Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XlEJvjS4HAy74OQ1mneBpGJLn80.cer
File: XlEJvjS4HAy74OQ1mneBpGJLn80.cer (raw, json)
Hash identifier: ybSnJelk/zMoWfjvXJAGAFtRzZgrIJts3mhwOvSwGsU=
Subject key identifier: 5E:51:09:BE:34:B8:1C:0C:BB:E0:E4:35:9A:77:81:A4:62:4B:9F:CD
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025A30
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E5D61/0C6A0C9E1D7911E2879E38C508B02CD2/XlEJvjS4HAy74OQ1mneBpGJLn80.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E5D61/0C6A0C9E1D7911E2879E38C508B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 01 Aug 2025 09:10:11 +0000
Certificate not after: Wed 30 Sep 2026 00:00:00 +0000
Subordinate resources: AS: 3717
AS: 4538
AS: 4789
AS: 4839 -- 4840
AS: 4843
AS: 9401 -- 9407
AS: 9425
AS: 17735
AS: 18011
AS: 23910 -- 23912
AS: 24301 -- 24302
AS: 24310
AS: 24348 -- 24372
AS: 24489 -- 24490
AS: 24575
AS: 38027
AS: 38255
AS: 38272
AS: 38585
AS: 38587
AS: 45567
AS: 45576
AS: 45587
AS: 55826
AS: 59201
AS: 132551 -- 132553
AS: 132886
AS: 134169
AS: 135570
AS: 138182
AS: 138369 -- 138371
AS: 138373 -- 138378
AS: 138381
AS: 138393
AS: 138438
AS: 138440 -- 138442
AS: 139738
AS: 139774
AS: 141005
AS: 141168
AS: 142067 -- 142106
AS: 142650 -- 146745
AS: 151423 -- 151462
IP: 1.51.0.0/16
IP: 1.184.0.0/15
IP: 42.244.0.0/14
IP: 49.52.0.0/14
IP: 49.120.0.0/14
IP: 49.140.0.0/15
IP: 49.208.0.0/15
IP: 58.154.0.0/15
IP: 58.192.0.0/12
IP: 59.64.0.0/12
IP: 101.4.0.0/14
IP: 101.76.0.0/15
IP: 103.137.60.0/24
IP: 103.165.110.0/23
IP: 110.64.0.0/15
IP: 111.114.0.0 -- 111.117.255.255
IP: 111.186.0.0/15
IP: 113.54.0.0/15
IP: 114.212.0.0 -- 114.214.255.255
IP: 115.24.0.0/14
IP: 115.154.0.0 -- 115.158.255.255
IP: 116.13.0.0/16
IP: 116.56.0.0/15
IP: 118.202.0.0/15
IP: 118.228.0.0 -- 118.230.255.255
IP: 120.94.0.0/15
IP: 121.48.0.0/15
IP: 121.52.160.0/19
IP: 121.192.0.0/14
IP: 121.248.0.0/14
IP: 122.204.0.0/14
IP: 125.216.0.0/13
IP: 175.185.0.0 -- 175.187.255.255
IP: 180.84.0.0/15
IP: 180.201.0.0/16
IP: 180.208.0.0/15
IP: 183.168.0.0 -- 183.170.255.255
IP: 183.172.0.0/14
IP: 202.4.128.0/19
IP: 202.38.2.0/23
IP: 202.38.64.0/18
IP: 202.38.135.0/24
IP: 202.38.140.0/23
IP: 202.38.146.0/23
IP: 202.38.184.0 -- 202.38.255.255
IP: 202.112.0.0 -- 202.121.255.255
IP: 202.127.216.0 -- 202.127.255.255
IP: 202.179.240.0/20
IP: 202.192.0.0/12
IP: 203.91.120.0/21
IP: 210.25.0.0 -- 210.47.255.255
IP: 211.64.0.0/13
IP: 211.80.0.0/13
IP: 218.192.0.0/13
IP: 219.216.0.0 -- 219.231.255.255
IP: 219.242.0.0 -- 219.247.255.255
IP: 222.16.0.0/12
IP: 222.192.0.0/12
IP: 223.2.0.0/15
IP: 223.128.0.0/15
IP: 2001:250:: -- 2001:256:ffff:ffff:ffff:ffff:ffff:ffff
IP: 2001:da8:: -- 2001:daa:ffff:ffff:ffff:ffff:ffff:ffff
IP: 2001:dd9::/48
IP: 2400:6000::/32
IP: 2401:34a0::/31
IP: 2401:9b20::/31
IP: 2401:cc00::/32
IP: 2401:ec00::/32
IP: 2402:2000::/32
IP: 2402:4b80::/32
IP: 2402:e480::/32
IP: 2402:f000::/32
IP: 2403:3140::/32
IP: 2403:8c00::/32
IP: 2403:ac00::/32
IP: 2403:d400::/32
IP: 2406:280::/32
IP: 240a:a000::/20
IP: 240b:e000::/26
IP: 240c:c000::/20
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154160 (0x25a30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 1 09:10:11 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=A91E5D61, serialNumber=5E5109BE34B81C0CBBE0E4359A7781A4624B9FCD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:63:06:ad:0e:cc:75:06:b2:a1:6e:44:76:6b:
9a:57:2b:61:ea:55:4c:cf:3b:eb:b5:2a:c7:3a:08:
da:f2:4d:70:c6:9d:73:6e:ed:03:69:99:07:f2:4a:
8d:44:0a:35:c0:30:60:54:4b:4e:1a:fa:eb:99:a1:
46:0a:dc:8d:ba:ed:9a:cb:91:e2:05:e0:af:a8:9e:
d0:b7:63:0c:d6:18:cd:26:47:c6:fa:4e:1e:f7:fe:
8f:dd:30:fa:aa:32:00:ae:50:0e:3f:38:fe:c9:cb:
5d:b9:93:27:fb:fa:ec:35:79:28:86:82:1b:50:30:
a4:bb:e2:23:13:fb:d7:8a:69:aa:f0:1a:0d:d4:73:
ca:fe:0e:aa:f8:62:c3:75:34:d8:b7:39:5c:4b:8a:
c2:72:4a:c4:f1:a2:60:38:7d:66:e6:cd:ac:12:2a:
f5:9b:07:ff:41:c4:ba:c6:a8:56:34:4e:49:59:f5:
c4:2f:eb:c4:b6:4c:6c:3b:0d:74:df:9f:6f:18:0f:
f6:a2:34:12:d1:27:5e:ec:0a:b8:9a:a5:b7:69:d9:
b8:dc:73:16:65:d1:9a:ca:4d:89:36:5b:aa:74:26:
89:29:42:a2:a9:b5:00:17:b0:7d:c1:05:50:66:fc:
74:8a:73:ac:f9:86:9d:86:9b:ce:71:48:7c:ed:7f:
94:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:51:09:BE:34:B8:1C:0C:BB:E0:E4:35:9A:77:81:A4:62:4B:9F:CD
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E5D61/0C6A0C9E1D7911E2879E38C508B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E5D61/0C6A0C9E1D7911E2879E38C508B02CD2/XlEJvjS4HAy74OQ1mneBpGJLn80.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
3717
4538
4789
4839-4840
4843
9401-9407
9425
17735
18011
23910-23912
24301-24302
24310
24348-24372
24489-24490
24575
38027
38255
38272
38585
38587
45567
45576
45587
55826
59201
132551-132553
132886
134169
135570
138182
138369-138371
138373-138378
138381
138393
138438
138440-138442
139738
139774
141005
141168
142067-142106
142650-146745
151423-151462
sbgp-ipAddrBlock: critical
IPv4:
1.51.0.0/16
1.184.0.0/15
42.244.0.0/14
49.52.0.0/14
49.120.0.0/14
49.140.0.0/15
49.208.0.0/15
58.154.0.0/15
58.192.0.0/12
59.64.0.0/12
101.4.0.0/14
101.76.0.0/15
103.137.60.0/24
103.165.110.0/23
110.64.0.0/15
111.114.0.0-111.117.255.255
111.186.0.0/15
113.54.0.0/15
114.212.0.0-114.214.255.255
115.24.0.0/14
115.154.0.0-115.158.255.255
116.13.0.0/16
116.56.0.0/15
118.202.0.0/15
118.228.0.0-118.230.255.255
120.94.0.0/15
121.48.0.0/15
121.52.160.0/19
121.192.0.0/14
121.248.0.0/14
122.204.0.0/14
125.216.0.0/13
175.185.0.0-175.187.255.255
180.84.0.0/15
180.201.0.0/16
180.208.0.0/15
183.168.0.0-183.170.255.255
183.172.0.0/14
202.4.128.0/19
202.38.2.0/23
202.38.64.0/18
202.38.135.0/24
202.38.140.0/23
202.38.146.0/23
202.38.184.0-202.38.255.255
202.112.0.0-202.121.255.255
202.127.216.0-202.127.255.255
202.179.240.0/20
202.192.0.0/12
203.91.120.0/21
210.25.0.0-210.47.255.255
211.64.0.0/13
211.80.0.0/13
218.192.0.0/13
219.216.0.0-219.231.255.255
219.242.0.0-219.247.255.255
222.16.0.0/12
222.192.0.0/12
223.2.0.0/15
223.128.0.0/15
IPv6:
2001:250::-2001:256:ffff:ffff:ffff:ffff:ffff:ffff
2001:da8::-2001:daa:ffff:ffff:ffff:ffff:ffff:ffff
2001:dd9::/48
2400:6000::/32
2401:34a0::/31
2401:9b20::/31
2401:cc00::/32
2401:ec00::/32
2402:2000::/32
2402:4b80::/32
2402:e480::/32
2402:f000::/32
2403:3140::/32
2403:8c00::/32
2403:ac00::/32
2403:d400::/32
2406:280::/32
240a:a000::/20
240b:e000::/26
240c:c000::/20
Signature Algorithm: sha256WithRSAEncryption
da:6d:20:e1:2e:c1:0b:0c:9e:22:be:34:59:7c:a4:77:29:fa:
5e:76:d1:75:d9:31:14:2f:fb:40:53:db:06:f9:a0:e0:93:08:
bf:32:03:4e:fc:bb:cc:e4:ff:aa:8e:e7:a5:dd:f0:25:4f:17:
78:4d:1d:a8:21:e4:11:49:ee:91:79:d0:74:25:fe:69:92:a4:
31:7e:6c:0c:2b:2f:d7:0e:e6:2d:4b:44:18:f9:a1:3a:01:4a:
cf:8f:51:1f:df:43:ee:0b:38:92:34:3f:8c:ec:91:18:7e:17:
64:a6:fe:88:ab:7c:4c:09:7a:6b:ba:6a:2d:e7:92:ec:0e:b3:
f9:d5:c9:46:ae:0a:71:4d:e5:73:41:be:a1:21:fe:05:a0:a6:
34:f2:53:2e:c8:4b:3e:b0:77:a8:b9:04:a0:5a:57:25:e8:9a:
63:81:a0:8f:69:20:c0:82:14:26:c5:26:fb:19:09:07:11:85:
ce:d6:00:c9:80:bd:cf:34:d6:1e:c5:e5:3f:cd:13:4d:09:b8:
e2:10:75:4e:e3:c1:61:ca:44:9b:8f:e8:7f:14:74:06:a0:df:
4f:37:b7:ed:66:62:19:8d:a0:00:98:09:79:86:22:82:b2:c5:
3e:f4:6e:4e:c2:29:1e:67:db:7f:19:77:28:8a:ad:d8:69:19:
e7:61:37:0e
-----BEGIN CERTIFICATE-----
MIIJdTCCCF2gAwIBAgIDAlowMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgwMTA5MTAxMVoXDTI2MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTVENjExMTAvBgNVBAUTKDVFNTEwOUJFMzRCODFDMENCQkUwRTQz
NTlBNzc4MUE0NjI0QjlGQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8YwatDsx1BrKhbkR2a5pXK2HqVUzPO+u1Ksc6CNryTXDGnXNu7QNpmQfySo1E
CjXAMGBUS04a+uuZoUYK3I267ZrLkeIF4K+ontC3YwzWGM0mR8b6Th73/o/dMPqq
MgCuUA4/OP7Jy125kyf7+uw1eSiGghtQMKS74iMT+9eKaarwGg3Uc8r+Dqr4YsN1
NNi3OVxLisJySsTxomA4fWbmzawSKvWbB/9BxLrGqFY0TklZ9cQv68S2TGw7DXTf
n28YD/aiNBLRJ17sCriapbdp2bjccxZl0ZrKTYk2W6p0JokpQqKptQAXsH3BBVBm
/HSKc6z5hp2Gm85xSHztf5Q1AgMBAAGjggZqMIIGZjAdBgNVHQ4EFgQUXlEJvjS4
HAy74OQ1mneBpGJLn80wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU1RDYxLzBDNkEwQzlFMUQ3OTExRTI4NzlFMzhDNTA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFNUQ2MS8wQzZBMEM5RTFENzkxMUUyODc5RTM4QzUwOEIwMkNEMi9YbEVKdmpT
NEhBeTc0T1ExbW5lQnBHSkxuODAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggE6BggrBgEFBQcBCAEB/wSC
ASkwggEloIIBITCCAR0CAg6FAgIRugICErUwCAICEucCAhLoAgIS6zAIAgIkuQIC
JL8CAiTRAgJFRwICRlswCAICXWYCAl1oMAgCAl7tAgJe7gICXvYwCAICXxwCAl80
MAgCAl+pAgJfqgICX/8CAwCUiwIDAJVvAgMAlYACAwCWuQIDAJa7AgMAsf8CAwCy
CAIDALITAgMA2hICAwDnQTAKAgMCBccCAwIFyQIDAgcWAgMCDBkCAwIRkgIDAhvG
MAoCAwIcgQIDAhyDMAoCAwIchQIDAhyKAgMCHI0CAwIcmQIDAhzGMAoCAwIcyAID
AhzKAgMCIdoCAwIh/gIDAibNAgMCJ3AwCgIDAirzAgMCKxowCgIDAi06AgMCPTkw
CgIDAk9/AgMCT6YwggJWBggrBgEFBQcBBwEB/wSCAkUwggJBMIIBlQQCAAEwggGN
AwMAATMDAwEBuAMDAir0AwMCMTQDAwIxeAMDATGMAwMBMdADAwE6mgMDBDrAAwME
O0ADAwJlBAMDAWVMAwQAZ4k8AwQBZ6VuAwMBbkAwCgMDAW9yAwMBb3QDAwFvugMD
AXE2MAoDAwJy1AMDAHLWAwMCcxgwCgMDAXOaAwMAc54DAwB0DQMDAXQ4AwMBdsow
CgMDAnbkAwMAduYDAwF4XgMDAXkwAwQFeTSgAwMCecADAwJ5+AMDAnrMAwMDfdgw
CgMDAK+5AwMCr7gDAwG0VAMDALTJAwMBtNAwCgMDA7eoAwMAt6oDAwK3rAMEBcoE
gAMEAcomAgMEBsomQAMEAMomhwMEAcomjAMEAcomkjALAwQDyia4AwMAyiYwCgMD
BMpwAwMByngwCwMEA8p/2AMDB8oAAwQEyrPwAwMEysADBAPLW3gwCgMDANIZAwME
0iADAwPTQAMDA9NQAwMD2sAwCgMDA9vYAwMD2+AwCgMDAdvyAwMD2/ADAwTeEAMD
BN7AAwMB3wIDAwHfgDCBpQQCAAIwgZ4wDgMFBCABAlADBQAgAQJWMA4DBQMgAQ2o
AwUAIAENqgMHACABDdkAAAMFACQAYAADBQEkATSgAwUBJAGbIAMFACQBzAADBQAk
AewAAwUAJAIgAAMFACQCS4ADBQAkAuSAAwUAJALwAAMFACQDMUADBQAkA4wAAwUA
JAOsAAMFACQD1AADBQAkBgKAAwQEJAqgAwUGJAvgAAMEBCQMwDANBgkqhkiG9w0B
AQsFAAOCAQEA2m0g4S7BCwyeIr40WXykdyn6XnbRddkxFC/7QFPbBvmg4JMIvzID
Tvy7zOT/qo7npd3wJU8XeE0dqCHkEUnukXnQdCX+aZKkMX5sDCsv1w7mLUtEGPmh
OgFKz49RH99D7gs4kjQ/jOyRGH4XZKb+iKt8TAl6a7pqLeeS7A6z+dXJRq4KcU3l
c0G+oSH+BaCmNPJTLshLPrB3qLkEoFpXJeiaY4Ggj2kgwIIUJsUm+xkJBxGFztYA
yYC9zzTWHsXlP80TTQm44hB1TuPBYcpEm4/ofxR0BqDfTze37WZiGY2gAJgJeYYi
grLFPvRuTsIpHmfbfxl3KIqt2GkZ52E3Dg==
-----END CERTIFICATE-----
Generated at Sun Aug 10 21:10:51 2025 by rpki-client