Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer
File: dNRNlor0Y--xfAgNX60BDErAl6o.cer (raw, json)
Hash identifier: /E9whY0cmhCm2te43pU3Z1MVR6r6e2pdZwe9YTiewt0=
Subject key identifier: 74:D4:4D:96:8A:F4:63:EF:B1:7C:08:0D:5F:AD:01:0C:4A:C0:97:AA
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 7A8B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft
caRepository: rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 29 Apr 2026 13:34:32 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: IP: 69.161.221.0/24
IP: 192.131.142.0/24
IP: 205.189.160.0/24
IP: 209.17.118.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 14:50:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31371 (0x7a8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Apr 29 13:34:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=A917E0A8, serialNumber=74D44D968AF463EFB17C080D5FAD010C4AC097AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ee:20:2e:13:6a:1c:90:2f:b6:3c:d3:8f:83:
77:fd:27:9d:6a:a3:ee:73:86:fb:fd:18:5c:0d:72:
29:18:17:f6:dc:74:d1:8c:48:58:fa:b4:fe:41:8b:
e8:49:7b:4a:c1:b5:eb:31:70:df:25:0e:b9:9e:30:
b1:ab:a3:62:c4:b9:6d:99:44:5e:c1:dd:86:64:01:
f5:e8:05:2b:b8:9d:69:42:b8:56:5f:18:f2:b5:97:
f7:4a:9c:f1:b2:d1:c7:5f:97:07:46:11:72:e6:10:
99:35:5c:64:9e:98:8c:7c:f6:a5:38:ed:ab:13:4c:
11:30:3a:92:7b:56:dd:0f:75:d5:41:9c:42:48:1c:
47:8c:bb:a2:c0:fd:93:39:45:d3:a9:61:a0:40:8c:
51:b3:08:e8:da:c6:4f:e1:32:d9:8f:60:70:91:eb:
56:3b:a4:42:15:27:90:26:9a:b9:4b:c0:91:7b:0f:
b2:ae:96:3e:1a:c6:ef:3e:d7:45:55:58:8f:5d:b6:
7f:4f:2c:54:f8:67:03:b4:9f:68:ff:8b:e1:b7:a3:
68:32:fb:5c:b7:87:be:9a:7b:2f:d6:9d:88:e6:ed:
4e:09:c2:25:d9:cf:ec:b8:9d:e1:33:83:b0:b2:1e:
96:1e:b5:30:ca:be:59:95:08:ca:a1:40:bb:05:56:
93:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:D4:4D:96:8A:F4:63:EF:B1:7C:08:0D:5F:AD:01:0C:4A:C0:97:AA
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
69.161.221.0/24
192.131.142.0/24
205.189.160.0/24
209.17.118.0/24
Signature Algorithm: sha256WithRSAEncryption
27:38:f9:70:2c:f6:aa:a0:38:fe:ff:46:58:73:0c:60:ac:3c:
c0:18:1a:54:90:dd:62:4e:76:c6:fa:8a:50:ca:b4:39:57:fa:
f3:f4:c6:24:bb:35:ad:e4:74:84:c5:a2:de:b4:0e:35:91:f8:
7e:32:d9:f2:3d:b5:13:0e:af:34:92:05:64:b4:7d:46:96:d6:
36:c5:4e:68:8a:19:62:eb:97:83:4f:e6:98:c2:4e:7f:a6:29:
57:4e:d8:1d:72:af:30:70:ad:c0:53:46:80:15:40:a3:4d:5a:
68:fc:f5:70:e7:70:67:d0:1c:4a:d2:3a:48:65:ce:8f:ed:d2:
fb:c8:58:05:c0:b3:e0:00:b9:b4:bd:2e:20:00:7e:c5:bb:66:
81:68:da:fa:91:11:0d:d0:b7:5c:49:ba:ca:9e:f1:1e:1b:3c:
4a:ca:1a:fe:76:ab:b5:8b:6b:f5:eb:c4:87:d8:ec:2c:ea:aa:
21:1d:e1:d1:bb:19:bd:c3:fb:07:c4:ab:32:db:58:84:af:fa:
28:ed:a0:5d:be:bd:44:e4:8b:99:66:7e:68:fc:58:05:17:fc:
da:a5:56:c9:2e:c0:c0:48:e4:74:69:d0:7b:01:69:d7:10:22:
17:65:f2:5c:bd:99:66:0b:fa:f4:d8:36:9e:db:3b:69:e4:11:
68:0c:f9:0b
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgICeoswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjYwNDI5MTMzNDMyWhcNMjcwNzAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE3RTBBODExMC8GA1UEBRMoNzRENDREOTY4QUY0NjNFRkIxN0MwODBE
NUZBRDAxMEM0QUMwOTdBQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMbuIC4TahyQL7Y804+Dd/0nnWqj7nOG+/0YXA1yKRgX9tx00YxIWPq0/kGL6El7
SsG16zFw3yUOuZ4wsaujYsS5bZlEXsHdhmQB9egFK7idaUK4Vl8Y8rWX90qc8bLR
x1+XB0YRcuYQmTVcZJ6YjHz2pTjtqxNMETA6kntW3Q911UGcQkgcR4y7osD9kzlF
06lhoECMUbMI6NrGT+Ey2Y9gcJHrVjukQhUnkCaauUvAkXsPsq6WPhrG7z7XRVVY
j122f08sVPhnA7SfaP+L4bejaDL7XLeHvpp7L9adiObtTgnCJdnP7Lid4TODsLIe
lh61MMq+WZUIyqFAuwVWk20CAwEAAaOCAwUwggMBMB0GA1UdDgQWBBR01E2WivRj
77F8CA1frQEMSsCXqjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0UwQTgvNkVGQzBCRUU5ODRDMTFFQjhBNDFGQTIwQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTdFMEE4LzZFRkMwQkVFOTg0QzExRUI4QTQxRkEyMEM0RjlBRTAyL2ROUk5sb3Iw
WS0teGZBZ05YNjBCREVyQWw2by5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAxBggrBgEFBQcBBwEB/wQiMCAw
HgQCAAEwGAMEAEWh3QMEAMCDjgMEAM29oAMEANERdjANBgkqhkiG9w0BAQsFAAOC
AQEAJzj5cCz2qqA4/v9GWHMMYKw8wBgaVJDdYk52xvqKUMq0OVf68/TGJLs1reR0
hMWi3rQONZH4fjLZ8j21Ew6vNJIFZLR9RpbWNsVOaIoZYuuXg0/mmMJOf6YpV07Y
HXKvMHCtwFNGgBVAo01aaPz1cOdwZ9AcStI6SGXOj+3S+8hYBcCz4AC5tL0uIAB+
xbtmgWja+pERDdC3XEm6yp7xHhs8Ssoa/nartYtr9evEh9jsLOqqIR3h0bsZvcP7
B8SrMttYhK/6KO2gXb69ROSLmWZ+aPxYBRf82qVWyS7AwEjkdGnQewFp1xAiF2Xy
XL2ZZgv69Ng2nts7aeQRaAz5Cw==
-----END CERTIFICATE-----
Generated at Wed May 13 05:34:52 2026 by rpki-client