Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/BQjL6atu5_Yp8eFzhfPg_e-MPTs.cer
File: BQjL6atu5_Yp8eFzhfPg_e-MPTs.cer (raw, json)
Hash identifier: CoVu5OkGHpH+bTP3Fab3c/bGCDgmaHCzSJzgZOrGrWo=
Subject key identifier: 05:08:CB:E9:AB:6E:E7:F6:29:F1:E1:73:85:F3:E0:FD:EF:8C:3D:3B
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial: 52FB
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest: rsync://rpki.apnic.net/member_repository/A917E0A8/0C47490AEAB311EB9811A465C4F9AE02/BQjL6atu5_Yp8eFzhfPg_e-MPTs.mft
caRepository: rsync://rpki.apnic.net/member_repository/A917E0A8/0C47490AEAB311EB9811A465C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 29 Apr 2026 13:35:21 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: IP: 85.113.70.0/23
IP: 91.199.209.0/24
IP: 164.152.166.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 14:50:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21243 (0x52fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Validity
Not Before: Apr 29 13:35:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=A917E0A8, serialNumber=0508CBE9AB6EE7F629F1E17385F3E0FDEF8C3D3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:13:9d:1f:7d:04:02:ad:69:e3:a9:a2:86:89:
b0:fb:2e:34:c3:63:9a:13:6a:e7:49:3a:49:3c:7e:
8f:99:d2:42:61:51:00:b2:a7:84:23:29:ca:60:8c:
dc:6e:05:20:78:62:60:dc:a3:d9:27:79:04:f3:9a:
ac:45:03:6a:e8:db:71:f9:9b:eb:0a:32:a8:a0:d4:
ea:8b:9c:d3:db:7a:c1:6a:35:b0:38:75:bb:08:92:
d2:d1:75:3c:03:bb:7a:35:7e:62:02:f1:ba:28:63:
4c:45:76:07:df:0d:d8:22:76:97:69:54:21:26:86:
e4:e1:c8:77:8e:98:41:1d:c6:65:eb:2d:73:ad:95:
ff:94:f9:7e:dd:13:60:e0:b8:7f:b3:f5:10:fe:b6:
1a:2d:c1:37:94:84:2c:c1:db:33:56:1d:f2:5c:19:
f5:9f:32:55:2f:82:fc:6c:f3:84:2c:15:1e:80:7c:
d3:a7:8e:10:95:7b:da:a3:07:a4:14:d4:95:24:7d:
70:5c:fa:d5:e1:80:0a:ec:13:62:8e:39:c2:c7:c1:
92:bb:f6:1e:4f:17:39:75:5e:52:17:00:e4:69:97:
7c:51:1b:e6:7b:29:7c:36:e6:60:05:1d:bd:8b:bb:
56:b0:e6:bf:36:da:b9:69:d8:0a:cc:66:b9:81:ad:
a7:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:08:CB:E9:AB:6E:E7:F6:29:F1:E1:73:85:F3:E0:FD:EF:8C:3D:3B
X509v3 Authority Key Identifier:
keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/0C47490AEAB311EB9811A465C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/0C47490AEAB311EB9811A465C4F9AE02/BQjL6atu5_Yp8eFzhfPg_e-MPTs.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
85.113.70.0/23
91.199.209.0/24
164.152.166.0/23
Signature Algorithm: sha256WithRSAEncryption
40:5a:22:2f:d0:46:33:60:ef:44:41:43:85:ba:16:52:44:dd:
7a:ab:37:c1:2d:79:43:1e:fa:02:70:71:d2:74:87:30:73:a6:
06:28:04:ed:54:ac:f4:dc:b5:e1:b2:fb:8d:c8:e5:80:ed:50:
3e:b6:81:3b:8a:7d:6a:c2:14:b4:b8:31:3d:ae:61:fd:28:ec:
17:ba:5e:c0:bb:87:d5:ca:06:50:4f:e5:1c:c7:52:ef:95:30:
74:72:1a:13:c7:55:06:cd:c9:72:c5:d3:45:90:63:9a:e7:e7:
91:d8:81:16:61:bc:d2:d7:2b:10:38:8c:1c:68:44:2f:76:80:
40:80:78:ec:08:e0:a4:20:64:dd:2d:0b:e7:ba:82:ba:8b:bf:
97:a5:7b:7e:88:07:0f:cd:07:68:e8:e5:e6:80:8b:2f:e7:69:
44:21:9d:4d:a2:dd:bc:06:0e:1c:e1:04:fa:e4:0a:70:9a:e0:
19:16:2e:d7:c3:51:44:3d:20:b3:b4:7d:72:e8:28:90:c7:0e:
6a:b5:42:be:85:83:5d:2c:01:ca:8b:96:4e:f2:f8:74:09:d3:
19:20:b8:87:8d:7c:b6:bc:b4:de:45:2e:68:42:58:db:ec:c0:
78:5a:16:55:8c:6a:54:aa:40:55:89:92:64:8c:43:4b:51:60:
fb:a9:42:64
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgICUvswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjYwNDI5MTMzNTIxWhcNMjcwNzAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE3RTBBODExMC8GA1UEBRMoMDUwOENCRTlBQjZFRTdGNjI5RjFFMTcz
ODVGM0UwRkRFRjhDM0QzQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALkTnR99BAKtaeOpooaJsPsuNMNjmhNq50k6STx+j5nSQmFRALKnhCMpymCM3G4F
IHhiYNyj2Sd5BPOarEUDaujbcfmb6woyqKDU6ouc09t6wWo1sDh1uwiS0tF1PAO7
ejV+YgLxuihjTEV2B98N2CJ2l2lUISaG5OHId46YQR3GZestc62V/5T5ft0TYOC4
f7P1EP62Gi3BN5SELMHbM1Yd8lwZ9Z8yVS+C/GzzhCwVHoB806eOEJV72qMHpBTU
lSR9cFz61eGACuwTYo45wsfBkrv2Hk8XOXVeUhcA5GmXfFEb5nspfDbmYAUdvYu7
VrDmvzbauWnYCsxmuYGtpwsCAwEAAaOCAv8wggL7MB0GA1UdDgQWBBQFCMvpq27n
9inx4XOF8+D974w9OzAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0UwQTgvMEM0NzQ5MEFFQUIzMTFFQjk4MTFBNDY1QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTdFMEE4LzBDNDc0OTBBRUFCMzExRUI5ODExQTQ2NUM0RjlBRTAyL0JRakw2YXR1
NV9ZcDhlRnpoZlBnX2UtTVBUcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQcMBow
GAQCAAEwEgMEAVVxRgMEAFvH0QMEAaSYpjANBgkqhkiG9w0BAQsFAAOCAQEAQFoi
L9BGM2DvREFDhboWUkTdeqs3wS15Qx76AnBx0nSHMHOmBigE7VSs9Ny14bL7jcjl
gO1QPraBO4p9asIUtLgxPa5h/SjsF7pewLuH1coGUE/lHMdS75UwdHIaE8dVBs3J
csXTRZBjmufnkdiBFmG80tcrEDiMHGhEL3aAQIB47AjgpCBk3S0L57qCuou/l6V7
fogHD80HaOjl5oCLL+dpRCGdTaLdvAYOHOEE+uQKcJrgGRYu18NRRD0gs7R9cugo
kMcOarVCvoWDXSwByouWTvL4dAnTGSC4h418try03kUuaEJY2+zAeFoWVYxqVKpA
VYmSZIxDS1Fg+6lCZA==
-----END CERTIFICATE-----
Generated at Tue May 12 23:09:59 2026 by rpki-client