Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DKto4GkIOkOI6PxpdY8EWWL9Aa8.cer
File: DKto4GkIOkOI6PxpdY8EWWL9Aa8.cer (raw, json)
Hash identifier: aSjwySQDsGxrv4dd0xRetrOzhApDbNCsgkXoJ7iV0c8=
Subject key identifier: 0C:AB:68:E0:69:08:3A:43:88:E8:FC:69:75:8F:04:59:62:FD:01:AF
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 026FEF
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9135D1F/AD2021A4977411F080BF1E64C4F9AE02/DKto4GkIOkOI6PxpdY8EWWL9Aa8.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9135D1F/AD2021A4977411F080BF1E64C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 28 Oct 2025 23:05:21 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: AS: 154329
IP: 203.21.65.0/24
IP: 203.28.195.0/24
IP: 203.32.55.0/24
IP: 203.34.190.0/24
IP: 2001:df2:d440::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 11 Nov 2025 00:25:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159727 (0x26fef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 28 23:05:21 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A9135D1F, serialNumber=0CAB68E069083A4388E8FC69758F045962FD01AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:88:63:9c:12:4e:bf:c7:9a:3a:2c:78:69:de:
77:89:59:67:24:8a:92:a5:a0:5e:fd:91:f3:7a:df:
b5:c3:58:fb:3f:5f:6e:1e:f1:0a:10:df:e0:5a:58:
9d:43:6f:2b:f1:95:a7:27:86:b8:e0:f8:9a:c9:38:
0c:f2:18:fe:90:51:db:7e:6e:a2:ff:0c:24:77:d6:
49:bf:88:a7:c4:1a:39:46:31:ac:8d:0e:c9:21:ec:
51:35:d1:f0:e2:12:05:16:a9:de:24:7f:8f:30:ae:
df:9a:f5:56:e4:fb:f4:6f:c0:36:ab:76:63:3e:39:
10:49:bf:d3:1e:39:6f:88:48:3e:a2:74:d5:7a:b6:
34:06:85:5d:6c:a0:f5:d5:40:33:72:23:54:ad:dd:
a1:6f:c2:12:aa:8b:81:e1:b5:5f:0d:d4:57:36:e0:
b1:a5:66:c6:8c:07:81:bc:b5:38:ba:5c:19:01:22:
48:c8:95:f8:ab:39:13:ec:51:93:24:4c:52:1a:a6:
0e:18:ef:b8:de:08:9a:15:99:be:8b:aa:78:f5:63:
2b:cd:46:da:85:b2:56:b4:a1:5f:6f:f5:40:7d:10:
47:61:ef:9a:36:8d:39:fd:5a:9c:bd:15:dd:90:bb:
fc:31:fa:b8:f9:73:82:ff:ee:7b:46:68:d1:90:7c:
0c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:AB:68:E0:69:08:3A:43:88:E8:FC:69:75:8F:04:59:62:FD:01:AF
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9135D1F/AD2021A4977411F080BF1E64C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9135D1F/AD2021A4977411F080BF1E64C4F9AE02/DKto4GkIOkOI6PxpdY8EWWL9Aa8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
154329
sbgp-ipAddrBlock: critical
IPv4:
203.21.65.0/24
203.28.195.0/24
203.32.55.0/24
203.34.190.0/24
IPv6:
2001:df2:d440::/48
Signature Algorithm: sha256WithRSAEncryption
17:17:74:74:6c:bf:af:0a:66:a5:ee:bc:00:84:ee:3a:58:26:
f5:c9:02:0e:63:ee:52:e5:e6:57:28:0a:b9:a7:2e:3c:d7:66:
cf:6a:93:5b:51:f2:a4:6d:ef:fb:de:35:c1:fc:57:25:b3:4e:
c5:24:46:87:9a:4e:57:cf:5d:6e:87:5c:5f:7e:e7:93:1a:9f:
04:00:90:bd:32:55:ba:56:ab:15:5b:9c:35:41:03:bd:cd:d8:
39:f2:16:fe:c4:7b:9e:de:e6:67:85:96:3b:14:48:f8:8c:c7:
59:b2:c5:42:58:21:c6:4c:0d:6a:0f:97:56:c7:78:b4:d7:40:
ba:3c:de:35:2c:ff:ec:0e:e9:a6:41:e9:02:6a:a6:cc:8d:8f:
a8:68:8a:91:eb:81:4f:cb:c4:1d:5f:16:b6:68:dc:ee:10:0f:
3d:28:73:e4:f6:a2:5e:0f:29:43:0f:a6:99:d1:9b:b5:cb:bb:
62:c7:4b:7b:fa:26:b5:72:2d:2e:ac:0b:2e:1b:43:f5:93:33:
a1:06:91:e6:71:6e:6e:9e:64:6d:3e:c2:5f:5d:19:ed:8c:61:
9a:58:66:74:00:f9:13:9d:82:f1:c3:9a:c9:0d:57:c2:ac:8d:
46:40:e2:03:3e:e8:88:20:e5:20:a2:03:29:0d:05:cf:9a:84:
4d:7b:91:10
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgIDAm/vMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MTAyODIzMDUyMVoXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzVEMUYxMTAvBgNVBAUTKDBDQUI2OEUwNjkwODNBNDM4OEU4RkM2
OTc1OEYwNDU5NjJGRDAxQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD4iGOcEk6/x5o6LHhp3neJWWckipKloF79kfN637XDWPs/X24e8QoQ3+BaWJ1D
byvxlacnhrjg+JrJOAzyGP6QUdt+bqL/DCR31km/iKfEGjlGMayNDskh7FE10fDi
EgUWqd4kf48wrt+a9Vbk+/RvwDardmM+ORBJv9MeOW+ISD6idNV6tjQGhV1soPXV
QDNyI1St3aFvwhKqi4HhtV8N1Fc24LGlZsaMB4G8tTi6XBkBIkjIlfirORPsUZMk
TFIapg4Y77jeCJoVmb6Lqnj1YyvNRtqFsla0oV9v9UB9EEdh75o2jTn9Wpy9Fd2Q
u/wx+rj5c4L/7ntGaNGQfAxVAgMBAAGjggMyMIIDLjAdBgNVHQ4EFgQUDKto4GkI
OkOI6PxpdY8EWWL9Aa8wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM1RDFGL0FEMjAyMUE0OTc3NDExRjA4MEJGMUU2NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzNUQxRi9BRDIwMjFBNDk3NzQxMUYwODBCRjFFNjRDNEY5QUUwMi9ES3RvNEdr
SU9rT0k2UHhwZFk4RVdXTDlBYTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlrZMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAyxVBAwQAyxzD
AwQAyyA3AwQAyyK+MA8EAgACMAkDBwAgAQ3y1EAwDQYJKoZIhvcNAQELBQADggEB
ABcXdHRsv68KZqXuvACE7jpYJvXJAg5j7lLl5lcoCrmnLjzXZs9qk1tR8qRt7/ve
NcH8VyWzTsUkRoeaTlfPXW6HXF9+55ManwQAkL0yVbpWqxVbnDVBA73N2DnyFv7E
e57e5meFljsUSPiMx1myxUJYIcZMDWoPl1bHeLTXQLo83jUs/+wO6aZB6QJqpsyN
j6hoipHrgU/LxB1fFrZo3O4QDz0oc+T2ol4PKUMPppnRm7XLu2LHS3v6JrVyLS6s
Cy4bQ/WTM6EGkeZxbm6eZG0+wl9dGe2MYZpYZnQA+ROdgvHDmskNV8KsjUZA4gM+
6Igg5SCiAykNBc+ahE17kRA=
-----END CERTIFICATE-----
Generated at Tue Nov 4 02:08:53 2025 by rpki-client