Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yt792dXXaz4eaPmBKVcVDcD1PF0.cer
File: Yt792dXXaz4eaPmBKVcVDcD1PF0.cer (raw, json)
Hash identifier: ex7r1hxWUcrKBocyntZPocn2+IaQnDSvTpUy9kE42Cg=
Subject key identifier: 62:DE:FD:D9:D5:D7:6B:3E:1E:68:F9:81:29:57:15:0D:C0:F5:3C:5D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023739
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9195456/9C45B9B47A8D11EC84B90534C4F9AE02/Yt792dXXaz4eaPmBKVcVDcD1PF0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9195456/9C45B9B47A8D11EC84B90534C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 12 Mar 2025 16:51:09 +0000
Certificate not after: Thu 28 May 2026 00:00:00 +0000
Subordinate resources: AS: 38911
IP: 203.100.59.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 20:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145209 (0x23739)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Mar 12 16:51:09 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=A9195456, serialNumber=62DEFDD9D5D76B3E1E68F9812957150DC0F53C5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ce:91:d7:1e:6d:f2:9a:a8:70:56:0e:0a:ba:
7b:71:f6:95:4f:fb:5d:31:5c:fa:0b:62:c7:57:9b:
4b:65:38:2c:db:e0:82:cd:14:e3:95:07:50:96:de:
7d:b7:b8:67:68:aa:76:a4:69:c5:13:98:78:45:67:
a3:ce:df:81:62:c8:e9:64:0c:c7:84:be:13:2e:d7:
e1:d1:09:69:bd:eb:2e:24:0c:2b:30:ad:dc:07:52:
de:43:e1:da:26:bb:0f:c3:21:76:e9:11:39:ca:00:
41:a8:be:1b:15:5c:e0:16:f7:9b:be:ac:20:82:66:
c8:fe:9d:58:cd:d3:da:e5:10:6d:8f:e3:b5:9a:06:
e8:fc:0b:8c:49:37:cc:d0:69:da:0b:d4:6e:05:0b:
83:2f:93:02:2d:c3:73:13:d6:7d:07:f8:78:48:c7:
52:8c:9a:39:5e:5e:c2:64:ad:3f:c5:76:52:91:80:
cf:d9:31:af:e5:4f:60:35:3c:f3:ba:c4:95:92:22:
70:15:0a:55:36:a6:01:9d:fc:48:fc:26:97:2c:57:
84:bf:d0:f5:03:5d:42:3e:15:a3:38:b1:fa:0a:0a:
0c:c9:10:ca:1a:8c:bb:6b:e9:4f:e4:e6:a7:3d:9b:
d6:01:b1:c6:b1:3b:de:61:63:08:34:1f:02:ec:48:
76:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:DE:FD:D9:D5:D7:6B:3E:1E:68:F9:81:29:57:15:0D:C0:F5:3C:5D
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9195456/9C45B9B47A8D11EC84B90534C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9195456/9C45B9B47A8D11EC84B90534C4F9AE02/Yt792dXXaz4eaPmBKVcVDcD1PF0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
38911
sbgp-ipAddrBlock: critical
IPv4:
203.100.59.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:52:53:bc:a6:8d:44:4d:be:ef:09:65:f5:39:63:07:27:cf:
9a:24:0f:73:5e:f1:2c:d3:d4:86:e4:35:2a:3c:a8:00:1e:65:
8f:4a:43:18:e0:46:33:23:58:bb:39:0a:0e:eb:9d:29:e8:b9:
38:6f:19:e8:11:1e:c8:6f:e3:26:ff:d0:16:f4:8c:3b:c7:b2:
de:80:7d:e8:aa:14:8b:19:c5:df:86:06:71:fa:fd:ed:05:49:
c8:94:b7:45:78:f4:3f:bc:89:94:14:98:66:db:e9:a1:4e:bc:
4c:5a:67:3d:fc:fc:fb:44:71:bf:b4:5c:ad:f2:d9:1b:6e:43:
3d:c9:64:55:d7:28:1b:71:d0:4f:ad:08:a7:93:fe:fb:5f:09:
ac:17:6d:53:0f:9c:49:34:84:ad:e9:f6:2a:9c:eb:89:e9:59:
ff:ef:71:ba:30:b1:d5:21:e7:9b:f1:47:13:37:e7:a5:ca:ed:
52:6f:fa:16:c9:95:59:0a:b7:9b:61:3f:3f:a1:19:bd:fe:5b:
81:89:01:5a:58:be:d6:a8:1c:a1:95:74:ab:36:b7:de:f1:8f:
96:4d:bd:90:6e:fb:c6:05:d8:ea:99:e5:b7:36:a5:10:96:2b:
53:33:68:ed:ac:87:bd:ac:13:c4:0d:6c:32:f4:91:ee:07:a4:
2a:be:a7:f0
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAjc5MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDMxMjE2NTEwOVoXDTI2MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTU0NTYxMTAvBgNVBAUTKDYyREVGREQ5RDVENzZCM0UxRTY4Rjk4
MTI5NTcxNTBEQzBGNTNDNUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCnzpHXHm3ymqhwVg4Kuntx9pVP+10xXPoLYsdXm0tlOCzb4ILNFOOVB1CW3n23
uGdoqnakacUTmHhFZ6PO34FiyOlkDMeEvhMu1+HRCWm96y4kDCswrdwHUt5D4dom
uw/DIXbpETnKAEGovhsVXOAW95u+rCCCZsj+nVjN09rlEG2P47WaBuj8C4xJN8zQ
adoL1G4FC4MvkwItw3MT1n0H+HhIx1KMmjleXsJkrT/FdlKRgM/ZMa/lT2A1PPO6
xJWSInAVClU2pgGd/Ej8JpcsV4S/0PUDXUI+FaM4sfoKCgzJEMoajLtr6U/k5qc9
m9YBscaxO95hYwg0HwLsSHaTAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUYt792dXX
az4eaPmBKVcVDcD1PF0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTk1NDU2LzlDNDVCOUI0N0E4RDExRUM4NEI5MDUzNEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5NTQ1Ni85QzQ1QjlCNDdBOEQxMUVDODRCOTA1MzRDNEY5QUUwMi9ZdDc5MmRY
WGF6NGVhUG1CS1ZjVkRjRDFQRjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAJf/MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy2Q7MA0GCSqG
SIb3DQEBCwUAA4IBAQC6UlO8po1ETb7vCWX1OWMHJ8+aJA9zXvEs09SG5DUqPKgA
HmWPSkMY4EYzI1i7OQoO650p6Lk4bxnoER7Ib+Mm/9AW9Iw7x7LegH3oqhSLGcXf
hgZx+v3tBUnIlLdFePQ/vImUFJhm2+mhTrxMWmc9/Pz7RHG/tFyt8tkbbkM9yWRV
1ygbcdBPrQink/77XwmsF21TD5xJNISt6fYqnOuJ6Vn/73G6MLHVIeeb8UcTN+el
yu1Sb/oWyZVZCrebYT8/oRm9/luBiQFaWL7WqByhlXSrNrfe8Y+WTb2QbvvGBdjq
meW3NqUQlitTM2jtrIe9rBPEDWwy9JHuB6Qqvqfw
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:39:27 2025 by rpki-client