This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhpAdHHRvxyhUl8h997PWmoqZNg.cer File: OhpAdHHRvxyhUl8h997PWmoqZNg.cer (raw, json) Hash identifier: Okz1jewEJHZrpyi/JP5+IfflT2HOmBTEdOk3kv9tl6g= Subject key identifier: 3A:1A:40:74:71:D1:BF:1C:A1:52:5F:21:F7:DE:CF:5A:6A:2A:64:D8 Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F Certificate serial: 027F4A Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer Manifest: rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.mft caRepository: rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/ Notify URL: https://rrdp.apnic.net/notification.xml Certificate not before: Fri 19 Dec 2025 02:55:52 +0000 Certificate not after: Tue 02 Mar 2027 00:00:00 +0000 Subordinate resources: AS: 38611 IP: 103.12.200.0/22 IP: 103.253.64.0/22 IP: 113.11.184.0/22 IP: 180.92.208.0/22 IP: 203.17.148.0/22 IP: 203.33.236.0/24 IP: 203.34.12.0/23 IP: 203.55.188.0/24 IP: 203.57.15.0/24 IP: 203.80.168.0/24 IP: 203.193.192.0/19 IP: 2400:5b80::/32 Validation: OK Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Dec 2025 14:26:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 163658 (0x27f4a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F Validity Not Before: Dec 19 02:55:52 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=A91B7B23, serialNumber=3A1A407471D1BF1CA1525F21F7DECF5A6A2A64D8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:22:0f:9d:4c:b5:27:55:35:6a:e5:5e:57:18: e2:b7:2a:ab:92:24:e7:e9:35:aa:f7:7b:48:b8:f4: a8:78:0e:41:62:c8:5d:41:98:21:f4:f9:b4:68:a7: 5a:df:b5:4f:65:ee:b9:31:93:27:89:bc:d7:54:d3: 3f:ea:45:72:71:a8:f4:bd:1a:35:a9:37:88:31:7e: 85:7d:3f:08:e8:da:91:86:42:1b:56:58:95:a7:24: d9:e6:01:eb:cf:f6:b3:a3:ce:9f:c7:84:16:56:02: 2d:fe:06:b2:17:c2:c8:df:de:bc:d9:a0:30:b5:ad: 5b:a5:8b:41:2f:a8:61:f7:eb:19:ec:e4:2f:52:43: 06:bf:52:76:8f:c1:4e:85:e7:cd:78:4e:ad:02:b4: 59:55:e9:2e:6c:cd:15:40:83:68:6f:36:0d:80:c2: bd:15:66:41:a4:8f:0e:0d:01:c7:b0:48:e8:54:15: b6:13:3d:d8:84:39:93:87:d7:a1:c5:c9:50:a1:3b: 40:45:d1:d5:e4:d2:99:a6:13:d0:a4:3c:9c:68:ef: 0f:82:e3:e5:f8:87:53:e8:b7:99:54:6d:a7:ae:c9: 18:15:db:09:9e:f4:d6:51:59:99:c4:a9:7a:18:cb: 83:37:50:ee:fa:26:11:8f:ec:8e:19:4c:20:cb:bb: 08:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:1A:40:74:71:D1:BF:1C:A1:52:5F:21:F7:DE:CF:5A:6A:2A:64:D8 X509v3 Authority Key Identifier: keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/ RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 38611 sbgp-ipAddrBlock: critical IPv4: 103.12.200.0/22 103.253.64.0/22 113.11.184.0/22 180.92.208.0/22 203.17.148.0/22 203.33.236.0/24 203.34.12.0/23 203.55.188.0/24 203.57.15.0/24 203.80.168.0/24 203.193.192.0/19 IPv6: 2400:5b80::/32 Signature Algorithm: sha256WithRSAEncryption 6f:f9:de:27:5d:90:5c:56:24:ed:92:5c:32:e3:81:06:3d:07: 47:d2:bb:29:9b:68:88:aa:3f:45:ee:c8:f6:40:93:66:80:b0: e7:1f:bb:53:b8:8a:e6:dc:47:f5:ba:ac:80:9f:a9:66:6f:fa: 6a:95:e7:d8:f1:5b:4e:32:41:4e:97:3a:18:37:92:78:e0:8a: d4:b0:2f:7a:a3:93:e0:6f:40:80:9e:82:de:3c:16:b3:17:27: ce:cc:43:d6:e9:10:29:de:67:61:7e:2e:27:33:1c:60:0a:8d: 6e:95:55:1d:54:68:9e:37:c6:9e:5b:d9:41:89:8f:58:09:f6: b9:23:cb:03:27:29:37:0b:4f:4d:8f:0e:e0:c3:e4:ec:c2:23: 89:bf:d6:c5:10:be:43:b2:01:d9:9a:d1:41:03:19:4f:07:67: f5:27:ce:fa:1c:0f:6a:c9:3d:b5:b6:09:c1:0b:86:a2:cb:e1: 03:5c:05:eb:a2:8b:02:aa:ce:7a:2f:ec:cf:98:53:b8:07:33: 27:6e:b9:34:40:d3:52:28:5f:e3:66:00:6f:52:be:bc:a6:b0: a2:a9:15:bc:d9:59:cf:bf:f8:5e:c5:59:1d:c6:6a:56:20:89: f1:57:1f:5b:20:22:f6:3f:d9:2d:4c:ed:5e:90:43:f3:e1:57: ce:85:87:c0 -----BEGIN CERTIFICATE----- MIIGZTCCBU2gAwIBAgIDAn9KMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4 QzkwN0FBNzlGMB4XDTI1MTIxOTAyNTU1MloXDTI3MDMwMjAwMDAwMFowRjERMA8G A1UEAwwIQTkxQjdCMjMxMTAvBgNVBAUTKDNBMUE0MDc0NzFEMUJGMUNBMTUyNUYy MUY3REVDRjVBNkEyQTY0RDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDZIg+dTLUnVTVq5V5XGOK3KquSJOfpNar3e0i49Kh4DkFiyF1BmCH0+bRop1rf tU9l7rkxkyeJvNdU0z/qRXJxqPS9GjWpN4gxfoV9Pwjo2pGGQhtWWJWnJNnmAevP 9rOjzp/HhBZWAi3+BrIXwsjf3rzZoDC1rVuli0EvqGH36xns5C9SQwa/UnaPwU6F 5814Tq0CtFlV6S5szRVAg2hvNg2Awr0VZkGkjw4NAcewSOhUFbYTPdiEOZOH16HF yVChO0BF0dXk0pmmE9CkPJxo7w+C4+X4h1Pot5lUbaeuyRgV2wme9NZRWZnEqXoY y4M3UO76JhGP7I4ZTCDLuwj3AgMBAAGjggNaMIIDVjAdBgNVHQ4EFgQUOhpAdHHR vxyhUl8h997PWmoqZNgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2 NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1 OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0 RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MUI3QjIzLzc1NDVGMDNBOTdEMzExRUVBMjNDNjYwQkM0RjlBRTAyLzB+BggrBgEF BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B OTFCN0IyMy83NTQ1RjAzQTk3RDMxMUVFQTIzQzY2MEJDNEY5QUUwMi9PaHBBZEhI UnZ4eWhVbDhoOTk3UFdtb3FaTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ oAcwBQIDAJbTMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQCZwzIAwQCZ/1A AwQCcQu4AwQCtFzQAwQCyxGUAwQAyyHsAwQByyIMAwQAyze8AwQAyzkPAwQAy1Co AwQFy8HAMA0EAgACMAcDBQAkAFuAMA0GCSqGSIb3DQEBCwUAA4IBAQBv+d4nXZBc ViTtklwy44EGPQdH0rspm2iIqj9F7sj2QJNmgLDnH7tTuIrm3Ef1uqyAn6lmb/pq lefY8VtOMkFOlzoYN5J44IrUsC96o5Pgb0CAnoLePBazFyfOzEPW6RAp3mdhfi4n MxxgCo1ulVUdVGieN8aeW9lBiY9YCfa5I8sDJyk3C09Njw7gw+TswiOJv9bFEL5D sgHZmtFBAxlPB2f1J876HA9qyT21tgnBC4aiy+EDXAXroosCqs56L+zPmFO4BzMn brk0QNNSKF/jZgBvUr68prCiqRW82VnPv/hexVkdxmpWIInxVx9bICL2P9ktTO1e kEPz4VfOhYfA -----END CERTIFICATE-----Generated at Fri Dec 19 16:02:09 2025 by rpki-client