Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer
File: yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer (raw, json)
Hash identifier: l4zga1LXMSIQSfo/p1QNO905ZZbiv7TK0BvSI9+a+Z4=
Subject key identifier: C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 024057
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 23 Apr 2025 04:10:14 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: AS: 138627
IP: 103.203.220.0/22
IP: 113.30.128.0/20
IP: 123.253.152.0/22
IP: 150.195.208.0/20
IP: 202.75.240.0/21
IP: 2407:a80::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 20:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147543 (0x24057)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 23 04:10:14 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=A91E4D3D, serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:10:06:dd:d4:30:5e:cc:ee:32:37:cb:50:1e:
4b:25:9b:43:80:cb:f5:fb:8f:3f:1c:18:7e:de:de:
b7:47:03:f8:1e:b0:70:a2:1c:94:ef:ae:fe:a4:d2:
b2:2e:b4:88:ba:68:11:4c:1a:b1:8d:73:d3:3c:6d:
ff:6e:16:87:a7:ab:85:9c:57:a9:ac:65:8e:f8:f6:
ec:16:5b:12:29:17:8f:7a:f4:ee:54:f8:64:dd:f2:
ce:7a:0a:f0:81:90:c6:31:83:19:b9:1b:59:d8:fa:
19:88:36:80:7b:1c:8e:74:85:62:25:b3:3d:d9:3d:
76:f7:f6:68:a6:75:84:dd:56:1a:44:b1:da:99:a6:
69:0d:d3:4e:4c:55:51:42:94:02:c1:79:45:85:45:
ed:0a:89:46:cb:bc:5a:26:4b:88:8b:df:04:e7:9b:
42:e8:0b:97:c3:a5:46:33:9b:7c:35:ee:d2:e8:d1:
bc:61:02:fc:32:c2:8b:cc:f4:dc:88:d8:cf:e3:78:
37:db:d7:7b:93:8f:7b:6c:b6:d9:0f:c6:07:f6:5f:
f1:96:c3:16:ca:64:2e:4b:d1:1e:79:90:85:e0:86:
bf:81:d5:0b:a9:d5:16:db:2b:83:38:27:df:df:6b:
56:c9:7b:7f:9c:1b:18:a2:d1:71:28:e1:91:6d:0a:
b5:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
138627
sbgp-ipAddrBlock: critical
IPv4:
103.203.220.0/22
113.30.128.0/20
123.253.152.0/22
150.195.208.0/20
202.75.240.0/21
IPv6:
2407:a80::/32
Signature Algorithm: sha256WithRSAEncryption
2d:07:e3:b4:4a:14:ab:31:45:db:7f:90:5a:1e:d2:a4:92:77:
da:56:e2:73:01:98:1f:74:14:31:e3:5f:94:ec:3e:8a:1b:45:
53:78:d8:18:8a:6d:63:a9:fd:c6:53:18:40:07:4c:27:08:1c:
07:aa:8e:c7:90:83:ea:75:c8:be:4f:dd:07:33:c6:c6:4f:85:
21:8f:23:84:65:e6:1d:1b:6e:a5:e1:d4:be:c8:be:03:0c:14:
9f:67:3f:34:a0:9f:d7:40:cb:00:ff:bc:ce:27:7e:30:99:68:
7c:c0:73:a9:88:ae:7e:75:fc:22:ea:9d:87:e4:43:f3:e7:0d:
49:dd:d5:1b:e2:76:f2:01:33:80:ca:c7:94:26:37:d4:8c:ce:
f5:7b:9b:ca:ba:9c:92:0b:d2:77:65:65:98:b0:49:a6:26:51:
93:64:2d:18:99:bd:f1:35:c7:6b:b7:11:cf:1a:e8:ad:4f:cb:
0c:55:ea:9e:3e:15:ae:2a:95:d4:ff:5f:1c:62:f7:11:31:f3:
7b:db:1b:f4:a5:ab:37:1f:e3:98:d8:36:c6:47:f9:93:da:c9:
70:e0:02:8a:b3:97:a5:b2:5d:93:ab:e5:b2:6d:07:9e:48:18:
da:c8:80:e9:21:e9:be:86:f4:ca:ee:25:c8:59:e9:f1:79:d5:
33:03:86:25
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgIDAkBXMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDQyMzA0MTAxNFoXDTI2MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTREM0QxMTAvBgNVBAUTKEM4MDcwRkQwNjFBODUxRkY4QUVERTBE
RTBDMzYwN0VFQjk4RkY3MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCkEAbd1DBezO4yN8tQHkslm0OAy/X7jz8cGH7e3rdHA/gesHCiHJTvrv6k0rIu
tIi6aBFMGrGNc9M8bf9uFoenq4WcV6msZY749uwWWxIpF4969O5U+GTd8s56CvCB
kMYxgxm5G1nY+hmINoB7HI50hWIlsz3ZPXb39mimdYTdVhpEsdqZpmkN005MVVFC
lALBeUWFRe0KiUbLvFomS4iL3wTnm0LoC5fDpUYzm3w17tLo0bxhAvwywovM9NyI
2M/jeDfb13uTj3tsttkPxgf2X/GWwxbKZC5L0R55kIXghr+B1Qup1RbbK4M4J9/f
a1bJe3+cGxii0XEo4ZFtCrW1AgMBAAGjggM2MIIDMjAdBgNVHQ4EFgQUyAcP0GGo
Uf+K7eDeDDYH7rmP9wEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU0RDNEL0IwMjAyRDMyRDhCOTExRUJBQkMxRjQ4NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFNEQzRC9CMDIwMkQzMkQ4QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi95QWNQMEdH
b1VmLUs3ZURlRERZSDdybVA5d0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAh2DMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCZ8vcAwQEcR6A
AwQCe/2YAwQElsPQAwQDykvwMA0EAgACMAcDBQAkBwqAMA0GCSqGSIb3DQEBCwUA
A4IBAQAtB+O0ShSrMUXbf5BaHtKkknfaVuJzAZgfdBQx41+U7D6KG0VTeNgYim1j
qf3GUxhAB0wnCBwHqo7HkIPqdci+T90HM8bGT4UhjyOEZeYdG26l4dS+yL4DDBSf
Zz80oJ/XQMsA/7zOJ34wmWh8wHOpiK5+dfwi6p2H5EPz5w1J3dUb4nbyATOAyseU
JjfUjM71e5vKupySC9J3ZWWYsEmmJlGTZC0Ymb3xNcdrtxHPGuitT8sMVeqePhWu
KpXU/18cYvcRMfN72xv0pas3H+OY2DbGR/mT2slw4AKKs5elsl2Tq+WybQeeSBja
yIDpIem+hvTK7iXIWenxedUzA4Yl
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:51:19 2025 by rpki-client