Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.cer
File: kRdtFpxC8D2VKCu7ogTE5E0x7Qk.cer (raw, json)
Hash identifier: hr0GrCnQsISAR7ETIVU6sVCTofnS2kFFx4DhgHa8/ls=
Subject key identifier: 91:17:6D:16:9C:42:F0:3D:95:28:2B:BB:A2:04:C4:E4:4D:31:ED:09
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023AD2
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 31 Mar 2025 06:28:17 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 153747
IP: 163.223.216.0/23
IP: 2001:df5:4cc0::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 20:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146130 (0x23ad2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Mar 31 06:28:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A91FF5B9, serialNumber=91176D169C42F03D95282BBBA204C4E44D31ED09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f0:b3:bb:d3:73:ee:34:be:81:c6:83:ae:aa:
99:12:4e:b4:3f:62:83:72:14:8f:ac:84:0a:2f:37:
a3:9e:30:73:09:17:8f:dd:9b:d4:8a:a5:ac:bb:c2:
78:8d:0a:22:a2:0b:5f:d9:2d:cd:f5:13:02:18:71:
b2:b5:6d:79:d6:fb:36:25:e4:9a:4a:0a:c6:98:c4:
58:93:2b:a7:12:07:19:01:70:b7:7d:82:c7:60:de:
e3:90:71:8e:05:50:62:7d:f1:c3:a6:b2:c1:96:39:
2f:a7:25:da:03:85:ff:e7:3b:d6:46:dc:9e:e1:6c:
d0:a7:01:dd:21:d5:29:43:d9:36:3c:48:de:05:a7:
78:19:15:e4:26:1b:a1:05:72:58:13:87:c9:15:8b:
41:4d:94:e0:24:eb:2b:eb:6b:7d:98:4a:d4:32:17:
2a:82:ba:c8:81:93:69:8c:6b:47:dd:0d:f2:89:83:
8c:d4:36:2a:f7:ec:12:4f:8f:68:f1:6d:45:9f:dc:
2b:f3:ca:e8:f2:8d:cb:3a:51:17:2f:68:b9:2a:56:
89:ed:75:a5:73:7f:cc:b6:60:f6:04:a5:f8:1e:03:
88:60:bb:7b:4e:b7:91:b9:6b:ac:31:1b:d5:08:19:
be:41:bc:5d:92:ab:df:68:fd:fe:e2:c7:4d:9b:26:
e1:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:17:6D:16:9C:42:F0:3D:95:28:2B:BB:A2:04:C4:E4:4D:31:ED:09
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
153747
sbgp-ipAddrBlock: critical
IPv4:
163.223.216.0/23
IPv6:
2001:df5:4cc0::/48
Signature Algorithm: sha256WithRSAEncryption
07:b5:87:05:ac:3a:58:e3:3a:a0:31:23:60:42:38:d3:25:b1:
31:1f:f2:fc:61:3c:54:fc:43:75:c2:dc:51:8a:bd:c0:2d:6c:
34:d9:a4:50:d7:0b:0b:ba:1c:9e:fb:dd:e1:d7:12:c8:28:b1:
3f:16:ae:f7:ce:0a:f7:8e:84:e9:bf:1a:fb:87:41:cd:c8:97:
1f:8a:d9:70:24:f0:ec:55:f5:8a:3e:89:33:06:33:67:75:fc:
5f:61:5e:86:19:0a:2f:74:f6:40:40:fd:7a:88:8b:e3:e8:2d:
2f:60:af:70:71:da:ec:de:9c:34:4e:8b:79:db:13:c7:1b:da:
52:ab:35:4f:78:3a:46:6f:33:d3:c8:a4:a3:a2:8b:4e:91:90:
b5:69:77:7f:22:f2:ad:6c:a2:9e:14:9d:d4:56:b6:a2:6c:df:
f5:66:a9:d0:8f:f8:a0:a1:49:e5:7c:bb:db:79:ff:74:41:fb:
86:7f:58:33:d9:43:9e:4c:c3:63:9f:91:99:ae:f9:31:bf:4f:
f9:00:42:3e:1d:c1:49:5b:59:7d:9d:2c:da:05:26:06:8f:a9:
8c:7c:d5:c0:93:57:18:ce:e5:b8:2c:65:86:08:22:7c:9a:f5:
7c:7a:29:ff:4e:7f:0c:c4:7b:b1:93:98:41:f0:f8:a6:8d:7e:
3e:63:98:fe
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAjrSMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDMzMTA2MjgxN1oXDTI2MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRkY1QjkxMTAvBgNVBAUTKDkxMTc2RDE2OUM0MkYwM0Q5NTI4MkJC
QkEyMDRDNEU0NEQzMUVEMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDL8LO703PuNL6BxoOuqpkSTrQ/YoNyFI+shAovN6OeMHMJF4/dm9SKpay7wniN
CiKiC1/ZLc31EwIYcbK1bXnW+zYl5JpKCsaYxFiTK6cSBxkBcLd9gsdg3uOQcY4F
UGJ98cOmssGWOS+nJdoDhf/nO9ZG3J7hbNCnAd0h1SlD2TY8SN4Fp3gZFeQmG6EF
clgTh8kVi0FNlOAk6yvra32YStQyFyqCusiBk2mMa0fdDfKJg4zUNir37BJPj2jx
bUWf3Cvzyujyjcs6URcvaLkqVontdaVzf8y2YPYEpfgeA4hgu3tOt5G5a6wxG9UI
Gb5BvF2Sq99o/f7ix02bJuFrAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUkRdtFpxC
8D2VKCu7ogTE5E0x7QkwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUZGNUI5LzUyMDJEMDI4MERGOTExRjA4RTZFNzYyQUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGRjVCOS81MjAyRDAyODBERjkxMUYwOEU2RTc2MkFDNEY5QUUwMi9rUmR0RnB4
QzhEMlZLQ3U3b2dURTVFMHg3UWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAliTMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBo9/YMA8EAgAC
MAkDBwAgAQ31TMAwDQYJKoZIhvcNAQELBQADggEBAAe1hwWsOljjOqAxI2BCONMl
sTEf8vxhPFT8Q3XC3FGKvcAtbDTZpFDXCwu6HJ773eHXEsgosT8WrvfOCveOhOm/
GvuHQc3Ilx+K2XAk8OxV9Yo+iTMGM2d1/F9hXoYZCi909kBA/XqIi+PoLS9gr3Bx
2uzenDROi3nbE8cb2lKrNU94OkZvM9PIpKOii06RkLVpd38i8q1sop4UndRWtqJs
3/VmqdCP+KChSeV8u9t5/3RB+4Z/WDPZQ55Mw2OfkZmu+TG/T/kAQj4dwUlbWX2d
LNoFJgaPqYx81cCTVxjO5bgsZYYIInya9Xx6Kf9OfwzEe7GTmEHw+KaNfj5jmP4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:40:29 2025 by rpki-client