Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x_AoN9JFy4-rzUdBz6K0paL3Pq0.cer
File: x_AoN9JFy4-rzUdBz6K0paL3Pq0.cer (raw, json)
Hash identifier: jKb/J/bpRqk89FIV4FG7yU+RQRkVakrSJR73Mz/08D0=
Subject key identifier: C7:F0:28:37:D2:45:CB:8F:AB:CD:47:41:CF:A2:B4:A5:A2:F7:3E:AD
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0272A6
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/x_AoN9JFy4-rzUdBz6K0paL3Pq0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 03 Nov 2025 23:06:38 +0000
Certificate not after: Wed 30 Dec 2026 00:00:00 +0000
Subordinate resources: AS: 153349
IP: 2001:df4:5ac0::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 11 Nov 2025 05:28:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160422 (0x272a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 3 23:06:38 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=A91D8BB1, serialNumber=C7F02837D245CB8FABCD4741CFA2B4A5A2F73EAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:eb:ae:83:91:3e:30:fe:b9:e4:3f:4b:10:2b:
d5:a8:fe:df:a1:e2:c7:30:1b:c1:41:2e:72:11:6f:
19:b2:f3:95:7b:88:99:a3:a1:06:64:d3:de:95:01:
cf:78:23:84:09:a4:f7:f0:b1:67:51:c9:00:24:40:
dc:1d:51:70:c4:3b:3a:ad:c2:bf:b4:90:bc:6b:48:
ab:91:48:f0:ae:db:60:ae:23:51:64:cd:76:b6:f4:
71:c3:25:dd:33:de:51:10:59:57:5e:9a:c6:b8:29:
46:50:7d:10:f8:a4:d7:b0:72:4e:32:f2:5e:07:f5:
24:63:8f:ce:6a:58:3e:13:63:fe:f7:5c:c6:c9:e1:
bc:50:41:60:99:65:43:95:f8:44:2e:45:20:e1:89:
a0:19:3f:b3:cd:ef:e4:81:54:06:18:dc:d6:62:41:
27:37:42:bb:c6:e8:a3:88:2c:57:f8:58:11:ce:fc:
eb:65:8e:78:4a:4a:33:5f:d1:44:15:36:fa:d0:c6:
2d:9d:0a:57:70:83:ef:75:b9:18:c8:60:a3:f4:cb:
74:26:12:b6:b0:71:d3:03:14:fd:31:af:c4:c3:5d:
fc:4b:80:a0:87:9f:48:48:be:48:a6:b3:7a:31:53:
f3:11:05:68:bf:14:6b:83:2e:aa:04:5a:58:23:b7:
b1:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F0:28:37:D2:45:CB:8F:AB:CD:47:41:CF:A2:B4:A5:A2:F7:3E:AD
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/x_AoN9JFy4-rzUdBz6K0paL3Pq0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
153349
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:5ac0::/48
Signature Algorithm: sha256WithRSAEncryption
65:dd:53:a4:31:62:8b:47:99:4e:3e:32:f0:d6:bf:53:64:7f:
ed:53:a8:fd:09:b7:7f:3a:80:89:5f:a4:83:b9:1b:79:44:cd:
a1:14:5a:4b:72:48:d4:ba:30:84:28:1d:2e:88:06:4b:c5:15:
12:a3:1f:e2:8e:54:89:d0:c8:2b:fb:b0:ec:cb:25:8f:b5:62:
b0:2a:0b:16:3c:e8:af:a3:c4:42:2b:f3:a0:9a:26:19:36:cf:
b6:fa:e8:a0:44:13:65:b1:93:fb:2d:dd:20:4f:c0:c1:48:37:
ba:e5:d7:34:d1:6f:f0:cd:c2:38:13:49:63:71:47:5b:67:0f:
7c:dc:51:76:c6:22:2a:e5:e8:d5:19:35:57:50:dc:3c:31:ae:
70:ae:61:f1:d6:92:0c:01:59:d8:1c:78:71:30:bf:32:b4:1e:
e8:31:e1:b3:1d:e0:80:95:5e:80:16:a7:84:1a:89:f1:4e:e0:
cc:94:33:dd:a1:b9:35:66:18:d4:b2:25:4a:7a:5c:ec:99:66:
ae:01:30:0b:38:b4:d5:ff:1b:76:3e:e2:c2:9d:90:73:2c:67:
96:00:ca:a7:37:10:ee:5f:cf:e0:95:19:39:0f:31:b3:22:01:
bd:8d:58:b4:39:3c:dd:e2:83:e1:1a:87:1c:6d:cd:ef:0d:57:
f1:cf:01:21
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgIDAnKmMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MTEwMzIzMDYzOFoXDTI2MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDhCQjExMTAvBgNVBAUTKEM3RjAyODM3RDI0NUNCOEZBQkNENDc0
MUNGQTJCNEE1QTJGNzNFQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCr666DkT4w/rnkP0sQK9Wo/t+h4scwG8FBLnIRbxmy85V7iJmjoQZk096VAc94
I4QJpPfwsWdRyQAkQNwdUXDEOzqtwr+0kLxrSKuRSPCu22CuI1FkzXa29HHDJd0z
3lEQWVdemsa4KUZQfRD4pNewck4y8l4H9SRjj85qWD4TY/73XMbJ4bxQQWCZZUOV
+EQuRSDhiaAZP7PN7+SBVAYY3NZiQSc3QrvG6KOILFf4WBHO/OtljnhKSjNf0UQV
NvrQxi2dCldwg+91uRjIYKP0y3QmErawcdMDFP0xr8TDXfxLgKCHn0hIvkims3ox
U/MRBWi/FGuDLqoEWlgjt7EfAgMBAAGjggMSMIIDDjAdBgNVHQ4EFgQUx/AoN9JF
y4+rzUdBz6K0paL3Pq0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQ4QkIxLzVBRDc2OUIwM0QyNTExRjA4MEM0ODk1NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEOEJCMS81QUQ3NjlCMDNEMjUxMUYwODBDNDg5NTVDNEY5QUUwMi94X0FvTjlK
Rnk0LXJ6VWRCejZLMHBhTDNQcTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlcFMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN9FrAMA0G
CSqGSIb3DQEBCwUAA4IBAQBl3VOkMWKLR5lOPjLw1r9TZH/tU6j9Cbd/OoCJX6SD
uRt5RM2hFFpLckjUujCEKB0uiAZLxRUSox/ijlSJ0Mgr+7DsyyWPtWKwKgsWPOiv
o8RCK/OgmiYZNs+2+uigRBNlsZP7Ld0gT8DBSDe65dc00W/wzcI4E0ljcUdbZw98
3FF2xiIq5ejVGTVXUNw8Ma5wrmHx1pIMAVnYHHhxML8ytB7oMeGzHeCAlV6AFqeE
GonxTuDMlDPdobk1ZhjUsiVKelzsmWauATALOLTV/xt2PuLCnZBzLGeWAMqnNxDu
X8/glRk5DzGzIgG9jVi0OTzd4oPhGoccbc3vDVfxzwEh
-----END CERTIFICATE-----
Generated at Tue Nov 4 08:21:13 2025 by rpki-client