Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer
File: xOTw2gEK9YY3zFlihHHpmLckPFI.cer (raw, json)
Hash identifier: uMPb6nv+XEAXhJg3c3bAPRSrG8WiYq6LnGyq5Fn3w+8=
Subject key identifier: C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02AB28
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 08 Apr 2026 14:44:06 +0000
Certificate not after: Fri 28 May 2027 00:00:00 +0000
Subordinate resources: AS: 133882
IP: 43.255.152.0/22
IP: 103.1.172.0/22
IP: 103.35.91.0/24
IP: 103.44.220.0/24
IP: 103.87.189.0 -- 103.87.191.255
IP: 118.139.160.0/19
IP: 182.50.128.0/19
IP: 202.3.13.0/24
IP: 203.124.96.0/19
IP: 2001:df1:9c00::/48
IP: 2403:bc80::/32
IP: 2407:1c00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 24 Apr 2026 07:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 174888 (0x2ab28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 8 14:44:06 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=A91D83D0, serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2b:d2:ef:73:ca:0c:40:cd:a1:fa:21:fc:cd:
47:2f:e3:67:3c:ac:f4:f7:c9:f2:62:10:d8:bc:24:
bc:07:84:e5:1a:3b:cd:b7:80:67:78:20:96:59:11:
a2:ae:1e:8f:8a:d9:ba:7f:e1:81:d6:e4:ab:c5:ce:
dd:b5:bf:09:64:d2:6b:0d:22:d1:74:66:59:2f:30:
46:70:f5:ab:91:76:4f:9c:e0:49:21:58:3c:55:aa:
3e:28:1a:9b:60:93:2f:79:8a:cf:44:ad:e9:b8:95:
41:22:1f:d6:bb:00:59:ae:d3:d5:72:0c:a9:0c:e0:
0c:3b:fc:72:9e:07:8f:31:41:a6:20:d2:f6:01:64:
07:5c:a9:be:0e:e9:30:d5:9d:20:2a:03:60:89:3b:
6c:55:5c:b1:49:61:c1:a3:b6:9d:b5:90:a7:9e:03:
dc:d7:1d:77:24:4c:72:15:b9:59:bc:6d:56:2a:80:
5a:b6:4d:7a:c6:13:78:65:5d:a5:a1:fa:53:c4:b4:
39:16:bd:20:2b:f8:1a:f3:40:f8:1e:f2:b5:ef:8c:
00:12:a5:ad:bc:0f:69:18:45:58:ba:97:27:ff:ef:
82:9e:5f:e1:4b:e7:50:70:71:d4:c4:b8:bd:0b:5f:
5a:f1:08:20:86:8c:9d:ae:5f:fd:d3:e0:7c:61:39:
83:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
133882
sbgp-ipAddrBlock: critical
IPv4:
43.255.152.0/22
103.1.172.0/22
103.35.91.0/24
103.44.220.0/24
103.87.189.0-103.87.191.255
118.139.160.0/19
182.50.128.0/19
202.3.13.0/24
203.124.96.0/19
IPv6:
2001:df1:9c00::/48
2403:bc80::/32
2407:1c00::/32
Signature Algorithm: sha256WithRSAEncryption
7e:4e:33:88:8d:c8:79:da:09:dc:3b:3e:93:78:c9:30:73:54:
8b:1d:46:97:54:0c:cd:a9:0d:57:2d:85:df:d5:76:51:ef:2f:
6f:73:28:51:97:c6:e7:5e:0b:2d:71:ae:f3:5e:53:39:71:73:
3f:3f:46:9f:99:9a:4e:4f:c4:e9:a1:f4:7b:9a:93:71:fb:c5:
6c:ab:7f:0a:03:64:a1:45:1e:1a:6e:d8:65:7a:0d:8c:d6:23:
dc:57:d0:85:88:19:79:a3:b0:af:8a:1e:4d:1a:58:e4:6e:be:
49:9f:a9:65:28:5b:3e:9c:9e:70:8c:6d:8d:a5:87:3f:6b:00:
9a:d1:0d:a4:ed:97:f7:39:e8:90:a3:53:fb:9b:65:e9:b0:7f:
ba:a4:2c:ce:ff:20:62:4a:25:72:21:a8:76:79:e3:34:0a:41:
5b:31:4a:c1:6b:a0:dd:97:b0:eb:c9:3b:17:2a:e5:93:4c:6e:
08:eb:6f:d5:85:86:5f:35:fc:09:07:57:66:2f:b9:30:d2:bb:
cd:a1:40:0a:48:f6:dc:40:78:d6:42:bb:1d:a3:44:36:5c:1e:
fc:e3:bd:90:9f:79:8b:11:5a:32:64:12:10:83:19:dc:16:04:
d9:d4:1f:a8:e3:ed:88:1b:11:1a:e2:1e:5d:4f:13:07:9e:3f:
22:f6:51:c4
-----BEGIN CERTIFICATE-----
MIIGcTCCBVmgAwIBAgIDAqsoMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDQwODE0NDQwNloXDTI3MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDgzRDAxMTAvBgNVBAUTKEM0RTRGMERBMDEwQUY1ODYzN0NDNTk2
Mjg0NzFFOTk4QjcyNDNDNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCK9Lvc8oMQM2h+iH8zUcv42c8rPT3yfJiENi8JLwHhOUaO823gGd4IJZZEaKu
Ho+K2bp/4YHW5KvFzt21vwlk0msNItF0ZlkvMEZw9auRdk+c4EkhWDxVqj4oGptg
ky95is9Erem4lUEiH9a7AFmu09VyDKkM4Aw7/HKeB48xQaYg0vYBZAdcqb4O6TDV
nSAqA2CJO2xVXLFJYcGjtp21kKeeA9zXHXckTHIVuVm8bVYqgFq2TXrGE3hlXaWh
+lPEtDkWvSAr+BrzQPge8rXvjAASpa28D2kYRVi6lyf/74KeX+FL51BwcdTEuL0L
X1rxCCCGjJ2uX/3T4HxhOYOpAgMBAAGjggNmMIIDYjAdBgNVHQ4EFgQUxOTw2gEK
9YY3zFlihHHpmLckPFIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQ4M0QwLzBBMTYyMDhBQUZCQzExRUFBOTYxQ0I4NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEODNEMC8wQTE2MjA4QUFGQkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdF
SzlZWTN6RmxpaEhIcG1MY2tQRkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgr6MHYGCCsGAQUFBwEHAQH/BGcwZTBEBAIAATA+AwQCK/+YAwQCZwGs
AwQAZyNbAwQAZyzcMAwDBABnV70DBAZnV4ADBAV2i6ADBAW2MoADBADKAw0DBAXL
fGAwHQQCAAIwFwMHACABDfGcAAMFACQDvIADBQAkBxwAMA0GCSqGSIb3DQEBCwUA
A4IBAQB+TjOIjch52gncOz6TeMkwc1SLHUaXVAzNqQ1XLYXf1XZR7y9vcyhRl8bn
Xgstca7zXlM5cXM/P0afmZpOT8TpofR7mpNx+8Vsq38KA2ShRR4abthleg2M1iPc
V9CFiBl5o7Cvih5NGljkbr5Jn6llKFs+nJ5wjG2NpYc/awCa0Q2k7Zf3OeiQo1P7
m2XpsH+6pCzO/yBiSiVyIah2eeM0CkFbMUrBa6Ddl7DryTsXKuWTTG4I62/VhYZf
NfwJB1dmL7kw0rvNoUAKSPbcQHjWQrsdo0Q2XB78472Qn3mLEVoyZBIQgxncFgTZ
1B+o4+2IGxEa4h5dTxMHnj8i9lHE
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:53:36 2026 by rpki-client