Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZsWxkEs1xH2UUI7Aoazag2je9Kk.cer
File: ZsWxkEs1xH2UUI7Aoazag2je9Kk.cer (raw, json)
Hash identifier: 9qQAhk/3BDALQ2zgfNVMKDxZSffk91dCKjhdHzOwJfE=
Subject key identifier: 66:C5:B1:90:4B:35:C4:7D:94:50:8E:C0:A1:AC:DA:83:68:DE:F4:A9
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025A2A
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A12C4/FBF14E726C1711EFBDBFD50BC4F9AE02/ZsWxkEs1xH2UUI7Aoazag2je9Kk.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A12C4/FBF14E726C1711EFBDBFD50BC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 01 Aug 2025 07:39:34 +0000
Certificate not after: Wed 30 Sep 2026 00:00:00 +0000
Subordinate resources: AS: 153049
IP: 2001:df4:1c0::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 11 Aug 2025 04:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154154 (0x25a2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 1 07:39:34 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=A91A12C4, serialNumber=66C5B1904B35C47D94508EC0A1ACDA8368DEF4A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:c3:4f:c5:db:2a:ea:38:c9:cb:c9:eb:bd:5e:
ca:5f:52:d6:65:e0:f9:01:e9:66:93:cf:e1:b8:55:
85:f9:28:ce:b5:83:56:1a:98:0a:57:81:1a:7d:1d:
c5:42:22:4e:4c:24:7a:13:87:43:d6:2e:e4:e4:90:
12:11:7f:1a:36:30:d1:b7:e9:ef:4c:f9:e7:04:0e:
62:de:ab:6d:b9:78:a9:c5:3f:39:bc:77:46:89:63:
75:b2:c6:3e:9c:91:bc:9a:40:14:cd:75:35:80:89:
b1:81:79:e1:86:c9:fc:13:f6:ab:92:85:5d:f8:f9:
be:c5:d0:9b:ea:91:de:97:26:6f:fd:1b:ed:02:9c:
d9:ad:43:f1:0e:2f:24:8c:d1:88:d8:e1:da:f5:23:
2d:82:18:67:6b:cf:8c:ab:72:2d:b5:40:3d:d2:89:
73:32:3a:0b:0a:e2:5c:ca:9e:fa:7b:b4:fd:cc:df:
1b:bf:26:80:e7:6f:e2:fb:18:cc:91:fd:0c:8b:72:
cd:98:11:c9:8a:6c:81:47:a8:ef:7f:35:20:a3:8a:
43:d9:d3:31:bf:3b:45:42:04:1f:a9:da:f4:d7:97:
53:a0:48:24:8f:32:fa:32:0a:8e:32:51:1d:0f:86:
e2:e8:86:e4:4e:a2:fd:21:94:65:81:03:c3:5e:d1:
23:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:C5:B1:90:4B:35:C4:7D:94:50:8E:C0:A1:AC:DA:83:68:DE:F4:A9
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A12C4/FBF14E726C1711EFBDBFD50BC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A12C4/FBF14E726C1711EFBDBFD50BC4F9AE02/ZsWxkEs1xH2UUI7Aoazag2je9Kk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
153049
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:1c0::/48
Signature Algorithm: sha256WithRSAEncryption
c1:28:0d:31:b6:d5:ad:cb:19:fa:f9:a4:15:e4:fa:d4:43:77:
d2:f9:b0:6e:20:65:09:04:0e:38:7a:a2:f8:b3:d0:0d:69:38:
05:99:be:e8:31:7d:0b:84:65:68:38:86:39:84:90:c0:6b:80:
f5:9d:9a:6e:58:24:bb:c3:87:e9:d5:53:c7:c0:a3:25:dd:b8:
54:99:7e:f7:5a:5c:de:a4:8f:48:1d:f2:d3:5f:ef:28:ad:20:
74:e0:80:93:e1:fb:49:d4:a0:93:d8:97:18:ec:52:29:f3:0b:
5a:8e:df:d3:87:7f:45:f4:17:0e:59:59:b2:ff:dc:9b:ab:67:
c7:0e:00:7e:89:ae:09:5d:de:02:9d:93:de:e1:b6:fe:78:8d:
3f:55:35:1f:b3:76:8e:1d:63:7e:2e:66:96:86:95:ff:6c:28:
e7:20:8d:60:08:64:97:7c:e6:7e:08:6f:e5:1b:be:28:05:ac:
35:a1:b3:1c:be:71:02:29:f2:74:ec:8c:b0:7b:08:7f:67:40:
6e:bd:2d:a1:0c:3d:11:32:b0:bb:79:46:e5:b0:cb:eb:84:a7:
ad:e8:a6:a9:f6:92:9e:8e:70:78:a7:4e:74:1f:10:25:0b:3d:
eb:49:55:3c:f1:27:26:e1:f5:e0:7e:0a:ef:5e:6e:92:23:fc:
60:c4:0c:bd
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgIDAloqMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgwMTA3MzkzNFoXDTI2MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTEyQzQxMTAvBgNVBAUTKDY2QzVCMTkwNEIzNUM0N0Q5NDUwOEVD
MEExQUNEQTgzNjhERUY0QTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD2w0/F2yrqOMnLyeu9XspfUtZl4PkB6WaTz+G4VYX5KM61g1YamApXgRp9HcVC
Ik5MJHoTh0PWLuTkkBIRfxo2MNG36e9M+ecEDmLeq225eKnFPzm8d0aJY3Wyxj6c
kbyaQBTNdTWAibGBeeGGyfwT9quShV34+b7F0Jvqkd6XJm/9G+0CnNmtQ/EOLySM
0YjY4dr1Iy2CGGdrz4yrci21QD3SiXMyOgsK4lzKnvp7tP3M3xu/JoDnb+L7GMyR
/QyLcs2YEcmKbIFHqO9/NSCjikPZ0zG/O0VCBB+p2vTXl1OgSCSPMvoyCo4yUR0P
huLohuROov0hlGWBA8Ne0SONAgMBAAGjggMSMIIDDjAdBgNVHQ4EFgQUZsWxkEs1
xH2UUI7Aoazag2je9KkwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUExMkM0L0ZCRjE0RTcyNkMxNzExRUZCREJGRDUwQkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBMTJDNC9GQkYxNEU3MjZDMTcxMUVGQkRCRkQ1MEJDNEY5QUUwMi9ac1d4a0Vz
MXhIMlVVSTdBb2F6YWcyamU5S2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlXZMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN9AHAMA0G
CSqGSIb3DQEBCwUAA4IBAQDBKA0xttWtyxn6+aQV5PrUQ3fS+bBuIGUJBA44eqL4
s9ANaTgFmb7oMX0LhGVoOIY5hJDAa4D1nZpuWCS7w4fp1VPHwKMl3bhUmX73Wlze
pI9IHfLTX+8orSB04ICT4ftJ1KCT2JcY7FIp8wtajt/Th39F9BcOWVmy/9ybq2fH
DgB+ia4JXd4CnZPe4bb+eI0/VTUfs3aOHWN+LmaWhpX/bCjnII1gCGSXfOZ+CG/l
G74oBaw1obMcvnECKfJ07Iywewh/Z0BuvS2hDD0RMrC7eUblsMvrhKet6Kap9pKe
jnB4p050HxAlCz3rSVU88Scm4fXgfgrvXm6SI/xgxAy9
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:24:02 2025 by rpki-client