Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/33H2KoYwGsbTrKQJgyzDqdmcmhE.cer
File: 33H2KoYwGsbTrKQJgyzDqdmcmhE.cer (raw, json)
Hash identifier: fKhGAJFc/6pjYCQgofYUfV/ELMLWBhaNlL8ceEnpM2o=
Subject key identifier: DF:71:F6:2A:86:30:1A:C6:D3:AC:A4:09:83:2C:C3:A9:D9:9C:9A:11
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial: 521B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91AE7C5/330749461B5011F1BD5AD0E8243D8C67/33H2KoYwGsbTrKQJgyzDqdmcmhE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91AE7C5/330749461B5011F1BD5AD0E8243D8C67/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 09 Mar 2026 00:37:54 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: IP: 151.158.191.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 Apr 2026 02:50:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21019 (0x521b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Validity
Not Before: Mar 9 00:37:54 2026 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A91AE7C5, serialNumber=DF71F62A86301AC6D3ACA409832CC3A9D99C9A11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:04:9c:99:5d:5e:ef:8c:5a:14:ff:02:7e:ed:
64:b7:33:21:78:c9:aa:6e:22:fd:06:46:e7:cd:4a:
f1:d7:eb:7c:71:36:a8:54:5f:7d:e8:e4:12:db:61:
61:a2:a8:6a:df:6d:3a:da:56:39:24:8f:39:8d:19:
da:b1:bd:80:19:28:00:aa:69:20:50:4f:9d:d8:fa:
8b:f4:9e:a8:de:33:8f:68:20:cb:07:31:99:a1:62:
a6:5a:bc:01:95:46:52:50:f6:b7:36:8a:8c:70:f6:
98:d2:6f:82:4d:8d:4a:68:46:99:36:58:10:35:f1:
88:ee:8a:bd:51:8e:21:0c:24:fe:87:58:54:10:62:
0f:f8:d8:4b:7e:62:8a:56:2e:f2:30:e8:81:dc:39:
4a:55:61:c1:83:db:41:87:d8:18:89:16:24:74:2b:
50:f4:93:6d:1f:64:b1:0f:58:6a:c7:59:2d:a7:35:
68:96:b6:dc:bd:4f:1b:36:e8:98:3c:04:12:0b:e6:
dc:c6:dc:c5:94:bb:ef:4e:45:7f:4b:09:63:40:d2:
e9:26:85:19:84:33:5b:56:64:99:bb:ca:f0:7a:cf:
01:69:e7:ff:05:0b:c6:dd:af:82:9d:be:07:8a:bf:
30:7f:6e:85:1d:95:ae:c7:5e:20:95:14:98:6e:d1:
61:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:71:F6:2A:86:30:1A:C6:D3:AC:A4:09:83:2C:C3:A9:D9:9C:9A:11
X509v3 Authority Key Identifier:
keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91AE7C5/330749461B5011F1BD5AD0E8243D8C67/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91AE7C5/330749461B5011F1BD5AD0E8243D8C67/33H2KoYwGsbTrKQJgyzDqdmcmhE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
151.158.191.0/24
Signature Algorithm: sha256WithRSAEncryption
07:d1:d7:bb:25:a6:ba:33:17:ba:91:2e:03:3f:9d:14:1e:91:
ce:a8:4e:8e:8a:ce:06:a3:4e:a8:6f:88:97:35:7c:4e:14:5e:
bb:16:e6:5b:d0:f4:f4:d9:51:87:e7:c4:07:86:85:dd:1f:4a:
8c:14:b2:1d:94:b4:db:68:06:3f:6d:88:aa:c6:5b:03:fb:27:
4c:63:5f:17:5d:c7:a7:d4:4b:63:93:23:91:ec:7d:f1:1c:c6:
85:3c:20:16:fe:d3:8d:34:7b:44:bf:85:d8:1d:2f:bc:c8:27:
e1:71:9e:e5:00:76:4e:3a:74:1b:8f:35:a7:6b:79:41:05:d6:
6b:9b:18:45:f2:0a:e3:13:2f:d0:58:e1:6d:07:d8:02:f7:40:
5c:2b:d3:68:38:b3:4a:05:1c:20:47:ce:5d:ed:b4:3d:ff:de:
50:02:14:52:3e:f1:cb:e6:42:55:2e:a0:8c:6b:53:dd:ef:55:
cd:00:4a:24:a1:77:48:c5:d9:56:9e:2b:f4:8b:a9:5b:76:c8:
57:b2:85:89:67:93:b4:fe:18:2e:42:52:a5:18:63:d5:f7:1f:
96:05:d3:03:ef:bb:51:ca:c7:e4:30:d9:a5:de:17:89:dd:06:
34:88:e3:8d:9d:19:3c:6e:e8:b7:4d:4b:21:68:89:64:f3:e6:
7e:df:e8:62
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICUhswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjYwMzA5MDAzNzU0WhcNMjYxMDMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFBRTdDNTExMC8GA1UEBRMoREY3MUY2MkE4NjMwMUFDNkQzQUNBNDA5
ODMyQ0MzQTlEOTlDOUExMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKcEnJldXu+MWhT/An7tZLczIXjJqm4i/QZG581K8dfrfHE2qFRffejkEtthYaKo
at9tOtpWOSSPOY0Z2rG9gBkoAKppIFBPndj6i/SeqN4zj2ggywcxmaFiplq8AZVG
UlD2tzaKjHD2mNJvgk2NSmhGmTZYEDXxiO6KvVGOIQwk/odYVBBiD/jYS35iilYu
8jDogdw5SlVhwYPbQYfYGIkWJHQrUPSTbR9ksQ9YasdZLac1aJa23L1PGzbomDwE
Egvm3MbcxZS7705Ff0sJY0DS6SaFGYQzW1ZkmbvK8HrPAWnn/wULxt2vgp2+B4q/
MH9uhR2VrsdeIJUUmG7RYa8CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTfcfYqhjAa
xtOspAmDLMOp2ZyaETAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUU3QzUvMzMwNzQ5NDYxQjUwMTFGMUJENUFEMEU4MjQzRDhDNjcvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUFFN0M1LzMzMDc0OTQ2MUI1MDExRjFCRDVBRDBFODI0M0Q4QzY3LzMzSDJLb1l3
R3NiVHJLUUpneXpEcWRtY21oRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAJeevzANBgkqhkiG9w0BAQsFAAOCAQEAB9HXuyWmujMXupEuAz+d
FB6RzqhOjorOBqNOqG+IlzV8ThReuxbmW9D09NlRh+fEB4aF3R9KjBSyHZS022gG
P22IqsZbA/snTGNfF13Hp9RLY5Mjkex98RzGhTwgFv7TjTR7RL+F2B0vvMgn4XGe
5QB2Tjp0G481p2t5QQXWa5sYRfIK4xMv0FjhbQfYAvdAXCvTaDizSgUcIEfOXe20
Pf/eUAIUUj7xy+ZCVS6gjGtT3e9VzQBKJKF3SMXZVp4r9IupW3bIV7KFiWeTtP4Y
LkJSpRhj1fcflgXTA++7UcrH5DDZpd4Xid0GNIjjjZ0ZPG7ot01LIWiJZPPmft/o
Yg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:47:13 2026 by rpki-client