Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9AFXH04P6PgNV80CfNnuFdc4jyQ.cer
File: 9AFXH04P6PgNV80CfNnuFdc4jyQ.cer (raw, json)
Hash identifier: i36z7go26H+4j/20Q2SVbdX8WiWhZsUErUbRHOKvrqk=
Subject key identifier: F4:01:57:1F:4E:0F:E8:F8:0D:57:CD:02:7C:D9:EE:15:D7:38:8F:24
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025B34
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91EA54A/BE84A82071A511EF8D805C78C4F9AE02/9AFXH04P6PgNV80CfNnuFdc4jyQ.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91EA54A/BE84A82071A511EF8D805C78C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 05 Aug 2025 04:58:55 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: IP: 203.5.212.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 13 Aug 2025 04:46:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154420 (0x25b34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 5 04:58:55 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A91EA54A, serialNumber=F401571F4E0FE8F80D57CD027CD9EE15D7388F24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:69:15:d0:d7:f4:05:d6:99:b6:13:0d:1f:09:
a0:ca:d6:88:ce:2c:8c:9d:26:bb:a2:cf:bc:71:f8:
0d:80:d2:ec:ac:dd:54:36:88:36:54:fb:9d:ef:18:
48:48:e6:01:16:7d:f8:58:a7:a0:0e:5c:14:cf:56:
cf:99:fe:22:c1:9e:19:e5:fb:1e:4b:b5:0c:7d:51:
5a:8e:81:e1:f7:fc:8b:d2:a4:69:03:30:86:84:0c:
3d:cd:ac:b2:6a:00:9f:75:4b:9d:3a:1c:bf:c4:27:
69:70:42:48:c2:8b:4a:d6:6f:ea:55:8f:d6:52:af:
9f:aa:87:9f:8a:d9:94:60:04:9a:80:0e:1a:fb:61:
6d:02:fe:1c:2f:62:c7:8b:7f:e9:80:67:bb:5e:90:
f5:88:6f:78:48:a3:35:c4:83:d8:2e:94:41:e6:99:
cd:b7:a6:51:c3:e7:3b:74:e0:00:aa:39:2e:4f:3d:
78:80:58:84:db:c8:25:21:a9:56:07:71:51:0e:e0:
e1:bc:54:f7:ea:60:e2:4d:5a:43:26:e5:0a:3e:04:
a1:02:3f:b6:ca:ba:42:72:23:6c:5e:ea:ca:a6:41:
8e:2e:e3:be:56:b6:6a:83:ed:1c:3a:97:6e:43:7f:
ee:e9:4c:68:b7:fa:4b:f2:65:93:3a:23:a3:31:ec:
96:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:01:57:1F:4E:0F:E8:F8:0D:57:CD:02:7C:D9:EE:15:D7:38:8F:24
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91EA54A/BE84A82071A511EF8D805C78C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91EA54A/BE84A82071A511EF8D805C78C4F9AE02/9AFXH04P6PgNV80CfNnuFdc4jyQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.5.212.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:2a:4b:1c:55:91:2c:df:54:8a:ca:36:61:72:47:05:31:4f:
da:56:72:ea:13:8f:eb:8b:c5:db:5e:5c:ea:88:99:ab:8d:f9:
29:4c:45:97:e1:ac:53:b9:4a:7a:51:74:39:49:03:8e:4e:26:
1f:c9:92:14:28:02:0f:8b:36:07:01:75:a4:c4:1b:5a:4b:36:
80:27:ef:b0:22:b4:70:22:2b:ec:8e:63:2e:27:31:bc:a4:d1:
91:dc:60:56:48:d5:46:78:60:1e:53:f9:62:ea:f2:43:7a:2d:
0f:48:eb:df:17:39:dc:42:8c:45:d4:d0:8e:8f:dd:ef:a0:96:
f3:1c:d5:47:ed:4d:44:45:49:41:5e:74:81:47:6e:4e:5e:41:
44:c8:47:ce:6f:09:d8:75:9e:25:ca:b4:8a:4b:ab:5f:fd:a4:
95:cc:1a:b6:5c:22:5c:be:46:c9:e3:24:39:a3:78:c1:fb:2a:
72:e7:ec:ca:18:9f:03:c9:33:2b:db:7f:78:35:02:d6:eb:b7:
e3:28:f0:0a:54:6f:b3:f1:38:9a:62:34:d6:83:00:0e:da:37:
60:b7:34:7e:d2:8c:47:71:fa:1f:db:74:4b:60:9f:e8:1f:13:
64:a9:72:26:7d:f4:33:58:d4:13:c0:6b:de:5a:be:08:01:8e:
b1:bf:5f:43
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAls0MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgwNTA0NTg1NVoXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRUE1NEExMTAvBgNVBAUTKEY0MDE1NzFGNEUwRkU4RjgwRDU3Q0Qw
MjdDRDlFRTE1RDczODhGMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDPaRXQ1/QF1pm2Ew0fCaDK1ojOLIydJruiz7xx+A2A0uys3VQ2iDZU+53vGEhI
5gEWffhYp6AOXBTPVs+Z/iLBnhnl+x5LtQx9UVqOgeH3/IvSpGkDMIaEDD3NrLJq
AJ91S506HL/EJ2lwQkjCi0rWb+pVj9ZSr5+qh5+K2ZRgBJqADhr7YW0C/hwvYseL
f+mAZ7tekPWIb3hIozXEg9gulEHmmc23plHD5zt04ACqOS5PPXiAWITbyCUhqVYH
cVEO4OG8VPfqYOJNWkMm5Qo+BKECP7bKukJyI2xe6sqmQY4u475WtmqD7Rw6l25D
f+7pTGi3+kvyZZM6I6Mx7JZfAgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQU9AFXH04P
6PgNV80CfNnuFdc4jyQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUVBNTRBL0JFODRBODIwNzFBNTExRUY4RDgwNUM3OEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFQTU0QS9CRTg0QTgyMDcxQTUxMUVGOEQ4MDVDNzhDNEY5QUUwMi85QUZYSDA0
UDZQZ05WODBDZk5udUZkYzRqeVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBADLBdQwDQYJKoZIhvcNAQELBQADggEBAE0qSxxVkSzfVIrKNmFy
RwUxT9pWcuoTj+uLxdteXOqImauN+SlMRZfhrFO5SnpRdDlJA45OJh/JkhQoAg+L
NgcBdaTEG1pLNoAn77AitHAiK+yOYy4nMbyk0ZHcYFZI1UZ4YB5T+WLq8kN6LQ9I
698XOdxCjEXU0I6P3e+glvMc1UftTURFSUFedIFHbk5eQUTIR85vCdh1niXKtIpL
q1/9pJXMGrZcIly+RsnjJDmjeMH7KnLn7MoYnwPJMyvbf3g1Atbrt+Mo8ApUb7Px
OJpiNNaDAA7aN2C3NH7SjEdx+h/bdEtgn+gfE2SpciZ99DNY1BPAa95avggBjrG/
X0M=
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:09:22 2025 by rpki-client