Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/38qP2qX--Ujg7Pb5xwNjm1ZTnZk.cer
File: 38qP2qX--Ujg7Pb5xwNjm1ZTnZk.cer (raw, json)
Hash identifier: jP8v71vGYduD9J4WsKfjfZGZpLR7O4m2dGm/NPRPago=
Subject key identifier: DF:CA:8F:DA:A5:FE:F9:48:E0:EC:F6:F9:C7:03:63:9B:56:53:9D:99
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023DA0
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91516FF/2DA55912141611F0A8523219C4F9AE02/38qP2qX--Ujg7Pb5xwNjm1ZTnZk.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91516FF/2DA55912141611F0A8523219C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 08 Apr 2025 01:09:58 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 153315
IP: 202.40.164.0/22
IP: 2401:c0e0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 20:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146848 (0x23da0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 8 01:09:58 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A91516FF, serialNumber=DFCA8FDAA5FEF948E0ECF6F9C703639B56539D99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e1:04:56:10:c0:4a:0d:f4:e0:18:c4:72:88:
97:f0:77:0e:9b:93:6b:3f:1f:a3:6f:19:88:ca:14:
f1:2a:b3:16:49:20:04:23:71:c7:b0:bf:b4:8b:3f:
34:4a:ff:37:b8:14:53:97:40:e2:75:10:4c:f3:f4:
b1:c8:c1:87:e3:56:b6:08:08:07:86:0e:03:0f:8a:
b2:26:82:b8:aa:19:a8:6f:4c:cb:64:9f:5d:ed:58:
24:6d:b7:95:66:c5:07:5f:c0:19:ed:7a:37:87:47:
f0:58:5e:ff:ab:74:d5:d8:2a:79:8e:1b:86:e4:f4:
43:20:76:f8:12:d6:05:f3:01:4c:5e:89:71:6e:fe:
4c:dd:3e:36:51:bf:84:5f:a1:83:d5:c0:f9:65:04:
80:bc:d6:d6:6c:89:78:4f:cf:8d:b4:b5:bb:fe:1f:
25:5f:d1:37:1a:b3:55:7b:17:c5:28:6d:56:cb:32:
92:0f:89:ee:1d:f6:0f:f4:c0:73:77:27:1b:8f:44:
71:25:3e:b4:71:e9:40:f5:c8:f5:56:6b:36:9a:ee:
13:c5:6d:96:36:91:01:55:44:97:f7:b7:6c:fe:c9:
6c:29:45:9d:c2:1c:3a:7b:c5:5e:69:84:f6:ef:89:
ed:f4:9a:f5:77:da:28:ed:e9:73:8e:40:4d:8a:68:
f7:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:CA:8F:DA:A5:FE:F9:48:E0:EC:F6:F9:C7:03:63:9B:56:53:9D:99
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91516FF/2DA55912141611F0A8523219C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91516FF/2DA55912141611F0A8523219C4F9AE02/38qP2qX--Ujg7Pb5xwNjm1ZTnZk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
153315
sbgp-ipAddrBlock: critical
IPv4:
202.40.164.0/22
IPv6:
2401:c0e0::/32
Signature Algorithm: sha256WithRSAEncryption
bc:9b:72:8b:db:a3:7d:cd:d4:83:4b:3b:bc:f8:fe:65:d8:cb:
1b:f2:e4:81:aa:9f:96:67:e9:e1:31:b9:eb:5f:37:b8:fa:a1:
2b:28:4c:4d:7f:5c:10:5d:0d:96:d8:a1:b1:62:c3:79:36:6d:
7a:f0:ca:0d:b1:ae:7b:de:5d:e3:c8:cf:b5:bb:d5:82:3e:fb:
85:ed:6e:97:b7:c9:d6:3d:31:8d:54:d1:e6:fe:a2:b5:42:f6:
45:40:03:d6:40:00:ff:a7:36:7a:17:24:28:f0:36:41:05:3e:
9f:34:12:04:1d:7a:6d:1c:c7:93:31:7d:1a:45:49:e5:89:7f:
2e:36:67:b5:c0:a2:3a:f5:f9:bd:9c:e8:38:6a:54:de:5a:8f:
b7:49:70:1f:22:88:96:78:1a:ba:65:6a:f0:06:74:12:f8:02:
89:b9:cb:58:b5:f9:7c:8c:c1:91:14:af:bf:c6:be:be:53:81:
66:3b:43:18:20:77:83:7c:22:a1:94:01:13:8a:82:15:ee:10:
5d:87:be:df:15:d1:f5:0b:6a:46:45:bb:e2:e8:d4:7f:a7:1b:
c5:82:ac:95:02:f7:4f:c7:83:20:0c:7f:89:29:41:d5:d2:b4:
ae:6c:ca:a1:3a:55:cb:5e:93:7e:22:0b:5f:01:e6:a4:f2:1b:
4b:a3:25:a9
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAj2gMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDQwODAxMDk1OFoXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTE2RkYxMTAvBgNVBAUTKERGQ0E4RkRBQTVGRUY5NDhFMEVDRjZG
OUM3MDM2MzlCNTY1MzlEOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDj4QRWEMBKDfTgGMRyiJfwdw6bk2s/H6NvGYjKFPEqsxZJIAQjccewv7SLPzRK
/ze4FFOXQOJ1EEzz9LHIwYfjVrYICAeGDgMPirImgriqGahvTMtkn13tWCRtt5Vm
xQdfwBntejeHR/BYXv+rdNXYKnmOG4bk9EMgdvgS1gXzAUxeiXFu/kzdPjZRv4Rf
oYPVwPllBIC81tZsiXhPz420tbv+HyVf0Tcas1V7F8UobVbLMpIPie4d9g/0wHN3
JxuPRHElPrRx6UD1yPVWazaa7hPFbZY2kQFVRJf3t2z+yWwpRZ3CHDp7xV5phPbv
ie30mvV32ijt6XOOQE2KaPevAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQU38qP2qX+
+Ujg7Pb5xwNjm1ZTnZkwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTUxNkZGLzJEQTU1OTEyMTQxNjExRjBBODUyMzIxOUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1MTZGRi8yREE1NTkxMjE0MTYxMUYwQTg1MjMyMTlDNEY5QUUwMi8zOHFQMnFY
LS1Vamc3UGI1eHdOam0xWlRuWmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlbjMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCyiikMA0EAgAC
MAcDBQAkAcDgMA0GCSqGSIb3DQEBCwUAA4IBAQC8m3KL26N9zdSDSzu8+P5l2Msb
8uSBqp+WZ+nhMbnrXze4+qErKExNf1wQXQ2W2KGxYsN5Nm168MoNsa573l3jyM+1
u9WCPvuF7W6Xt8nWPTGNVNHm/qK1QvZFQAPWQAD/pzZ6FyQo8DZBBT6fNBIEHXpt
HMeTMX0aRUnliX8uNme1wKI69fm9nOg4alTeWo+3SXAfIoiWeBq6ZWrwBnQS+AKJ
uctYtfl8jMGRFK+/xr6+U4FmO0MYIHeDfCKhlAETioIV7hBdh77fFdH1C2pGRbvi
6NR/pxvFgqyVAvdPx4MgDH+JKUHV0rSubMqhOlXLXpN+IgtfAeak8htLoyWp
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:52:14 2025 by rpki-client