Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vnJUhLjNDR2Nd-2HzM7633k_Rwg.cer
File: vnJUhLjNDR2Nd-2HzM7633k_Rwg.cer (raw, json)
Hash identifier: NWRTGmYSyiOmj1/iUXg8lLiC2uFSRa6Yc0/hJDTLkDE=
Subject key identifier: BE:72:54:84:B8:CD:0D:1D:8D:77:ED:87:CC:CE:FA:DF:79:3F:47:08
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 646D
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A918E6B7/AE7D4D4E46AC11E996088348C4F9AE02/vnJUhLjNDR2Nd-2HzM7633k_Rwg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A918E6B7/AE7D4D4E46AC11E996088348C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 01 May 2025 20:51:35 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 147.76.0.0/16
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 12 May 2025 05:10:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25709 (0x646d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: May 1 20:51:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A918E6B7, serialNumber=BE725484B8CD0D1D8D77ED87CCCEFADF793F4708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e0:9c:98:db:b5:9e:db:a9:14:b9:36:d2:1f:
ce:a6:2c:c5:f8:a0:d2:b0:f5:37:95:13:c6:6b:e3:
b4:25:46:f3:54:d2:da:26:52:a0:82:3f:3c:43:b6:
4b:a8:1d:53:52:32:57:82:81:c5:3c:15:81:1a:d6:
ad:ba:c3:b7:12:5d:08:c2:28:5a:4d:1b:24:4c:57:
00:5c:83:8e:5d:4d:43:16:7e:90:12:20:51:d9:0f:
8e:47:ef:16:64:7b:6a:62:1c:a5:0e:c8:55:d2:58:
18:7a:a6:d5:b9:79:9c:95:be:f4:ee:1a:21:90:f8:
e6:80:03:00:d5:82:7f:d4:71:98:45:a6:dd:e0:60:
74:1c:f6:1a:ac:e4:99:6a:4e:19:00:57:5c:a3:03:
04:5b:e2:26:5b:15:ab:16:60:d5:54:11:6f:95:f9:
39:f1:a2:81:ae:75:de:53:c6:eb:39:f2:ab:ab:d0:
12:c8:92:9f:2b:50:58:d6:ad:31:3b:b9:b7:f2:30:
97:54:80:65:dd:17:c3:62:4f:fd:27:64:b4:73:83:
de:4c:42:b5:0c:e5:fb:8b:31:36:2a:ba:53:2e:92:
0f:e2:2a:51:3c:77:88:8f:7a:8f:d2:91:c4:76:ed:
4b:a6:9c:ef:73:ff:a2:67:fa:7d:7a:d3:70:4a:6f:
f1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:72:54:84:B8:CD:0D:1D:8D:77:ED:87:CC:CE:FA:DF:79:3F:47:08
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918E6B7/AE7D4D4E46AC11E996088348C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918E6B7/AE7D4D4E46AC11E996088348C4F9AE02/vnJUhLjNDR2Nd-2HzM7633k_Rwg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
147.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1a:f7:8c:92:00:f4:84:05:57:ee:13:86:75:c5:32:11:f1:9a:
2e:bb:d9:ee:be:4c:00:8e:6d:a4:41:2b:ec:7f:04:43:4c:c2:
28:b4:22:d0:d3:b5:8e:23:09:47:79:b1:54:9e:c4:f2:62:3d:
8a:4d:63:27:31:40:31:d0:5c:97:d1:40:96:db:a3:96:4e:d2:
bc:15:c6:00:bd:1d:f1:42:b1:36:18:f6:08:c8:19:17:ec:f8:
aa:b3:43:0f:95:40:0e:66:6f:94:ae:d2:41:50:ee:08:d0:a6:
5a:73:2e:d7:37:d6:1b:4f:67:01:eb:07:43:96:bb:f3:0b:a9:
3f:ca:d7:55:fb:a7:4a:65:dd:39:18:fa:c7:b3:74:a1:a2:05:
12:cc:e0:e1:64:d6:32:8b:15:2b:f8:88:36:ea:71:69:4f:31:
27:9e:63:8e:f0:22:92:e9:94:e3:f6:f0:75:be:aa:0b:14:38:
97:db:7e:2c:06:5c:8e:79:71:3b:7f:51:59:de:9a:36:e8:5b:
15:30:2d:41:67:49:7a:5c:d9:98:a7:46:cc:b2:dc:0e:a2:1a:
dd:e4:63:e9:4b:c9:ca:41:f5:30:a5:7e:4f:70:85:51:f3:c7:
7e:c6:d5:2d:ed:67:f2:a8:00:bb:c1:50:27:e3:4f:e2:4f:3e:
97:f6:6e:b4
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgICZG0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNTAxMjA1MTM1WhcNMjYwNzAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE4RTZCNzExMC8GA1UEBRMoQkU3MjU0ODRCOENEMEQxRDhENzdFRDg3
Q0NDRUZBREY3OTNGNDcwODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALvgnJjbtZ7bqRS5NtIfzqYsxfig0rD1N5UTxmvjtCVG81TS2iZSoII/PEO2S6gd
U1IyV4KBxTwVgRrWrbrDtxJdCMIoWk0bJExXAFyDjl1NQxZ+kBIgUdkPjkfvFmR7
amIcpQ7IVdJYGHqm1bl5nJW+9O4aIZD45oADANWCf9RxmEWm3eBgdBz2GqzkmWpO
GQBXXKMDBFviJlsVqxZg1VQRb5X5OfGiga513lPG6znyq6vQEsiSnytQWNatMTu5
t/Iwl1SAZd0Xw2JP/SdktHOD3kxCtQzl+4sxNiq6Uy6SD+IqUTx3iI96j9KRxHbt
S6ac73P/omf6fXrTcEpv8UcCAwEAAaOCAvIwggLuMB0GA1UdDgQWBBS+clSEuM0N
HY137YfMzvrfeT9HCDAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEU2QjcvQUU3RDRENEU0NkFDMTFFOTk2MDg4MzQ4QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFNkI3L0FFN0Q0RDRFNDZBQzExRTk5NjA4ODM0OEM0RjlBRTAyL3ZuSlVoTGpO
RFIyTmQtMkh6TTc2MzNrX1J3Zy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAeBggrBgEFBQcBBwEB/wQPMA0w
CwQCAAEwBQMDAJNMMA0GCSqGSIb3DQEBCwUAA4IBAQAa94ySAPSEBVfuE4Z1xTIR
8Zouu9nuvkwAjm2kQSvsfwRDTMIotCLQ07WOIwlHebFUnsTyYj2KTWMnMUAx0FyX
0UCW26OWTtK8FcYAvR3xQrE2GPYIyBkX7Piqs0MPlUAOZm+UrtJBUO4I0KZacy7X
N9YbT2cB6wdDlrvzC6k/ytdV+6dKZd05GPrHs3ShogUSzODhZNYyixUr+Ig26nFp
TzEnnmOO8CKS6ZTj9vB1vqoLFDiX234sBlyOeXE7f1FZ3po26FsVMC1BZ0l6XNmY
p0bMstwOohrd5GPpS8nKQfUwpX5PcIVR88d+xtUt7WfyqAC7wVAn40/iTz6X9m60
-----END CERTIFICATE-----
Generated at Mon May 5 14:32:50 2025 by rpki-client