Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAF157M3En5uwlH0Og0qxhMRv04.cer
File: HAF157M3En5uwlH0Og0qxhMRv04.cer (raw, json)
Hash identifier: I3VLoyBpcEMV1SI7TlNke683ADmBOBNWWjjqYMjyaNQ=
Subject key identifier: 1C:01:75:E7:B3:37:12:7E:6E:C2:51:F4:3A:0D:2A:C6:13:11:BF:4E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025807
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 25 Jul 2025 22:32:05 +0000
Certificate not after: Wed 30 Sep 2026 00:00:00 +0000
Subordinate resources: AS: 9671
IP: 202.173.32.0/19
IP: 2405:4500::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 11 Aug 2025 04:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153607 (0x25807)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 25 22:32:05 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=A91E3584, serialNumber=1C0175E7B337127E6EC251F43A0D2AC61311BF4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:54:5b:62:51:4a:2c:40:b6:f2:af:78:65:85:
46:2d:d6:96:de:fe:8a:63:06:4e:f5:a4:5e:fa:85:
b8:94:c0:3a:91:35:00:40:d2:a7:c1:4c:84:dc:05:
03:e2:b2:5d:23:88:48:2c:34:5c:d0:6b:62:68:da:
f7:85:b9:25:c8:c3:9a:f8:b5:02:90:60:32:ba:60:
60:69:e0:cd:31:f7:ac:a7:b9:b4:7b:9d:5b:12:dc:
59:b6:79:e5:51:55:a9:4f:dc:63:9d:87:13:be:68:
80:39:64:04:96:98:71:eb:02:fa:ba:da:a4:16:0e:
88:89:35:e4:94:0e:1f:24:5c:87:20:11:d0:e4:29:
66:c7:72:15:f1:7f:50:ac:2d:a0:1f:54:d6:72:af:
c0:e8:86:22:42:a9:7b:0b:bf:59:71:87:8e:7e:9f:
f6:05:53:1a:c6:b7:4e:d5:3d:d9:5e:e1:09:29:6f:
8b:f0:00:27:f5:4e:9b:3a:8a:db:eb:0d:fa:9e:41:
ea:f3:05:21:5a:a2:06:f0:b4:2b:1e:bc:e9:07:17:
a6:6e:d9:55:6e:95:39:f6:2a:df:4c:bd:65:76:6a:
1c:b5:04:64:6a:0a:92:1f:8a:bd:49:91:91:3d:90:
0c:49:1e:5f:1b:b0:7f:38:49:a0:a2:8d:09:82:0f:
92:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:01:75:E7:B3:37:12:7E:6E:C2:51:F4:3A:0D:2A:C6:13:11:BF:4E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9671
sbgp-ipAddrBlock: critical
IPv4:
202.173.32.0/19
IPv6:
2405:4500::/32
Signature Algorithm: sha256WithRSAEncryption
55:81:e0:7b:c7:48:69:31:83:4f:33:51:c5:41:cb:37:e9:ac:
6b:b4:6e:c1:d2:63:38:ad:d2:b3:54:cc:c5:f9:0d:89:be:cc:
17:22:b6:18:82:7c:b0:5d:e9:9a:7b:fd:e9:d4:64:a5:8c:ef:
d2:56:30:c2:d5:ec:12:67:38:64:2c:3b:e4:15:44:91:5e:7c:
c5:86:ee:86:fb:18:93:dd:2a:5e:49:dc:3a:99:4a:81:9d:25:
fe:9f:01:fd:86:5a:ae:72:08:88:14:34:69:ba:fd:a7:37:e7:
b5:08:f3:27:a4:86:32:0f:a9:99:db:6e:e8:01:1e:c5:ea:db:
2b:fc:1f:69:26:e9:d0:81:88:29:62:60:3b:bc:af:12:48:b4:
bd:b0:11:69:8c:c3:23:64:00:4f:56:d7:2b:de:14:eb:a3:5a:
30:4c:82:41:28:ee:97:37:74:4b:10:02:4d:b3:3e:12:c7:59:
1c:dc:d1:c0:8d:c8:c9:33:e3:27:89:cc:11:34:ce:7a:f6:c8:
81:69:63:0d:eb:37:f8:34:d0:17:a6:6b:20:fb:f7:0d:c3:e8:
a2:3a:45:0c:ce:b0:f4:4d:62:5f:29:3e:f9:e2:89:a3:82:c2:
77:d8:f3:4f:fb:62:74:f6:89:26:f0:29:24:dc:f1:80:0d:94:
d6:88:90:89
-----BEGIN CERTIFICATE-----
MIIGKDCCBRCgAwIBAgIDAlgHMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDcyNTIyMzIwNVoXDTI2MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTM1ODQxMTAvBgNVBAUTKDFDMDE3NUU3QjMzNzEyN0U2RUMyNTFG
NDNBMEQyQUM2MTMxMUJGNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDVFtiUUosQLbyr3hlhUYt1pbe/opjBk71pF76hbiUwDqRNQBA0qfBTITcBQPi
sl0jiEgsNFzQa2Jo2veFuSXIw5r4tQKQYDK6YGBp4M0x96ynubR7nVsS3Fm2eeVR
ValP3GOdhxO+aIA5ZASWmHHrAvq62qQWDoiJNeSUDh8kXIcgEdDkKWbHchXxf1Cs
LaAfVNZyr8DohiJCqXsLv1lxh45+n/YFUxrGt07VPdle4Qkpb4vwACf1Tps6itvr
DfqeQerzBSFaogbwtCsevOkHF6Zu2VVulTn2Kt9MvWV2ahy1BGRqCpIfir1JkZE9
kAxJHl8bsH84SaCijQmCD5J9AgMBAAGjggMdMIIDGTAdBgNVHQ4EFgQUHAF157M3
En5uwlH0Og0qxhMRv04wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUUzNTg0L0QxQTEyOTQ2MUQ4NTExRTJCQjRGQTREQzA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFMzU4NC9EMUExMjk0NjFEODUxMUUyQkI0RkE0REMwOEIwMkNEMi9IQUYxNTdN
M0VuNXV3bEgwT2cwcXhoTVJ2MDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICJccwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAXKrSAwDQQCAAIw
BwMFACQFRQAwDQYJKoZIhvcNAQELBQADggEBAFWB4HvHSGkxg08zUcVByzfprGu0
bsHSYzit0rNUzMX5DYm+zBcithiCfLBd6Zp7/enUZKWM79JWMMLV7BJnOGQsO+QV
RJFefMWG7ob7GJPdKl5J3DqZSoGdJf6fAf2GWq5yCIgUNGm6/ac357UI8yekhjIP
qZnbbugBHsXq2yv8H2km6dCBiCliYDu8rxJItL2wEWmMwyNkAE9W1yveFOujWjBM
gkEo7pc3dEsQAk2zPhLHWRzc0cCNyMkz4yeJzBE0znr2yIFpYw3rN/g00BemayD7
9w3D6KI6RQzOsPRNYl8pPvniiaOCwnfY80/7YnT2iSbwKSTc8YANlNaIkIk=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:55:04 2025 by rpki-client