Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnO1zPCo6lzkGi5HYxHzdc2DwNI.cer
File: lnO1zPCo6lzkGi5HYxHzdc2DwNI.cer (raw, json)
Hash identifier: Z8ULEt08af2ADFR5ukheYV1eXMtb6UEQYoHtEFSOYYM=
Subject key identifier: 96:73:B5:CC:F0:A8:EA:5C:E4:1A:2E:47:63:11:F3:75:CD:83:C0:D2
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6449
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 28 Apr 2025 07:31:15 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: IP: 159.226.0.0/16
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 18 May 2025 14:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25673 (0x6449)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Apr 28 07:31:15 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A91A58AA, serialNumber=9673B5CCF0A8EA5CE41A2E476311F375CD83C0D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:96:53:6b:c7:6c:3c:74:9e:8a:82:c8:0b:0c:
12:22:45:4b:46:e3:bb:57:a9:8a:78:13:da:76:6b:
5d:b7:d5:85:e2:ab:81:8c:66:e8:7a:73:96:f5:37:
7d:b8:35:ed:a8:2c:61:72:b6:da:40:a3:93:7a:b7:
4c:ff:e9:5f:8e:a2:c5:5a:93:1d:af:d1:a4:cf:0f:
29:92:21:8e:bc:bf:8c:5b:c1:6d:c4:34:02:cc:b8:
12:ed:9f:b2:ea:a9:5a:c1:d0:f2:44:75:e0:8b:2a:
9f:ca:10:40:54:15:37:89:3b:bf:4d:3c:1c:37:6f:
64:e9:59:db:60:b6:2f:c0:0f:2a:cd:50:cd:1c:c5:
db:c4:cc:c8:b5:0d:8a:14:0f:fe:17:80:38:1b:c4:
cb:c6:f7:7e:3f:0e:54:2c:8d:77:e4:1b:be:e9:5b:
e5:42:53:9c:7a:a9:02:7f:ed:ee:7f:ff:21:c9:d4:
f4:0a:55:0a:33:c3:ab:a7:d3:20:49:d0:be:95:6c:
f8:ee:5e:7f:16:8e:5f:f3:02:f0:50:09:ef:f3:80:
47:75:98:ed:e3:0d:d9:79:45:ec:4a:b2:10:0a:40:
fa:88:6c:e9:70:df:c0:70:7f:4b:a7:76:3c:02:8a:
0a:d5:58:ee:7d:f6:f4:63:fd:51:e5:04:22:f7:4f:
a8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:73:B5:CC:F0:A8:EA:5C:E4:1A:2E:47:63:11:F3:75:CD:83:C0:D2
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
159.226.0.0/16
Signature Algorithm: sha256WithRSAEncryption
70:8c:03:ba:ea:70:72:e5:95:1f:9c:70:f3:c8:5b:1a:c7:c3:
e1:b4:55:c9:04:0d:24:34:65:b9:b6:34:38:27:52:a1:4b:1a:
62:ce:05:a1:12:73:ea:93:fd:16:d2:7f:49:d9:40:1c:c6:a9:
8f:d9:47:a4:c2:e9:59:52:0e:bf:2e:71:45:95:c8:fb:8a:5e:
85:cf:a8:0c:d4:3a:53:27:c3:9a:48:5e:9f:7e:ad:5c:95:af:
e8:47:87:25:2d:1a:53:17:08:d5:34:2d:06:b1:4c:02:33:b2:
c9:c3:05:ce:50:bf:ca:48:d8:87:6a:f0:d9:61:b6:c0:22:05:
25:80:ac:b0:65:c5:a3:dd:e4:96:3c:3a:7a:a7:f5:3c:14:3e:
82:48:8e:51:ba:7e:43:d7:3b:fd:f4:35:37:57:2b:74:95:61:
b0:61:12:46:e3:ed:1e:96:3d:1b:52:c4:6b:b4:57:02:59:8c:
3a:51:d0:61:ce:09:cd:7c:aa:81:0d:c2:96:b5:2c:30:8e:a0:
ab:18:32:8d:49:7a:b3:c9:27:55:86:1f:6b:e8:07:1f:eb:b7:
02:b3:43:f5:b4:f8:5e:04:4d:06:e1:19:c9:ab:1d:3d:ed:1e:
fe:1f:9b:e6:00:75:6b:ec:72:56:fd:2a:8d:a6:c0:0e:6f:ce:
82:d2:b5:14
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgICZEkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNDI4MDczMTE1WhcNMjUxMjMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFBNThBQTExMC8GA1UEBRMoOTY3M0I1Q0NGMEE4RUE1Q0U0MUEyRTQ3
NjMxMUYzNzVDRDgzQzBEMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALqWU2vHbDx0noqCyAsMEiJFS0bju1epingT2nZrXbfVheKrgYxm6HpzlvU3fbg1
7agsYXK22kCjk3q3TP/pX46ixVqTHa/RpM8PKZIhjry/jFvBbcQ0Asy4Eu2fsuqp
WsHQ8kR14Isqn8oQQFQVN4k7v008HDdvZOlZ22C2L8APKs1QzRzF28TMyLUNihQP
/heAOBvEy8b3fj8OVCyNd+Qbvulb5UJTnHqpAn/t7n//IcnU9ApVCjPDq6fTIEnQ
vpVs+O5efxaOX/MC8FAJ7/OAR3WY7eMN2XlF7EqyEApA+ohs6XDfwHB/S6d2PAKK
CtVY7n329GP9UeUEIvdPqDcCAwEAAaOCAvIwggLuMB0GA1UdDgQWBBSWc7XM8Kjq
XOQaLkdjEfN1zYPA0jAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU4QUEvQzE5MzlDRTYyNDAyMTFGMDk2MUI2NDZEQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE1OEFBL0MxOTM5Q0U2MjQwMjExRjA5NjFCNjQ2REM0RjlBRTAyL2xuTzF6UENv
Nmx6a0dpNUhZeEh6ZGMyRHdOSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAeBggrBgEFBQcBBwEB/wQPMA0w
CwQCAAEwBQMDAJ/iMA0GCSqGSIb3DQEBCwUAA4IBAQBwjAO66nBy5ZUfnHDzyFsa
x8PhtFXJBA0kNGW5tjQ4J1KhSxpizgWhEnPqk/0W0n9J2UAcxqmP2UekwulZUg6/
LnFFlcj7il6Fz6gM1DpTJ8OaSF6ffq1cla/oR4clLRpTFwjVNC0GsUwCM7LJwwXO
UL/KSNiHavDZYbbAIgUlgKywZcWj3eSWPDp6p/U8FD6CSI5Run5D1zv99DU3Vyt0
lWGwYRJG4+0elj0bUsRrtFcCWYw6UdBhzgnNfKqBDcKWtSwwjqCrGDKNSXqzySdV
hh9r6Acf67cCs0P1tPheBE0G4RnJqx097R7+H5vmAHVr7HJW/SqNpsAOb86C0rUU
-----END CERTIFICATE-----
Generated at Sun May 11 16:55:58 2025 by rpki-client