Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAAAWsWhdEBL07_CmUMyPpYGJbk.cer
File: IAAAWsWhdEBL07_CmUMyPpYGJbk.cer (raw, json)
Hash identifier: dm2Z5JKq2ADObt3fUBF2p7l8CNZUyKJMqfmsccG35nE=
Subject key identifier: 20:00:00:5A:C5:A1:74:40:4B:D3:BF:C2:99:43:32:3E:96:06:25:B9
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025AB3
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 03 Aug 2025 00:42:04 +0000
Certificate not after: Mon 31 Aug 2026 00:00:00 +0000
Subordinate resources: AS: 142153
IP: 103.166.250.0/23
IP: 2001:df6:a080::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154291 (0x25ab3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 3 00:42:04 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=A91DA590, serialNumber=2000005AC5A174404BD3BFC29943323E960625B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b8:17:a1:0e:6e:60:e3:30:70:8f:95:94:93:
c0:e5:0d:34:c2:20:93:be:d6:72:9c:0e:86:5f:6c:
81:cf:ba:db:56:23:f0:40:1e:25:99:d1:df:ec:6a:
b2:08:d1:d0:bc:a5:3d:33:3b:b0:9e:fa:c7:8d:56:
ad:d6:75:c7:78:f8:24:8f:4f:64:53:67:f4:0d:67:
3d:13:4d:f2:03:58:5e:36:d8:63:13:8a:c4:58:0c:
b3:f1:bd:f8:df:6b:16:f9:37:ba:c7:1b:15:61:56:
a6:1d:f3:e4:a9:fd:6f:3e:b9:87:4f:23:aa:3e:3c:
bb:e5:7b:a0:7e:41:eb:89:cf:ce:e0:69:c8:f1:11:
a8:fe:63:b7:04:ec:72:c3:f2:14:13:8e:38:4a:b6:
b0:ed:45:18:93:12:8f:8b:c7:16:64:b7:dd:d5:a2:
82:cb:f8:69:f7:a4:79:1b:b3:9c:73:31:0b:fe:1d:
df:66:49:cd:05:55:09:da:1b:a1:7b:49:84:07:da:
92:04:bc:4c:b0:7f:6c:5f:97:c2:e5:d3:dc:be:df:
46:a4:aa:47:64:f1:6f:c5:a6:fb:6a:fd:c0:21:12:
30:95:9a:59:c6:35:fa:d1:91:5e:2a:c5:33:9d:85:
e0:10:43:67:18:ad:5c:a7:8d:96:1a:19:02:3b:42:
94:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:00:00:5A:C5:A1:74:40:4B:D3:BF:C2:99:43:32:3E:96:06:25:B9
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
142153
sbgp-ipAddrBlock: critical
IPv4:
103.166.250.0/23
IPv6:
2001:df6:a080::/48
Signature Algorithm: sha256WithRSAEncryption
36:4e:77:b3:6a:26:1a:96:81:6d:a4:74:c6:64:a3:c5:f2:5d:
08:59:21:03:bf:b4:b2:85:b6:9f:a8:a9:68:71:56:1b:12:3d:
21:db:2d:55:15:00:56:04:52:50:ea:05:04:e3:48:d6:72:15:
1d:b3:d9:2c:8f:66:78:75:b5:34:55:42:a8:49:3b:4d:19:9a:
ee:3f:68:98:d3:8c:a1:17:bf:37:d1:93:b8:4a:8c:0e:02:4c:
e7:5d:d8:4a:e0:ef:28:a3:5f:ff:2f:89:e5:2f:2e:1f:d6:68:
47:72:df:e5:ce:b3:b1:48:a1:d7:1c:a2:e2:03:d1:56:6f:58:
c1:ea:9d:1b:8f:cf:db:2b:af:72:91:a8:70:86:5d:82:70:d1:
aa:ab:80:35:25:27:48:8c:f7:98:6e:cb:66:77:41:6a:d6:bc:
26:9a:10:c5:92:9d:c2:1e:b5:3a:76:0a:22:b1:e5:25:d5:97:
fd:cc:cb:07:1a:ed:31:34:8d:f2:4a:5a:21:bc:54:bd:7b:fa:
52:4b:fd:58:c9:dd:6b:e3:9b:7e:77:ef:e8:74:24:8a:2b:80:
ad:65:8c:9b:88:a5:3e:06:9d:d0:89:d7:8c:78:d3:06:25:a0:
51:5a:4d:56:4a:28:c2:61:e4:16:35:67:f5:cb:61:0c:8e:ea:
0a:02:07:ea
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAlqzMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgwMzAwNDIwNFoXDTI2MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxREE1OTAxMTAvBgNVBAUTKDIwMDAwMDVBQzVBMTc0NDA0QkQzQkZD
Mjk5NDMzMjNFOTYwNjI1QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC9uBehDm5g4zBwj5WUk8DlDTTCIJO+1nKcDoZfbIHPuttWI/BAHiWZ0d/sarII
0dC8pT0zO7Ce+seNVq3Wdcd4+CSPT2RTZ/QNZz0TTfIDWF422GMTisRYDLPxvfjf
axb5N7rHGxVhVqYd8+Sp/W8+uYdPI6o+PLvle6B+QeuJz87gacjxEaj+Y7cE7HLD
8hQTjjhKtrDtRRiTEo+LxxZkt93VooLL+Gn3pHkbs5xzMQv+Hd9mSc0FVQnaG6F7
SYQH2pIEvEywf2xfl8Ll09y+30akqkdk8W/Fpvtq/cAhEjCVmlnGNfrRkV4qxTOd
heAQQ2cYrVynjZYaGQI7QpQ3AgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUIAAAWsWh
dEBL07/CmUMyPpYGJbkwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MURBNTkwLzk1MTBFODZBQzA3QjExRUM5ODdCODQ3RkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEQTU5MC85NTEwRTg2QUMwN0IxMUVDOTg3Qjg0N0ZDNEY5QUUwMi9JQUFBV3NX
aGRFQkwwN19DbVVNeVBwWUdKYmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAitJMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ6b6MA8EAgAC
MAkDBwAgAQ32oIAwDQYJKoZIhvcNAQELBQADggEBADZOd7NqJhqWgW2kdMZko8Xy
XQhZIQO/tLKFtp+oqWhxVhsSPSHbLVUVAFYEUlDqBQTjSNZyFR2z2SyPZnh1tTRV
QqhJO00Zmu4/aJjTjKEXvzfRk7hKjA4CTOdd2Erg7yijX/8vieUvLh/WaEdy3+XO
s7FIodccouID0VZvWMHqnRuPz9srr3KRqHCGXYJw0aqrgDUlJ0iM95huy2Z3QWrW
vCaaEMWSncIetTp2CiKx5SXVl/3Mywca7TE0jfJKWiG8VL17+lJL/VjJ3Wvjm353
7+h0JIorgK1ljJuIpT4GndCJ14x40wYloFFaTVZKKMJh5BY1Z/XLYQyO6goCB+o=
-----END CERTIFICATE-----
Generated at Fri Aug 8 19:29:42 2025 by rpki-client