Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnO1zPCo6lzkGi5HYxHzdc2DwNI.cer
File: lnO1zPCo6lzkGi5HYxHzdc2DwNI.cer (raw, json)
Hash identifier: AjOP50HtlllrahqXUO6dp5VwB2gBpdyyZS0EOblzlX0=
Subject key identifier: 96:73:B5:CC:F0:A8:EA:5C:E4:1A:2E:47:63:11:F3:75:CD:83:C0:D2
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6C5D
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 16 Oct 2025 20:15:12 +0000
Certificate not after: Wed 30 Dec 2026 00:00:00 +0000
Subordinate resources: IP: 159.226.0.0/16
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 27 Oct 2025 09:38:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27741 (0x6c5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Oct 16 20:15:12 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=A91A58AA, serialNumber=9673B5CCF0A8EA5CE41A2E476311F375CD83C0D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:96:53:6b:c7:6c:3c:74:9e:8a:82:c8:0b:0c:
12:22:45:4b:46:e3:bb:57:a9:8a:78:13:da:76:6b:
5d:b7:d5:85:e2:ab:81:8c:66:e8:7a:73:96:f5:37:
7d:b8:35:ed:a8:2c:61:72:b6:da:40:a3:93:7a:b7:
4c:ff:e9:5f:8e:a2:c5:5a:93:1d:af:d1:a4:cf:0f:
29:92:21:8e:bc:bf:8c:5b:c1:6d:c4:34:02:cc:b8:
12:ed:9f:b2:ea:a9:5a:c1:d0:f2:44:75:e0:8b:2a:
9f:ca:10:40:54:15:37:89:3b:bf:4d:3c:1c:37:6f:
64:e9:59:db:60:b6:2f:c0:0f:2a:cd:50:cd:1c:c5:
db:c4:cc:c8:b5:0d:8a:14:0f:fe:17:80:38:1b:c4:
cb:c6:f7:7e:3f:0e:54:2c:8d:77:e4:1b:be:e9:5b:
e5:42:53:9c:7a:a9:02:7f:ed:ee:7f:ff:21:c9:d4:
f4:0a:55:0a:33:c3:ab:a7:d3:20:49:d0:be:95:6c:
f8:ee:5e:7f:16:8e:5f:f3:02:f0:50:09:ef:f3:80:
47:75:98:ed:e3:0d:d9:79:45:ec:4a:b2:10:0a:40:
fa:88:6c:e9:70:df:c0:70:7f:4b:a7:76:3c:02:8a:
0a:d5:58:ee:7d:f6:f4:63:fd:51:e5:04:22:f7:4f:
a8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:73:B5:CC:F0:A8:EA:5C:E4:1A:2E:47:63:11:F3:75:CD:83:C0:D2
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
159.226.0.0/16
Signature Algorithm: sha256WithRSAEncryption
61:d5:a3:67:30:bf:b8:aa:a0:5b:e7:5b:c0:46:a9:56:43:22:
1d:b7:72:9f:d3:8c:69:74:d3:08:58:b8:e2:f1:a1:26:18:34:
8d:24:05:96:b0:4c:a3:83:ea:58:1b:8c:65:0d:6b:fe:d6:52:
26:fa:94:e7:00:22:ff:dc:18:9f:ed:93:f3:1e:18:ba:50:29:
07:38:7c:f9:89:b1:46:5b:2c:36:6c:4a:95:68:72:68:04:ff:
3f:ec:2b:09:ce:f2:6d:13:bb:ba:c3:58:e4:f3:e9:bf:de:a8:
77:73:9b:ba:7a:15:c7:70:84:4d:00:c7:ff:77:5a:48:fc:95:
c9:1c:85:65:08:97:5d:f1:3c:3f:4b:f6:a3:4f:1b:af:64:ce:
f0:d6:76:fc:06:b9:c0:bc:38:ab:59:aa:d9:ee:21:68:29:ff:
d5:ab:6e:c7:26:05:b7:9a:df:ed:70:ff:b4:61:73:8c:a0:6d:
46:de:26:ee:74:0f:d5:75:9b:0d:c6:d8:6b:ba:23:26:cf:2c:
01:d9:81:f8:56:97:5f:eb:3a:4c:df:92:6f:02:6f:f6:55:18:
58:24:a0:f5:c7:dd:73:2c:7d:a6:32:ac:0f:8b:99:1a:8d:09:
6f:38:8f:5d:19:e4:37:b3:68:46:64:cd:f5:dc:93:ac:28:7a:
25:ca:be:46
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgICbF0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUxMDE2MjAxNTEyWhcNMjYxMjMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFBNThBQTExMC8GA1UEBRMoOTY3M0I1Q0NGMEE4RUE1Q0U0MUEyRTQ3
NjMxMUYzNzVDRDgzQzBEMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALqWU2vHbDx0noqCyAsMEiJFS0bju1epingT2nZrXbfVheKrgYxm6HpzlvU3fbg1
7agsYXK22kCjk3q3TP/pX46ixVqTHa/RpM8PKZIhjry/jFvBbcQ0Asy4Eu2fsuqp
WsHQ8kR14Isqn8oQQFQVN4k7v008HDdvZOlZ22C2L8APKs1QzRzF28TMyLUNihQP
/heAOBvEy8b3fj8OVCyNd+Qbvulb5UJTnHqpAn/t7n//IcnU9ApVCjPDq6fTIEnQ
vpVs+O5efxaOX/MC8FAJ7/OAR3WY7eMN2XlF7EqyEApA+ohs6XDfwHB/S6d2PAKK
CtVY7n329GP9UeUEIvdPqDcCAwEAAaOCAvIwggLuMB0GA1UdDgQWBBSWc7XM8Kjq
XOQaLkdjEfN1zYPA0jAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU4QUEvQzE5MzlDRTYyNDAyMTFGMDk2MUI2NDZEQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE1OEFBL0MxOTM5Q0U2MjQwMjExRjA5NjFCNjQ2REM0RjlBRTAyL2xuTzF6UENv
Nmx6a0dpNUhZeEh6ZGMyRHdOSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAeBggrBgEFBQcBBwEB/wQPMA0w
CwQCAAEwBQMDAJ/iMA0GCSqGSIb3DQEBCwUAA4IBAQBh1aNnML+4qqBb51vARqlW
QyIdt3Kf04xpdNMIWLji8aEmGDSNJAWWsEyjg+pYG4xlDWv+1lIm+pTnACL/3Bif
7ZPzHhi6UCkHOHz5ibFGWyw2bEqVaHJoBP8/7CsJzvJtE7u6w1jk8+m/3qh3c5u6
ehXHcIRNAMf/d1pI/JXJHIVlCJdd8Tw/S/ajTxuvZM7w1nb8BrnAvDirWarZ7iFo
Kf/Vq27HJgW3mt/tcP+0YXOMoG1G3ibudA/VdZsNxthruiMmzywB2YH4Vpdf6zpM
35JvAm/2VRhYJKD1x91zLH2mMqwPi5kajQlvOI9dGeQ3s2hGZM313JOsKHolyr5G
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:09:32 2025 by rpki-client