Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
File: n4LbyUZjEsW6LpISeTAkAJVqmCo.cer (raw, json)
Hash identifier: 2gp0JKhJNlRakSr6zwrzZaGwuFvpMem0oPQ24wKaMR4=
Subject key identifier: 9F:82:DB:C9:46:63:12:C5:BA:2E:92:12:79:30:24:00:95:6A:98:2A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025786
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 23 Jul 2025 16:38:33 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: AS: 7693
AS: 17460
AS: 17478
AS: 18386
AS: 23683
AS: 24083
AS: 24465
AS: 38223
AS: 38297
AS: 45134
AS: 45471
AS: 45800
AS: 46079
AS: 55407
AS: 55760
AS: 131087
AS: 142599
AS: 149762
AS: 149796
IP: 58.181.128.0/17
IP: 103.19.104.0/22
IP: 202.44.144.0/24
IP: 202.149.96.0/19
IP: 203.107.128.0/17
IP: 203.155.0.0/16
IP: 203.188.0.0/18
IP: 203.195.96.0/20
IP: 203.209.0.0/17
IP: 2405:a000::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 11 Aug 2025 04:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153478 (0x25786)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 23 16:38:33 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A91697FA, serialNumber=9F82DBC9466312C5BA2E921279302400956A982A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d1:3e:77:52:ba:2c:c6:8f:7c:c1:af:32:3a:
1d:67:ce:aa:47:81:c0:31:fa:29:3f:0f:65:f3:d3:
b3:b0:c3:ff:3c:ed:17:77:d6:a1:7c:46:f4:61:77:
a1:6a:d5:cb:ce:f3:7d:76:24:37:9a:c1:b7:ab:64:
8d:7a:b1:71:05:2d:c3:31:2e:e0:d6:6b:dd:fb:9b:
30:b8:90:0e:49:f1:e5:c3:c5:5d:51:4d:29:8d:92:
9b:71:15:92:e1:5a:f1:76:04:20:35:41:34:33:b6:
57:a6:41:5e:cf:3d:2e:6f:0c:4c:ca:e7:f6:23:be:
ee:24:19:32:0f:a3:90:aa:33:b1:62:e7:9d:c4:4e:
04:65:4a:a6:db:de:00:4b:c4:4f:07:55:88:47:a5:
cf:c7:14:54:ee:41:6f:04:86:2e:6c:88:c5:5c:e5:
b0:0b:bb:4c:20:3c:2c:c1:ac:2b:81:b8:34:c4:cb:
ea:fc:ad:58:c7:24:03:a9:f7:af:cc:42:69:ea:d7:
c9:77:a1:81:93:2b:ac:b2:0e:ac:89:8c:00:c4:8a:
df:d4:76:5e:b6:c1:aa:31:af:5b:6e:bb:60:31:3c:
7d:b2:c4:59:79:d4:24:4f:09:80:fe:75:96:46:5f:
8c:1b:a0:86:ca:ea:c6:1e:27:aa:b2:7d:a2:17:1c:
b4:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:82:DB:C9:46:63:12:C5:BA:2E:92:12:79:30:24:00:95:6A:98:2A
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
7693
17460
17478
18386
23683
24083
24465
38223
38297
45134
45471
45800
46079
55407
55760
131087
142599
149762
149796
sbgp-ipAddrBlock: critical
IPv4:
58.181.128.0/17
103.19.104.0/22
202.44.144.0/24
202.149.96.0/19
203.107.128.0/17
203.155.0.0/16
203.188.0.0/18
203.195.96.0/20
203.209.0.0/17
IPv6:
2405:a000::/32
Signature Algorithm: sha256WithRSAEncryption
54:7b:fc:82:2d:35:2a:77:11:b8:26:63:98:1b:4d:21:77:2f:
8e:3b:55:ef:47:39:50:1b:c0:d0:27:a3:01:93:b0:68:53:04:
51:95:eb:18:44:8c:4a:bd:32:81:bf:65:f3:d4:7a:f8:81:75:
57:95:9c:99:e5:5a:49:c5:c0:5d:3d:5b:6f:87:16:dc:06:2a:
63:fa:23:95:35:12:e4:49:1d:95:e0:28:a5:7f:73:84:21:ba:
b5:2e:20:81:35:c6:19:36:a7:c8:6b:7e:56:0a:f3:56:9e:cc:
b8:cd:20:fc:40:5c:93:d2:b2:09:06:4d:94:d8:f4:f3:37:46:
c1:8b:25:eb:a9:70:34:0a:38:53:1c:cb:23:4c:c1:66:5c:5e:
35:44:47:64:46:c8:0d:77:9a:06:ee:80:0d:79:3c:ca:2b:f4:
24:98:b5:ee:46:52:da:65:96:87:bf:d9:e0:f8:ff:5c:6b:5f:
ea:2e:75:80:28:03:03:5a:2f:b2:cd:ff:04:89:50:c3:b1:8f:
e8:95:34:83:0e:87:15:13:2f:fc:3a:a6:2e:3f:dc:a7:75:94:
c5:66:96:34:94:da:4b:94:e2:5c:55:b8:0b:62:cf:e7:21:8f:
3d:f5:11:7a:0c:db:9f:6b:95:85:ac:50:ed:dc:38:b8:85:ee:
03:82:1a:7a
-----BEGIN CERTIFICATE-----
MIIGqzCCBZOgAwIBAgIDAleGMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDcyMzE2MzgzM1oXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNjk3RkExMTAvBgNVBAUTKDlGODJEQkM5NDY2MzEyQzVCQTJFOTIx
Mjc5MzAyNDAwOTU2QTk4MkEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC20T53Urosxo98wa8yOh1nzqpHgcAx+ik/D2Xz07Oww/887Rd31qF8RvRhd6Fq
1cvO8312JDeawberZI16sXEFLcMxLuDWa937mzC4kA5J8eXDxV1RTSmNkptxFZLh
WvF2BCA1QTQztlemQV7PPS5vDEzK5/Yjvu4kGTIPo5CqM7Fi553ETgRlSqbb3gBL
xE8HVYhHpc/HFFTuQW8Ehi5siMVc5bALu0wgPCzBrCuBuDTEy+r8rVjHJAOp96/M
Qmnq18l3oYGTK6yyDqyJjADEit/Udl62waoxr1tuu2AxPH2yxFl51CRPCYD+dZZG
X4wboIbK6sYeJ6qyfaIXHLTrAgMBAAGjggOgMIIDnDAdBgNVHQ4EFgQUn4LbyUZj
EsW6LpISeTAkAJVqmCowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTY5N0ZBLzI3RjgzQjcwMUQ4MzExRTI5MzI5MjFEODA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2OTdGQS8yN0Y4M0I3MDFEODMxMUUyOTMyOTIxRDgwOEIwMkNEMi9uNExieVVa
akVzVzZMcElTZVRBa0FKVnFtQ28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbQYIKwYBBQUHAQgBAf8EXjBc
oFowWAICHg0CAkQ0AgJERgICR9ICAlyDAgJeEwICX5ECAwCVTwIDAJWZAgMAsE4C
AwCxnwIDALLoAgMAs/8CAwDYbwIDANnQAgMCAA8CAwItBwIDAkkCAgMCSSQwXQYI
KwYBBQUHAQcBAf8ETjBMMDsEAgABMDUDBAc6tYADBAJnE2gDBADKLJADBAXKlWAD
BAfLa4ADAwDLmwMEBsu8AAMEBMvDYAMEB8vRADANBAIAAjAHAwUAJAWgADANBgkq
hkiG9w0BAQsFAAOCAQEAVHv8gi01KncRuCZjmBtNIXcvjjtV70c5UBvA0CejAZOw
aFMEUZXrGESMSr0ygb9l89R6+IF1V5WcmeVaScXAXT1bb4cW3AYqY/ojlTUS5Ekd
leAopX9zhCG6tS4ggTXGGTanyGt+VgrzVp7MuM0g/EBck9KyCQZNlNj08zdGwYsl
66lwNAo4UxzLI0zBZlxeNURHZEbIDXeaBu6ADXk8yiv0JJi17kZS2mWWh7/Z4Pj/
XGtf6i51gCgDA1ovss3/BIlQw7GP6JU0gw6HFRMv/DqmLj/cp3WUxWaWNJTaS5Ti
XFW4C2LP5yGPPfURegzbn2uVhaxQ7dw4uIXuA4Iaeg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:32:00 2025 by rpki-client