Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7LA6ClUHS71JmOF6zlGuNUpBgg.cer
File: h7LA6ClUHS71JmOF6zlGuNUpBgg.cer (raw, json)
Hash identifier: kmn6BquMbUltzPPVBZ30ie5VSbjRms4ja1k5alreBnU=
Subject key identifier: 87:B2:C0:E8:29:54:1D:2E:F5:26:63:85:EB:39:46:B8:D5:29:06:08
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025776
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/h7LA6ClUHS71JmOF6zlGuNUpBgg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 23 Jul 2025 12:48:45 +0000
Certificate not after: Mon 31 Aug 2026 00:00:00 +0000
Subordinate resources: AS: 132442
AS: 135578
IP: 103.66.176.0/23
IP: 2406:59c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153462 (0x25776)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 23 12:48:45 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=A911B5B0, serialNumber=87B2C0E829541D2EF5266385EB3946B8D5290608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:de:9e:38:5f:3a:9c:c0:18:20:85:11:e5:9c:
48:88:6c:77:2e:42:e9:dd:d2:65:ec:f3:8b:d5:dd:
e6:de:08:58:26:d5:cf:50:a6:b2:7b:e3:d0:81:14:
c3:e9:23:92:16:cc:bc:d8:d0:76:4a:5d:09:7e:e0:
0e:34:d7:41:19:5f:eb:ed:2e:df:c6:98:d1:71:05:
e2:72:55:0a:0b:b2:2c:74:f8:ec:59:1b:7a:82:28:
b9:52:83:41:17:78:ce:43:6e:2f:8b:7b:4b:b4:6f:
35:3f:30:1d:53:f4:c0:e1:e8:0c:5b:45:de:32:67:
f4:5b:b9:1a:63:1a:f3:91:75:6a:d7:86:64:af:37:
c4:bb:7b:f8:0b:93:0b:32:cc:b2:de:3b:bf:5d:e5:
37:f7:ff:af:57:0a:17:17:e0:fb:f7:b8:04:75:19:
30:b9:45:07:ec:69:52:8d:e8:cf:8b:bd:6e:3b:0e:
d1:2b:d4:bb:bf:6f:8e:24:39:a0:a5:7a:e4:8a:94:
78:68:48:00:d2:2e:90:35:69:bd:ea:fa:4b:87:be:
7e:f7:63:71:44:13:3c:70:df:93:a0:af:a3:83:58:
c5:60:20:1f:7e:7e:7c:67:2e:39:91:9c:23:be:0d:
bb:31:dd:a4:4b:6a:3b:85:0e:03:d9:0a:a1:fd:ad:
e5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B2:C0:E8:29:54:1D:2E:F5:26:63:85:EB:39:46:B8:D5:29:06:08
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/h7LA6ClUHS71JmOF6zlGuNUpBgg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
132442
135578
sbgp-ipAddrBlock: critical
IPv4:
103.66.176.0/23
IPv6:
2406:59c0::/32
Signature Algorithm: sha256WithRSAEncryption
bc:45:9a:4a:64:fe:d1:e5:86:fb:4f:c3:64:be:32:d4:80:8d:
76:1c:15:7c:9c:be:e5:58:ee:3b:d3:3d:b6:cf:eb:df:e0:92:
d5:c9:74:be:e2:90:c3:2a:ae:23:31:f5:4b:c7:7a:48:5d:9b:
bc:49:f4:1f:68:f8:bc:02:51:f1:b9:8f:23:11:03:47:0f:fd:
64:02:a1:2d:85:f0:30:58:88:a6:1a:bf:89:9b:60:83:03:fc:
c5:9f:5b:15:23:cf:00:57:5d:a7:ba:ec:6f:17:87:59:97:26:
12:f7:bf:27:5a:54:e6:62:64:43:bf:41:fb:f0:07:ee:00:76:
0e:ad:81:8f:1c:7f:15:8f:94:b3:ae:7e:a3:e3:ef:bd:76:3c:
73:63:2e:f9:bd:7c:34:a9:a2:f6:b4:ec:13:a8:c9:4d:15:68:
db:e8:04:68:28:bb:ac:d8:ad:d8:84:65:35:2c:b3:43:16:fb:
9f:ba:08:0a:90:ff:36:30:fb:3d:e5:4f:55:6d:28:bc:3b:85:
c9:5d:e8:1e:17:c7:90:c0:17:60:19:b3:a6:f4:82:77:53:2e:
7d:bd:eb:3f:91:69:50:d3:46:6e:24:9c:32:ad:b7:56:da:56:
dd:b7:63:14:87:5f:dd:14:1e:38:4f:cb:d8:03:61:e0:77:4b:
7b:79:d5:6a
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgIDAld2MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDcyMzEyNDg0NVoXDTI2MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMUI1QjAxMTAvBgNVBAUTKDg3QjJDMEU4Mjk1NDFEMkVGNTI2NjM4
NUVCMzk0NkI4RDUyOTA2MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDM3p44XzqcwBgghRHlnEiIbHcuQund0mXs84vV3ebeCFgm1c9QprJ749CBFMPp
I5IWzLzY0HZKXQl+4A4010EZX+vtLt/GmNFxBeJyVQoLsix0+OxZG3qCKLlSg0EX
eM5Dbi+Le0u0bzU/MB1T9MDh6AxbRd4yZ/RbuRpjGvORdWrXhmSvN8S7e/gLkwsy
zLLeO79d5Tf3/69XChcX4Pv3uAR1GTC5RQfsaVKN6M+LvW47DtEr1Lu/b44kOaCl
euSKlHhoSADSLpA1ab3q+kuHvn73Y3FEEzxw35Ogr6ODWMVgIB9+fnxnLjmRnCO+
Dbsx3aRLajuFDgPZCqH9reUJAgMBAAGjggMjMIIDHzAdBgNVHQ4EFgQUh7LA6ClU
HS71JmOF6zlGuNUpBggwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTFCNUIwL0EyREY0Q0VDREQ0RDExRUFCQjc2OTY3QkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExQjVCMC9BMkRGNENFQ0RENEQxMUVBQkI3Njk2N0JDNEY5QUUwMi9oN0xBNkNs
VUhTNzFKbU9GNnpsR3VOVXBCZ2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDAgVaAgMCEZowLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAFnQrAw
DQQCAAIwBwMFACQGWcAwDQYJKoZIhvcNAQELBQADggEBALxFmkpk/tHlhvtPw2S+
MtSAjXYcFXycvuVY7jvTPbbP69/gktXJdL7ikMMqriMx9UvHekhdm7xJ9B9o+LwC
UfG5jyMRA0cP/WQCoS2F8DBYiKYav4mbYIMD/MWfWxUjzwBXXae67G8Xh1mXJhL3
vydaVOZiZEO/QfvwB+4Adg6tgY8cfxWPlLOufqPj7712PHNjLvm9fDSpova07BOo
yU0VaNvoBGgou6zYrdiEZTUss0MW+5+6CAqQ/zYw+z3lT1VtKLw7hcld6B4Xx5DA
F2AZs6b0gndTLn296z+RaVDTRm4knDKtt1baVt23YxSHX90UHjhPy9gDYeB3S3t5
1Wo=
-----END CERTIFICATE-----
Generated at Sat Aug 9 10:44:22 2025 by rpki-client