Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-KpwkWtspYPANj63qaX38mJ9c2A.cer
File: -KpwkWtspYPANj63qaX38mJ9c2A.cer (raw, json)
Hash identifier: jKQs5KwNgBCVWTbYWdpT7eZTnDlV4X91+YnnY1rYYko=
Subject key identifier: F8:AA:70:91:6B:6C:A5:83:C0:36:3E:B7:A9:A5:F7:F2:62:7D:73:60
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025355
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/-KpwkWtspYPANj63qaX38mJ9c2A.mft
caRepository: rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 03 Jul 2025 17:06:03 +0000
Certificate not after: Mon 31 Aug 2026 00:00:00 +0000
Subordinate resources: AS: 10091
AS: 132138
IP: 58.146.128.0/18
IP: 58.182.0.0/16
IP: 59.189.0.0/16
IP: 103.234.104.0/22
IP: 116.86.0.0 -- 116.89.127.255
IP: 150.107.128.0/22
IP: 202.156.0.0/16
IP: 218.186.0.0/16
IP: 218.212.0.0/16
IP: 222.164.0.0 -- 222.165.127.255
IP: 2404:e800::/31
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Jul 2025 03:15:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152405 (0x25355)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 3 17:06:03 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=A915EE53, serialNumber=F8AA70916B6CA583C0363EB7A9A5F7F2627D7360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d2:8b:85:cc:ea:3d:df:01:1a:04:dd:03:60:
e0:f3:57:ce:0a:d1:02:dc:87:9d:32:3c:be:4c:11:
02:67:ad:0e:32:fa:e6:4c:d9:71:5f:46:66:c7:b0:
73:20:4f:e1:7e:b3:e8:54:f1:fd:34:b3:24:1d:06:
4a:9f:ca:14:3e:70:d1:86:c3:bd:f3:85:6d:b1:c1:
d7:e6:c1:68:04:d2:95:75:ce:70:2b:be:6a:10:57:
94:52:c1:26:55:cb:f1:65:ba:bf:f7:17:63:f5:25:
3e:06:da:cf:22:4e:9d:96:71:e0:42:69:79:87:b6:
f4:4d:d7:e3:14:69:0b:9c:23:be:ef:7d:58:70:3d:
cb:d3:86:ef:56:15:b4:85:e1:cc:b0:36:e4:79:38:
91:16:d1:94:ff:30:ff:d1:9b:80:d7:bf:19:27:97:
a9:7d:19:ca:a8:c3:b8:33:14:fd:98:6c:8c:81:4a:
cb:e6:3e:2d:18:9c:d2:5f:71:c1:e8:d0:35:dd:84:
18:c2:19:7f:be:c1:36:a7:0d:42:2b:eb:c8:71:00:
fa:53:5a:b3:68:28:e6:38:76:f0:dc:21:37:88:f1:
cb:0a:37:43:87:f0:ba:78:f4:a9:01:e0:fc:b6:08:
eb:74:bd:8d:aa:ad:e5:18:74:c1:15:8b:97:fd:15:
1e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:AA:70:91:6B:6C:A5:83:C0:36:3E:B7:A9:A5:F7:F2:62:7D:73:60
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/-KpwkWtspYPANj63qaX38mJ9c2A.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
10091
132138
sbgp-ipAddrBlock: critical
IPv4:
58.146.128.0/18
58.182.0.0/16
59.189.0.0/16
103.234.104.0/22
116.86.0.0-116.89.127.255
150.107.128.0/22
202.156.0.0/16
218.186.0.0/16
218.212.0.0/16
222.164.0.0-222.165.127.255
IPv6:
2404:e800::/31
Signature Algorithm: sha256WithRSAEncryption
c2:5d:e6:69:38:e6:5a:75:a3:df:2b:7c:a7:a2:a6:f9:9a:93:
91:55:f0:c5:12:bc:30:d8:9e:4e:88:91:36:d2:06:d4:fa:ef:
bf:55:f8:88:ab:38:d0:bb:06:c8:1b:d4:e8:7e:da:a5:db:c6:
da:38:8e:56:43:a1:52:db:ff:db:3b:d9:b9:ab:29:69:36:e3:
c4:7f:bf:6d:a1:7a:50:36:42:4e:1f:cd:48:1d:41:5b:6b:29:
53:a2:07:f2:03:1b:9d:06:7a:bc:01:d6:a0:d8:c5:be:e1:ad:
a2:c7:36:47:11:e0:93:c2:c0:59:9c:82:47:55:7f:29:f7:79:
54:ca:d8:23:15:df:05:f4:8b:25:e0:30:30:23:0d:ce:04:67:
e2:6e:b8:9f:40:17:e2:ac:29:e2:02:29:3e:d2:ac:58:7e:42:
61:c9:a9:65:7f:60:47:6d:6e:e2:88:3f:cd:77:65:7f:c3:09:
32:06:84:7f:cf:20:3d:aa:08:1b:53:2b:05:a3:c3:f8:a1:72:
8c:9c:36:93:5e:dd:9a:bf:b6:6d:f9:b0:0d:0e:05:07:0a:78:
79:43:85:fc:f0:51:dc:3e:86:54:f1:00:5f:4e:09:7b:78:19:
10:55:24:16:23:00:67:07:66:15:4c:0f:37:0a:e7:8e:83:71:
b4:97:0d:5e
-----BEGIN CERTIFICATE-----
MIIGbDCCBVSgAwIBAgIDAlNVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDcwMzE3MDYwM1oXDTI2MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNUVFNTMxMTAvBgNVBAUTKEY4QUE3MDkxNkI2Q0E1ODNDMDM2M0VC
N0E5QTVGN0YyNjI3RDczNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+0ouFzOo93wEaBN0DYODzV84K0QLch50yPL5MEQJnrQ4y+uZM2XFfRmbHsHMg
T+F+s+hU8f00syQdBkqfyhQ+cNGGw73zhW2xwdfmwWgE0pV1znArvmoQV5RSwSZV
y/Flur/3F2P1JT4G2s8iTp2WceBCaXmHtvRN1+MUaQucI77vfVhwPcvThu9WFbSF
4cywNuR5OJEW0ZT/MP/Rm4DXvxknl6l9Gcqow7gzFP2YbIyBSsvmPi0YnNJfccHo
0DXdhBjCGX++wTanDUIr68hxAPpTWrNoKOY4dvDcITeI8csKN0OH8Lp49KkB4Py2
COt0vY2qreUYdMEVi5f9FR4ZAgMBAAGjggNhMIIDXTAdBgNVHQ4EFgQU+KpwkWts
pYPANj63qaX38mJ9c2AwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTVFRTUzLzM4NTExODQwNDU4ODExRTU5QjJEODM3MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1RUU1My8zODUxMTg0MDQ1ODgxMUU1OUIyRDgzNzFDNEY5QUUwMi8tS3B3a1d0
c3BZUEFOajYzcWFYMzhtSjljMkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQgBAf8EDzAN
oAswCQICJ2sCAwIEKjBtBggrBgEFBQcBBwEB/wReMFwwSwQCAAEwRQMEBjqSgAMD
ADq2AwMAO70DBAJn6mgwCwMDAXRWAwQHdFkAAwQClmuAAwMAypwDAwDaugMDANrU
MAsDAwLepAMEB96lADANBAIAAjAHAwUBJAToADANBgkqhkiG9w0BAQsFAAOCAQEA
wl3maTjmWnWj3yt8p6Km+ZqTkVXwxRK8MNieToiRNtIG1Prvv1X4iKs40LsGyBvU
6H7apdvG2jiOVkOhUtv/2zvZuaspaTbjxH+/baF6UDZCTh/NSB1BW2spU6IH8gMb
nQZ6vAHWoNjFvuGtosc2RxHgk8LAWZyCR1V/Kfd5VMrYIxXfBfSLJeAwMCMNzgRn
4m64n0AX4qwp4gIpPtKsWH5CYcmpZX9gR21u4og/zXdlf8MJMgaEf88gPaoIG1Mr
BaPD+KFyjJw2k17dmr+2bfmwDQ4FBwp4eUOF/PBR3D6GVPEAX04Je3gZEFUkFiMA
ZwdmFUwPNwrnjoNxtJcNXg==
-----END CERTIFICATE-----
Generated at Sat Jul 5 05:50:33 2025 by rpki-client