Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ygf27_AJl4bjCgNbG1uQPBY_WX4.cer
File: Ygf27_AJl4bjCgNbG1uQPBY_WX4.cer (raw, json)
Hash identifier: P16BCWwVWBqnKAEJeUzXgGzZIqnCYXnLIYlo+K9VY7Q=
Subject key identifier: 62:07:F6:EF:F0:09:97:86:E3:0A:03:5B:1B:5B:90:3C:16:3F:59:7E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0240AC
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A912D4AE/D7B2F82C134711E58655A526C4F9AE02/Ygf27_AJl4bjCgNbG1uQPBY_WX4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A912D4AE/D7B2F82C134711E58655A526C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 24 Apr 2025 13:10:12 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 55928
IP: 36.255.144.0/22
IP: 103.7.24.0/22
IP: 2403:7500::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 20:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147628 (0x240ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 24 13:10:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A912D4AE, serialNumber=6207F6EFF0099786E30A035B1B5B903C163F597E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:16:90:77:7b:81:71:cb:56:7a:21:86:52:5a:
2c:8b:14:70:dc:96:7f:0c:a5:21:76:0c:a6:a8:a5:
67:e9:2d:97:16:25:8f:b7:53:50:af:48:8f:04:ec:
41:d2:eb:41:7d:d2:62:fa:ee:2d:1c:0e:01:d8:13:
5f:74:5d:32:54:2a:14:ad:11:c7:18:ec:85:4c:e0:
5c:7e:a5:8d:0a:36:8f:ab:ab:f8:37:d7:67:37:81:
43:44:84:e9:af:9f:6b:83:f4:88:c3:6c:f4:6c:05:
ec:6f:63:3e:27:c8:67:16:25:81:15:74:cd:fa:10:
37:07:39:8b:5b:d7:a8:d1:8d:09:21:a6:d2:48:20:
6a:b9:bf:79:d4:fc:4b:50:c7:b3:7f:04:0a:c8:64:
4e:14:4b:55:0e:c7:30:6c:a0:a5:1f:f9:de:be:e0:
ce:11:ce:6d:6d:4c:dc:be:1b:41:05:a5:76:f7:3c:
47:50:f5:b4:ce:e4:da:a6:d3:22:88:f7:0b:c3:6a:
a1:24:7e:68:ae:a7:18:4d:3d:52:61:04:3e:08:ee:
55:2b:d9:c2:c8:f7:df:1a:1a:41:ab:ab:d0:84:79:
59:22:a9:90:a9:d0:96:c8:84:f7:2d:ef:14:76:6f:
41:54:df:ba:8b:ba:9c:6b:43:a6:e1:58:e5:cd:9b:
12:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:07:F6:EF:F0:09:97:86:E3:0A:03:5B:1B:5B:90:3C:16:3F:59:7E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912D4AE/D7B2F82C134711E58655A526C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912D4AE/D7B2F82C134711E58655A526C4F9AE02/Ygf27_AJl4bjCgNbG1uQPBY_WX4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
55928
sbgp-ipAddrBlock: critical
IPv4:
36.255.144.0/22
103.7.24.0/22
IPv6:
2403:7500::/32
Signature Algorithm: sha256WithRSAEncryption
cb:2d:b4:3e:cd:05:be:e0:ed:37:f8:a5:e5:18:c5:0b:e6:cd:
80:0a:d6:bc:f3:c3:6a:23:d1:8a:0a:88:d0:ae:7b:29:d0:66:
e4:9f:2c:db:a1:ff:3b:f3:e2:1f:10:ad:a0:5f:44:d0:6c:f6:
a3:e1:c4:92:e9:84:d1:40:0c:4f:2f:23:50:e3:63:5b:ec:3b:
71:f9:49:f6:02:d4:ca:f0:40:86:90:fd:92:df:a0:74:dd:95:
9a:27:5b:b3:8c:91:c8:43:e0:6b:8d:67:53:9a:2a:79:93:e5:
a7:c8:b0:0d:cf:9f:42:d6:9e:30:07:c9:db:46:16:6b:dc:bf:
1a:a2:7f:cd:51:57:ee:87:ef:ab:36:ed:08:b5:4c:bd:86:d0:
41:cd:c6:a2:85:1b:92:c4:8c:27:57:1a:4c:a1:49:77:6c:e6:
1f:6e:63:a6:9f:21:19:77:74:06:a4:01:0e:6d:2f:57:d2:d5:
e7:c7:dc:42:52:9b:f4:99:63:60:04:84:ae:ce:62:fd:47:c7:
1e:57:16:90:27:f3:f6:29:3e:08:c9:26:d5:44:4b:62:92:9a:
db:34:e1:28:79:a7:c1:da:74:dd:34:e6:e3:88:d0:f3:7d:ea:
83:f6:97:08:4f:2b:c4:c7:c7:68:3a:17:67:ef:df:fc:0a:96:
c7:4e:40:88
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAkCsMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDQyNDEzMTAxMloXDTI2MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMkQ0QUUxMTAvBgNVBAUTKDYyMDdGNkVGRjAwOTk3ODZFMzBBMDM1
QjFCNUI5MDNDMTYzRjU5N0UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQFpB3e4Fxy1Z6IYZSWiyLFHDcln8MpSF2DKaopWfpLZcWJY+3U1CvSI8E7EHS
60F90mL67i0cDgHYE190XTJUKhStEccY7IVM4Fx+pY0KNo+rq/g312c3gUNEhOmv
n2uD9IjDbPRsBexvYz4nyGcWJYEVdM36EDcHOYtb16jRjQkhptJIIGq5v3nU/EtQ
x7N/BArIZE4US1UOxzBsoKUf+d6+4M4Rzm1tTNy+G0EFpXb3PEdQ9bTO5Nqm0yKI
9wvDaqEkfmiupxhNPVJhBD4I7lUr2cLI998aGkGrq9CEeVkiqZCp0JbIhPct7xR2
b0FU37qLupxrQ6bhWOXNmxKrAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUYgf27/AJ
l4bjCgNbG1uQPBY/WX4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTJENEFFL0Q3QjJGODJDMTM0NzExRTU4NjU1QTUyNkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyRDRBRS9EN0IyRjgyQzEzNDcxMUU1ODY1NUE1MjZDNEY5QUUwMi9ZZ2YyN19B
Smw0YmpDZ05iRzF1UVBCWV9XWDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDANp4MDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCJP+QAwQCZwcY
MA0EAgACMAcDBQAkA3UAMA0GCSqGSIb3DQEBCwUAA4IBAQDLLbQ+zQW+4O03+KXl
GMUL5s2ACta888NqI9GKCojQrnsp0Gbknyzbof878+IfEK2gX0TQbPaj4cSS6YTR
QAxPLyNQ42Nb7Dtx+Un2AtTK8ECGkP2S36B03ZWaJ1uzjJHIQ+BrjWdTmip5k+Wn
yLANz59C1p4wB8nbRhZr3L8aon/NUVfuh++rNu0ItUy9htBBzcaihRuSxIwnVxpM
oUl3bOYfbmOmnyEZd3QGpAEObS9X0tXnx9xCUpv0mWNgBISuzmL9R8ceVxaQJ/P2
KT4IySbVREtikprbNOEoeafB2nTdNObjiNDzfeqD9pcITyvEx8doOhdn79/8CpbH
TkCI
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:51:30 2025 by rpki-client