Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2E245xunn4VsXgWXJrpilQ80PM4.cer
File: 2E245xunn4VsXgWXJrpilQ80PM4.cer (raw, json)
Hash identifier: ALKVpWjDF5N13y2wYWFs59b4Rsm3NZpMeV2tsXu+1QU=
Subject key identifier: D8:4D:B8:E7:1B:A7:9F:85:6C:5E:05:97:26:BA:62:95:0F:34:3C:CE
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 678F
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/f765635d-31b9-4421-97fa-f056eb141a16/5/D84DB8E71BA79F856C5E059726BA62950F343CCE.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/f765635d-31b9-4421-97fa-f056eb141a16/5/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Thu 03 Jul 2025 04:19:23 +0000
Certificate not after: Wed 30 Sep 2026 00:00:00 +0000
Subordinate resources: IP: 160.22.168.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Jul 2025 03:15:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26511 (0x678f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Jul 3 04:19:23 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=A91650860000, serialNumber=D84DB8E71BA79F856C5E059726BA62950F343CCE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ae:7f:40:7e:2d:f0:41:a4:90:b8:8c:3a:8a:
dd:5c:2a:37:12:bd:cf:e6:70:e1:0e:0c:b2:42:9d:
48:20:15:89:d6:46:3a:55:39:84:dd:70:cf:e7:71:
ed:a0:48:87:fb:25:79:e1:e4:fb:74:24:6a:da:5c:
32:dd:f2:b0:ac:73:3f:27:76:5d:67:6e:49:34:aa:
b8:22:6b:08:f8:c1:a0:1a:13:5e:97:26:ea:d3:ed:
77:08:76:a6:38:03:93:52:9c:12:8d:1e:be:5c:6a:
77:67:36:83:6b:d1:e1:bf:45:e1:af:21:58:44:9b:
9b:ac:38:28:91:d7:38:d6:5a:bc:60:63:bc:c8:70:
0b:dd:57:df:7e:5a:1e:a4:f0:be:9b:c3:16:5b:58:
78:71:96:01:96:8a:a2:14:ed:8f:2c:13:20:cc:8e:
b2:fc:13:4a:f1:f1:f9:20:ad:ae:87:10:40:81:84:
96:c4:37:30:3f:f0:8e:12:79:53:64:7c:5d:3b:82:
32:23:18:68:61:3d:ae:db:97:12:7d:1d:14:36:c2:
75:9a:91:01:5a:0d:54:cd:b6:d5:14:c3:d6:ea:32:
5e:46:73:ae:92:4f:04:67:2c:af:fc:a5:51:63:e6:
3b:2c:10:19:a9:0c:70:00:aa:2e:b6:b1:d9:42:1f:
6d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:4D:B8:E7:1B:A7:9F:85:6C:5E:05:97:26:BA:62:95:0F:34:3C:CE
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/f765635d-31b9-4421-97fa-f056eb141a16/5/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/f765635d-31b9-4421-97fa-f056eb141a16/5/D84DB8E71BA79F856C5E059726BA62950F343CCE.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.22.168.0/23
Signature Algorithm: sha256WithRSAEncryption
76:cf:c4:28:ac:f1:e5:41:8e:51:70:05:39:6b:76:1d:1e:51:
83:23:cd:8a:b9:16:a1:f9:8c:d1:e1:21:7a:59:07:d8:de:99:
36:19:4a:b6:67:09:c7:29:49:03:19:e1:18:6a:b1:50:a3:01:
e6:5f:7d:1a:c9:eb:c6:9e:b1:21:b8:5e:bb:4f:59:6c:a7:65:
55:dd:cc:58:0d:4b:c3:3f:5e:0c:50:d1:f8:cf:aa:7b:df:d0:
17:af:a1:19:9e:81:63:f0:98:3b:ef:27:ae:3d:bb:d1:b8:fc:
96:07:a0:93:25:d6:d3:90:22:a1:22:c5:10:b8:0c:d7:87:ba:
40:1e:a8:0a:24:97:8f:08:6c:d3:6c:da:34:be:13:ed:a7:8e:
49:9b:aa:fa:a5:83:79:4c:cf:0d:d5:0c:b7:89:84:2f:02:68:
46:0e:fc:4b:0e:ee:b6:48:35:ce:3b:38:d3:52:1d:f5:f3:25:
71:32:ea:7e:27:d8:4f:19:f3:a8:e4:be:f6:ec:83:8e:ef:3e:
22:08:0f:5b:59:04:da:37:b3:d3:8f:58:01:09:05:d4:f7:9e:
e9:d8:6a:92:56:6e:14:e2:50:28:89:42:de:df:f9:8b:cf:bd:
89:cb:54:21:f1:73:14:2a:b7:12:e5:9c:1a:4d:79:c4:af:bc:
f4:5f:48:75
-----BEGIN CERTIFICATE-----
MIIGGDCCBQCgAwIBAgICZ48wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNzAzMDQxOTIzWhcNMjYwOTMwMDAwMDAwWjBKMRUwEwYD
VQQDEwxBOTE2NTA4NjAwMDAxMTAvBgNVBAUTKEQ4NERCOEU3MUJBNzlGODU2QzVF
MDU5NzI2QkE2Mjk1MEYzNDNDQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzrn9Afi3wQaSQuIw6it1cKjcSvc/mcOEODLJCnUggFYnWRjpVOYTdcM/n
ce2gSIf7JXnh5Pt0JGraXDLd8rCscz8ndl1nbkk0qrgiawj4waAaE16XJurT7XcI
dqY4A5NSnBKNHr5candnNoNr0eG/ReGvIVhEm5usOCiR1zjWWrxgY7zIcAvdV99+
Wh6k8L6bwxZbWHhxlgGWiqIU7Y8sEyDMjrL8E0rx8fkgra6HEECBhJbENzA/8I4S
eVNkfF07gjIjGGhhPa7blxJ9HRQ2wnWakQFaDVTNttUUw9bqMl5Gc66STwRnLK/8
pVFj5jssEBmpDHAAqi62sdlCH21lAgMBAAGjggMKMIIDBjAdBgNVHQ4EFgQU2E24
5xunn4VsXgWXJrpilQ80PM4wHwYDVR0jBBgwFoAUdAFlqA0QcZcKvAnAK3HBrHwd
bg4wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBo
oGagZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIw
MUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL2RBRmxxQTBRY1pjS3ZBbkFLM0hCckh3
ZGJnNC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUy
MUE0RjRGQjQvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0LmNlcjBKBgNVHSAB
Af8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFw
bmljLm5ldC9SUEtJL0NQUy5wZGYwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsG
AQUFBzAFhlNyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L2Y3NjU2MzVkLTMxYjktNDQyMS05N2ZhLWYwNTZlYjE0MWExNi81LzCBiwYI
KwYBBQUHMAqGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9z
aXRvcnkvZjc2NTYzNWQtMzFiOS00NDIxLTk3ZmEtZjA1NmViMTQxYTE2LzUvRDg0
REI4RTcxQkE3OUY4NTZDNUUwNTk3MjZCQTYyOTUwRjM0M0NDRS5tZnQwPAYIKwYB
BQUHMA2GMGh0dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0
aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAaAWqDANBgkqhkiG
9w0BAQsFAAOCAQEAds/EKKzx5UGOUXAFOWt2HR5RgyPNirkWofmM0eEhelkH2N6Z
NhlKtmcJxylJAxnhGGqxUKMB5l99Gsnrxp6xIbheu09ZbKdlVd3MWA1Lwz9eDFDR
+M+qe9/QF6+hGZ6BY/CYO+8nrj270bj8lgegkyXW05AioSLFELgM14e6QB6oCiSX
jwhs02zaNL4T7aeOSZuq+qWDeUzPDdUMt4mELwJoRg78Sw7utkg1zjs401Id9fMl
cTLqfifYTxnzqOS+9uyDju8+IggPW1kE2jez049YAQkF1Pee6dhqklZuFOJQKIlC
3t/5i8+9ictUIfFzFCq3EuWcGk15xK+89F9IdQ==
-----END CERTIFICATE-----
Generated at Thu Jul 3 13:36:53 2025 by rpki-client