Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.cer
File: iNh7EC9cJ3HDZwZOIEm2ipA8cbU.cer (raw, json)
Hash identifier: 9Q5Pj0QCoeMcpNQM6VZpR+94Y+FknJbiEOeyi399Y0g=
Subject key identifier: 88:D8:7B:10:2F:5C:27:71:C3:67:06:4E:20:49:B6:8A:90:3C:71:B5
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6985
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.mft
caRepository: rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 05 Aug 2025 14:42:52 +0000
Certificate not after: Wed 30 Sep 2026 00:00:00 +0000
Subordinate resources: IP: 137.147.0.0/16
IP: 138.130.0.0/16
IP: 138.217.0.0/16
IP: 139.130.0.0/16
IP: 139.134.0.0/16
IP: 139.168.0.0/16
IP: 143.238.0.0/16
IP: 144.130.0.0 -- 144.140.255.255
IP: 147.10.0.0/16
IP: 147.69.0.0/16
IP: 149.135.0.0/16
IP: 149.167.0.0/16
IP: 155.143.0.0/16
IP: 165.228.0.0/16
IP: 192.67.84.0/24
IP: 192.70.219.0/24
IP: 192.73.66.0/24
IP: 192.74.139.0 -- 192.74.208.255
IP: 192.82.143.0/24
IP: 192.111.105.0/24
IP: 192.131.27.0 -- 192.131.30.255
IP: 192.148.116.0 -- 192.148.165.255
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Aug 2025 06:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27013 (0x6985)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Aug 5 14:42:52 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=A916A983, serialNumber=88D87B102F5C2771C367064E2049B68A903C71B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:89:1d:aa:6f:69:f1:ab:bc:b0:97:d8:b3:e6:
1f:44:a2:cd:57:33:8c:d9:00:1a:ea:2b:03:26:9c:
a5:37:e6:e6:a3:09:d9:6a:bb:dc:6d:58:4c:b2:9e:
31:ec:de:88:19:6e:19:fa:dd:3d:9f:68:45:f7:9f:
fb:f8:9d:30:e4:13:0b:59:cb:5c:c5:a9:5f:94:74:
1e:cc:6a:0f:96:bd:c3:ff:19:f2:70:3c:5b:4d:d9:
9e:cf:0a:6f:5a:e8:84:64:f5:eb:2c:9f:60:ae:e0:
93:15:12:39:b5:ef:c8:ab:f2:2e:8f:61:5f:4c:0d:
d9:c4:af:89:ff:ac:fe:6f:3c:59:4a:a3:66:9a:9f:
6b:39:33:70:93:ac:ad:73:00:f5:15:1a:43:65:9a:
2e:7b:da:d7:ad:9a:f1:b2:7e:69:51:5f:44:3c:96:
2b:7d:d8:8e:fa:37:a0:a4:ea:1a:e7:6e:20:4e:e8:
98:43:74:6a:1f:62:9c:9f:3a:74:bd:db:5f:f1:4d:
6d:bb:d9:59:6f:41:4f:06:ae:be:f8:15:8b:83:8f:
28:04:e1:01:65:81:59:77:ab:48:9c:74:ff:25:52:
a6:3b:d0:cb:c3:fa:61:7f:bb:a9:5f:32:db:e3:a0:
c9:ce:6d:2c:0b:4c:bd:8b:52:54:5c:bf:9d:d3:66:
2d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D8:7B:10:2F:5C:27:71:C3:67:06:4E:20:49:B6:8A:90:3C:71:B5
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
137.147.0.0/16
138.130.0.0/16
138.217.0.0/16
139.130.0.0/16
139.134.0.0/16
139.168.0.0/16
143.238.0.0/16
144.130.0.0-144.140.255.255
147.10.0.0/16
147.69.0.0/16
149.135.0.0/16
149.167.0.0/16
155.143.0.0/16
165.228.0.0/16
192.67.84.0/24
192.70.219.0/24
192.73.66.0/24
192.74.139.0-192.74.208.255
192.82.143.0/24
192.111.105.0/24
192.131.27.0-192.131.30.255
192.148.116.0-192.148.165.255
Signature Algorithm: sha256WithRSAEncryption
32:44:94:b3:cf:4d:28:7c:ff:3d:d1:9b:33:16:3f:8f:a7:20:
8c:28:7e:f8:57:c4:03:1f:1b:88:01:b7:b9:ef:16:f0:27:5c:
20:e8:d2:54:d5:05:fa:cf:9f:94:07:fc:4a:3d:b5:dc:d8:96:
05:6a:51:6e:fc:24:ef:29:f6:26:d3:43:26:78:28:b4:3c:41:
cb:e8:ad:4a:d6:75:2e:a2:4a:12:6d:49:40:a7:14:c6:f2:33:
0e:0d:1d:55:30:66:6c:00:eb:95:27:85:57:64:03:95:8c:55:
0b:2b:ee:0e:6b:c6:a3:df:c8:ab:8a:c1:c9:88:b5:83:a9:06:
12:69:5e:d9:e0:89:aa:91:f5:a4:d1:f1:b8:f0:30:f6:ec:dc:
4a:c8:cd:21:fa:2f:d5:ed:2d:20:82:e6:49:eb:04:9a:90:c8:
64:82:8d:2e:70:4b:3f:71:48:4e:53:0d:85:37:69:23:a7:08:
90:7c:aa:18:37:68:20:1b:fb:b2:fd:a8:9f:da:82:51:ea:ef:
72:95:0a:52:dd:98:ce:cd:0f:5e:9d:5a:00:e0:54:35:e9:dc:
06:04:d4:e1:b9:a1:d9:c3:ba:2d:5d:1b:18:1d:87:10:25:cc:
98:a9:88:3a:fd:83:55:8c:0a:a2:3b:c1:44:8b:4d:38:99:b0:
4a:da:e8:f8
-----BEGIN CERTIFICATE-----
MIIGkTCCBXmgAwIBAgICaYUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwODA1MTQ0MjUyWhcNMjYwOTMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE2QTk4MzExMC8GA1UEBRMoODhEODdCMTAyRjVDMjc3MUMzNjcwNjRF
MjA0OUI2OEE5MDNDNzFCNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKqJHapvafGrvLCX2LPmH0SizVczjNkAGuorAyacpTfm5qMJ2Wq73G1YTLKeMeze
iBluGfrdPZ9oRfef+/idMOQTC1nLXMWpX5R0HsxqD5a9w/8Z8nA8W03Zns8Kb1ro
hGT16yyfYK7gkxUSObXvyKvyLo9hX0wN2cSvif+s/m88WUqjZpqfazkzcJOsrXMA
9RUaQ2WaLnva162a8bJ+aVFfRDyWK33Yjvo3oKTqGuduIE7omEN0ah9inJ86dL3b
X/FNbbvZWW9BTwauvvgVi4OPKAThAWWBWXerSJx0/yVSpjvQy8P6YX+7qV8y2+Og
yc5tLAtMvYtSVFy/ndNmLbsCAwEAAaOCA4cwggODMB0GA1UdDgQWBBSI2HsQL1wn
ccNnBk4gSbaKkDxxtTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkE5ODMvMEUwODJFNzJDRDBGMTFFODlEOUZGMTY1QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTZBOTgzLzBFMDgyRTcyQ0QwRjExRTg5RDlGRjE2NUM0RjlBRTAyL2lOaDdFQzlj
SjNIRFp3Wk9JRW0yaXBBOGNiVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDCBsgYIKwYBBQUHAQcBAf8EgaIw
gZ8wgZwEAgABMIGVAwMAiZMDAwCKggMDAIrZAwMAi4IDAwCLhgMDAIuoAwMAj+4w
CgMDAZCCAwMAkIwDAwCTCgMDAJNFAwMAlYcDAwCVpwMDAJuPAwMApeQDBADAQ1QD
BADARtsDBADASUIwDAMEAMBKiwMEAMBK0AMEAMBSjwMEAMBvaTAMAwQAwIMbAwQA
wIMeMAwDBALAlHQDBAHAlKQwDQYJKoZIhvcNAQELBQADggEBADJElLPPTSh8/z3R
mzMWP4+nIIwofvhXxAMfG4gBt7nvFvAnXCDo0lTVBfrPn5QH/Eo9tdzYlgVqUW78
JO8p9ibTQyZ4KLQ8QcvorUrWdS6iShJtSUCnFMbyMw4NHVUwZmwA65UnhVdkA5WM
VQsr7g5rxqPfyKuKwcmItYOpBhJpXtngiaqR9aTR8bjwMPbs3ErIzSH6L9XtLSCC
5knrBJqQyGSCjS5wSz9xSE5TDYU3aSOnCJB8qhg3aCAb+7L9qJ/aglHq73KVClLd
mM7ND16dWgDgVDXp3AYE1OG5odnDui1dGxgdhxAlzJipiDr9g1WMCqI7wUSLTTiZ
sEra6Pg=
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:34:37 2025 by rpki-client