Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ReDCzhRgM0N0_BWzcEXXajTd7l0.cer
File: ReDCzhRgM0N0_BWzcEXXajTd7l0.cer (raw, json)
Hash identifier: vcC+f+Lxl5G3q6XqgvmoFcuzIo+lxdIaCloL3S9L9Wg=
Subject key identifier: 45:E0:C2:CE:14:60:33:43:74:FC:15:B3:70:45:D7:6A:34:DD:EE:5D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 024069
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911465D/D419DC4A201A11F0A402F63BC4F9AE02/ReDCzhRgM0N0_BWzcEXXajTd7l0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911465D/D419DC4A201A11F0A402F63BC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 23 Apr 2025 08:13:29 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 163.223.88.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 20:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147561 (0x24069)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 23 08:13:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A911465D, serialNumber=45E0C2CE1460334374FC15B37045D76A34DDEE5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a1:a9:6a:c4:99:92:eb:15:2d:f7:fe:63:6b:
32:c2:a2:89:99:85:0f:c7:54:9c:21:ad:7b:f3:cd:
d8:0b:98:ac:ff:45:f4:e7:d1:af:3c:6f:1e:7d:67:
ea:6a:96:38:f9:0a:a4:01:d8:98:4a:12:82:de:ed:
ff:0d:f6:8d:d3:14:00:e5:e0:16:e3:b9:d5:2b:89:
0a:d6:05:9e:e7:ea:d2:0c:f7:fa:61:49:0e:9d:1b:
d0:30:fa:81:26:df:74:eb:aa:69:8f:43:77:d9:74:
16:17:8f:ad:aa:0c:b2:df:89:d8:6d:14:d0:51:b1:
77:6e:58:c8:91:27:35:c6:29:44:b3:7e:8e:86:0c:
88:35:76:ec:b3:d4:cc:f2:01:d1:4e:2f:0c:27:66:
17:65:22:e8:20:90:8a:a9:5d:23:5d:55:8d:af:a3:
09:76:a8:82:f9:3c:e5:19:ff:34:f7:72:61:fa:d6:
c1:7a:48:79:df:f6:3d:ec:35:1d:f8:f8:13:21:21:
df:77:35:8e:b2:2d:2b:a2:37:c2:e2:15:a9:0e:0e:
fb:c1:7f:c8:76:02:b5:f0:d1:cd:4d:41:94:3b:36:
ee:c0:1c:8c:41:b5:c9:fd:84:e2:47:c2:d2:df:e9:
e1:8b:37:fc:f4:ab:16:97:a1:a8:96:74:6d:a1:18:
67:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:E0:C2:CE:14:60:33:43:74:FC:15:B3:70:45:D7:6A:34:DD:EE:5D
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911465D/D419DC4A201A11F0A402F63BC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911465D/D419DC4A201A11F0A402F63BC4F9AE02/ReDCzhRgM0N0_BWzcEXXajTd7l0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.223.88.0/23
Signature Algorithm: sha256WithRSAEncryption
cf:b8:3d:1a:54:cc:ae:e4:75:fb:59:f9:ad:b8:73:b4:da:6e:
cf:33:de:38:3e:7a:ec:28:5b:57:b7:56:14:78:cd:d1:7a:9d:
3a:cf:85:85:f9:49:cd:f7:94:7e:8d:e7:84:db:63:6e:ae:00:
71:21:a2:63:48:9b:c2:72:7d:88:03:88:51:08:48:e2:0a:cb:
95:2f:30:1e:0f:9a:d7:09:7a:25:18:5e:dd:84:09:d8:92:4e:
90:21:72:05:c0:3e:51:45:49:9c:95:d5:5e:0a:96:fe:37:67:
a7:83:4b:a4:4f:95:b9:6b:06:68:f7:23:1d:f8:c7:ec:00:bf:
91:50:fd:15:8e:59:86:2b:cc:3d:91:51:bc:6e:a3:b5:13:d6:
de:31:f2:3a:0f:ad:a2:10:cf:19:a2:72:12:9f:15:14:1f:46:
a6:d6:33:b5:59:68:84:68:c1:2a:c6:3b:45:04:a8:2e:b7:35:
51:d4:69:88:af:a2:aa:96:5a:18:78:17:db:12:bd:0a:3c:b3:
34:73:74:dd:ec:de:42:64:e9:c7:69:0a:48:85:31:c6:7c:a1:
73:7f:4a:ee:ba:84:63:3b:1c:58:0c:fc:32:90:f1:68:68:4c:
c1:e9:71:bb:af:60:b0:95:23:a4:e9:b4:29:71:d9:91:82:75:
b8:90:4e:a4
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAkBpMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDQyMzA4MTMyOVoXDTI2MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTQ2NUQxMTAvBgNVBAUTKDQ1RTBDMkNFMTQ2MDMzNDM3NEZDMTVC
MzcwNDVENzZBMzREREVFNUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCroalqxJmS6xUt9/5jazLCoomZhQ/HVJwhrXvzzdgLmKz/RfTn0a88bx59Z+pq
ljj5CqQB2JhKEoLe7f8N9o3TFADl4BbjudUriQrWBZ7n6tIM9/phSQ6dG9Aw+oEm
33TrqmmPQ3fZdBYXj62qDLLfidhtFNBRsXduWMiRJzXGKUSzfo6GDIg1duyz1Mzy
AdFOLwwnZhdlIuggkIqpXSNdVY2vowl2qIL5POUZ/zT3cmH61sF6SHnf9j3sNR34
+BMhId93NY6yLSuiN8LiFakODvvBf8h2ArXw0c1NQZQ7Nu7AHIxBtcn9hOJHwtLf
6eGLN/z0qxaXoaiWdG2hGGcPAgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQUReDCzhRg
M0N0/BWzcEXXajTd7l0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTE0NjVEL0Q0MTlEQzRBMjAxQTExRjBBNDAyRjYzQkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExNDY1RC9ENDE5REM0QTIwMUExMUYwQTQwMkY2M0JDNEY5QUUwMi9SZURDemhS
Z00wTjBfQld6Y0VYWGFqVGQ3bDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBAGj31gwDQYJKoZIhvcNAQELBQADggEBAM+4PRpUzK7kdftZ+a24
c7Tabs8z3jg+euwoW1e3VhR4zdF6nTrPhYX5Sc33lH6N54TbY26uAHEhomNIm8Jy
fYgDiFEISOIKy5UvMB4PmtcJeiUYXt2ECdiSTpAhcgXAPlFFSZyV1V4Klv43Z6eD
S6RPlblrBmj3Ix34x+wAv5FQ/RWOWYYrzD2RUbxuo7UT1t4x8joPraIQzxmichKf
FRQfRqbWM7VZaIRowSrGO0UEqC63NVHUaYivoqqWWhh4F9sSvQo8szRzdN3s3kJk
6cdpCkiFMcZ8oXN/Su66hGM7HFgM/DKQ8WhoTMHpcbuvYLCVI6TptClx2ZGCdbiQ
TqQ=
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:39:23 2025 by rpki-client