Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer
File: kGA-NU21aLPKQpAOcDAR55ZiiS4.cer (raw, json)
Hash identifier: cHolQTfajAWJuaOwvza6G6o1/pIQ3I4cT2vc3GiFt7E=
Subject key identifier: 90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 69A5
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 08 Aug 2025 16:08:38 +0000
Certificate not after: Wed 30 Sep 2026 00:00:00 +0000
Subordinate resources: IP: 72.9.128.0/20
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Aug 2025 14:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27045 (0x69a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Aug 8 16:08:38 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=A91F731E, serialNumber=90603E354DB568B3CA42900E703011E79662892E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bb:25:c1:8f:95:bd:a2:ad:eb:b0:fa:43:52:
4d:d3:d6:98:84:90:14:fb:97:f5:60:1f:ec:19:b9:
17:01:8a:0e:6b:63:81:cd:d8:e2:83:ab:2f:25:4e:
ee:96:cf:05:32:c0:56:8b:1f:62:84:f2:4f:db:c0:
2a:36:19:d0:14:96:bc:0a:c0:de:73:a9:6d:58:1f:
25:72:d7:b3:fd:f7:c1:17:67:60:d9:ad:4e:41:70:
d1:c7:bc:cb:cf:1e:63:8a:9f:5d:e1:f4:32:97:24:
81:a6:22:45:8e:99:18:31:0b:71:9e:07:f2:22:72:
2a:4c:23:6d:5e:1d:d6:e4:1d:b6:4f:2a:ff:03:65:
a3:7a:bd:20:60:d3:7e:77:4a:69:b4:f9:7e:8a:a2:
7a:fd:b9:65:0c:8d:7a:20:22:e3:e5:bb:81:19:eb:
a7:1e:80:01:8e:d8:be:9e:e9:9b:57:bc:89:46:6b:
44:a3:ca:cd:f7:c9:ee:be:da:de:96:22:36:6d:dd:
02:f5:7b:a0:6e:43:ea:24:5c:41:d3:48:e9:36:ba:
a8:16:3b:90:d6:a4:85:e7:ce:48:17:aa:5c:1c:2c:
a1:76:bf:c9:15:b7:1c:ca:0e:0f:ab:b4:ba:1a:31:
38:1d:1f:88:5a:8f:3a:23:2f:ec:88:56:d0:76:79:
6b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
72.9.128.0/20
Signature Algorithm: sha256WithRSAEncryption
84:2b:33:f5:aa:e3:e2:0b:d9:f9:92:ac:4b:3b:91:2f:a0:94:
72:fb:aa:9b:e2:77:e1:be:05:66:1d:1b:3f:bf:69:cb:d4:92:
35:67:50:c2:8e:de:5d:2a:25:58:31:67:b6:1a:39:79:4a:38:
52:0a:4a:f3:2b:3f:ba:f3:83:7b:91:ac:9e:e0:75:11:d9:7d:
75:76:a0:39:a6:f4:f6:a7:fb:b8:1f:21:07:19:d0:47:54:07:
a5:7c:ae:71:77:6a:1f:45:68:37:3a:17:4d:1f:00:e1:96:6d:
42:f3:7e:de:9c:29:38:a0:db:2b:24:93:40:47:6d:27:84:db:
7d:fb:85:00:12:f8:a0:9c:bc:81:f2:1c:48:60:5e:fd:bb:2e:
87:59:45:aa:a0:90:8d:91:6b:6a:7b:2c:2d:45:7b:b8:63:d3:
71:64:84:5d:0f:77:28:17:4c:11:2a:e1:ac:e2:61:d5:45:c0:
6b:c3:13:15:8a:70:0c:49:cb:68:8d:5d:47:60:e0:9f:35:d9:
8b:66:56:48:d1:52:29:5d:cb:cd:e3:17:92:69:f4:20:57:af:
35:59:84:76:10:8b:bc:23:26:2f:d2:5a:f0:8d:21:6b:4f:31:
11:c8:6c:5f:fd:a6:b1:46:51:69:f7:b7:55:a1:aa:97:68:6a:
18:a9:69:8c
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICaaUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwODA4MTYwODM4WhcNMjYwOTMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFGNzMxRTExMC8GA1UEBRMoOTA2MDNFMzU0REI1NjhCM0NBNDI5MDBF
NzAzMDExRTc5NjYyODkyRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKy7JcGPlb2ireuw+kNSTdPWmISQFPuX9WAf7Bm5FwGKDmtjgc3Y4oOrLyVO7pbP
BTLAVosfYoTyT9vAKjYZ0BSWvArA3nOpbVgfJXLXs/33wRdnYNmtTkFw0ce8y88e
Y4qfXeH0MpckgaYiRY6ZGDELcZ4H8iJyKkwjbV4d1uQdtk8q/wNlo3q9IGDTfndK
abT5foqiev25ZQyNeiAi4+W7gRnrpx6AAY7Yvp7pm1e8iUZrRKPKzffJ7r7a3pYi
Nm3dAvV7oG5D6iRcQdNI6Ta6qBY7kNakhefOSBeqXBwsoXa/yRW3HMoOD6u0uhox
OB0fiFqPOiMv7IhW0HZ5a4ECAwEAAaOCAvMwggLvMB0GA1UdDgQWBBSQYD41TbVo
s8pCkA5wMBHnlmKJLjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjczMUUvRUFBMTlDQjRCMkRDMTFFQjg2MjFDQjU2QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUY3MzFFL0VBQTE5Q0I0QjJEQzExRUI4NjIxQ0I1NkM0RjlBRTAyL2tHQS1OVTIx
YUxQS1FwQU9jREFSNTVaaWlTNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEBEgJgDANBgkqhkiG9w0BAQsFAAOCAQEAhCsz9arj4gvZ+ZKsSzuR
L6CUcvuqm+J34b4FZh0bP79py9SSNWdQwo7eXSolWDFntho5eUo4UgpK8ys/uvOD
e5GsnuB1Edl9dXagOab09qf7uB8hBxnQR1QHpXyucXdqH0VoNzoXTR8A4ZZtQvN+
3pwpOKDbKySTQEdtJ4TbffuFABL4oJy8gfIcSGBe/bsuh1lFqqCQjZFranssLUV7
uGPTcWSEXQ93KBdMESrhrOJh1UXAa8MTFYpwDEnLaI1dR2DgnzXZi2ZWSNFSKV3L
zeMXkmn0IFevNVmEdhCLvCMmL9Ja8I0ha08xEchsX/2msUZRafe3VaGql2hqGKlp
jA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:39:53 2025 by rpki-client