Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer
File: hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer (raw, json)
Hash identifier: 4bXJZB4uWCCS/CAorjw+on28Hx0AY9BU7xPwhgpsFLE=
Subject key identifier: 85:9D:18:4F:41:C3:48:98:B7:29:8C:99:10:75:CC:CF:51:67:9A:F1
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023D45
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 06 Apr 2025 15:59:45 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 138471
IP: 103.150.64.0/23
IP: 2001:df3:5c80::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 20:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146757 (0x23d45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 6 15:59:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A91A5BCD, serialNumber=859D184F41C34898B7298C991075CCCF51679AF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ab:d4:7d:b7:3b:db:2d:8c:07:99:a4:1c:47:
6b:9e:be:34:f0:fa:cc:fc:0b:6d:fe:3a:a3:56:de:
16:25:4a:61:30:f0:b4:78:f9:ea:78:0e:79:87:b3:
58:a5:03:6e:68:d9:12:0e:4b:5b:4d:e0:fe:47:16:
e2:0a:d9:68:b0:67:44:de:ec:22:b2:08:f8:33:46:
30:3b:22:07:ba:8f:cb:68:c2:67:fc:c3:f3:f9:80:
32:60:06:ac:4d:b3:e8:49:c8:67:82:79:08:0c:f0:
17:8a:11:eb:f6:f8:e3:b5:56:67:a9:1f:0f:66:ec:
3d:8e:8a:22:24:ae:c5:35:58:93:98:00:7a:83:80:
38:d6:1b:45:fa:22:7a:fe:83:25:7d:7a:b4:1d:89:
66:8e:51:c6:f3:66:07:b7:1c:50:a1:d0:fe:f2:c4:
06:46:46:70:52:64:93:37:99:83:0b:d6:3b:15:87:
33:d4:92:69:ba:ff:d9:c1:d8:a2:d9:db:88:da:4c:
81:cc:f8:35:e5:31:e7:04:38:e2:d0:c3:77:2c:4e:
89:f0:44:b7:e8:e2:c4:a8:74:91:b4:01:6a:d1:9f:
80:cb:38:db:cf:49:17:67:0b:fa:ef:f8:a2:c6:cc:
6b:e6:d0:f8:5d:9d:b6:87:b7:57:b0:39:8e:ce:92:
e5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:9D:18:4F:41:C3:48:98:B7:29:8C:99:10:75:CC:CF:51:67:9A:F1
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
138471
sbgp-ipAddrBlock: critical
IPv4:
103.150.64.0/23
IPv6:
2001:df3:5c80::/48
Signature Algorithm: sha256WithRSAEncryption
1b:a5:4d:cd:f2:ba:2b:eb:9e:99:d8:ec:e5:ac:42:3c:c0:cb:
60:92:c0:84:3e:4d:db:7f:3d:de:07:9d:2f:99:87:20:4c:2b:
06:a2:39:b4:af:0b:09:93:76:db:f1:03:88:58:c6:fe:a1:8e:
e0:14:4d:c8:68:50:54:36:39:ce:77:fd:4a:6e:4c:f5:db:87:
88:84:88:08:0d:94:dc:74:81:85:18:83:4c:fd:be:88:ed:6e:
82:44:d5:40:e7:2a:21:e9:de:a8:18:07:50:ac:48:51:7d:f4:
3c:f9:73:88:ec:df:0a:73:24:d2:0c:72:7b:19:cb:b6:23:98:
09:ec:e4:b4:ea:a1:42:58:aa:d3:cb:d5:8f:85:e4:56:ca:13:
7e:8d:d9:32:d4:9e:35:c8:80:0d:12:e3:09:5b:3c:87:08:fb:
52:8a:9e:0d:e6:9a:2f:9f:fd:be:6f:5c:29:81:2f:25:fb:8b:
62:d8:c5:46:c9:20:2a:27:dc:9a:b3:30:1d:bf:a7:6e:b1:5d:
be:fd:d9:f9:2a:8b:7d:4b:66:1e:1d:9c:da:40:6b:c1:64:e1:
0f:20:7d:dc:42:2c:4b:d7:86:20:79:72:f7:36:1f:b7:d3:12:
91:e6:1a:c7:db:7e:86:53:f5:1f:b2:ae:fd:af:8f:d5:fe:c1:
15:48:fa:78
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAj1FMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDQwNjE1NTk0NVoXDTI2MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTVCQ0QxMTAvBgNVBAUTKDg1OUQxODRGNDFDMzQ4OThCNzI5OEM5
OTEwNzVDQ0NGNTE2NzlBRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDHq9R9tzvbLYwHmaQcR2uevjTw+sz8C23+OqNW3hYlSmEw8LR4+ep4DnmHs1il
A25o2RIOS1tN4P5HFuIK2WiwZ0Te7CKyCPgzRjA7Ige6j8towmf8w/P5gDJgBqxN
s+hJyGeCeQgM8BeKEev2+OO1VmepHw9m7D2OiiIkrsU1WJOYAHqDgDjWG0X6Inr+
gyV9erQdiWaOUcbzZge3HFCh0P7yxAZGRnBSZJM3mYML1jsVhzPUkmm6/9nB2KLZ
24jaTIHM+DXlMecEOOLQw3csTonwRLfo4sSodJG0AWrRn4DLONvPSRdnC/rv+KLG
zGvm0PhdnbaHt1ewOY7OkuWnAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUhZ0YT0HD
SJi3KYyZEHXMz1FnmvEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE1QkNELzYxRDBDNDg2N0EzQTExRUFCRjhCNTgyNkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBNUJDRC82MUQwQzQ4NjdBM0ExMUVBQkY4QjU4MjZDNEY5QUUwMi9oWjBZVDBI
RFNKaTNLWXlaRUhYTXoxRm5tdkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhznMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ5ZAMA8EAgAC
MAkDBwAgAQ3zXIAwDQYJKoZIhvcNAQELBQADggEBABulTc3yuivrnpnY7OWsQjzA
y2CSwIQ+Tdt/Pd4HnS+ZhyBMKwaiObSvCwmTdtvxA4hYxv6hjuAUTchoUFQ2Oc53
/UpuTPXbh4iEiAgNlNx0gYUYg0z9vojtboJE1UDnKiHp3qgYB1CsSFF99Dz5c4js
3wpzJNIMcnsZy7YjmAns5LTqoUJYqtPL1Y+F5FbKE36N2TLUnjXIgA0S4wlbPIcI
+1KKng3mmi+f/b5vXCmBLyX7i2LYxUbJICon3JqzMB2/p26xXb792fkqi31LZh4d
nNpAa8Fk4Q8gfdxCLEvXhiB5cvc2H7fTEpHmGsfbfoZT9R+yrv2vj9X+wRVI+ng=
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:58:58 2025 by rpki-client