Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KgD9XV6u-B8ysAsuXILF7NrBJpM.cer
File: KgD9XV6u-B8ysAsuXILF7NrBJpM.cer (raw, json)
Hash identifier: ccbiLvdGyEK9MBze2IPuZEO3wMj3HMlJIO7a1uYJ8Nc=
Subject key identifier: 2A:00:FD:5D:5E:AE:F8:1F:32:B0:0B:2E:5C:82:C5:EC:DA:C1:26:93
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6456
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 29 Apr 2025 06:32:37 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: IP: 161.248.58.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 18 May 2025 17:35:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25686 (0x6456)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Apr 29 06:32:37 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=A91B6B4B, serialNumber=2A00FD5D5EAEF81F32B00B2E5C82C5ECDAC12693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:9d:f8:51:f8:1e:2a:12:66:e1:47:da:73:6b:
9e:8e:de:86:7d:5a:13:da:12:e2:4f:3d:dd:e9:2f:
b0:ef:69:ae:be:73:32:48:72:de:ef:47:50:5c:2c:
91:b9:b1:a7:2e:bb:a7:8b:7e:7c:e1:14:56:68:d3:
b3:58:aa:f8:5a:0d:d3:60:19:0d:60:38:12:a6:ed:
bf:c3:c0:99:2d:f9:70:f4:b2:ab:7d:b7:70:bf:ea:
e7:ff:c4:2f:1d:d7:96:5b:45:6e:f0:0e:91:d4:de:
7b:e8:a8:58:f3:5c:f1:98:d7:0c:02:3f:57:17:85:
79:00:01:77:16:da:c6:06:16:77:8b:e2:ee:c1:b5:
e1:59:4b:54:88:3c:20:3d:02:71:43:75:c8:91:7d:
4e:06:7a:8a:3f:82:f6:77:11:bc:58:03:e8:68:d5:
12:97:4c:fa:05:87:88:88:54:71:82:94:1d:34:2c:
5c:5b:e9:be:48:c6:c6:45:09:9b:1f:a2:f0:0f:1a:
f1:7c:20:fa:7c:ee:91:f9:f5:91:2b:af:d3:67:52:
bf:4f:45:4b:95:92:2d:b1:31:cb:2e:f7:15:89:32:
b1:06:b3:f6:00:27:a8:a7:c5:21:83:d3:e2:99:04:
f9:c0:14:d3:84:17:8b:5e:bb:c8:66:e3:a3:a6:3b:
c9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:00:FD:5D:5E:AE:F8:1F:32:B0:0B:2E:5C:82:C5:EC:DA:C1:26:93
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.58.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:55:53:36:05:1b:77:4e:d2:4c:3a:6f:f6:ef:d7:b3:29:26:
2a:83:1e:1e:fd:be:c0:c5:8f:ff:0f:65:34:80:19:d9:d4:5b:
61:37:2a:22:5b:74:e3:1e:22:dd:7b:ef:88:00:a0:f7:ee:6c:
6f:54:a2:80:ab:3a:cd:63:f1:92:57:ef:b1:c4:94:02:70:0b:
25:d3:64:a6:a5:86:5f:c6:d7:aa:32:1a:4c:13:ac:d5:83:6e:
65:2a:04:3a:13:2e:69:d9:d3:08:bf:63:37:9b:b6:2b:1a:2f:
c4:e6:f3:75:b8:7e:b9:5d:35:e6:f6:b5:08:30:82:68:c3:09:
b7:55:f4:ea:46:40:9d:dd:5e:d3:5d:ff:b3:3f:6c:5e:18:82:
96:79:02:62:95:e6:1f:ed:fd:2b:47:b6:f0:33:6d:88:ee:31:
a3:7f:db:36:f1:c2:62:8f:78:90:49:f9:08:f2:c4:9c:31:fd:
09:f6:83:0a:5b:be:a2:cc:23:74:18:96:be:2b:9f:8d:6f:60:
7a:d5:cb:8d:f1:17:02:92:dd:9b:5e:f6:98:97:87:9d:79:dc:
76:ee:86:22:7e:37:83:c3:75:19:25:82:23:be:13:35:d7:84:
d1:fe:c4:74:ac:9c:6c:78:45:5d:00:e9:45:4b:b3:c9:45:8f:
89:63:ed:49
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICZFYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNDI5MDYzMjM3WhcNMjYwMzMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFCNkI0QjExMC8GA1UEBRMoMkEwMEZENUQ1RUFFRjgxRjMyQjAwQjJF
NUM4MkM1RUNEQUMxMjY5MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANad+FH4HioSZuFH2nNrno7ehn1aE9oS4k893ekvsO9prr5zMkhy3u9HUFwskbmx
py67p4t+fOEUVmjTs1iq+FoN02AZDWA4Eqbtv8PAmS35cPSyq323cL/q5//ELx3X
lltFbvAOkdTee+ioWPNc8ZjXDAI/VxeFeQABdxbaxgYWd4vi7sG14VlLVIg8ID0C
cUN1yJF9TgZ6ij+C9ncRvFgD6GjVEpdM+gWHiIhUcYKUHTQsXFvpvkjGxkUJmx+i
8A8a8Xwg+nzukfn1kSuv02dSv09FS5WSLbExyy73FYkysQaz9gAnqKfFIYPT4pkE
+cAU04QXi167yGbjo6Y7yXcCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQqAP1dXq74
HzKwCy5cgsXs2sEmkzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjZCNEIvQkI0MkMxREUyNEMzMTFGMDk2QzY4NDgxQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUI2QjRCL0JCNDJDMURFMjRDMzExRjA5NkM2ODQ4MUM0RjlBRTAyL0tnRDlYVjZ1
LUI4eXNBc3VYSUxGN05yQkpwTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaH4OjANBgkqhkiG9w0BAQsFAAOCAQEAXlVTNgUbd07STDpv9u/X
sykmKoMeHv2+wMWP/w9lNIAZ2dRbYTcqIlt04x4i3XvviACg9+5sb1SigKs6zWPx
klfvscSUAnALJdNkpqWGX8bXqjIaTBOs1YNuZSoEOhMuadnTCL9jN5u2KxovxObz
dbh+uV015va1CDCCaMMJt1X06kZAnd1e013/sz9sXhiClnkCYpXmH+39K0e28DNt
iO4xo3/bNvHCYo94kEn5CPLEnDH9CfaDClu+oswjdBiWviufjW9getXLjfEXApLd
m172mJeHnXncdu6GIn43g8N1GSWCI74TNdeE0f7EdKycbHhFXQDpRUuzyUWPiWPt
SQ==
-----END CERTIFICATE-----
Generated at Sun May 11 22:11:22 2025 by rpki-client