Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B4tKgNHf5sBSUzqtsZU0rFmjlUs.cer
File: B4tKgNHf5sBSUzqtsZU0rFmjlUs.cer (raw, json)
Hash identifier: 7q7TaatpgszQwbS6uRHtZegG8cUxnSGzWhNelrW9fxU=
Subject key identifier: 07:8B:4A:80:D1:DF:E6:C0:52:53:3A:AD:B1:95:34:AC:59:A3:95:4B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025B06
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A917C5E0/8720AB185A1711EFAA22A729C4F9AE02/B4tKgNHf5sBSUzqtsZU0rFmjlUs.mft
caRepository: rsync://rpki.apnic.net/member_repository/A917C5E0/8720AB185A1711EFAA22A729C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 04 Aug 2025 18:26:13 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: AS: 134439
IP: 45.125.108.0/22
IP: 103.193.244.0/22
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154374 (0x25b06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 4 18:26:13 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A917C5E0, serialNumber=078B4A80D1DFE6C052533AADB19534AC59A3954B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:57:08:fe:c4:34:b2:03:07:f8:8c:ff:4d:03:
bf:4f:19:a1:a2:00:8a:44:9f:7f:82:3b:43:51:d4:
67:fa:f3:c8:ce:e7:ee:49:6c:f7:ed:19:9a:1c:00:
ed:8f:59:36:2b:52:30:88:0a:f7:3b:d3:f7:c4:07:
58:13:d8:34:20:3c:1c:e6:2e:2a:25:51:23:fa:6b:
31:8e:da:54:97:7a:08:03:41:80:8f:47:db:52:91:
bf:93:93:6f:28:ab:c7:09:6c:c8:27:c4:52:fd:38:
a3:26:43:b3:8f:54:91:f0:7f:90:5b:6b:54:21:5f:
b3:2e:83:c5:2f:d1:70:fb:95:e0:99:f8:17:9b:5d:
14:9d:d8:96:e7:65:42:ac:c7:6e:99:96:ac:b3:a0:
1f:00:64:bd:aa:6d:95:b4:9d:d6:dd:1f:48:3e:b7:
38:04:e3:76:db:ad:21:d3:33:28:32:0d:c0:fe:e3:
53:e1:5b:04:35:3e:82:90:92:a6:01:22:b8:44:a3:
71:7a:b2:30:3d:57:67:9c:3f:90:82:fd:ae:37:1d:
be:04:4a:d7:77:04:b8:50:f1:32:56:2e:89:8b:29:
e3:84:ee:fd:06:8e:36:8f:bd:53:10:f5:93:6a:c3:
44:d0:f7:cd:54:7d:3b:96:9a:a2:f9:72:9d:5b:bc:
c8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:8B:4A:80:D1:DF:E6:C0:52:53:3A:AD:B1:95:34:AC:59:A3:95:4B
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917C5E0/8720AB185A1711EFAA22A729C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917C5E0/8720AB185A1711EFAA22A729C4F9AE02/B4tKgNHf5sBSUzqtsZU0rFmjlUs.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
134439
sbgp-ipAddrBlock: critical
IPv4:
45.125.108.0/22
103.193.244.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:72:c0:13:d2:e6:07:34:2e:3f:54:2e:5b:10:ff:12:53:25:
23:30:22:c7:22:d7:a9:6a:a5:76:cf:da:58:94:63:c8:6c:a8:
14:e5:77:cc:5b:8f:c8:ba:db:48:df:55:bd:6c:8b:96:36:51:
1f:9e:fe:92:11:3d:69:af:a6:e2:ce:83:2a:00:bb:b7:5a:91:
c7:14:76:e2:74:ec:a3:ee:85:88:53:e6:a3:4b:d8:5b:a6:62:
bc:6d:89:6e:ff:ff:72:05:fc:71:d5:7a:2a:f5:ff:24:62:e8:
fc:d8:88:1a:20:d2:66:bb:0b:00:5a:40:5f:30:55:f2:07:69:
fd:a9:3c:a2:18:bd:cd:60:3f:00:07:41:a3:45:69:d7:35:88:
8f:fc:01:94:33:a5:08:6b:e3:59:12:a4:c0:68:07:fb:87:b4:
bc:07:ec:f1:6b:fa:28:5d:e0:82:bf:68:6e:f1:d4:08:8b:a9:
4f:4e:ec:a9:04:6a:58:4a:11:63:29:2f:25:5c:8d:15:6a:fc:
20:95:5b:61:17:2a:fc:69:a6:10:25:c5:05:8e:a3:dc:36:89:
12:01:ee:14:b0:50:3d:1b:65:f8:d1:ed:f4:6f:c2:5b:61:97:
8c:85:8a:27:b5:04:2c:38:bf:5a:db:36:99:93:7e:f2:df:85:
63:83:cc:ef
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgIDAlsGMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgwNDE4MjYxM1oXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxN0M1RTAxMTAvBgNVBAUTKDA3OEI0QTgwRDFERkU2QzA1MjUzM0FB
REIxOTUzNEFDNTlBMzk1NEIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDqVwj+xDSyAwf4jP9NA79PGaGiAIpEn3+CO0NR1Gf688jO5+5JbPftGZocAO2P
WTYrUjCICvc70/fEB1gT2DQgPBzmLiolUSP6azGO2lSXeggDQYCPR9tSkb+Tk28o
q8cJbMgnxFL9OKMmQ7OPVJHwf5Bba1QhX7Mug8Uv0XD7leCZ+BebXRSd2JbnZUKs
x26ZlqyzoB8AZL2qbZW0ndbdH0g+tzgE43bbrSHTMygyDcD+41PhWwQ1PoKQkqYB
IrhEo3F6sjA9V2ecP5CC/a43Hb4EStd3BLhQ8TJWLomLKeOE7v0GjjaPvVMQ9ZNq
w0TQ981UfTuWmqL5cp1bvMgpAgMBAAGjggMVMIIDETAdBgNVHQ4EFgQUB4tKgNHf
5sBSUzqtsZU0rFmjlUswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTdDNUUwLzg3MjBBQjE4NUExNzExRUZBQTIyQTcyOUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3QzVFMC84NzIwQUIxODVBMTcxMUVGQUEyMkE3MjlDNEY5QUUwMi9CNHRLZ05I
ZjVzQlNVenF0c1pVMHJGbWpsVXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg0nMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLX1sAwQCZ8H0
MA0GCSqGSIb3DQEBCwUAA4IBAQDCcsAT0uYHNC4/VC5bEP8SUyUjMCLHItepaqV2
z9pYlGPIbKgU5XfMW4/IuttI31W9bIuWNlEfnv6SET1pr6bizoMqALu3WpHHFHbi
dOyj7oWIU+ajS9hbpmK8bYlu//9yBfxx1Xoq9f8kYuj82IgaINJmuwsAWkBfMFXy
B2n9qTyiGL3NYD8AB0GjRWnXNYiP/AGUM6UIa+NZEqTAaAf7h7S8B+zxa/ooXeCC
v2hu8dQIi6lPTuypBGpYShFjKS8lXI0VavwglVthFyr8aaYQJcUFjqPcNokSAe4U
sFA9G2X40e30b8JbYZeMhYontQQsOL9a2zaZk37y34Vjg8zv
-----END CERTIFICATE-----
Generated at Mon Aug 11 04:17:54 2025 by rpki-client