Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0JnuqfXNtv5MbvmOjYzzNkudYmE.cer
File: 0JnuqfXNtv5MbvmOjYzzNkudYmE.cer (raw, json)
Hash identifier: I/tjGdhI/w3mTRCN2zMliA3cm1N8/6uu4NuGEsd1Y7g=
Subject key identifier: D0:99:EE:A9:F5:CD:B6:FE:4C:6E:F9:8E:8D:8C:F3:36:4B:9D:62:61
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 024393
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91B0D88/B986D91A431011EF88411782C4F9AE02/0JnuqfXNtv5MbvmOjYzzNkudYmE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91B0D88/B986D91A431011EF88411782C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 02 May 2025 19:15:40 +0000
Certificate not after: Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 152719
IP: 202.49.114.0/24
IP: 2401:9860::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 22 May 2025 16:44:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148371 (0x24393)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 2 19:15:40 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=A91B0D88, serialNumber=D099EEA9F5CDB6FE4C6EF98E8D8CF3364B9D6261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:6d:7e:02:d6:6f:b6:06:5f:20:2b:49:b7:0b:
d7:33:e3:1d:29:7b:7f:b9:c5:2e:2e:c6:12:eb:33:
fc:98:27:3e:f9:e6:bb:45:75:05:58:df:aa:87:36:
70:12:e9:b9:f4:13:bc:21:85:1c:25:ee:42:bb:70:
3b:31:19:d0:d9:6d:fd:f2:51:43:92:dd:5a:e0:ca:
27:91:f7:d7:24:1a:a6:7a:93:9c:c4:9a:7c:29:9c:
37:83:8a:04:38:be:94:a9:ae:bc:b9:9b:11:3d:db:
1b:26:f6:16:cb:a8:09:54:fa:69:d6:51:5f:a5:9d:
a8:1b:0d:f2:48:ce:bb:35:42:74:16:8f:28:45:ee:
61:c6:83:64:a8:3a:ff:40:6f:94:bb:a3:c2:be:21:
10:dd:c1:ff:c5:f2:df:98:74:aa:3b:54:11:c0:c2:
fd:20:31:78:05:b8:2b:b1:c8:a0:68:73:00:68:42:
93:30:08:19:2e:4b:8c:63:b4:5f:2d:90:c2:02:8c:
d1:a8:b7:84:7a:9b:05:f0:76:fe:91:cb:be:ec:30:
c4:9d:3b:b5:2b:67:1f:50:13:0f:04:ea:9e:c4:3d:
44:f9:8b:25:6e:bb:ab:af:a0:ff:60:d8:fd:43:6b:
a9:1f:6a:d9:29:46:16:f5:23:ed:86:4a:98:0c:39:
4c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:99:EE:A9:F5:CD:B6:FE:4C:6E:F9:8E:8D:8C:F3:36:4B:9D:62:61
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B0D88/B986D91A431011EF88411782C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B0D88/B986D91A431011EF88411782C4F9AE02/0JnuqfXNtv5MbvmOjYzzNkudYmE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
152719
sbgp-ipAddrBlock: critical
IPv4:
202.49.114.0/24
IPv6:
2401:9860::/32
Signature Algorithm: sha256WithRSAEncryption
52:96:93:28:25:fc:65:8a:7e:fe:23:62:23:b3:5f:5e:61:f5:
a5:5f:a0:c7:17:6a:5d:fe:24:12:f7:77:ef:e1:59:05:59:85:
f5:b9:8f:b3:16:05:ce:6f:72:51:ab:99:3e:4b:3a:0d:49:4a:
ef:6f:b6:57:12:d5:68:04:07:67:74:55:b6:78:59:81:56:ff:
ff:ae:c2:ce:24:7d:5c:af:c1:8d:6e:74:5d:76:ea:6e:89:41:
2d:3a:62:79:76:44:ad:f9:d7:f6:22:9b:2e:03:2d:df:8e:77:
48:39:bf:23:d6:5c:57:45:1c:8d:fc:1e:6f:a5:44:3d:12:8c:
6a:cf:c5:95:61:a6:17:fb:2b:47:48:fa:ca:6d:49:4e:f6:7b:
ce:a5:71:db:2c:44:f8:95:57:35:a0:50:e7:5f:5c:dc:18:61:
93:01:fb:64:43:29:af:15:b8:bd:09:cd:d0:28:8b:39:fb:11:
2e:20:d0:4a:53:72:2c:52:7f:dc:3a:1d:1b:4f:07:5e:c3:70:
eb:da:ad:f9:82:c1:0c:08:f7:9d:28:d6:fe:af:81:2a:86:59:
2e:96:59:2d:ad:fb:f2:30:f5:99:3a:49:13:ac:3b:45:93:d4:
95:84:d5:6e:78:6e:6b:06:f7:27:e4:de:e0:72:81:98:51:2c:
04:bd:a5:28
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAkOTMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUwMjE5MTU0MFoXDTI2MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjBEODgxMTAvBgNVBAUTKEQwOTlFRUE5RjVDREI2RkU0QzZFRjk4
RThEOENGMzM2NEI5RDYyNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDtbX4C1m+2Bl8gK0m3C9cz4x0pe3+5xS4uxhLrM/yYJz755rtFdQVY36qHNnAS
6bn0E7whhRwl7kK7cDsxGdDZbf3yUUOS3VrgyieR99ckGqZ6k5zEmnwpnDeDigQ4
vpSprry5mxE92xsm9hbLqAlU+mnWUV+lnagbDfJIzrs1QnQWjyhF7mHGg2SoOv9A
b5S7o8K+IRDdwf/F8t+YdKo7VBHAwv0gMXgFuCuxyKBocwBoQpMwCBkuS4xjtF8t
kMICjNGot4R6mwXwdv6Ry77sMMSdO7UrZx9QEw8E6p7EPUT5iyVuu6uvoP9g2P1D
a6kfatkpRhb1I+2GSpgMOUzBAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQU0JnuqfXN
tv5MbvmOjYzzNkudYmEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUIwRDg4L0I5ODZEOTFBNDMxMDExRUY4ODQxMTc4MkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCMEQ4OC9COTg2RDkxQTQzMTAxMUVGODg0MTE3ODJDNEY5QUUwMi8wSm51cWZY
TnR2NU1idm1Pall6ek5rdWRZbUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlSPMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAyjFyMA0EAgAC
MAcDBQAkAZhgMA0GCSqGSIb3DQEBCwUAA4IBAQBSlpMoJfxlin7+I2Ijs19eYfWl
X6DHF2pd/iQS93fv4VkFWYX1uY+zFgXOb3JRq5k+SzoNSUrvb7ZXEtVoBAdndFW2
eFmBVv//rsLOJH1cr8GNbnRddupuiUEtOmJ5dkSt+df2IpsuAy3fjndIOb8j1lxX
RRyN/B5vpUQ9Eoxqz8WVYaYX+ytHSPrKbUlO9nvOpXHbLET4lVc1oFDnX1zcGGGT
AftkQymvFbi9Cc3QKIs5+xEuINBKU3IsUn/cOh0bTwdew3Dr2q35gsEMCPedKNb+
r4EqhlkullktrfvyMPWZOkkTrDtFk9SVhNVueG5rBvcn5N7gcoGYUSwEvaUo
-----END CERTIFICATE-----
Generated at Thu May 15 19:03:43 2025 by rpki-client