Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PqTXApDMqv5dzJxdpfW-J_7d5F4.cer
File: PqTXApDMqv5dzJxdpfW-J_7d5F4.cer (raw, json)
Hash identifier: htgJn2XGS9AxS0kx8F9h6e5sHWE8hC8pvfDzU6BP5HA=
Subject key identifier: 3E:A4:D7:02:90:CC:AA:FE:5D:CC:9C:5D:A5:F5:BE:27:FE:DD:E4:5E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025BDF
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911FA74/6101B5B61D8F11E2847C5FEE08B02CD2/PqTXApDMqv5dzJxdpfW-J_7d5F4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911FA74/6101B5B61D8F11E2847C5FEE08B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 07 Aug 2025 12:44:55 +0000
Certificate not after: Wed 30 Sep 2026 00:00:00 +0000
Subordinate resources: AS: 24543
IP: 202.14.196.0/22
IP: 203.17.32.0/22
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154591 (0x25bdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 7 12:44:55 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=A911FA74, serialNumber=3EA4D70290CCAAFE5DCC9C5DA5F5BE27FEDDE45E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:eb:fc:b9:c1:7e:bc:65:5c:4d:41:ba:3c:d7:
d5:c4:f8:62:05:20:91:46:61:df:ed:ba:a6:b6:38:
50:99:46:2c:80:70:48:75:c6:38:9f:73:eb:a9:0e:
ea:c5:3b:6b:e4:6d:4f:95:dc:36:cf:75:90:84:4a:
5f:4f:a1:c8:9a:e8:f5:98:15:b1:23:90:69:2c:e2:
d7:6c:4a:ba:88:15:79:49:f2:c1:3f:63:e9:eb:ea:
c2:17:8a:63:f1:f9:ba:02:e0:93:fc:84:06:25:32:
df:62:6d:2b:8b:bc:da:6b:88:90:a5:83:46:34:09:
79:28:e6:05:e6:16:11:41:92:f5:a0:b9:1e:9a:04:
43:ad:ce:c3:34:8b:b8:a4:63:e2:4a:96:6d:47:6b:
1d:c8:01:a5:d9:ce:7e:1a:32:30:ce:02:f9:1f:6e:
8d:83:1b:29:78:7e:b6:fd:06:35:da:9e:c9:33:ee:
06:dc:ab:b8:a9:cf:5b:3b:4d:fe:93:d3:98:72:71:
37:f8:2c:bc:09:69:c4:58:a5:de:99:69:e6:02:81:
8c:f8:2c:c8:b4:6e:85:a8:ea:52:56:b1:b0:77:ab:
e4:9a:51:e9:09:ec:ae:5c:10:1b:8e:d1:51:d3:36:
59:54:af:69:9b:d1:e8:5b:eb:3f:aa:73:46:6f:0f:
53:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A4:D7:02:90:CC:AA:FE:5D:CC:9C:5D:A5:F5:BE:27:FE:DD:E4:5E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911FA74/6101B5B61D8F11E2847C5FEE08B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911FA74/6101B5B61D8F11E2847C5FEE08B02CD2/PqTXApDMqv5dzJxdpfW-J_7d5F4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24543
sbgp-ipAddrBlock: critical
IPv4:
202.14.196.0/22
203.17.32.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:bc:d9:9d:d5:50:72:a9:cd:4f:90:19:51:7b:fd:e6:04:de:
85:c4:3b:cc:09:49:cf:cd:ee:9f:25:d6:ed:62:95:37:27:ca:
f8:5a:a2:b3:8b:e6:da:bd:25:84:4d:57:7b:be:ac:f2:7f:07:
df:55:37:fc:2a:a9:08:58:01:42:ee:b9:df:fe:84:c3:0b:54:
9d:6b:b6:b1:99:a2:c6:09:42:0c:b5:8b:b2:43:7c:15:47:09:
12:9c:57:f0:90:29:9c:d0:e9:bd:9d:fa:ae:f8:02:d8:a0:4b:
77:2a:01:50:4e:71:94:bc:35:3d:ea:10:c1:a1:9c:ad:c1:71:
f2:05:f5:dc:07:b0:70:f7:bb:1e:62:0b:8f:4a:c9:2a:42:16:
25:73:27:6d:01:31:5d:db:00:d1:79:af:09:8a:20:77:6b:7b:
2f:36:8d:17:ae:14:37:48:5f:a3:f0:b3:89:c5:d1:27:ec:97:
a1:b0:80:bb:bd:3c:eb:b7:89:96:39:4c:e8:15:2d:7a:5a:95:
ea:a7:90:74:2a:11:bb:8c:12:60:3e:ab:14:a2:16:61:96:34:
25:22:f3:4a:85:19:32:ab:7a:31:44:46:11:4d:39:ee:22:84:
89:0d:c1:d8:73:3a:ca:e4:95:61:f3:80:c0:0c:23:01:17:9b:
d9:0f:c0:9a
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgIDAlvfMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgwNzEyNDQ1NVoXDTI2MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMUZBNzQxMTAvBgNVBAUTKDNFQTRENzAyOTBDQ0FBRkU1RENDOUM1
REE1RjVCRTI3RkVEREU0NUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCy6/y5wX68ZVxNQbo819XE+GIFIJFGYd/tuqa2OFCZRiyAcEh1xjifc+upDurF
O2vkbU+V3DbPdZCESl9Pocia6PWYFbEjkGks4tdsSrqIFXlJ8sE/Y+nr6sIXimPx
+boC4JP8hAYlMt9ibSuLvNpriJClg0Y0CXko5gXmFhFBkvWguR6aBEOtzsM0i7ik
Y+JKlm1Hax3IAaXZzn4aMjDOAvkfbo2DGyl4frb9BjXanskz7gbcq7ipz1s7Tf6T
05hycTf4LLwJacRYpd6ZaeYCgYz4LMi0boWo6lJWsbB3q+SaUekJ7K5cEBuO0VHT
NllUr2mb0ehb6z+qc0ZvD1OXAgMBAAGjggMUMIIDEDAdBgNVHQ4EFgQUPqTXApDM
qv5dzJxdpfW+J/7d5F4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTFGQTc0LzYxMDFCNUI2MUQ4RjExRTI4NDdDNUZFRTA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExRkE3NC82MTAxQjVCNjFEOEYxMUUyODQ3QzVGRUUwOEIwMkNEMi9QcVRYQXBE
TXF2NWR6SnhkcGZXLUpfN2Q1RjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICX98wJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBALKDsQDBALLESAw
DQYJKoZIhvcNAQELBQADggEBAH+82Z3VUHKpzU+QGVF7/eYE3oXEO8wJSc/N7p8l
1u1ilTcnyvhaorOL5tq9JYRNV3u+rPJ/B99VN/wqqQhYAULuud/+hMMLVJ1rtrGZ
osYJQgy1i7JDfBVHCRKcV/CQKZzQ6b2d+q74AtigS3cqAVBOcZS8NT3qEMGhnK3B
cfIF9dwHsHD3ux5iC49KySpCFiVzJ20BMV3bANF5rwmKIHdrey82jReuFDdIX6Pw
s4nF0Sfsl6GwgLu9POu3iZY5TOgVLXpaleqnkHQqEbuMEmA+qxSiFmGWNCUi80qF
GTKrejFERhFNOe4ihIkNwdhzOsrklWHzgMAMIwEXm9kPwJo=
-----END CERTIFICATE-----
Generated at Mon Aug 11 04:16:29 2025 by rpki-client