Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/nxlDAU2jmDwfXHj3bM8tpWpKNro.cer
File: nxlDAU2jmDwfXHj3bM8tpWpKNro.cer (raw, json)
Hash identifier: PEczY+zx/UGv13/oF5bhpbCmzCMA7fr887AK+b7ZEf4=
Subject key identifier: 9F:19:43:01:4D:A3:98:3C:1F:5C:78:F7:6C:CF:2D:A5:6A:4A:36:BA
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial: 522A
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest: rsync://rpki.apnic.net/member_repository/A912E3B6/C14769961EC211F1AF56D7B8243D8C67/nxlDAU2jmDwfXHj3bM8tpWpKNro.mft
caRepository: rsync://rpki.apnic.net/member_repository/A912E3B6/C14769961EC211F1AF56D7B8243D8C67/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 13 Mar 2026 09:55:28 +0000
Certificate not after: Fri 28 May 2027 00:00:00 +0000
Subordinate resources: IP: 151.158.244.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 Apr 2026 14:50:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21034 (0x522a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Validity
Not Before: Mar 13 09:55:28 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=A912E3B6, serialNumber=9F1943014DA3983C1F5C78F76CCF2DA56A4A36BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:67:1d:40:7d:a0:b5:0f:e7:a3:b9:7d:22:4d:
93:38:9e:2e:27:d2:ce:b9:fb:a8:23:bd:2d:9c:12:
0e:a2:49:45:32:30:5e:29:bd:22:c1:b6:a8:d7:86:
33:b5:21:ab:57:6f:36:27:b4:48:97:a9:ba:e6:b9:
cc:7f:6b:94:a0:72:5a:7d:2c:88:9f:3c:75:d9:9d:
0f:97:41:d3:43:a1:b0:14:bf:f9:1e:47:23:9f:1c:
a5:25:70:d6:8f:97:66:b9:60:05:f5:ac:67:f2:14:
6b:25:65:d8:2b:54:3a:d2:2b:cd:49:20:6e:29:df:
3b:e2:f1:50:b9:ed:b5:16:03:4d:d7:2e:bf:74:42:
dc:7a:01:15:6e:8c:bc:26:2b:9a:e8:17:cc:e5:c6:
0e:a9:ee:94:55:e0:de:5b:5a:72:6c:18:2f:ca:47:
5e:d1:03:c2:92:ab:af:ae:c5:54:ca:09:1d:52:ee:
25:8d:d4:52:53:8f:e0:50:ee:a5:23:8b:9a:96:53:
10:00:2e:51:b4:3a:59:16:15:e0:9f:33:1b:de:e9:
e8:41:d0:0f:ec:4d:33:f4:23:81:4e:0c:dc:12:04:
14:7e:db:c5:1f:94:ac:96:02:2c:bd:fc:80:fe:ee:
9f:36:bd:62:72:65:cf:fa:a4:7d:07:c5:e5:a1:34:
12:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:19:43:01:4D:A3:98:3C:1F:5C:78:F7:6C:CF:2D:A5:6A:4A:36:BA
X509v3 Authority Key Identifier:
keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912E3B6/C14769961EC211F1AF56D7B8243D8C67/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912E3B6/C14769961EC211F1AF56D7B8243D8C67/nxlDAU2jmDwfXHj3bM8tpWpKNro.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
151.158.244.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:0f:6f:c9:af:0f:1f:21:90:e8:d5:ae:2e:77:91:d1:39:ba:
f0:ab:85:63:dc:a8:9a:60:32:0c:a2:16:16:fe:ec:64:3d:78:
e9:07:01:05:d1:d0:38:04:a5:81:60:c7:5a:04:06:e7:36:06:
93:82:5c:a6:b8:99:24:19:e5:93:fe:a9:2c:7a:6e:08:2c:cf:
cb:f0:b0:a4:01:13:a3:5d:ad:09:dc:09:8f:fa:a5:84:5c:5f:
2a:2f:13:42:e3:3a:31:39:60:0a:cb:a6:6a:15:32:8f:0d:76:
10:73:1e:72:ba:33:bb:26:a5:e9:01:45:d2:3f:b1:a3:42:95:
0f:d6:0d:ac:91:f5:51:31:2b:ec:18:c2:ed:e3:41:92:fa:1e:
d9:34:40:24:45:b3:82:83:2c:81:64:6d:c4:3a:d3:de:73:9a:
af:91:3a:65:65:56:72:61:f0:4e:f0:af:b4:6f:b7:3a:c1:6a:
00:d9:f9:4a:cb:68:e4:c2:bf:60:ba:b9:da:00:7e:d0:c8:0e:
56:7a:9f:08:83:e2:46:6e:60:74:59:49:31:fa:28:d5:d1:29:
c1:79:df:e0:7a:29:56:bb:ea:94:cc:23:9f:1c:d5:ab:04:31:
f7:69:92:a0:10:b9:c0:b8:61:01:10:12:a6:a1:cd:ed:08:dd:
90:4b:ca:c1
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICUiowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjYwMzEzMDk1NTI4WhcNMjcwNTI4MDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEyRTNCNjExMC8GA1UEBRMoOUYxOTQzMDE0REEzOTgzQzFGNUM3OEY3
NkNDRjJEQTU2QTRBMzZCQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANZnHUB9oLUP56O5fSJNkzieLifSzrn7qCO9LZwSDqJJRTIwXim9IsG2qNeGM7Uh
q1dvNie0SJepuua5zH9rlKByWn0siJ88ddmdD5dB00OhsBS/+R5HI58cpSVw1o+X
ZrlgBfWsZ/IUayVl2CtUOtIrzUkgbinfO+LxULnttRYDTdcuv3RC3HoBFW6MvCYr
mugXzOXGDqnulFXg3ltacmwYL8pHXtEDwpKrr67FVMoJHVLuJY3UUlOP4FDupSOL
mpZTEAAuUbQ6WRYV4J8zG97p6EHQD+xNM/QjgU4M3BIEFH7bxR+UrJYCLL38gP7u
nza9YnJlz/qkfQfF5aE0Eh8CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBSfGUMBTaOY
PB9cePdszy2lako2ujAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkUzQjYvQzE0NzY5OTYxRUMyMTFGMUFGNTZEN0I4MjQzRDhDNjcvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTJFM0I2L0MxNDc2OTk2MUVDMjExRjFBRjU2RDdCODI0M0Q4QzY3L254bERBVTJq
bUR3ZlhIajNiTTh0cFdwS05yby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAJee9DANBgkqhkiG9w0BAQsFAAOCAQEAjA9vya8PHyGQ6NWuLneR
0Tm68KuFY9yommAyDKIWFv7sZD146QcBBdHQOASlgWDHWgQG5zYGk4JcpriZJBnl
k/6pLHpuCCzPy/CwpAETo12tCdwJj/qlhFxfKi8TQuM6MTlgCsumahUyjw12EHMe
crozuyal6QFF0j+xo0KVD9YNrJH1UTEr7BjC7eNBkvoe2TRAJEWzgoMsgWRtxDrT
3nOar5E6ZWVWcmHwTvCvtG+3OsFqANn5Ssto5MK/YLq52gB+0MgOVnqfCIPiRm5g
dFlJMfoo1dEpwXnf4HopVrvqlMwjnxzVqwQx92mSoBC5wLhhARASpqHN7QjdkEvK
wQ==
-----END CERTIFICATE-----
Generated at Wed Mar 25 22:55:12 2026 by rpki-client