Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/_d0zZyPk_yht6VYjX0y7nlvItHs.cer
File: _d0zZyPk_yht6VYjX0y7nlvItHs.cer (raw, json)
Hash identifier: UPnAJQOmfo/p44+dS06dVSFhz6AyWkn6MIxm+vLx0sY=
Subject key identifier: FD:DD:33:67:23:E4:FF:28:6D:E9:56:23:5F:4C:BB:9E:5B:C8:B4:7B
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial: 5250
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911EA03/CBDFF6AA24DC11F1AAF5B34AAD833773/_d0zZyPk_yht6VYjX0y7nlvItHs.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911EA03/CBDFF6AA24DC11F1AAF5B34AAD833773/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sat 21 Mar 2026 04:17:00 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 195.142.156.0/22
IP: 195.142.212.0/22
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 Apr 2026 14:50:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21072 (0x5250)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Validity
Not Before: Mar 21 04:17:00 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A911EA03, serialNumber=FDDD336723E4FF286DE956235F4CBB9E5BC8B47B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:38:0c:35:b6:e3:bf:ba:36:95:f5:3d:28:c4:
98:45:d3:25:1e:97:2b:99:65:d4:e2:0e:2a:fe:ff:
b2:3c:7d:f4:17:cb:eb:b0:2b:8f:45:c4:47:41:7a:
57:16:21:b2:ae:4a:af:87:73:3a:87:06:0c:17:59:
79:10:51:07:dd:a8:72:f4:94:1c:ea:fd:b3:dd:da:
2c:93:10:80:9c:d7:4e:35:a0:3b:73:0e:ae:5d:27:
30:f9:9f:de:4a:df:47:9f:86:8b:1d:fd:87:16:fa:
43:7c:5c:be:f4:e8:5c:13:52:8d:5e:fc:74:7e:70:
83:68:1a:25:c5:63:b3:64:33:ed:8d:13:30:8a:11:
6b:84:f7:01:cb:45:5a:14:a1:02:37:e7:0e:a9:53:
1b:44:37:7e:87:6b:7b:d4:10:96:7e:95:d7:4c:08:
2b:87:23:62:f8:3d:f1:ec:67:68:d7:b0:12:0f:63:
0d:b9:b0:4a:46:34:91:4a:ed:25:b8:61:ac:4c:01:
7b:df:a1:b4:1a:01:69:5e:21:41:8f:c7:73:77:11:
c8:6b:68:be:3a:06:3c:2f:8b:16:84:f9:24:67:d6:
fb:0c:2f:ad:12:a6:0e:07:e9:59:05:eb:5e:a1:31:
88:30:f7:4b:47:29:10:66:8c:88:67:e5:d7:1b:2d:
8f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:DD:33:67:23:E4:FF:28:6D:E9:56:23:5F:4C:BB:9E:5B:C8:B4:7B
X509v3 Authority Key Identifier:
keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911EA03/CBDFF6AA24DC11F1AAF5B34AAD833773/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911EA03/CBDFF6AA24DC11F1AAF5B34AAD833773/_d0zZyPk_yht6VYjX0y7nlvItHs.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
195.142.156.0/22
195.142.212.0/22
Signature Algorithm: sha256WithRSAEncryption
96:c6:e1:77:37:f0:93:f7:b6:a6:0c:58:7b:b2:6b:8b:c0:90:
a0:a3:d4:d5:e5:15:f6:77:3c:4f:b5:03:89:c7:d1:18:a8:f9:
72:6d:7f:a0:a9:a4:97:f7:01:3b:eb:f1:a2:35:c4:de:58:01:
1f:f8:57:83:c8:6c:5a:a6:65:7d:32:50:38:bd:17:37:cf:95:
fc:67:ea:c9:ee:93:b4:9f:2f:28:87:81:e6:ed:a0:09:e6:f7:
29:c1:9f:41:29:05:62:fe:3d:bd:89:cc:bb:bc:91:88:a6:49:
5f:0c:fd:c9:fa:27:1b:30:05:dd:59:2e:79:ed:ec:30:5a:58:
18:e9:04:d5:b3:61:ad:d4:d7:94:27:ba:65:c9:eb:7e:3d:ba:
dd:a7:0c:bf:80:78:9b:b1:94:c1:46:00:b8:4e:18:96:c0:44:
c8:cd:b5:22:c5:a7:96:fa:63:74:50:5b:cf:13:50:5e:9b:fc:
c6:85:3e:58:0b:b5:3f:3e:3d:fd:1d:7d:b5:fb:c8:2d:6f:40:
9f:13:f6:60:e6:de:16:3f:e0:2c:4a:95:4c:36:c5:c8:20:53:
92:e1:b8:68:ce:12:76:f2:8f:66:9d:a4:09:f1:17:2f:b8:5e:
46:ec:b8:14:6e:6f:d3:74:d8:13:c8:fc:1d:46:fc:77:07:d4:
ab:5e:43:5a
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgICUlAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjYwMzIxMDQxNzAwWhcNMjYwNzAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTExRUEwMzExMC8GA1UEBRMoRkRERDMzNjcyM0U0RkYyODZERTk1NjIz
NUY0Q0JCOUU1QkM4QjQ3QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALc4DDW247+6NpX1PSjEmEXTJR6XK5ll1OIOKv7/sjx99BfL67Arj0XER0F6VxYh
sq5Kr4dzOocGDBdZeRBRB92ocvSUHOr9s93aLJMQgJzXTjWgO3MOrl0nMPmf3krf
R5+Gix39hxb6Q3xcvvToXBNSjV78dH5wg2gaJcVjs2Qz7Y0TMIoRa4T3ActFWhSh
AjfnDqlTG0Q3fodre9QQln6V10wIK4cjYvg98exnaNewEg9jDbmwSkY0kUrtJbhh
rEwBe9+htBoBaV4hQY/Hc3cRyGtovjoGPC+LFoT5JGfW+wwvrRKmDgfpWQXrXqEx
iDD3S0cpEGaMiGfl1xstj/MCAwEAAaOCAvkwggL1MB0GA1UdDgQWBBT93TNnI+T/
KG3pViNfTLueW8i0ezAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUVBMDMvQ0JERkY2QUEyNERDMTFGMUFBRjVCMzRBQUQ4MzM3NzMvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTFFQTAzL0NCREZGNkFBMjREQzExRjFBQUY1QjM0QUFEODMzNzczL19kMHpaeVBr
X3lodDZWWWpYMHk3bmx2SXRIcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQWMBQw
EgQCAAEwDAMEAsOOnAMEAsOO1DANBgkqhkiG9w0BAQsFAAOCAQEAlsbhdzfwk/e2
pgxYe7Jri8CQoKPU1eUV9nc8T7UDicfRGKj5cm1/oKmkl/cBO+vxojXE3lgBH/hX
g8hsWqZlfTJQOL0XN8+V/Gfqye6TtJ8vKIeB5u2gCeb3KcGfQSkFYv49vYnMu7yR
iKZJXwz9yfonGzAF3Vkuee3sMFpYGOkE1bNhrdTXlCe6Zcnrfj263acMv4B4m7GU
wUYAuE4YlsBEyM21IsWnlvpjdFBbzxNQXpv8xoU+WAu1Pz49/R19tfvILW9AnxP2
YObeFj/gLEqVTDbFyCBTkuG4aM4SdvKPZp2kCfEXL7heRuy4FG5v03TYE8j8HUb8
dwfUq15DWg==
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:02:12 2026 by rpki-client