Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gqdp3XRsgx9MTbKdamXeCNatle0.cer
File: gqdp3XRsgx9MTbKdamXeCNatle0.cer (raw, json)
Hash identifier: tWSy3pVefZBQr8JgersIh6YPeCdV6S0vTH1IVYrW5ek=
Subject key identifier: 82:A7:69:DD:74:6C:83:1F:4C:4D:B2:9D:6A:65:DE:08:D6:AD:95:ED
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023E31
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91921AE/74912B2CAC7311EFA3CBD14AC4F9AE02/gqdp3XRsgx9MTbKdamXeCNatle0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91921AE/74912B2CAC7311EFA3CBD14AC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 10 Apr 2025 00:04:14 +0000
Certificate not after: Mon 02 Mar 2026 00:00:00 +0000
Subordinate resources: AS: 136396
IP: 2001:df4:adc0::/47
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 20:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146993 (0x23e31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 10 00:04:14 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=A91921AE, serialNumber=82A769DD746C831F4C4DB29D6A65DE08D6AD95ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9d:9d:bc:5d:13:cd:b6:b5:3f:70:92:82:46:
62:a3:60:f3:62:64:0a:7c:de:e9:2f:43:7f:8e:31:
75:d3:15:36:4b:5d:77:44:19:d9:86:4d:e9:e1:3e:
11:6b:a5:bc:cd:47:16:91:57:56:60:49:16:03:22:
76:59:80:44:9e:bd:28:0b:55:9b:82:86:61:28:eb:
6d:77:0f:39:c6:56:39:4f:5d:84:88:92:b2:1a:40:
3f:64:bd:d8:b8:38:ee:68:f6:b0:4c:e8:ac:6a:f9:
17:b2:88:ae:00:85:33:c1:78:e9:c8:1a:2d:7b:17:
ab:65:5c:e7:dd:ae:fb:b1:e5:d2:f7:45:9b:dc:82:
12:4c:05:2d:52:7a:66:1b:21:78:6c:46:26:12:22:
e7:91:fc:a9:99:85:b3:c8:65:29:d4:29:63:da:de:
4d:b1:c4:8e:0f:a3:39:00:14:fb:ec:53:3a:36:35:
55:ca:5c:d2:5a:07:05:1b:d4:b2:d4:76:ca:9d:32:
9e:a8:2a:2f:e4:83:55:e0:5c:2e:65:b8:0f:01:5f:
f9:c4:bd:e2:51:f3:23:f3:ae:f8:4e:b7:da:7f:1e:
13:d6:81:9b:c6:e2:5c:62:d5:45:d6:bc:b7:e2:50:
78:ef:23:46:39:a4:0e:a4:11:d0:63:e7:96:a6:6a:
cb:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:A7:69:DD:74:6C:83:1F:4C:4D:B2:9D:6A:65:DE:08:D6:AD:95:ED
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91921AE/74912B2CAC7311EFA3CBD14AC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91921AE/74912B2CAC7311EFA3CBD14AC4F9AE02/gqdp3XRsgx9MTbKdamXeCNatle0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
136396
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:adc0::/47
Signature Algorithm: sha256WithRSAEncryption
b0:d4:44:17:8e:86:61:f3:84:20:2d:46:c5:26:c2:82:79:8b:
9c:84:5e:17:16:0c:e7:df:91:69:a6:8a:35:6d:5f:fc:f9:65:
8e:b8:1b:7d:c0:c2:2e:ba:aa:b5:d1:6b:15:81:1f:64:0c:78:
81:10:7c:5a:31:44:05:ba:4f:81:7d:5d:2e:59:34:2a:ce:df:
91:89:ad:9a:c6:0f:eb:ad:63:a0:1e:f0:1f:86:ed:dd:e4:c7:
5a:9c:65:04:f8:b1:b2:8e:0e:d7:0f:04:4c:31:b9:1a:c3:72:
65:37:53:5b:81:86:01:53:8c:f5:27:f5:18:35:e0:ff:5f:60:
47:0a:a2:9b:f9:c2:d1:c9:3f:e4:56:f9:0c:cd:33:36:c1:3a:
36:12:c2:f0:87:e4:84:a1:12:97:f3:be:09:f1:50:ce:c4:f5:
8b:6a:61:f1:06:f1:2b:15:3b:1e:59:8d:a8:02:11:41:92:50:
cc:42:45:91:cd:4d:c9:67:df:c5:79:fe:2b:9f:7b:ad:6e:d8:
4c:7e:88:cc:8b:6e:8c:e1:16:b2:06:39:d6:bb:27:be:ee:a8:
a3:14:b5:13:d6:60:7c:bb:cf:e7:d7:68:d2:16:2d:16:82:89:
81:96:78:00:5f:f8:d1:72:99:68:6c:80:1d:0b:b0:f3:b5:60:
a0:9f:7d:f0
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgIDAj4xMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDQxMDAwMDQxNFoXDTI2MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTIxQUUxMTAvBgNVBAUTKDgyQTc2OURENzQ2QzgzMUY0QzREQjI5
RDZBNjVERTA4RDZBRDk1RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQnZ28XRPNtrU/cJKCRmKjYPNiZAp83ukvQ3+OMXXTFTZLXXdEGdmGTenhPhFr
pbzNRxaRV1ZgSRYDInZZgESevSgLVZuChmEo6213DznGVjlPXYSIkrIaQD9kvdi4
OO5o9rBM6Kxq+ReyiK4AhTPBeOnIGi17F6tlXOfdrvux5dL3RZvcghJMBS1SemYb
IXhsRiYSIueR/KmZhbPIZSnUKWPa3k2xxI4PozkAFPvsUzo2NVXKXNJaBwUb1LLU
dsqdMp6oKi/kg1XgXC5luA8BX/nEveJR8yPzrvhOt9p/HhPWgZvG4lxi1UXWvLfi
UHjvI0Y5pA6kEdBj55amasuzAgMBAAGjggMSMIIDDjAdBgNVHQ4EFgQUgqdp3XRs
gx9MTbKdamXeCNatle0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTkyMUFFLzc0OTEyQjJDQUM3MzExRUZBM0NCRDE0QUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5MjFBRS83NDkxMkIyQ0FDNzMxMUVGQTNDQkQxNEFDNEY5QUUwMi9ncWRwM1hS
c2d4OU1UYktkYW1YZUNOYXRsZTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhTMMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBIAEN9K3AMA0G
CSqGSIb3DQEBCwUAA4IBAQCw1EQXjoZh84QgLUbFJsKCeYuchF4XFgzn35Fppoo1
bV/8+WWOuBt9wMIuuqq10WsVgR9kDHiBEHxaMUQFuk+BfV0uWTQqzt+Ria2axg/r
rWOgHvAfhu3d5MdanGUE+LGyjg7XDwRMMbkaw3JlN1NbgYYBU4z1J/UYNeD/X2BH
CqKb+cLRyT/kVvkMzTM2wTo2EsLwh+SEoRKX874J8VDOxPWLamHxBvErFTseWY2o
AhFBklDMQkWRzU3JZ9/Fef4rn3utbthMfojMi26M4RayBjnWuye+7qijFLUT1mB8
u8/n12jSFi0WgomBlngAX/jRcplobIAdC7DztWCgn33w
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:53:41 2025 by rpki-client