa:19:a8:6f:4c:cb:64:9f:5d:ed:58:
24:6d:b7:95:66:c5:07:5f:c0:19:ed:7a:37:87:47:
f0:58:5e:ff:ab:74:d5:d8:2a:79:8e:1b:86:e4:f4:
43:20:76:f8:12:d6:05:f3:01:4c:5e:89:71:6e:fe:
4c:dd:3e:36:51:bf:84:5f:a1:83:d5:c0:f9:65:04:
80:bc:d6:d6:6c:89:78:4f:cf:8d:b4:b5:bb:fe:1f:
25:5f:d1:37:1a:b3:55:7b:17:c5:28:6d:56:cb:32:
92:0f:89:ee:1d:f6:0f:f4:c0:73:77:27:1b:8f:44:
71:25:3e:b4:71:e9:40:f5:c8:f5:56:6b:36:9a:ee:
13:c5:6d:96:36:91:01:55:44:97:f7:b7:6c:fe:c9:
6c:29:45:9d:c2:1c:3a:7b:c5:5e:69:84:f6:ef:89:
ed:f4:9a:f5:77:da:28:ed:e9:73:8e:40:4d:8a:68:
f7:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:CA:8F:DA:A5:FE:F9:48:E0:EC:F6:F9:C7:03:63:9B:56:53:9D:99
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91516FF/2DA55912141611F0A8523219C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91516FF/2DA55912141611F0A8523219C4F9AE02/38qP2qX--Ujg7Pb5xwNjm1ZTnZk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
153315
sbgp-ipAddrBlock: critical
IPv4:
103.207.30.0/23
202.40.164.0/22
IPv6:
2401:c0e0::/32
Signature Algorithm: sha256WithRSAEncryption
10:58:8f:3f:81:ac:90:ac:c2:b0:b4:e0:8d:a8:8e:26:ca:cd:
4f:8b:d2:3c:02:6f:be:3f:b9:11:79:67:1c:c9:e3:e5:72:6f:
08:5d:1f:25:76:b0:9e:bc:70:4f:ef:57:f8:09:37:4e:19:a0:
88:28:70:76:14:37:e0:df:f3:21:36:e6:da:55:39:4d:45:f4:
cf:14:0e:de:ae:20:c9:a8:dd:30:08:fa:8c:16:6e:3c:7d:4a:
dd:7b:b0:19:16:17:62:e3:79:a4:78:c9:9a:76:fe:7d:aa:1a:
2e:54:15:d5:a0:77:96:25:66:a1:4b:77:ae:4b:20:eb:dd:72:
a1:f8:fc:4f:7e:6c:76:14:0c:e2:cf:b7:6c:9c:16:b8:f7:c5:
e9:52:33:bb:83:44:0b:ad:be:9a:11:91:ec:ef:c9:ac:83:cc:
f8:d0:d7:61:54:9b:62:4f:26:12:71:fa:87:10:c8:06:d0:86:
4f:94:f8:b8:ad:28:44:40:99:ee:24:a4:ae:56:01:d6:03:60:
ef:08:5d:a2:02:f1:76:48:d6:7a:d9:0e:94:17:bd:33:82:09:
3f:d0:7b:e6:dc:21:e1:55:d2:50:7e:c0:08:75:0f:3f:9d:dc:
6f:62:24:d4:ad:65:6e:3c:41:2d:35:42:3e:73:02:be:9d:d0:
29:7c:a0:60
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAlrLMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgwNDAwMDUyM1oXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTE2RkYxMTAvBgNVBAUTKERGQ0E4RkRBQTVGRUY5NDhFMEVDRjZG
OUM3MDM2MzlCNTY1MzlEOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDj4QRWEMBKDfTgGMRyiJfwdw6bk2s/H6NvGYjKFPEqsxZJIAQjccewv7SLPzRK
/ze4FFOXQOJ1EEzz9LHIwYfjVrYICAeGDgMPirImgriqGahvTMtkn13tWCRtt5Vm
xQdfwBntejeHR/BYXv+rdNXYKnmOG4bk9EMgdvgS1gXzAUxeiXFu/kzdPjZRv4Rf
oYPVwPllBIC81tZsiXhPz420tbv+HyVf0Tcas1V7F8UobVbLMpIPie4d9g/0wHN3
JxuPRHElPrRx6UD1yPVWazaa7hPFbZY2kQFVRJf3t2z+yWwpRZ3CHDp7xV5phPbv
ie30mvV32ijt6XOOQE2KaPevAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQU38qP2qX+
+Ujg7Pb5xwNjm1ZTnZkwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTUxNkZGLzJEQTU1OTEyMTQxNjExRjBBODUyMzIxOUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1MTZGRi8yREE1NTkxMjE0MTYxMUYwQTg1MjMyMTlDNEY5QUUwMi8zOHFQMnFY
LS1Vamc3UGI1eHdOam0xWlRuWmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlbjMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBZ88eAwQCyiik
MA0EAgACMAcDBQAkAcDgMA0GCSqGSIb3DQEBCwUAA4IBAQAQWI8/gayQrMKwtOCN
qI4mys1Pi9I8Am++P7kReWccyePlcm8IXR8ldrCevHBP71f4CTdOGaCIKHB2FDfg
3/MhNubaVTlNRfTPFA7eriDJqN0wCPqMFm48fUrde7AZFhdi43mkeMmadv59qhou
VBXVoHeWJWahS3euSyDr3XKh+PxPfmx2FAziz7dsnBa498XpUjO7g0QLrb6aEZHs
78msg8z40NdhVJtiTyYScfqHEMgG0IZPlPi4rShEQJnuJKSuVgHWA2DvCF2iAvF2
SNZ62Q6UF70zggk/0Hvm3CHhVdJQfsAIdQ8/ndxvYiTUrWVuPEEtNUI+cwK+ndAp
fKBg
-----END CERTIFICATE-----
Generated at Sat Aug 9 10:39:29 2025 by rpki-client