Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1RBdt3mjjWBxcQ_T8fMLPaNaSQ.cer
File: u1RBdt3mjjWBxcQ_T8fMLPaNaSQ.cer (raw, json)
Hash identifier: Dzja0Msi86kbLE6xcHNlblQQQD6kyZwIuUhibS4K4rY=
Subject key identifier: BB:54:41:76:DD:E6:8E:35:81:C5:C4:3F:4F:C7:CC:2C:F6:8D:69:24
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023CA5
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91EDB37/5764737A78A011EB950D3175C4F9AE02/u1RBdt3mjjWBxcQ_T8fMLPaNaSQ.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91EDB37/5764737A78A011EB950D3175C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 03 Apr 2025 03:50:17 +0000
Certificate not after: Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources: AS: 139625
IP: 36.255.220.0/22
IP: 45.124.252.0/22
IP: 103.14.32.0/22
IP: 103.72.144.0/22
IP: 103.140.146.0/23
IP: 103.149.156.0/23
IP: 103.193.124.0/22
IP: 103.210.20.0/22
IP: 122.10.134.0/23
IP: 122.10.138.0 -- 122.10.163.255
IP: 122.10.196.0/22
IP: 122.10.220.0 -- 122.10.227.255
IP: 122.10.244.0 -- 122.10.255.255
IP: 2404:ff40::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 20:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146597 (0x23ca5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 3 03:50:17 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=A91EDB37, serialNumber=BB544176DDE68E3581C5C43F4FC7CC2CF68D6924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:53:21:66:6a:bf:c2:47:79:eb:a7:f3:aa:7f:
8f:7c:91:33:e6:60:bf:a0:3e:db:6e:74:5d:d9:88:
07:0a:60:38:2e:29:89:5e:08:06:0e:49:2c:7f:c6:
a8:02:05:47:cc:62:69:b0:0b:90:72:4d:d3:b6:6d:
25:e9:61:57:80:3f:f4:46:54:bd:48:d6:4a:a6:17:
4b:52:c7:2b:bc:ae:89:05:78:8b:7f:a4:bc:b8:6a:
0f:1e:4e:34:72:a7:30:0c:fc:8a:e0:dc:46:88:22:
30:60:d5:1f:fd:0a:a4:49:af:ce:25:2f:cf:f9:c5:
59:31:a9:53:07:3a:86:3b:b3:0b:4b:2c:89:62:be:
93:6b:34:ad:78:e2:ef:ba:b5:c0:d4:4a:bb:da:29:
32:73:12:c3:a6:c4:e7:95:6f:d4:39:dd:1a:ca:8c:
fd:9e:70:0f:71:c5:9c:5d:b6:b4:f9:97:27:f9:cf:
1e:31:d3:85:86:f8:78:89:06:62:84:b2:a5:d5:28:
6a:3c:80:e0:02:ed:8b:3f:71:6c:04:30:d4:0f:1e:
d3:0f:5b:75:a3:1d:22:16:a3:af:6b:d8:42:17:cf:
50:5d:a3:fb:3a:ad:90:c2:67:06:ef:e9:1c:4d:ab:
59:22:8c:a9:9a:32:6e:1c:f4:fc:21:c8:c8:92:58:
00:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:54:41:76:DD:E6:8E:35:81:C5:C4:3F:4F:C7:CC:2C:F6:8D:69:24
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/5764737A78A011EB950D3175C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/5764737A78A011EB950D3175C4F9AE02/u1RBdt3mjjWBxcQ_T8fMLPaNaSQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
139625
sbgp-ipAddrBlock: critical
IPv4:
36.255.220.0/22
45.124.252.0/22
103.14.32.0/22
103.72.144.0/22
103.140.146.0/23
103.149.156.0/23
103.193.124.0/22
103.210.20.0/22
122.10.134.0/23
122.10.138.0-122.10.163.255
122.10.196.0/22
122.10.220.0-122.10.227.255
122.10.244.0-122.10.255.255
IPv6:
2404:ff40::/32
Signature Algorithm: sha256WithRSAEncryption
4b:95:a7:75:c7:77:84:f2:d8:e9:36:64:67:9b:46:a7:c3:c1:
06:ba:f9:19:b3:d9:88:a8:54:06:3e:f7:ed:ea:69:79:8f:d2:
b1:03:b0:60:f1:18:42:07:3f:8a:a8:ae:62:8d:27:2b:4c:58:
7f:ac:84:2f:19:f8:fb:ab:9c:11:40:01:0c:34:31:c1:6b:93:
d6:8c:d2:40:5b:67:db:ba:4e:d8:b5:88:cc:13:0d:ee:7f:83:
c2:30:af:aa:ce:88:c2:1c:c0:fc:99:ab:33:a6:32:12:81:58:
0d:a3:2a:44:20:a9:d6:21:73:e8:7a:a1:d3:11:a3:9d:ab:08:
3f:79:01:86:28:93:10:50:7f:41:33:10:82:12:e9:f3:30:96:
29:97:84:74:95:7e:29:db:81:b8:36:57:51:26:34:a4:44:5e:
d6:27:c6:ba:db:1b:2b:c6:f6:0a:57:3c:0c:9b:03:c1:9d:46:
46:b0:9f:b7:27:3d:2d:71:76:31:53:4d:da:02:7c:c2:38:5b:
60:8e:e6:b7:9d:58:0e:4a:d1:74:a3:dd:ab:89:bf:52:26:ce:
53:0e:fa:47:36:be:77:a2:67:df:b7:70:54:27:ab:b7:66:79:
1a:90:5f:20:d5:c6:0b:3d:0c:4a:1b:95:08:ad:3c:23:e0:11:
07:34:08:48
-----BEGIN CERTIFICATE-----
MIIGiTCCBXGgAwIBAgIDAjylMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDQwMzAzNTAxN1oXDTI1MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRURCMzcxMTAvBgNVBAUTKEJCNTQ0MTc2RERFNjhFMzU4MUM1QzQz
RjRGQzdDQzJDRjY4RDY5MjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDMUyFmar/CR3nrp/Oqf498kTPmYL+gPttudF3ZiAcKYDguKYleCAYOSSx/xqgC
BUfMYmmwC5ByTdO2bSXpYVeAP/RGVL1I1kqmF0tSxyu8rokFeIt/pLy4ag8eTjRy
pzAM/Irg3EaIIjBg1R/9CqRJr84lL8/5xVkxqVMHOoY7swtLLIlivpNrNK144u+6
tcDUSrvaKTJzEsOmxOeVb9Q53RrKjP2ecA9xxZxdtrT5lyf5zx4x04WG+HiJBmKE
sqXVKGo8gOAC7Ys/cWwEMNQPHtMPW3WjHSIWo69r2EIXz1Bdo/s6rZDCZwbv6RxN
q1kijKmaMm4c9PwhyMiSWAC3AgMBAAGjggN+MIIDejAdBgNVHQ4EFgQUu1RBdt3m
jjWBxcQ/T8fMLPaNaSQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUVEQjM3LzU3NjQ3MzdBNzhBMDExRUI5NTBEMzE3NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFREIzNy81NzY0NzM3QTc4QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi91MVJCZHQz
bWpqV0J4Y1FfVDhmTUxQYU5hU1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiFpMIGNBggrBgEFBQcBBwEB/wR+MHwwawQCAAEwZQMEAiT/3AMEAi18
/AMEAmcOIAMEAmdIkAMEAWeMkgMEAWeVnAMEAmfBfAMEAmfSFAMEAXoKhjAMAwQB
egqKAwQCegqgAwQCegrEMAwDBAJ6CtwDBAJ6CuAwCwMEAnoK9AMDAHoKMA0EAgAC
MAcDBQAkBP9AMA0GCSqGSIb3DQEBCwUAA4IBAQBLlad1x3eE8tjpNmRnm0anw8EG
uvkZs9mIqFQGPvft6ml5j9KxA7Bg8RhCBz+KqK5ijScrTFh/rIQvGfj7q5wRQAEM
NDHBa5PWjNJAW2fbuk7YtYjMEw3uf4PCMK+qzojCHMD8maszpjISgVgNoypEIKnW
IXPoeqHTEaOdqwg/eQGGKJMQUH9BMxCCEunzMJYpl4R0lX4p24G4NldRJjSkRF7W
J8a62xsrxvYKVzwMmwPBnUZGsJ+3Jz0tcXYxU03aAnzCOFtgjua3nVgOStF0o92r
ib9SJs5TDvpHNr53omfft3BUJ6u3ZnkakF8g1cYLPQxKG5UIrTwj4BEHNAhI
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:59:00 2025 by rpki-client