Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tzUbBbFhnp3jlfCy_8nuESnzALQ.cer
File: tzUbBbFhnp3jlfCy_8nuESnzALQ.cer (raw, json)
Hash identifier: RtEPpZIfEjRaz2hplEMp0iYrng0aNyyBhFvJEhX+RvA=
Subject key identifier: B7:35:1B:05:B1:61:9E:9D:E3:95:F0:B2:FF:C9:EE:11:29:F3:00:B4
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025BF7
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.sub.apnic.net/repository/A91905300000/4/B7351B05B1619E9DE395F0B2FFC9EE1129F300B4.mft
caRepository: rsync://rpki.sub.apnic.net/repository/A91905300000/4/
Notify URL: https://rrdp.sub.apnic.net/notification.xml
Certificate not before: Thu 07 Aug 2025 17:04:40 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: AS: 7546
IP: 103.60.200.0/22
IP: 122.99.120.0/22
IP: 203.7.196.0/23
IP: 203.30.60.0/24
IP: 2403:7e00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154615 (0x25bf7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 7 17:04:40 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A91E539C0000, serialNumber=B7351B05B1619E9DE395F0B2FFC9EE1129F300B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0c:84:d2:ce:67:8c:1b:9a:27:f8:74:5d:d0:
c5:7d:4b:46:a0:05:8f:83:19:88:34:a2:8a:2f:b3:
7a:48:4d:75:8f:45:d1:e1:a2:b2:a5:d0:39:75:0b:
1b:6b:2c:d1:cd:3d:31:dc:b2:ea:05:74:c5:3f:3b:
e8:ab:4f:d6:61:b6:9a:62:27:da:07:4e:7e:f8:d2:
6e:a7:b8:a3:70:6f:97:c8:32:02:71:06:73:cf:b1:
1a:44:c7:8d:e1:b3:29:38:ef:f9:cc:f3:a7:87:3d:
d8:af:35:6f:c4:91:10:98:9a:de:1f:59:52:57:bb:
5b:d0:43:4e:68:04:5c:08:7e:10:6d:da:9e:b1:5d:
0d:a6:14:27:87:2c:04:44:0d:cd:d9:8a:00:ca:4d:
f7:99:d2:bd:ca:95:16:24:0f:ad:ce:7c:8d:67:ad:
24:ea:d6:2c:20:6f:0f:f0:fe:52:b6:9c:a9:a3:d4:
0a:56:09:ba:0e:33:31:4a:4c:97:88:cd:ff:db:9d:
ce:8a:a6:ad:4c:ed:d2:d8:81:28:fc:dc:97:02:f4:
28:ad:3e:b5:27:8f:b4:75:da:5b:47:b9:18:25:df:
c9:da:f1:a7:18:fe:ae:63:89:01:d0:e8:dd:23:a2:
40:2b:cb:bf:8d:37:09:9f:1e:58:08:68:11:55:f3:
b1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:35:1B:05:B1:61:9E:9D:E3:95:F0:B2:FF:C9:EE:11:29:F3:00:B4
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.sub.apnic.net/repository/A91905300000/4/
RPKI Manifest - URI:rsync://rpki.sub.apnic.net/repository/A91905300000/4/B7351B05B1619E9DE395F0B2FFC9EE1129F300B4.mft
RPKI Notify - URI:https://rrdp.sub.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
7546
sbgp-ipAddrBlock: critical
IPv4:
103.60.200.0/22
122.99.120.0/22
203.7.196.0/23
203.30.60.0/24
IPv6:
2403:7e00::/32
Signature Algorithm: sha256WithRSAEncryption
92:ab:2e:2f:da:15:7f:07:3e:20:f8:52:41:ba:eb:9d:7e:78:
69:e1:0e:d1:e7:f0:98:b4:09:e9:c8:c6:1f:9a:fc:9b:f8:30:
15:69:c6:1c:9c:27:12:8a:b4:58:00:40:b5:14:93:36:c8:ac:
d0:05:71:d1:19:4e:4a:c5:86:60:b9:c6:06:6d:92:f1:13:03:
ac:53:3a:09:ff:3a:2b:3b:5a:74:32:a8:f3:c9:e9:62:f0:d1:
77:3a:1d:3b:b4:de:f7:a0:28:60:8d:75:8c:3b:8c:ce:ee:4e:
c1:68:75:4e:4a:62:d4:20:5d:0a:5e:ca:68:07:cb:95:47:18:
9c:02:1b:a2:fd:be:b4:12:1d:fe:1a:88:6c:18:de:41:30:a1:
fa:74:e1:ac:57:0c:f0:e6:00:f1:c6:60:80:ba:44:64:2f:5c:
cf:5a:23:1e:ea:00:16:8c:9b:48:39:87:b6:d7:52:1a:81:81:
d1:67:be:5e:d0:1c:6c:5d:20:86:7c:0b:32:61:3c:71:ff:b0:
44:8b:5f:3f:db:df:b5:13:5e:37:7d:dc:b0:90:af:ec:af:bb:
97:2d:cf:2c:71:83:5e:a2:01:f3:da:d9:92:5e:bd:6e:21:60:
bc:fc:5c:8a:9e:b3:2b:79:47:e2:ee:3b:4f:f3:9b:9f:dd:cd:
77:bf:6b:25
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgIDAlv3MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgwNzE3MDQ0MFoXDTI2MTAzMTAwMDAwMFowSjEVMBMG
A1UEAxMMQTkxRTUzOUMwMDAwMTEwLwYDVQQFEyhCNzM1MUIwNUIxNjE5RTlERTM5
NUYwQjJGRkM5RUUxMTI5RjMwMEI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxQyE0s5njBuaJ/h0XdDFfUtGoAWPgxmINKKKL7N6SE11j0XR4aKypdA5
dQsbayzRzT0x3LLqBXTFPzvoq0/WYbaaYifaB05++NJup7ijcG+XyDICcQZzz7Ea
RMeN4bMpOO/5zPOnhz3YrzVvxJEQmJreH1lSV7tb0ENOaARcCH4QbdqesV0NphQn
hywERA3N2YoAyk33mdK9ypUWJA+tznyNZ60k6tYsIG8P8P5Stpypo9QKVgm6DjMx
SkyXiM3/253OiqatTO3S2IEo/NyXAvQorT61J4+0ddpbR7kYJd/J2vGnGP6uY4kB
0OjdI6JAK8u/jTcJnx5YCGgRVfOxvwIDAQABo4IDATCCAv0wHQYDVR0OBBYEFLc1
GwWxYZ6d45Xwsv/J7hEp8wC0MB8GA1UdIwQYMBaAFA5lpPX9NrW9aOs8kjQIl4yQ
eqefMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1
ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9EbVdrOWYwMnRiMW82enlTTkFpWGpK
QjZwNTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3RTExRTdBOTZBMzk1
MjFBNEY0RkI0L0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1OC5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMIH7BggrBgEFBQcBCwSB7jCB6zBBBggrBgEF
BQcwBYY1cnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5
MDUzMDAwMDAvNC8wbQYIKwYBBQUHMAqGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMu
bmV0L3JlcG9zaXRvcnkvQTkxOTA1MzAwMDAwLzQvQjczNTFCMDVCMTYxOUU5REUz
OTVGMEIyRkZDOUVFMTEyOUYzMDBCNC5tZnQwNwYIKwYBBQUHMA2GK2h0dHBzOi8v
cnJkcC5zdWIuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgB
Af8ECjAIoAYwBAICHXowQAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBAJnPMgD
BAJ6Y3gDBAHLB8QDBADLHjwwDQQCAAIwBwMFACQDfgAwDQYJKoZIhvcNAQELBQAD
ggEBAJKrLi/aFX8HPiD4UkG6651+eGnhDtHn8Ji0CenIxh+a/Jv4MBVpxhycJxKK
tFgAQLUUkzbIrNAFcdEZTkrFhmC5xgZtkvETA6xTOgn/Ois7WnQyqPPJ6WLw0Xc6
HTu03vegKGCNdYw7jM7uTsFodU5KYtQgXQpeymgHy5VHGJwCG6L9vrQSHf4aiGwY
3kEwofp04axXDPDmAPHGYIC6RGQvXM9aIx7qABaMm0g5h7bXUhqBgdFnvl7QHGxd
IIZ8CzJhPHH/sESLXz/b37UTXjd93LCQr+yvu5ctzyxxg16iAfPa2ZJevW4hYLz8
XIqesyt5R+LuO0/zm5/dzXe/ayU=
-----END CERTIFICATE-----
Generated at Fri Aug 8 19:29:37 2025 by rpki-client