Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJIQz3Yexn-zlOpYlqXGR7MF7vE.cer
File: cJIQz3Yexn-zlOpYlqXGR7MF7vE.cer (raw, json)
Hash identifier: pR9OyPUZJHNXUO/K1tAgbCy5fLW4P64nx9e875q6CdY=
Subject key identifier: 70:92:10:CF:76:1E:C6:7F:B3:94:EA:58:96:A5:C6:47:B3:05:EE:F1
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02A0C0
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A913CA4B/DC2F0432BF8011EA96FE4A68C4F9AE02/cJIQz3Yexn-zlOpYlqXGR7MF7vE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A913CA4B/DC2F0432BF8011EA96FE4A68C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 01 Mar 2026 12:54:37 +0000
Certificate not after: Tue 30 Jun 2026 00:00:00 +0000
Subordinate resources: AS: 55745
AS: 132404
AS: 133174
IP: 2400:5180::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 14:59:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172224 (0x2a0c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Mar 1 12:54:37 2026 GMT
Not After : Jun 30 00:00:00 2026 GMT
Subject: CN=A913CA4B, serialNumber=709210CF761EC67FB394EA5896A5C647B305EEF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f8:2a:74:b1:a5:fd:9e:97:5e:a9:78:ad:46:
ca:f9:92:b8:5f:08:e6:66:36:63:8d:3e:69:82:2c:
81:62:84:66:43:65:3e:fa:44:ec:23:16:01:1a:51:
b6:8e:78:f1:07:d1:90:fb:1c:f1:8f:fa:49:ac:c5:
00:dc:26:05:2c:63:fc:78:10:47:45:b9:90:b7:62:
5c:92:e5:9b:d9:95:8e:7c:08:69:12:aa:39:d3:22:
31:be:2e:0d:13:d8:a8:76:47:e7:5e:7c:4e:1d:a7:
c4:80:32:9d:56:a6:4a:fa:e9:64:80:aa:ee:0a:83:
88:4c:a2:de:2c:27:57:fc:3a:06:5f:85:64:03:52:
79:27:89:6a:e6:ad:dc:2d:a3:e1:f6:a0:f7:52:c6:
93:19:1f:96:0e:de:f2:6b:43:a1:9f:9f:f0:ea:12:
a9:77:7c:dc:a9:37:1d:e8:f2:e4:71:98:61:1c:ee:
55:23:6b:ec:48:da:f3:68:02:32:a9:8c:c5:15:ea:
cf:92:d6:23:b9:94:51:40:6a:18:3b:ef:d6:ec:d9:
a3:ab:1e:19:c8:a7:0a:89:38:a4:c5:16:1d:e6:6b:
84:f0:0c:e8:a0:f5:be:20:06:1a:74:d6:91:22:fd:
da:7a:ec:96:3d:1f:6c:11:19:2c:1d:93:63:7d:8c:
6c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:92:10:CF:76:1E:C6:7F:B3:94:EA:58:96:A5:C6:47:B3:05:EE:F1
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913CA4B/DC2F0432BF8011EA96FE4A68C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913CA4B/DC2F0432BF8011EA96FE4A68C4F9AE02/cJIQz3Yexn-zlOpYlqXGR7MF7vE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
55745
132404
133174
sbgp-ipAddrBlock: critical
IPv6:
2400:5180::/32
Signature Algorithm: sha256WithRSAEncryption
52:e1:fc:8d:b6:9b:2f:19:4b:23:94:86:78:58:5b:f7:38:1d:
14:4d:86:e5:31:22:b1:b5:2d:0d:01:cc:db:92:c6:7c:ea:36:
52:b4:aa:1b:8c:e6:01:1a:56:ea:6b:04:56:65:53:2b:19:b3:
8c:70:c6:10:27:dd:05:e9:68:17:c3:b3:db:8c:19:c0:f0:49:
e3:f2:df:ea:8d:8b:01:7d:fd:90:c7:53:34:17:2d:88:98:7c:
12:e0:b9:a3:5d:0d:ed:53:19:83:53:2f:af:4a:83:34:c3:f0:
ac:0f:b9:fd:f4:be:89:a8:3c:af:28:af:05:b7:17:98:00:c2:
c8:7d:0c:6f:57:53:1d:a5:d6:0b:b3:a0:1f:1f:e7:4c:fd:dc:
b9:85:31:a1:10:42:f2:02:cd:34:9a:7b:48:27:7f:07:f9:30:
04:ca:46:11:9b:5b:f7:53:08:7c:6e:cb:0b:fc:15:ec:37:9f:
90:2d:90:af:c0:2a:b6:f8:f7:cd:3b:df:a7:e4:0c:bc:76:d3:
c1:ac:e5:1b:6b:f6:43:74:41:d4:82:47:5d:cd:16:00:f6:3d:
15:6a:30:c8:db:2e:32:30:62:be:cb:c3:3f:33:39:7a:77:74:
ca:f7:8d:c7:98:28:fd:ea:48:a7:86:60:01:97:3f:91:6b:ca:
7d:b3:7a:c9
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgIDAqDAMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDMwMTEyNTQzN1oXDTI2MDYzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0NBNEIxMTAvBgNVBAUTKDcwOTIxMENGNzYxRUM2N0ZCMzk0RUE1
ODk2QTVDNjQ3QjMwNUVFRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/+Cp0saX9npdeqXitRsr5krhfCOZmNmONPmmCLIFihGZDZT76ROwjFgEaUbaO
ePEH0ZD7HPGP+kmsxQDcJgUsY/x4EEdFuZC3YlyS5ZvZlY58CGkSqjnTIjG+Lg0T
2Kh2R+defE4dp8SAMp1Wpkr66WSAqu4Kg4hMot4sJ1f8OgZfhWQDUnkniWrmrdwt
o+H2oPdSxpMZH5YO3vJrQ6Gfn/DqEql3fNypNx3o8uRxmGEc7lUja+xI2vNoAjKp
jMUV6s+S1iO5lFFAahg779bs2aOrHhnIpwqJOKTFFh3ma4TwDOig9b4gBhp01pEi
/dp67JY9H2wRGSwdk2N9jGzTAgMBAAGjggMaMIIDFjAdBgNVHQ4EFgQUcJIQz3Ye
xn+zlOpYlqXGR7MF7vEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNDQTRCL0RDMkYwNDMyQkY4MDExRUE5NkZFNEE2OEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzQ0E0Qi9EQzJGMDQzMkJGODAxMUVBOTZGRTRBNjhDNEY5QUUwMi9jSklRejNZ
ZXhuLXpsT3BZbHFYR1I3TUY3dkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQgBAf8EFTAT
oBEwDwIDANnBAgMCBTQCAwIINjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
ACQAUYAwDQYJKoZIhvcNAQELBQADggEBAFLh/I22my8ZSyOUhnhYW/c4HRRNhuUx
IrG1LQ0BzNuSxnzqNlK0qhuM5gEaVuprBFZlUysZs4xwxhAn3QXpaBfDs9uMGcDw
SePy3+qNiwF9/ZDHUzQXLYiYfBLguaNdDe1TGYNTL69KgzTD8KwPuf30vomoPK8o
rwW3F5gAwsh9DG9XUx2l1guzoB8f50z93LmFMaEQQvICzTSae0gnfwf5MATKRhGb
W/dTCHxuywv8Few3n5AtkK/AKrb4980736fkDLx208Gs5Rtr9kN0QdSCR13NFgD2
PRVqMMjbLjIwYr7Lwz8zOXp3dMr3jceYKP3qSKeGYAGXP5Fryn2zesk=
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:24:39 2026 by rpki-client