Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/XEH4EDozCnVMPG44dNzKXcSOGwA.cer
File: XEH4EDozCnVMPG44dNzKXcSOGwA.cer (raw, json)
Hash identifier: 7SDiXQGfiLknM4ujw4NqSpn2ZKEPPvDZTIurzls169M=
Subject key identifier: 5C:41:F8:10:3A:33:0A:75:4C:3C:6E:38:74:DC:CA:5D:C4:8E:1B:00
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial: 533A
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91DDB11/D84C3FE04E0611F1A64B629AC9833773/XEH4EDozCnVMPG44dNzKXcSOGwA.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91DDB11/D84C3FE04E0611F1A64B629AC9833773/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 12 May 2026 13:31:17 +0000
Certificate not after: Sat 01 May 2027 00:00:00 +0000
Subordinate resources: IP: 151.158.230.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 14:50:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21306 (0x533a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Validity
Not Before: May 12 13:31:17 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=A91DDB11, serialNumber=5C41F8103A330A754C3C6E3874DCCA5DC48E1B00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:02:9b:11:02:c3:ab:fa:02:01:18:98:d8:28:
e3:a2:ab:77:ba:59:44:5f:2a:42:f3:68:e8:2e:7b:
da:ca:2f:c3:00:a8:11:b3:6f:0d:a6:dc:09:c8:fc:
bd:80:8b:1b:e0:83:f4:74:35:bd:d3:b3:9f:0e:d0:
99:20:fb:43:f1:34:46:ee:d3:cb:c2:ec:94:6f:33:
63:fe:7a:ad:0d:6d:eb:bd:f1:66:89:47:0d:04:9b:
08:9f:29:58:f7:fd:ae:1c:17:fc:7c:98:07:37:08:
ee:30:83:17:db:84:57:c9:12:e8:d6:6c:b5:72:97:
c6:09:e6:a1:2f:01:63:8b:14:c8:be:84:a2:50:a3:
01:b9:58:2f:c3:c2:e4:a3:69:a3:2b:05:4f:74:77:
fe:2b:71:6c:4c:1e:26:97:b4:27:0b:fc:d3:28:d4:
91:09:57:3f:d3:ca:85:91:1f:15:9b:89:46:3f:81:
96:be:27:de:48:ed:85:3f:7b:ce:51:98:40:0f:6b:
f5:d7:71:76:6e:c2:34:3e:ad:d7:6c:3c:85:36:cc:
ec:ca:32:a2:9c:40:a4:4a:36:a8:81:aa:8b:6e:95:
c8:13:a9:fe:74:82:ba:41:3e:f2:ad:96:c0:5c:94:
97:78:52:ca:ad:ff:29:c9:a6:cb:4c:a2:c7:24:e0:
c7:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:41:F8:10:3A:33:0A:75:4C:3C:6E:38:74:DC:CA:5D:C4:8E:1B:00
X509v3 Authority Key Identifier:
keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91DDB11/D84C3FE04E0611F1A64B629AC9833773/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91DDB11/D84C3FE04E0611F1A64B629AC9833773/XEH4EDozCnVMPG44dNzKXcSOGwA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
151.158.230.0/24
Signature Algorithm: sha256WithRSAEncryption
12:3e:9f:ff:80:15:19:48:27:a2:cf:38:8d:d9:5f:6c:c2:49:
02:8f:9e:39:6a:30:ef:ac:a4:b0:39:f1:1d:ab:36:6b:f0:95:
1b:4f:ee:ea:b0:63:4f:b7:c2:df:1c:05:4d:55:94:17:c2:88:
81:63:05:84:1e:b5:a3:ce:ca:7f:dc:f9:17:7a:f3:fb:b4:d7:
10:31:91:48:5e:4a:0b:58:10:2f:2b:44:66:1f:c7:73:e9:fd:
6a:45:ab:f6:a1:91:f6:1f:4c:21:c7:e5:e9:c2:6f:83:49:3c:
c7:ca:97:fd:d3:7c:5d:ce:90:84:be:37:ca:1d:57:d9:f7:dd:
18:6f:8e:08:c6:ff:61:4b:b3:aa:e3:4e:13:72:be:db:32:16:
00:a2:91:b8:03:5c:7d:31:64:2f:95:03:f2:0a:74:0c:8d:47:
0b:9d:fd:a7:f3:08:f3:be:37:5b:04:63:0a:a8:9c:8d:94:e7:
9e:c0:9d:09:8d:34:e1:fc:53:30:d1:d1:50:2e:9e:05:db:fb:
be:98:99:69:53:fb:1f:af:3a:5f:e9:1a:03:f7:6a:28:70:c0:
5c:0b:ca:77:8a:38:d8:6e:9f:f8:ab:7c:cc:44:79:dd:47:88:
b3:f1:78:3a:32:b5:fd:d0:1d:54:03:97:42:0e:f3:08:da:5e:
9c:d5:15:23
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICUzowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjYwNTEyMTMzMTE3WhcNMjcwNTAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFEREIxMTExMC8GA1UEBRMoNUM0MUY4MTAzQTMzMEE3NTRDM0M2RTM4
NzREQ0NBNURDNDhFMUIwMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM4CmxECw6v6AgEYmNgo46Krd7pZRF8qQvNo6C572sovwwCoEbNvDabcCcj8vYCL
G+CD9HQ1vdOznw7QmSD7Q/E0Ru7Ty8LslG8zY/56rQ1t673xZolHDQSbCJ8pWPf9
rhwX/HyYBzcI7jCDF9uEV8kS6NZstXKXxgnmoS8BY4sUyL6EolCjAblYL8PC5KNp
oysFT3R3/itxbEweJpe0Jwv80yjUkQlXP9PKhZEfFZuJRj+Blr4n3kjthT97zlGY
QA9r9ddxdm7CND6t12w8hTbM7MoyopxApEo2qIGqi26VyBOp/nSCukE+8q2WwFyU
l3hSyq3/Kcmmy0yixyTgx0kCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRcQfgQOjMK
dUw8bjh03MpdxI4bADAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RERCMTEvRDg0QzNGRTA0RTA2MTFGMUE2NEI2MjlBQzk4MzM3NzMvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUREQjExL0Q4NEMzRkUwNEUwNjExRjFBNjRCNjI5QUM5ODMzNzczL1hFSDRFRG96
Q25WTVBHNDRkTnpLWGNTT0d3QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAJee5jANBgkqhkiG9w0BAQsFAAOCAQEAEj6f/4AVGUgnos84jdlf
bMJJAo+eOWow76yksDnxHas2a/CVG0/u6rBjT7fC3xwFTVWUF8KIgWMFhB61o87K
f9z5F3rz+7TXEDGRSF5KC1gQLytEZh/Hc+n9akWr9qGR9h9MIcfl6cJvg0k8x8qX
/dN8Xc6QhL43yh1X2ffdGG+OCMb/YUuzquNOE3K+2zIWAKKRuANcfTFkL5UD8gp0
DI1HC539p/MI8743WwRjCqicjZTnnsCdCY004fxTMNHRUC6eBdv7vpiZaVP7H686
X+kaA/dqKHDAXAvKd4o42G6f+Kt8zER53UeIs/F4OjK1/dAdVAOXQg7zCNpenNUV
Iw==
-----END CERTIFICATE-----
Generated at Tue May 12 22:47:52 2026 by rpki-client