Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IffNCqAWhDVSmHRj5kIpcu8DnOg.cer
File: IffNCqAWhDVSmHRj5kIpcu8DnOg.cer (raw, json)
Hash identifier: D05HU0KmEbeu5QDK2AcFAEQSYuYGuG6JRt/iqz0mDBs=
Subject key identifier: 21:F7:CD:0A:A0:16:84:35:52:98:74:63:E6:42:29:72:EF:03:9C:E8
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025B5D
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A919710C/2F3676124B6011EC9554DC50C4F9AE02/IffNCqAWhDVSmHRj5kIpcu8DnOg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A919710C/2F3676124B6011EC9554DC50C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 05 Aug 2025 16:51:24 +0000
Certificate not after: Wed 30 Sep 2026 00:00:00 +0000
Subordinate resources: AS: 140736
IP: 103.152.64.0/23
IP: 2406:2ac0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154461 (0x25b5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 5 16:51:24 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=A919710C, serialNumber=21F7CD0AA016843552987463E6422972EF039CE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:cf:fd:b2:b8:13:0e:47:4e:83:0a:a0:e7:f3:
15:25:76:ac:43:b7:4e:37:84:29:10:1f:b6:90:68:
60:df:46:f1:28:a9:fe:b8:be:35:52:c7:b2:4b:82:
c9:9e:5e:59:02:c9:0a:a1:11:8f:70:a5:4e:76:e6:
62:ef:55:2f:89:d7:e5:9e:47:a5:68:41:cf:69:dd:
15:25:c1:81:22:8a:71:04:49:43:d1:e7:86:1f:df:
f2:b5:02:ce:23:95:22:0f:4a:07:15:97:0a:bc:8b:
4c:24:67:9a:f5:ba:0e:35:20:ef:b1:de:55:cb:66:
ef:49:b0:d8:a3:3c:50:ee:af:9e:e2:f5:e9:cc:f3:
0a:05:3a:a6:9a:a0:9e:8e:b6:0b:f2:05:ff:67:30:
ce:e4:2d:68:44:b3:d9:e2:13:c2:05:20:a9:ca:8c:
f7:d7:81:a9:c9:80:29:96:cb:70:a9:61:5f:7d:fd:
78:d4:15:4b:e6:eb:2a:4d:77:5d:34:d6:c6:d9:d3:
2c:29:6c:3d:e5:cf:7e:5a:be:a4:5b:75:73:55:8b:
4b:18:cf:7e:6c:e3:5e:71:77:53:48:af:f6:6c:e6:
de:cf:8c:73:53:72:86:8e:f2:57:4f:29:72:1d:9e:
b0:8b:1f:6d:db:3f:2b:21:15:71:70:7a:f6:57:64:
25:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F7:CD:0A:A0:16:84:35:52:98:74:63:E6:42:29:72:EF:03:9C:E8
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919710C/2F3676124B6011EC9554DC50C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919710C/2F3676124B6011EC9554DC50C4F9AE02/IffNCqAWhDVSmHRj5kIpcu8DnOg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
140736
sbgp-ipAddrBlock: critical
IPv4:
103.152.64.0/23
IPv6:
2406:2ac0::/32
Signature Algorithm: sha256WithRSAEncryption
9d:62:6c:bc:a3:fe:25:fa:62:24:58:56:c9:3a:57:57:30:29:
16:63:7a:fc:fb:e7:00:8f:72:fe:39:b8:a9:fa:fd:51:54:33:
66:9a:71:0a:13:eb:6e:cf:e4:45:94:03:b0:8a:11:84:fd:d1:
4c:03:9d:4b:17:7f:7a:91:71:e6:65:8d:bd:44:55:44:75:b3:
61:07:df:9d:33:9b:45:91:ec:b6:c6:54:2c:a3:da:cd:d3:49:
79:a6:7d:66:71:a1:25:b5:ae:da:8c:12:58:f6:ad:36:c9:a1:
95:8b:6e:6c:63:b8:d5:a2:ff:5e:da:22:4b:dd:17:c3:7a:db:
c1:9c:92:8c:24:7c:5f:80:4a:52:4e:76:47:45:0e:09:6c:93:
66:f7:7f:77:bc:4a:f5:07:2b:5f:2f:10:8d:b3:b6:eb:d5:57:
58:84:de:d3:e7:db:8a:7a:be:c5:0c:1b:81:ad:eb:1e:fa:15:
f9:ed:2c:53:49:d6:30:2c:d5:7a:a2:17:b3:30:c3:cb:3f:af:
29:45:1d:ae:e4:1f:d4:9f:c9:55:93:64:57:e6:e0:92:fc:08:
37:f7:58:de:f2:b0:d0:e6:e5:1e:d7:a8:79:6e:be:6f:01:c3:
4e:f9:7c:26:74:06:40:bd:c9:76:cd:f6:f0:aa:61:76:bb:c2:
85:97:13:aa
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAltdMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgwNTE2NTEyNFoXDTI2MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTcxMEMxMTAvBgNVBAUTKDIxRjdDRDBBQTAxNjg0MzU1Mjk4NzQ2
M0U2NDIyOTcyRUYwMzlDRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCZz/2yuBMOR06DCqDn8xUldqxDt043hCkQH7aQaGDfRvEoqf64vjVSx7JLgsme
XlkCyQqhEY9wpU525mLvVS+J1+WeR6VoQc9p3RUlwYEiinEESUPR54Yf3/K1As4j
lSIPSgcVlwq8i0wkZ5r1ug41IO+x3lXLZu9JsNijPFDur57i9enM8woFOqaaoJ6O
tgvyBf9nMM7kLWhEs9niE8IFIKnKjPfXganJgCmWy3CpYV99/XjUFUvm6ypNd100
1sbZ0ywpbD3lz35avqRbdXNVi0sYz35s415xd1NIr/Zs5t7PjHNTcoaO8ldPKXId
nrCLH23bPyshFXFwevZXZCVtAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUIffNCqAW
hDVSmHRj5kIpcu8DnOgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTk3MTBDLzJGMzY3NjEyNEI2MDExRUM5NTU0REM1MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5NzEwQy8yRjM2NzYxMjRCNjAxMUVDOTU1NERDNTBDNEY5QUUwMi9JZmZOQ3FB
V2hEVlNtSFJqNWtJcGN1OERuT2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiXAMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ5hAMA0EAgAC
MAcDBQAkBirAMA0GCSqGSIb3DQEBCwUAA4IBAQCdYmy8o/4l+mIkWFbJOldXMCkW
Y3r8++cAj3L+Obip+v1RVDNmmnEKE+tuz+RFlAOwihGE/dFMA51LF396kXHmZY29
RFVEdbNhB9+dM5tFkey2xlQso9rN00l5pn1mcaElta7ajBJY9q02yaGVi25sY7jV
ov9e2iJL3RfDetvBnJKMJHxfgEpSTnZHRQ4JbJNm9393vEr1BytfLxCNs7br1VdY
hN7T59uKer7FDBuBrese+hX57SxTSdYwLNV6ohezMMPLP68pRR2u5B/Un8lVk2RX
5uCS/Ag391je8rDQ5uUe16h5br5vAcNO+XwmdAZAvcl2zfbwqmF2u8KFlxOq
-----END CERTIFICATE-----
Generated at Sun Aug 10 03:51:14 2025 by rpki-client