Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UrIZlUKcRPin9OyZ5TBAhw1tOFs.cer
File: UrIZlUKcRPin9OyZ5TBAhw1tOFs.cer (raw, json)
Hash identifier: Hz3tf7bCLa4l1EQHF1il+5rpKOnR5a4bSoWqsTp0jzM=
Subject key identifier: 52:B2:19:95:42:9C:44:F8:A7:F4:EC:99:E5:30:40:87:0D:6D:38:5B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02403B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/UrIZlUKcRPin9OyZ5TBAhw1tOFs.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 22 Apr 2025 19:17:46 +0000
Certificate not after: Thu 28 May 2026 00:00:00 +0000
Subordinate resources: AS: 138684
IP: 103.136.132.0/22
IP: 2404:93c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 20:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147515 (0x2403b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 22 19:17:46 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=A91A459D, serialNumber=52B21995429C44F8A7F4EC99E53040870D6D385B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f4:48:11:be:c8:25:16:70:11:38:ba:0f:ff:
54:39:ab:9f:6e:a5:aa:0f:6b:0f:72:30:7e:c6:ad:
f7:e5:51:8f:e4:cb:14:12:7b:8e:ab:e7:8c:5b:7e:
c7:85:b9:5c:cb:5e:08:e3:00:b7:36:22:72:11:36:
94:50:95:f7:60:e9:78:0c:e2:93:80:69:b3:9f:df:
3d:38:6d:79:0f:07:51:41:a0:86:03:27:5c:94:69:
35:af:61:1a:96:d1:b8:93:b1:5d:23:64:5e:02:13:
06:98:75:ae:f4:32:ef:f7:81:c6:27:9b:fb:4b:e3:
74:e9:be:aa:d7:a1:1d:73:14:18:31:4c:4a:6a:80:
5a:41:fc:93:67:93:b9:04:89:7c:27:cb:df:a0:3a:
00:2b:91:1e:2a:c5:24:fe:cd:e2:b9:96:91:ac:50:
08:46:18:5c:d9:c3:f6:a5:cd:94:24:6e:3a:22:cb:
96:69:88:61:3c:77:d4:6b:ec:c5:a5:44:dd:05:d2:
a6:76:80:d1:48:76:53:f5:03:0f:12:82:b6:87:0f:
f7:ac:38:45:68:6a:1b:11:05:82:c1:1c:89:e2:4e:
6c:08:c8:a7:c7:e2:2a:db:fc:d3:aa:b8:06:77:4f:
d9:26:b0:e6:18:c0:f5:0c:11:b6:b5:32:52:5a:9e:
de:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B2:19:95:42:9C:44:F8:A7:F4:EC:99:E5:30:40:87:0D:6D:38:5B
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/UrIZlUKcRPin9OyZ5TBAhw1tOFs.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
138684
sbgp-ipAddrBlock: critical
IPv4:
103.136.132.0/22
IPv6:
2404:93c0::/32
Signature Algorithm: sha256WithRSAEncryption
8a:f7:23:fb:f9:df:0c:1e:3d:52:78:7b:e2:1c:07:20:bc:56:
60:d7:33:60:55:08:31:36:83:e0:30:2c:f3:48:7d:0a:70:24:
04:96:12:23:9e:e3:71:22:99:b1:af:03:c3:21:06:34:b2:18:
f9:c0:3e:26:3f:f5:61:48:e1:a4:3d:5c:e0:53:4f:9f:d4:84:
ed:c4:e6:55:5b:75:a6:d3:d2:31:f9:e0:3e:08:bb:3f:9b:af:
08:0c:0d:9e:05:ae:e8:04:8a:0d:5d:e5:92:e1:ce:8b:d1:22:
08:1b:74:f0:e8:5d:f3:6f:82:02:4e:54:ec:a3:0f:2c:1b:2f:
8f:af:18:8b:ec:6e:4c:9b:e5:b9:58:49:3f:1d:2e:15:d5:7d:
af:91:01:eb:f6:6d:f0:eb:d3:79:50:93:90:bb:7e:97:38:c1:
17:ad:93:11:cf:a2:e9:19:fa:75:49:9d:b0:c9:e8:a4:9d:36:
58:ec:e4:79:1e:92:b6:a2:a3:a2:51:ef:90:65:c2:29:dc:24:
8a:63:e6:08:eb:49:82:bb:33:89:a7:3a:d5:80:5b:22:d1:a1:
eb:07:a7:4e:db:20:b6:7a:14:85:ec:76:b0:6f:77:c4:fb:9a:
cc:13:58:ac:da:db:6e:00:7d:70:96:26:72:76:62:fb:a7:ed:
eb:6f:02:bc
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAkA7MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDQyMjE5MTc0NloXDTI2MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTQ1OUQxMTAvBgNVBAUTKDUyQjIxOTk1NDI5QzQ0RjhBN0Y0RUM5
OUU1MzA0MDg3MEQ2RDM4NUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDN9EgRvsglFnAROLoP/1Q5q59upaoPaw9yMH7GrfflUY/kyxQSe46r54xbfseF
uVzLXgjjALc2InIRNpRQlfdg6XgM4pOAabOf3z04bXkPB1FBoIYDJ1yUaTWvYRqW
0biTsV0jZF4CEwaYda70Mu/3gcYnm/tL43TpvqrXoR1zFBgxTEpqgFpB/JNnk7kE
iXwny9+gOgArkR4qxST+zeK5lpGsUAhGGFzZw/alzZQkbjoiy5ZpiGE8d9Rr7MWl
RN0F0qZ2gNFIdlP1Aw8SgraHD/esOEVoahsRBYLBHIniTmwIyKfH4irb/NOquAZ3
T9kmsOYYwPUMEba1MlJant7nAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUUrIZlUKc
RPin9OyZ5TBAhw1tOFswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE0NTlELzVGQUI5NzJFN0VGNjExRUFBOTc5QTMyREM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBNDU5RC81RkFCOTcyRTdFRjYxMUVBQTk3OUEzMkRDNEY5QUUwMi9VcklabFVL
Y1JQaW45T3laNVRCQWh3MXRPRnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAh28MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ4iEMA0EAgAC
MAcDBQAkBJPAMA0GCSqGSIb3DQEBCwUAA4IBAQCK9yP7+d8MHj1SeHviHAcgvFZg
1zNgVQgxNoPgMCzzSH0KcCQElhIjnuNxIpmxrwPDIQY0shj5wD4mP/VhSOGkPVzg
U0+f1ITtxOZVW3Wm09Ix+eA+CLs/m68IDA2eBa7oBIoNXeWS4c6L0SIIG3Tw6F3z
b4ICTlTsow8sGy+PrxiL7G5Mm+W5WEk/HS4V1X2vkQHr9m3w69N5UJOQu36XOMEX
rZMRz6LpGfp1SZ2wyeiknTZY7OR5HpK2oqOiUe+QZcIp3CSKY+YI60mCuzOJpzrV
gFsi0aHrB6dO2yC2ehSF7Hawb3fE+5rME1is2ttuAH1wliZydmL7p+3rbwK8
-----END CERTIFICATE-----
Generated at Fri Apr 25 23:00:28 2025 by rpki-client