Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/Kxn0VfTTBpR34BlB90IUn7kADYE.cer
File: Kxn0VfTTBpR34BlB90IUn7kADYE.cer (raw, json)
Hash identifier: qH4FxNPV6ZH/fCPHmhjVn93IiqCO8HV6ZN3kdXZnWmk=
Subject key identifier: 2B:19:F4:55:F4:D3:06:94:77:E0:19:41:F7:42:14:9F:B9:00:0D:81
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial: 52F6
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A622F/2CAE626C3E6111F18B94D20BB2EE528E/Kxn0VfTTBpR34BlB90IUn7kADYE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A622F/2CAE626C3E6111F18B94D20BB2EE528E/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 28 Apr 2026 14:04:36 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: IP: 151.123.128.0/20
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 14:50:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21238 (0x52f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Validity
Not Before: Apr 28 14:04:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=A91A622F, serialNumber=2B19F455F4D3069477E01941F742149FB9000D81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:97:53:4e:2f:ca:10:28:22:55:62:fb:0c:9b:
13:5c:9c:40:5c:83:77:79:38:fc:28:a2:3f:a4:3b:
b7:2c:b4:b4:a6:24:7b:8c:66:31:91:a8:4a:04:b6:
a0:70:d6:08:e8:99:9d:71:1b:c2:c7:3f:f9:96:40:
70:6a:ff:26:f2:03:26:c6:65:ed:25:12:8a:1f:23:
e8:3e:4b:e5:88:ec:7a:e2:a9:9c:ae:a0:11:f7:90:
f8:5d:2a:02:1d:36:ad:bc:e8:7c:4e:7c:00:56:62:
00:71:d1:8f:fc:9c:c0:47:33:02:93:db:57:e6:b7:
05:3f:38:5f:b5:72:25:07:65:23:1b:4e:90:8a:b6:
ad:77:1f:4d:f7:df:4a:ac:5e:29:b7:18:9d:3c:8a:
f0:b1:90:be:ee:91:5b:88:3c:8a:ec:fd:13:13:38:
7d:eb:9c:a1:12:b9:70:99:09:fa:82:77:95:7e:0e:
4c:02:af:bf:31:a1:99:c9:c5:fd:76:3d:bc:bf:21:
b3:9d:4c:20:6d:00:51:99:75:52:49:c1:fe:7d:bf:
15:ed:54:9b:a7:c6:37:03:f9:e3:97:26:0d:e9:ad:
36:76:cf:a7:d5:58:6d:49:d9:23:c4:c2:c2:6b:42:
d4:f8:69:10:b2:c4:23:bc:05:d8:fd:a2:18:6d:86:
e6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:19:F4:55:F4:D3:06:94:77:E0:19:41:F7:42:14:9F:B9:00:0D:81
X509v3 Authority Key Identifier:
keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A622F/2CAE626C3E6111F18B94D20BB2EE528E/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A622F/2CAE626C3E6111F18B94D20BB2EE528E/Kxn0VfTTBpR34BlB90IUn7kADYE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
151.123.128.0/20
Signature Algorithm: sha256WithRSAEncryption
2c:8c:db:89:46:58:4f:c5:ca:ce:5a:ac:56:20:a4:28:c1:db:
e0:fc:08:e1:28:5f:6f:2c:9a:22:1a:5c:41:f4:3b:a1:19:f6:
30:b8:e3:02:8e:e4:6b:66:ed:87:b6:9b:88:bf:4a:ff:8c:2f:
e8:79:aa:bb:48:fc:a1:4c:bf:b6:4d:49:b5:c8:1b:c8:16:db:
70:e0:0a:4e:76:03:14:4b:fd:8c:d0:f7:dd:f9:c2:bd:ac:aa:
1b:27:19:98:67:48:be:b6:5e:a9:dd:45:30:ce:1d:9d:31:5a:
45:16:17:6e:b3:7e:1b:f6:f1:69:ee:46:be:d3:fa:75:5c:2f:
26:00:b6:cf:ca:b3:e8:d8:39:81:83:ed:12:f2:e9:10:90:65:
2e:2a:f9:35:ef:06:02:c7:77:be:8f:8a:34:e7:84:24:d2:dc:
5a:91:bb:9a:6e:ef:29:f8:64:76:92:d8:89:06:34:2f:c5:f7:
a3:21:1b:99:65:8c:b5:b7:77:71:a8:c3:6a:cd:32:f0:1b:fa:
4f:25:93:f3:9d:6b:cb:df:7f:08:3a:41:8c:59:cd:8d:60:6c:
b8:96:99:8e:e4:52:b4:43:76:0a:91:2e:ab:46:95:57:10:f0:
5f:26:05:be:48:b5:41:3c:27:41:54:4d:c8:a7:4f:fe:65:6a:
32:ac:48:79
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICUvYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjYwNDI4MTQwNDM2WhcNMjcwNzAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFBNjIyRjExMC8GA1UEBRMoMkIxOUY0NTVGNEQzMDY5NDc3RTAxOTQx
Rjc0MjE0OUZCOTAwMEQ4MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANuXU04vyhAoIlVi+wybE1ycQFyDd3k4/CiiP6Q7tyy0tKYke4xmMZGoSgS2oHDW
COiZnXEbwsc/+ZZAcGr/JvIDJsZl7SUSih8j6D5L5YjseuKpnK6gEfeQ+F0qAh02
rbzofE58AFZiAHHRj/ycwEczApPbV+a3BT84X7VyJQdlIxtOkIq2rXcfTfffSqxe
KbcYnTyK8LGQvu6RW4g8iuz9ExM4feucoRK5cJkJ+oJ3lX4OTAKvvzGhmcnF/XY9
vL8hs51MIG0AUZl1UknB/n2/Fe1Um6fGNwP545cmDemtNnbPp9VYbUnZI8TCwmtC
1PhpELLEI7wF2P2iGG2G5rkCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQrGfRV9NMG
lHfgGUH3QhSfuQANgTAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTYyMkYvMkNBRTYyNkMzRTYxMTFGMThCOTREMjBCQjJFRTUyOEUvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE2MjJGLzJDQUU2MjZDM0U2MTExRjE4Qjk0RDIwQkIyRUU1MjhFL0t4bjBWZlRU
QnBSMzRCbEI5MElVbjdrQURZRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEBJd7gDANBgkqhkiG9w0BAQsFAAOCAQEALIzbiUZYT8XKzlqsViCk
KMHb4PwI4ShfbyyaIhpcQfQ7oRn2MLjjAo7ka2bth7abiL9K/4wv6Hmqu0j8oUy/
tk1JtcgbyBbbcOAKTnYDFEv9jND33fnCvayqGycZmGdIvrZeqd1FMM4dnTFaRRYX
brN+G/bxae5GvtP6dVwvJgC2z8qz6Ng5gYPtEvLpEJBlLir5Ne8GAsd3vo+KNOeE
JNLcWpG7mm7vKfhkdpLYiQY0L8X3oyEbmWWMtbd3cajDas0y8Bv6TyWT851ry99/
CDpBjFnNjWBsuJaZjuRStEN2CpEuq0aVVxDwXyYFvki1QTwnQVRNyKdP/mVqMqxI
eQ==
-----END CERTIFICATE-----
Generated at Tue May 12 22:46:45 2026 by rpki-client