Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/2m3rP2XMI2eEg6drt445Hy-cZCE.cer
File: 2m3rP2XMI2eEg6drt445Hy-cZCE.cer (raw, json)
Hash identifier: g89gbtk3I/Mw2PWYsIo90Sndk7oWQi0hNPOByJmlmuI=
Subject key identifier: DA:6D:EB:3F:65:CC:23:67:84:83:A7:6B:B7:8E:39:1F:2F:9C:64:21
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial: 5238
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91CE959/F47755B821B211F1959DF977AAEE528E/2m3rP2XMI2eEg6drt445Hy-cZCE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91CE959/F47755B821B211F1959DF977AAEE528E/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 17 Mar 2026 03:39:55 +0000
Certificate not after: Sat 01 May 2027 00:00:00 +0000
Subordinate resources: IP: 185.171.168.0/22
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 Apr 2026 14:50:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21048 (0x5238)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Validity
Not Before: Mar 17 03:39:55 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=A91CE959, serialNumber=DA6DEB3F65CC23678483A76BB78E391F2F9C6421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c2:60:46:ed:25:e1:83:74:bd:5c:e0:87:a2:
a0:a0:f8:fd:ed:84:6d:27:6b:cc:79:77:4b:1e:e1:
41:b2:00:d8:38:da:90:f8:a7:ee:2d:3c:a6:97:e0:
42:61:0c:88:1f:54:53:a1:3c:b5:15:a0:be:da:82:
fe:bb:73:e1:6f:36:e0:f8:60:49:5c:c8:02:3c:88:
a9:ab:6c:4a:18:ea:c3:33:c8:f5:46:be:b7:30:ed:
2b:74:75:06:3b:02:c5:63:b7:34:ae:9d:6f:49:6b:
41:52:ae:6a:ef:75:fa:c2:b1:85:71:22:d9:16:a3:
ef:aa:4f:f6:ee:9e:e5:9a:19:3f:ea:02:ff:67:d3:
38:6d:f2:af:a3:0c:dc:f5:f9:ec:c2:75:b8:58:4f:
b5:04:ba:50:77:c0:86:89:a0:ef:28:cb:f9:58:d2:
ef:68:ac:f5:2a:c1:c8:94:e0:ca:4a:3b:51:20:58:
b4:97:f5:77:77:18:9d:c2:ab:6a:92:ed:96:c1:59:
aa:63:64:27:d7:dd:b2:28:4f:cc:db:61:6a:91:0c:
99:9d:75:a7:ee:19:4a:4a:ab:16:82:ed:67:62:d0:
0e:44:8c:16:32:ba:ca:2f:13:df:3e:47:e3:b2:89:
fd:01:ba:a5:ec:7a:62:49:ea:0a:b3:df:fc:95:77:
49:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:6D:EB:3F:65:CC:23:67:84:83:A7:6B:B7:8E:39:1F:2F:9C:64:21
X509v3 Authority Key Identifier:
keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CE959/F47755B821B211F1959DF977AAEE528E/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CE959/F47755B821B211F1959DF977AAEE528E/2m3rP2XMI2eEg6drt445Hy-cZCE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
185.171.168.0/22
Signature Algorithm: sha256WithRSAEncryption
49:a3:86:62:59:a8:bf:37:b8:bd:4f:cc:11:45:b4:30:69:0c:
f8:37:09:a5:bd:c0:20:ba:b5:c7:09:fb:80:26:6c:cb:b6:62:
d7:9d:28:d9:f1:3a:18:5e:3b:33:be:bd:84:ca:af:38:48:4a:
34:07:8b:59:16:54:ce:2c:d6:55:87:21:b2:01:f5:89:d1:57:
44:4c:fe:19:a6:3c:3a:86:fb:0f:79:66:be:9a:72:24:08:d2:
e6:60:1b:f2:74:32:13:4d:0a:bf:0e:e1:ec:d5:7f:2e:98:30:
13:22:f8:db:36:44:4c:7b:96:77:c1:fb:fd:aa:e2:22:e4:a5:
1c:51:72:3e:63:8d:b3:42:61:b1:7d:6e:d7:6d:58:07:c6:f5:
0c:0c:df:ac:e7:9d:b8:2a:a7:45:de:d8:e5:ee:20:fa:51:fb:
77:69:12:c6:10:65:7e:4f:7e:94:c1:d6:32:b4:b8:db:de:18:
69:86:43:b1:1c:c4:0b:fc:0e:f4:aa:66:cf:a6:8c:20:99:9e:
45:e9:12:b4:83:79:17:b0:92:c4:a1:6c:ee:4c:17:cb:e3:d4:
01:5b:46:5a:cd:5c:aa:95:5c:ed:7d:16:1c:10:89:ed:b2:0d:
0b:5a:67:8b:8e:4d:d5:ac:95:bd:dd:b3:f2:fc:3a:4e:a8:20:
9f:35:0d:42
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICUjgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjYwMzE3MDMzOTU1WhcNMjcwNTAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDRTk1OTExMC8GA1UEBRMoREE2REVCM0Y2NUNDMjM2Nzg0ODNBNzZC
Qjc4RTM5MUYyRjlDNjQyMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALXCYEbtJeGDdL1c4IeioKD4/e2EbSdrzHl3Sx7hQbIA2DjakPin7i08ppfgQmEM
iB9UU6E8tRWgvtqC/rtz4W824PhgSVzIAjyIqatsShjqwzPI9Ua+tzDtK3R1BjsC
xWO3NK6db0lrQVKuau91+sKxhXEi2Raj76pP9u6e5ZoZP+oC/2fTOG3yr6MM3PX5
7MJ1uFhPtQS6UHfAhomg7yjL+VjS72is9SrByJTgyko7USBYtJf1d3cYncKrapLt
lsFZqmNkJ9fdsihPzNthapEMmZ11p+4ZSkqrFoLtZ2LQDkSMFjK6yi8T3z5H47KJ
/QG6pex6YknqCrPf/JV3SeMCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTabes/Zcwj
Z4SDp2u3jjkfL5xkITAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0U5NTkvRjQ3NzU1QjgyMUIyMTFGMTk1OURGOTc3QUFFRTUyOEUvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNFOTU5L0Y0Nzc1NUI4MjFCMjExRjE5NTlERjk3N0FBRUU1MjhFLzJtM3JQMlhN
STJlRWc2ZHJ0NDQ1SHktY1pDRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEArmrqDANBgkqhkiG9w0BAQsFAAOCAQEASaOGYlmovze4vU/MEUW0
MGkM+DcJpb3AILq1xwn7gCZsy7Zi150o2fE6GF47M769hMqvOEhKNAeLWRZUzizW
VYchsgH1idFXREz+GaY8Oob7D3lmvppyJAjS5mAb8nQyE00Kvw7h7NV/LpgwEyL4
2zZETHuWd8H7/ariIuSlHFFyPmONs0JhsX1u121YB8b1DAzfrOeduCqnRd7Y5e4g
+lH7d2kSxhBlfk9+lMHWMrS4294YaYZDsRzEC/wO9Kpmz6aMIJmeRekStIN5F7CS
xKFs7kwXy+PUAVtGWs1cqpVc7X0WHBCJ7bINC1pni45N1ayVvd2z8vw6TqggnzUN
Qg==
-----END CERTIFICATE-----
Generated at Wed Mar 25 22:54:23 2026 by rpki-client