Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/j-WnyZj7i3isMx6ug7wXhiPuPJ4.cer
File: j-WnyZj7i3isMx6ug7wXhiPuPJ4.cer (raw, json)
Hash identifier: NeGffXwkjda4n3aUW5XfPLvfJWRh6UICwiSZzPDBezA=
Subject key identifier: 8F:E5:A7:C9:98:FB:8B:78:AC:33:1E:AE:83:BC:17:86:23:EE:3C:9E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023D27
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A913EF1D/BA9CD8ACECE611EEAAE9E81EC4F9AE02/j-WnyZj7i3isMx6ug7wXhiPuPJ4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A913EF1D/BA9CD8ACECE611EEAAE9E81EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sat 05 Apr 2025 05:11:00 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 152661
IP: 203.28.104.0/23
IP: 2401:8d60::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 20:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146727 (0x23d27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 5 05:11:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A913EF1D, serialNumber=8FE5A7C998FB8B78AC331EAE83BC178623EE3C9E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f2:7c:c2:77:41:0d:a4:05:76:17:13:70:0f:
de:13:74:57:e7:01:e4:d2:5b:cc:a8:c5:2d:b9:25:
90:88:f8:89:1a:5d:35:1c:c0:19:78:fe:2f:06:db:
cb:f7:03:86:42:06:aa:47:74:98:b4:c7:58:29:e8:
51:73:64:a1:9a:4e:8c:3b:f8:c8:c9:7d:8a:81:27:
dd:79:e8:45:da:ae:45:57:39:df:c2:f3:37:f7:c1:
90:91:ef:bb:a7:78:15:9c:1e:cf:d8:9d:cf:ec:09:
27:84:71:55:ee:27:17:73:d7:e7:51:79:27:93:50:
39:56:6b:9f:74:80:a6:5c:17:68:00:c5:3f:a0:e3:
f4:94:59:3f:0d:87:35:ab:96:7d:99:db:90:57:9a:
69:be:08:a0:65:8e:9f:b2:38:09:0b:67:ae:54:60:
77:fb:14:e2:81:ef:08:bf:f8:32:08:c2:50:0f:f8:
5b:74:7e:f9:62:92:a1:99:b7:da:b4:7f:0d:ba:f5:
4a:54:3f:10:00:d2:d5:fe:0c:30:9e:45:a1:5e:20:
f9:25:4f:6f:a4:58:c6:a5:55:1f:43:24:5f:34:6a:
ec:34:e5:87:a3:01:b2:8e:a5:cc:1b:5f:a7:5b:b9:
38:94:87:53:ee:28:a7:2f:6c:8f:b3:1e:80:d7:3d:
45:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E5:A7:C9:98:FB:8B:78:AC:33:1E:AE:83:BC:17:86:23:EE:3C:9E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913EF1D/BA9CD8ACECE611EEAAE9E81EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913EF1D/BA9CD8ACECE611EEAAE9E81EC4F9AE02/j-WnyZj7i3isMx6ug7wXhiPuPJ4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
152661
sbgp-ipAddrBlock: critical
IPv4:
203.28.104.0/23
IPv6:
2401:8d60::/32
Signature Algorithm: sha256WithRSAEncryption
a1:3c:ad:05:18:52:4e:7c:a1:80:65:1c:c1:81:f0:8a:86:aa:
1b:c6:28:4c:b2:cd:fb:59:e3:99:36:7e:b4:52:a4:c8:f8:52:
45:c3:b5:0b:13:6c:a7:4d:e1:34:88:8a:c0:78:a5:af:c0:a0:
64:9d:8b:65:89:8d:37:1f:0a:4a:99:ef:d4:49:eb:ac:e5:d1:
ad:97:b0:c8:2d:b7:4a:ab:05:ec:57:f0:bb:a4:4c:85:90:f2:
49:45:9b:bc:5a:79:1e:57:29:cb:4c:b8:40:37:f7:0f:a9:79:
4e:5a:3d:53:f7:86:bb:cb:cd:4c:75:42:88:30:ad:03:e0:23:
cd:5e:a9:32:03:be:65:00:27:bc:02:c7:e3:24:69:10:b1:8b:
ad:ab:f2:9e:9e:44:22:41:cb:1d:fe:04:30:91:5f:a6:d9:61:
99:1a:05:1e:a2:e4:aa:e5:39:4d:2f:90:5f:b4:7a:d3:f1:5b:
7e:3c:43:7f:2c:f2:f8:3d:f3:91:83:17:1d:af:0e:ba:be:55:
fe:8e:86:97:91:4d:2d:32:90:28:c8:89:98:a6:d0:2c:11:f0:
3e:d5:36:48:72:b3:9a:28:a0:d2:c9:44:e9:c2:2c:12:77:6d:
6b:97:07:8c:9f:d3:80:4a:19:67:b4:a8:12:88:1c:be:6f:8c:
47:5e:c4:a7
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAj0nMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDQwNTA1MTEwMFoXDTI2MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0VGMUQxMTAvBgNVBAUTKDhGRTVBN0M5OThGQjhCNzhBQzMzMUVB
RTgzQkMxNzg2MjNFRTNDOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCf8nzCd0ENpAV2FxNwD94TdFfnAeTSW8yoxS25JZCI+IkaXTUcwBl4/i8G28v3
A4ZCBqpHdJi0x1gp6FFzZKGaTow7+MjJfYqBJ9156EXarkVXOd/C8zf3wZCR77un
eBWcHs/Ync/sCSeEcVXuJxdz1+dReSeTUDlWa590gKZcF2gAxT+g4/SUWT8NhzWr
ln2Z25BXmmm+CKBljp+yOAkLZ65UYHf7FOKB7wi/+DIIwlAP+Ft0fvlikqGZt9q0
fw269UpUPxAA0tX+DDCeRaFeIPklT2+kWMalVR9DJF80auw05YejAbKOpcwbX6db
uTiUh1PuKKcvbI+zHoDXPUVDAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUj+WnyZj7
i3isMx6ug7wXhiPuPJ4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNFRjFEL0JBOUNEOEFDRUNFNjExRUVBQUU5RTgxRUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzRUYxRC9CQTlDRDhBQ0VDRTYxMUVFQUFFOUU4MUVDNEY5QUUwMi9qLVdueVpq
N2kzaXNNeDZ1Zzd3WGhpUHVQSjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlRVMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQByxxoMA0EAgAC
MAcDBQAkAY1gMA0GCSqGSIb3DQEBCwUAA4IBAQChPK0FGFJOfKGAZRzBgfCKhqob
xihMss37WeOZNn60UqTI+FJFw7ULE2ynTeE0iIrAeKWvwKBknYtliY03HwpKme/U
Seus5dGtl7DILbdKqwXsV/C7pEyFkPJJRZu8WnkeVynLTLhAN/cPqXlOWj1T94a7
y81MdUKIMK0D4CPNXqkyA75lACe8AsfjJGkQsYutq/KenkQiQcsd/gQwkV+m2WGZ
GgUeouSq5TlNL5BftHrT8Vt+PEN/LPL4PfORgxcdrw66vlX+joaXkU0tMpAoyImY
ptAsEfA+1TZIcrOaKKDSyUTpwiwSd21rlweMn9OAShlntKgSiBy+b4xHXsSn
-----END CERTIFICATE-----
Generated at Fri Apr 25 23:03:09 2025 by rpki-client