Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p7hD7DD-oxCjjDFPRdOOALq5sYA.cer
File: p7hD7DD-oxCjjDFPRdOOALq5sYA.cer (raw, json)
Hash identifier: hW+GKAqSYoY+bVK8e2D2+X1qDN0MXLpIfDDECmm4DTY=
Subject key identifier: A7:B8:43:EC:30:FE:A3:10:A3:8C:31:4F:45:D3:8E:00:BA:B9:B1:80
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 678B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/5632dc04-68db-4791-87de-0683e3c28646/5/A7B843EC30FEA310A38C314F45D38E00BAB9B180.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/5632dc04-68db-4791-87de-0683e3c28646/5/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Thu 03 Jul 2025 03:58:45 +0000
Certificate not after: Wed 30 Sep 2026 00:00:00 +0000
Subordinate resources: IP: 160.22.168.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Jul 2025 03:15:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26507 (0x678b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Jul 3 03:58:45 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=A91650860000, serialNumber=A7B843EC30FEA310A38C314F45D38E00BAB9B180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:cf:f1:d1:de:40:ed:dc:3d:14:00:6e:e9:c2:
d7:c6:26:35:c4:8b:f6:1c:2c:02:15:ce:67:ea:8e:
40:76:70:89:ac:1e:af:98:61:28:9c:ef:ef:37:eb:
ea:1f:59:68:1b:a8:67:d0:16:87:9e:b2:4e:c9:eb:
2b:d3:a4:6d:70:1c:db:2e:3c:9a:e4:dc:8a:fd:a7:
ab:4d:8b:8e:7b:6b:c3:37:5d:52:c1:1c:30:bd:70:
a1:d1:af:e0:51:16:ea:a0:32:4d:07:1c:ed:fc:f3:
ab:77:2e:5e:17:7c:41:59:28:43:f8:2c:50:13:e4:
9c:5f:5b:db:7b:5a:89:3f:40:ec:d1:68:b7:34:11:
83:5b:5b:80:3c:35:6f:c6:74:57:36:0f:ff:96:a0:
54:ba:d7:b0:94:9d:b3:4b:52:84:e0:34:14:e8:ae:
25:b1:95:6f:31:5c:58:64:dc:33:de:f2:5b:bf:29:
32:31:b5:31:5f:1f:c9:90:c3:30:27:ee:ea:37:7c:
a2:07:7a:ca:de:4d:b5:20:3f:66:23:3d:69:fa:58:
7f:39:2d:d6:6e:63:49:ef:76:4a:7b:23:8c:75:2f:
53:3a:32:0f:28:2b:9d:56:de:db:8b:c8:95:bf:c5:
ac:0e:3d:51:bb:15:93:7d:34:1a:78:d0:e7:99:0d:
2e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:B8:43:EC:30:FE:A3:10:A3:8C:31:4F:45:D3:8E:00:BA:B9:B1:80
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/5632dc04-68db-4791-87de-0683e3c28646/5/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/5632dc04-68db-4791-87de-0683e3c28646/5/A7B843EC30FEA310A38C314F45D38E00BAB9B180.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.22.168.0/23
Signature Algorithm: sha256WithRSAEncryption
85:95:dc:de:57:0f:61:ec:86:01:c5:4e:a4:8b:db:86:13:c7:
22:4f:dd:4b:e9:9d:d1:ce:c0:ea:c8:e7:be:f2:78:22:fb:14:
b5:91:c3:5d:c3:db:f8:a5:df:4e:ba:a7:41:49:4b:ef:57:94:
41:36:19:ec:a7:4c:67:89:a6:b9:8a:41:85:2e:31:1f:1d:a1:
ab:f1:c8:84:2e:26:e2:1c:ca:37:94:7a:f3:b2:3a:78:ed:39:
d3:e4:1a:4c:2c:70:3c:cd:8a:b4:80:ff:d9:3e:78:9a:81:2f:
6f:fc:d8:5f:57:11:ef:70:7d:bf:94:87:20:b5:26:dd:de:65:
d6:68:36:0b:ce:20:97:e4:03:a7:49:3c:60:c9:b5:20:a8:00:
26:ab:61:1c:7f:f7:b0:76:dc:56:f5:b8:8f:40:5c:57:ca:82:
a1:8c:46:80:9b:41:ff:c7:b8:31:56:5d:a1:2b:ef:1f:5a:ec:
d3:a2:21:34:10:00:ec:1d:5a:b0:92:46:f5:21:57:00:c1:a4:
83:f6:06:e1:d4:0a:a7:29:83:ab:d5:bf:95:38:31:5a:02:39:
ef:9d:22:b5:24:70:90:9b:8b:5a:9e:87:05:92:8b:ad:51:a0:
c6:ba:7b:d6:66:d1:db:e7:59:37:71:ff:4f:e3:7d:5f:9b:59:
95:c7:3f:16
-----BEGIN CERTIFICATE-----
MIIGGDCCBQCgAwIBAgICZ4swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNzAzMDM1ODQ1WhcNMjYwOTMwMDAwMDAwWjBKMRUwEwYD
VQQDEwxBOTE2NTA4NjAwMDAxMTAvBgNVBAUTKEE3Qjg0M0VDMzBGRUEzMTBBMzhD
MzE0RjQ1RDM4RTAwQkFCOUIxODAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDTz/HR3kDt3D0UAG7pwtfGJjXEi/YcLAIVzmfqjkB2cImsHq+YYSic7+83
6+ofWWgbqGfQFoeesk7J6yvTpG1wHNsuPJrk3Ir9p6tNi457a8M3XVLBHDC9cKHR
r+BRFuqgMk0HHO3886t3Ll4XfEFZKEP4LFAT5JxfW9t7Wok/QOzRaLc0EYNbW4A8
NW/GdFc2D/+WoFS617CUnbNLUoTgNBToriWxlW8xXFhk3DPe8lu/KTIxtTFfH8mQ
wzAn7uo3fKIHesreTbUgP2YjPWn6WH85LdZuY0nvdkp7I4x1L1M6Mg8oK51W3tuL
yJW/xawOPVG7FZN9NBp40OeZDS5bAgMBAAGjggMKMIIDBjAdBgNVHQ4EFgQUp7hD
7DD+oxCjjDFPRdOOALq5sYAwHwYDVR0jBBgwFoAUdAFlqA0QcZcKvAnAK3HBrHwd
bg4wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBo
oGagZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIw
MUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL2RBRmxxQTBRY1pjS3ZBbkFLM0hCckh3
ZGJnNC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUy
MUE0RjRGQjQvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0LmNlcjBKBgNVHSAB
Af8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFw
bmljLm5ldC9SUEtJL0NQUy5wZGYwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsG
AQUFBzAFhlNyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5LzU2MzJkYzA0LTY4ZGItNDc5MS04N2RlLTA2ODNlM2MyODY0Ni81LzCBiwYI
KwYBBQUHMAqGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9z
aXRvcnkvNTYzMmRjMDQtNjhkYi00NzkxLTg3ZGUtMDY4M2UzYzI4NjQ2LzUvQTdC
ODQzRUMzMEZFQTMxMEEzOEMzMTRGNDVEMzhFMDBCQUI5QjE4MC5tZnQwPAYIKwYB
BQUHMA2GMGh0dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0
aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAaAWqDANBgkqhkiG
9w0BAQsFAAOCAQEAhZXc3lcPYeyGAcVOpIvbhhPHIk/dS+md0c7A6sjnvvJ4IvsU
tZHDXcPb+KXfTrqnQUlL71eUQTYZ7KdMZ4mmuYpBhS4xHx2hq/HIhC4m4hzKN5R6
87I6eO050+QaTCxwPM2KtID/2T54moEvb/zYX1cR73B9v5SHILUm3d5l1mg2C84g
l+QDp0k8YMm1IKgAJqthHH/3sHbcVvW4j0BcV8qCoYxGgJtB/8e4MVZdoSvvH1rs
06IhNBAA7B1asJJG9SFXAMGkg/YG4dQKpymDq9W/lTgxWgI5750itSRwkJuLWp6H
BZKLrVGgxrp71mbR2+dZN3H/T+N9X5tZlcc/Fg==
-----END CERTIFICATE-----
Generated at Thu Jul 3 13:29:41 2025 by rpki-client