This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ficJop5GIOVCf3NfN8A0c-NrWXo.cer File: ficJop5GIOVCf3NfN8A0c-NrWXo.cer (raw, json) Hash identifier: xOhh+mKUGJo62c7SBYHAqszAyanVD4ljkODCE3TylGM= Subject key identifier: 7E:27:09:A2:9E:46:20:E5:42:7F:73:5F:37:C0:34:73:E3:6B:59:7A Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F Certificate serial: 027D64 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer Manifest: rsync://rpki.apnic.net/member_repository/A91DD0A4/95D5E392AA7311EAA10ACC84C4F9AE02/ficJop5GIOVCf3NfN8A0c-NrWXo.mft caRepository: rsync://rpki.apnic.net/member_repository/A91DD0A4/95D5E392AA7311EAA10ACC84C4F9AE02/ Notify URL: https://rrdp.apnic.net/notification.xml Certificate not before: Thu 11 Dec 2025 05:05:20 +0000 Certificate not after: Tue 31 Mar 2026 00:00:00 +0000 Subordinate resources: AS: 138663 IP: 43.239.204.0/23 IP: 103.106.6.0/23 IP: 103.117.164.0/23 IP: 203.2.144.0/24 IP: 203.78.162.0/24 IP: 2407:6540::/32 Validation: OK Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Dec 2025 14:26:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 163172 (0x27d64) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F Validity Not Before: Dec 11 05:05:20 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=A91DD0A4, serialNumber=7E2709A29E4620E5427F735F37C03473E36B597A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:ab:d8:02:8f:21:31:df:ad:0f:cb:12:a8:aa: 58:7f:1f:82:e2:f9:c3:5a:5f:b4:85:f9:ab:a2:10: 79:e4:fe:c7:33:07:c3:e4:b7:04:93:b6:f3:69:27: cb:40:01:22:32:5e:f4:58:0b:52:5d:a9:14:41:69: f8:6f:83:d8:bf:0a:01:db:4a:ac:32:61:48:5c:1e: 2d:4e:4a:39:9a:19:4e:8f:58:b9:ae:55:d3:4e:ec: 1a:38:01:26:df:8b:fe:a3:9a:a0:98:a7:79:b5:1c: 46:90:6d:c9:c6:78:99:c5:5a:a4:2f:21:5f:48:b2: 84:81:48:81:c2:f5:80:f0:27:04:26:bd:bc:b8:61: 2c:ad:0b:82:a4:60:7c:14:ab:ec:56:69:1e:47:bf: e7:22:5f:f6:29:29:72:35:31:4d:eb:c0:dd:0f:d6: dd:31:95:0b:87:38:55:49:2c:dc:6a:ab:66:4b:7b: 4b:7d:39:d4:af:8a:7b:46:ec:29:78:2c:ec:3a:33: 51:65:0b:58:4f:99:cc:78:0d:64:82:be:91:15:c3: a2:e6:5b:3a:bb:bb:83:83:6d:c2:03:ec:b9:55:36: dd:85:a8:05:28:3e:b5:22:55:01:58:bf:e6:4d:68: 80:09:31:b0:d4:d4:d6:53:9e:31:2b:74:63:74:94: 43:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:27:09:A2:9E:46:20:E5:42:7F:73:5F:37:C0:34:73:E3:6B:59:7A X509v3 Authority Key Identifier: keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91DD0A4/95D5E392AA7311EAA10ACC84C4F9AE02/ RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91DD0A4/95D5E392AA7311EAA10ACC84C4F9AE02/ficJop5GIOVCf3NfN8A0c-NrWXo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 138663 sbgp-ipAddrBlock: critical IPv4: 43.239.204.0/23 103.106.6.0/23 103.117.164.0/23 203.2.144.0/24 203.78.162.0/24 IPv6: 2407:6540::/32 Signature Algorithm: sha256WithRSAEncryption b0:1a:8e:72:89:aa:21:a0:7f:60:67:c0:6a:e7:6f:a8:41:fe: 84:57:01:0c:6b:f6:d3:fe:67:e2:be:b8:63:b8:dc:e0:e5:dd: 57:05:69:76:6c:76:37:fb:26:0b:44:52:76:9f:5c:20:25:52: 78:97:da:1c:1e:23:28:0e:95:65:e8:eb:91:a5:fd:1f:93:b4: 38:9e:85:33:b6:46:54:bd:c0:56:1c:05:ba:aa:ef:7b:a2:68: 81:8b:18:6b:bb:90:6d:01:32:4e:40:16:e7:29:75:7b:6b:23: 12:24:4a:14:92:21:18:c4:36:09:b7:fd:61:ad:b0:b5:88:76: ec:a3:db:d7:0b:eb:b6:4e:06:09:f9:3f:40:f3:ca:2e:1a:b5: 2e:52:3f:38:14:25:0b:6b:c7:1a:d2:e1:ed:bf:e7:09:be:03: 78:51:24:11:c0:26:6f:71:eb:2b:87:6f:b6:c6:6e:ae:59:41: b9:55:63:57:48:26:15:c9:91:e6:46:5e:9c:96:a8:a1:3e:d0: 97:3e:be:5b:75:ea:50:9b:43:55:bc:fc:c8:5a:bd:36:0b:5a: 48:6d:c1:b1:e3:e9:5a:54:f2:d9:f9:c8:3c:3e:04:d2:bf:a1: ce:c5:e0:b1:fb:82:1d:91:67:7c:b5:69:ff:30:cc:1a:e2:37: 42:9f:39:11 -----BEGIN CERTIFICATE----- MIIGQTCCBSmgAwIBAgIDAn1kMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4 QzkwN0FBNzlGMB4XDTI1MTIxMTA1MDUyMFoXDTI2MDMzMTAwMDAwMFowRjERMA8G A1UEAxMIQTkxREQwQTQxMTAvBgNVBAUTKDdFMjcwOUEyOUU0NjIwRTU0MjdGNzM1 RjM3QzAzNDczRTM2QjU5N0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCdq9gCjyEx360PyxKoqlh/H4Li+cNaX7SF+auiEHnk/sczB8PktwSTtvNpJ8tA ASIyXvRYC1JdqRRBafhvg9i/CgHbSqwyYUhcHi1OSjmaGU6PWLmuVdNO7Bo4ASbf i/6jmqCYp3m1HEaQbcnGeJnFWqQvIV9IsoSBSIHC9YDwJwQmvby4YSytC4KkYHwU q+xWaR5Hv+ciX/YpKXI1MU3rwN0P1t0xlQuHOFVJLNxqq2ZLe0t9OdSvintG7Cl4 LOw6M1FlC1hPmcx4DWSCvpEVw6LmWzq7u4ODbcID7LlVNt2FqAUoPrUiVQFYv+ZN aIAJMbDU1NZTnjErdGN0lENlAgMBAAGjggM2MIIDMjAdBgNVHQ4EFgQUficJop5G IOVCf3NfN8A0c+NrWXowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2 NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1 OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0 RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MUREMEE0Lzk1RDVFMzkyQUE3MzExRUFBMTBBQ0M4NEM0RjlBRTAyLzB+BggrBgEF BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B OTFERDBBNC85NUQ1RTM5MkFBNzMxMUVBQTEwQUNDODRDNEY5QUUwMi9maWNKb3A1 R0lPVkNmM05mTjhBMGMtTnJXWG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ oAcwBQIDAh2nMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBK+/MAwQBZ2oG AwQBZ3WkAwQAywKQAwQAy06iMA0EAgACMAcDBQAkB2VAMA0GCSqGSIb3DQEBCwUA A4IBAQCwGo5yiaohoH9gZ8Bq52+oQf6EVwEMa/bT/mfivrhjuNzg5d1XBWl2bHY3 +yYLRFJ2n1wgJVJ4l9ocHiMoDpVl6OuRpf0fk7Q4noUztkZUvcBWHAW6qu97omiB ixhru5BtATJOQBbnKXV7ayMSJEoUkiEYxDYJt/1hrbC1iHbso9vXC+u2TgYJ+T9A 88ouGrUuUj84FCULa8ca0uHtv+cJvgN4USQRwCZvcesrh2+2xm6uWUG5VWNXSCYV yZHmRl6clqihPtCXPr5bdepQm0NVvPzIWr02C1pIbcGx4+laVPLZ+cg8PgTSv6HO xeCx+4IdkWd8tWn/MMwa4jdCnzkR -----END CERTIFICATE-----Generated at Fri Dec 19 16:04:34 2025 by rpki-client