Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NfIQw_y-8NYqPeiPXz-iThGTdEw.cer
File: NfIQw_y-8NYqPeiPXz-iThGTdEw.cer (raw, json)
Hash identifier: l46J/StQW5O6bEyyLVIRDwBvaSW9cgmdFOnmt+fHWHQ=
Subject key identifier: 35:F2:10:C3:FC:BE:F0:D6:2A:3D:E8:8F:5F:3F:A2:4E:11:93:74:4C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023C93
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A1860/4222E664ACFF11ED81035733C4F9AE02/NfIQw_y-8NYqPeiPXz-iThGTdEw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A1860/4222E664ACFF11ED81035733C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 02 Apr 2025 21:23:43 +0000
Certificate not after: Thu 28 May 2026 00:00:00 +0000
Subordinate resources: AS: 138478
IP: 103.86.70.0/23
IP: 2400:e0e0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 20:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146579 (0x23c93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 2 21:23:43 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=A91A1860, serialNumber=35F210C3FCBEF0D62A3DE88F5F3FA24E1193744C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:65:df:36:89:28:e2:57:b9:82:e2:50:40:05:
76:7b:ea:20:d1:ea:82:3a:9e:6c:d6:49:e8:a2:dc:
8b:d7:40:23:d2:20:d7:03:b2:81:ab:0e:73:91:12:
6e:8a:33:b4:7d:fc:e5:0f:0b:81:20:1f:ca:92:53:
c0:60:ae:fe:fc:86:97:ad:21:63:33:8d:d1:bd:76:
4b:16:e4:3d:bd:d9:81:22:36:29:4c:f9:22:ca:5b:
5f:cc:76:9a:3e:e8:0d:eb:97:3e:b2:7f:1d:2d:98:
3e:07:55:e2:76:e1:02:ba:50:ea:ee:11:f4:70:dc:
8c:c4:42:94:5a:29:75:2f:42:25:2b:83:00:9a:3e:
cc:de:b9:ba:02:71:94:22:92:dc:f4:0c:0f:82:54:
1b:27:e2:d1:5d:9d:8d:7d:f5:5d:8e:d2:e2:12:b4:
a9:fc:41:b2:f5:31:01:40:4e:98:80:50:5d:75:c9:
06:a9:84:70:a6:46:00:6c:d3:16:ca:4c:b8:40:2d:
31:87:09:8b:34:02:9d:6a:88:86:0d:a6:75:56:34:
8a:ae:8f:9b:66:d9:ad:eb:8f:12:6d:04:bb:b2:9a:
ae:f0:ed:36:d6:b7:f6:d5:09:4d:96:19:2a:21:ac:
ce:74:a4:84:be:24:c3:22:7f:4d:6c:02:b9:a7:cf:
cc:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F2:10:C3:FC:BE:F0:D6:2A:3D:E8:8F:5F:3F:A2:4E:11:93:74:4C
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A1860/4222E664ACFF11ED81035733C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A1860/4222E664ACFF11ED81035733C4F9AE02/NfIQw_y-8NYqPeiPXz-iThGTdEw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
138478
sbgp-ipAddrBlock: critical
IPv4:
103.86.70.0/23
IPv6:
2400:e0e0::/32
Signature Algorithm: sha256WithRSAEncryption
6f:ee:bb:d8:f2:83:6d:0a:7f:c4:0c:98:62:9f:ce:a4:5e:f6:
52:aa:d6:aa:cf:f1:4b:b5:56:d8:d1:60:f0:ca:d0:53:0f:0e:
01:3e:f4:75:3a:38:46:bd:8c:d9:54:45:ff:31:0a:a8:bb:ff:
c1:25:6f:b7:ca:a6:3f:ab:65:bd:0a:33:7b:95:db:50:d6:15:
08:e3:c2:b3:e2:cb:85:1c:28:92:3b:40:86:27:82:3e:5f:c8:
f6:88:71:4a:de:7d:ce:06:a4:19:a0:fe:bb:d4:1c:e8:13:2b:
11:b5:f4:66:de:3c:a8:1c:b8:fd:80:a2:93:ca:95:83:90:83:
e7:4d:cc:84:96:c2:e2:7e:cf:b3:ad:a7:21:cb:60:54:a8:66:
ac:e0:05:ad:ec:35:b3:53:db:dd:90:5d:61:44:a9:03:90:06:
b9:62:5e:47:db:7e:75:b9:76:68:67:1b:c2:4c:be:31:60:15:
5c:8b:31:eb:8e:65:70:c2:66:f3:07:c4:fd:37:17:9b:4a:a9:
1b:45:ab:23:9f:bf:6f:c6:2d:7b:8f:d1:0a:70:7c:4a:62:6b:
98:b0:84:40:47:5e:e6:08:0a:d8:8e:7d:21:e0:c5:11:a9:ce:
a1:6b:1a:ab:cf:64:88:cb:e2:a5:59:68:86:30:7e:35:ad:d5:
d1:38:a4:57
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAjyTMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDQwMjIxMjM0M1oXDTI2MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTE4NjAxMTAvBgNVBAUTKDM1RjIxMEMzRkNCRUYwRDYyQTNERTg4
RjVGM0ZBMjRFMTE5Mzc0NEMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDhZd82iSjiV7mC4lBABXZ76iDR6oI6nmzWSeii3IvXQCPSINcDsoGrDnOREm6K
M7R9/OUPC4EgH8qSU8Bgrv78hpetIWMzjdG9dksW5D292YEiNilM+SLKW1/Mdpo+
6A3rlz6yfx0tmD4HVeJ24QK6UOruEfRw3IzEQpRaKXUvQiUrgwCaPszeuboCcZQi
ktz0DA+CVBsn4tFdnY199V2O0uIStKn8QbL1MQFATpiAUF11yQaphHCmRgBs0xbK
TLhALTGHCYs0Ap1qiIYNpnVWNIquj5tm2a3rjxJtBLuymq7w7TbWt/bVCU2WGSoh
rM50pIS+JMMif01sArmnz8z9AgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUNfIQw/y+
8NYqPeiPXz+iThGTdEwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUExODYwLzQyMjJFNjY0QUNGRjExRUQ4MTAzNTczM0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBMTg2MC80MjIyRTY2NEFDRkYxMUVEODEwMzU3MzNDNEY5QUUwMi9OZklRd195
LThOWXFQZWlQWHotaVRoR1RkRXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhzuMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ1ZGMA0EAgAC
MAcDBQAkAODgMA0GCSqGSIb3DQEBCwUAA4IBAQBv7rvY8oNtCn/EDJhin86kXvZS
qtaqz/FLtVbY0WDwytBTDw4BPvR1OjhGvYzZVEX/MQqou//BJW+3yqY/q2W9CjN7
ldtQ1hUI48Kz4suFHCiSO0CGJ4I+X8j2iHFK3n3OBqQZoP671BzoEysRtfRm3jyo
HLj9gKKTypWDkIPnTcyElsLifs+zrachy2BUqGas4AWt7DWzU9vdkF1hRKkDkAa5
Yl5H2351uXZoZxvCTL4xYBVcizHrjmVwwmbzB8T9NxebSqkbRasjn79vxi17j9EK
cHxKYmuYsIRAR17mCArYjn0h4MURqc6haxqrz2SIy+KlWWiGMH41rdXROKRX
-----END CERTIFICATE-----
Generated at Fri Apr 25 23:00:31 2025 by rpki-client