Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NaTomlkzTxaGZ0sJu0iZHog534.cer
File: -NaTomlkzTxaGZ0sJu0iZHog534.cer (raw, json)
Hash identifier: ch1oDVZnkmdHuRJeDUdvqrlmOguRctYF5wPN5xRTJ+Y=
Subject key identifier: F8:D6:93:A2:69:64:CD:3C:5A:19:9D:2C:26:ED:22:64:7A:20:E7:7E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 026CE1
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/-NaTomlkzTxaGZ0sJu0iZHog534.mft
caRepository: rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 15 Oct 2025 19:52:34 +0000
Certificate not after: Sun 31 Jan 2027 00:00:00 +0000
Subordinate resources: AS: 150371
IP: 103.19.48.0/23
IP: 2001:df3:3f40::/48
IP: 2402:2fa0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 27 Oct 2025 13:24:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 158945 (0x26ce1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 15 19:52:34 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=A919EF67, serialNumber=F8D693A26964CD3C5A199D2C26ED22647A20E77E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:b5:06:b5:8d:fa:ff:c0:54:1f:96:35:b5:c8:
8a:78:ec:40:97:ac:57:be:34:f2:a0:0a:72:05:5e:
a5:ea:65:e3:bf:de:ce:88:f9:5b:76:08:69:14:99:
a8:93:4d:c0:af:51:8c:43:05:89:92:4f:7b:4f:ae:
fe:80:dd:1d:76:fc:dd:f8:45:73:49:5a:a8:29:ca:
fb:4e:00:12:a1:28:24:bd:28:99:ed:6d:71:0c:85:
5c:06:af:ff:3a:9c:6e:ae:e3:a0:bd:fe:79:25:0e:
cb:ec:37:0c:b7:85:f0:8a:8c:f7:ce:71:dd:4a:a8:
d2:63:c7:0b:03:23:2e:84:05:fd:4d:f1:ca:30:6a:
0e:21:5e:a8:be:19:4e:d4:51:39:c8:e2:48:3b:94:
d6:0d:93:a9:da:b4:f7:dd:ab:49:4e:af:56:7a:2e:
68:9a:5c:36:56:79:31:b8:50:1a:d2:93:4f:c9:14:
bf:f4:96:e1:d3:fd:b5:53:fe:b0:7e:16:94:d0:25:
50:ed:eb:a2:8d:f2:ca:85:1d:14:19:6b:88:ac:c2:
40:f3:25:c8:fb:79:be:68:70:c2:b5:b4:3b:8e:90:
d8:11:5e:be:0f:49:d3:55:60:76:3f:5f:81:31:25:
55:a3:46:5c:43:4b:39:d2:9a:0d:d4:bb:70:a4:08:
75:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:D6:93:A2:69:64:CD:3C:5A:19:9D:2C:26:ED:22:64:7A:20:E7:7E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/-NaTomlkzTxaGZ0sJu0iZHog534.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
150371
sbgp-ipAddrBlock: critical
IPv4:
103.19.48.0/23
IPv6:
2001:df3:3f40::/48
2402:2fa0::/32
Signature Algorithm: sha256WithRSAEncryption
1e:c5:c2:32:22:4a:c0:84:e9:5d:f8:fb:9d:c8:81:bf:3c:a2:
0e:b6:bd:71:f9:61:93:dd:5a:e0:d2:4c:71:d5:61:c6:8d:60:
8a:3e:ee:5b:d7:69:c7:a5:12:72:42:f9:e3:c4:5e:fa:41:7e:
e6:55:f0:58:c1:5b:4f:14:c1:fd:65:fe:e9:f6:6e:b0:bb:82:
c2:74:32:50:22:99:fb:62:2f:e2:6b:91:bf:eb:cd:6f:60:26:
ea:e9:ab:f2:bd:42:b9:27:fa:e6:22:9a:8c:77:2f:37:8f:87:
03:51:a0:68:12:91:0b:a5:ad:ab:f9:9a:01:48:22:72:f0:83:
9e:9d:bc:bc:b0:3e:1a:83:22:5f:f0:e3:e2:c6:7b:ba:2b:a8:
26:de:30:1b:c2:af:0f:ce:50:a6:3f:9f:15:aa:23:e0:6b:da:
17:e5:ec:d8:d1:39:e2:d7:01:9c:0f:a9:4b:ae:28:85:1a:d0:
68:32:03:5b:41:3f:7f:43:8b:c7:d4:2f:3c:1c:8f:7e:f6:81:
be:5a:b6:8c:d1:bd:08:f2:4e:09:fc:a8:ba:03:78:de:6d:84:
f0:df:44:98:b4:13:93:d9:3a:b1:9b:e7:1a:3f:93:f5:7d:22:
70:3e:07:60:ba:4b:6e:64:d5:e8:51:2b:16:e0:84:ef:12:35:
83:5e:22:41
-----BEGIN CERTIFICATE-----
MIIGMjCCBRqgAwIBAgIDAmzhMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MTAxNTE5NTIzNFoXDTI3MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOUVGNjcxMTAvBgNVBAUTKEY4RDY5M0EyNjk2NENEM0M1QTE5OUQy
QzI2RUQyMjY0N0EyMEU3N0UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDmtQa1jfr/wFQfljW1yIp47ECXrFe+NPKgCnIFXqXqZeO/3s6I+Vt2CGkUmaiT
TcCvUYxDBYmST3tPrv6A3R12/N34RXNJWqgpyvtOABKhKCS9KJntbXEMhVwGr/86
nG6u46C9/nklDsvsNwy3hfCKjPfOcd1KqNJjxwsDIy6EBf1N8cowag4hXqi+GU7U
UTnI4kg7lNYNk6natPfdq0lOr1Z6LmiaXDZWeTG4UBrSk0/JFL/0luHT/bVT/rB+
FpTQJVDt66KN8sqFHRQZa4iswkDzJcj7eb5ocMK1tDuOkNgRXr4PSdNVYHY/X4Ex
JVWjRlxDSznSmg3Uu3CkCHXlAgMBAAGjggMnMIIDIzAdBgNVHQ4EFgQU+NaTomlk
zTxaGZ0sJu0iZHog534wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTlFRjY3LzEyQ0U1OEMwNEJDQjExRURCQkU1OTI1RUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5RUY2Ny8xMkNFNThDMDRCQ0IxMUVEQkJFNTkyNUVDNEY5QUUwMi8tTmFUb21s
a3pUeGFHWjBzSnUwaVpIb2c1MzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAktjMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQBZxMwMBYEAgAC
MBADBwAgAQ3zP0ADBQAkAi+gMA0GCSqGSIb3DQEBCwUAA4IBAQAexcIyIkrAhOld
+PudyIG/PKIOtr1x+WGT3Vrg0kxx1WHGjWCKPu5b12nHpRJyQvnjxF76QX7mVfBY
wVtPFMH9Zf7p9m6wu4LCdDJQIpn7Yi/ia5G/681vYCbq6avyvUK5J/rmIpqMdy83
j4cDUaBoEpELpa2r+ZoBSCJy8IOenby8sD4agyJf8OPixnu6K6gm3jAbwq8PzlCm
P58VqiPga9oX5ezY0Tni1wGcD6lLriiFGtBoMgNbQT9/Q4vH1C88HI9+9oG+WraM
0b0I8k4J/Ki6A3jebYTw30SYtBOT2Tqxm+caP5P1fSJwPgdguktuZNXoUSsW4ITv
EjWDXiJB
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:25:25 2025 by rpki-client