This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/31FHCxXowUGvL6hGoowDs4WRurQ.cer File: 31FHCxXowUGvL6hGoowDs4WRurQ.cer (raw, json) Hash identifier: YebawTbrsz0cUBBJRBD1ShRKYE7yJo0h1UyFNUTXLM8= Subject key identifier: DF:51:47:0B:15:E8:C1:41:AF:2F:A8:46:A2:8C:03:B3:85:91:BA:B4 Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F Certificate serial: 0287A6 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer Manifest: rsync://rpki.apnic.net/member_repository/A91DB7E9/E99E7F526E2E11EE85D92D32C4F9AE02/31FHCxXowUGvL6hGoowDs4WRurQ.mft caRepository: rsync://rpki.apnic.net/member_repository/A91DB7E9/E99E7F526E2E11EE85D92D32C4F9AE02/ Notify URL: https://rrdp.apnic.net/notification.xml Certificate not before: Wed 21 Jan 2026 02:31:46 +0000 Certificate not after: Wed 31 Mar 2027 00:00:00 +0000 Subordinate resources: AS: 10110 AS: 38906 AS: 45787 AS: 55524 AS: 55702 AS: 131272 AS: 133928 AS: 135431 AS: 139272 IP: 27.96.64.0/22 IP: 49.0.28.0/22 IP: 202.2.4.0 -- 202.2.15.255 IP: 202.14.216.0/24 IP: 202.27.115.0/24 IP: 202.36.224.0/23 IP: 202.37.0.0/20 IP: 202.37.42.0/23 IP: 202.49.0.0/21 IP: 202.50.90.0/24 IP: 202.50.208.0 -- 202.50.219.255 IP: 202.50.252.0/24 IP: 203.176.154.0/23 IP: 2403:a00::/32 IP: 2404:4900::/32 IP: 2405:2600::/32 Validation: OK Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Feb 2026 00:12:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 165798 (0x287a6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F Validity Not Before: Jan 21 02:31:46 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=A91DB7E9, serialNumber=DF51470B15E8C141AF2FA846A28C03B38591BAB4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:ec:89:bf:42:9a:cf:34:fb:f3:30:83:eb:cd: 0d:44:15:81:6c:ef:40:fc:cf:f8:5b:4d:da:95:36: 93:dc:41:7b:f1:7c:2c:6b:19:d1:6d:f2:17:e4:e8: 58:ad:10:31:e7:98:fa:07:4f:16:09:45:c6:b5:66: 03:8d:70:05:ea:fd:2b:38:60:c2:01:5f:c8:cf:2f: 2e:af:1a:59:fe:26:29:96:c8:3c:55:b8:af:0f:11: 12:74:b4:49:5c:c2:2d:22:a3:d4:f6:08:6f:3e:77: f7:95:7d:f8:46:f9:fa:03:4c:20:db:6d:c4:4f:ce: 2b:7c:74:c6:94:d2:66:cb:c4:af:97:3d:d5:dd:9b: e7:e8:da:bd:49:4d:65:0d:d0:42:23:97:e2:7f:c6: 31:19:8e:ec:7f:c0:17:1b:67:a8:43:0c:39:7d:16: 9f:3e:d9:90:e5:f5:bb:94:7b:6b:0f:fb:0f:6b:a1: a6:c7:0d:a7:82:12:3d:fa:ca:52:88:f6:af:a3:b1: 9d:80:dd:f7:8a:a4:94:cb:95:e1:45:6d:d7:1e:69: e1:59:7e:da:5b:26:24:87:0c:9e:c3:7e:4f:b5:91: 02:1a:f1:00:2b:53:3f:bb:c3:fe:c8:83:3e:a5:da: a9:2b:47:07:ca:0d:b4:c8:f7:b1:67:59:2b:2b:3c: 10:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:51:47:0B:15:E8:C1:41:AF:2F:A8:46:A2:8C:03:B3:85:91:BA:B4 X509v3 Authority Key Identifier: keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91DB7E9/E99E7F526E2E11EE85D92D32C4F9AE02/ RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91DB7E9/E99E7F526E2E11EE85D92D32C4F9AE02/31FHCxXowUGvL6hGoowDs4WRurQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 10110 38906 45787 55524 55702 131272 133928 135431 139272 sbgp-ipAddrBlock: critical IPv4: 27.96.64.0/22 49.0.28.0/22 202.2.4.0-202.2.15.255 202.14.216.0/24 202.27.115.0/24 202.36.224.0/23 202.37.0.0/20 202.37.42.0/23 202.49.0.0/21 202.50.90.0/24 202.50.208.0-202.50.219.255 202.50.252.0/24 203.176.154.0/23 IPv6: 2403:a00::/32 2404:4900::/32 2405:2600::/32 Signature Algorithm: sha256WithRSAEncryption b5:43:b0:1d:dd:c9:91:c2:31:33:d3:ac:c4:97:c0:df:2b:de: 31:96:da:27:b4:f3:42:90:f8:b6:86:cb:5a:79:de:90:e1:09: 4c:0c:f5:db:61:8e:de:e2:e3:d4:a9:1d:9d:03:4a:61:9e:77: 79:45:8b:7c:86:2f:9a:73:47:6c:1e:89:0a:cb:f4:bf:70:59: 83:26:76:b8:c3:03:1d:5f:fb:28:6a:84:b1:2d:14:5d:fb:ca: 9c:76:d7:3e:4f:69:08:cd:ba:e2:5d:c7:9d:8a:cc:43:0f:c7: 6c:b3:21:49:30:37:c8:2a:1b:15:b3:99:76:95:c1:21:68:6b: 16:9f:ce:2e:b5:1f:93:a1:77:a4:03:86:40:80:e4:aa:29:8d: 18:3b:b3:9a:2e:f5:d8:3f:fa:58:26:67:d8:b7:2e:37:73:bf: bd:15:b4:d8:cc:10:5d:4a:cb:e0:1a:cf:15:f9:86:bc:c5:0f: 13:c2:2e:ef:2f:13:81:db:0c:a5:0f:b0:e3:82:83:0b:4d:4d: 97:9c:88:f4:fa:13:bd:6a:1e:00:c9:bb:54:93:dd:5f:95:ae: 1a:21:b7:d6:d7:06:90:93:67:3d:ac:97:02:f3:4e:2c:64:1c: 89:5d:f1:2e:05:06:e0:32:a1:6a:fc:74:69:a5:7f:6f:e6:2e: 3d:d2:c5:b2 -----BEGIN CERTIFICATE----- MIIGuTCCBaGgAwIBAgIDAoemMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMMCEE5 MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4 QzkwN0FBNzlGMB4XDTI2MDEyMTAyMzE0NloXDTI3MDMzMTAwMDAwMFowRjERMA8G A1UEAwwIQTkxREI3RTkxMTAvBgNVBAUTKERGNTE0NzBCMTVFOEMxNDFBRjJGQTg0 NkEyOEMwM0IzODU5MUJBQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDA7Im/QprPNPvzMIPrzQ1EFYFs70D8z/hbTdqVNpPcQXvxfCxrGdFt8hfk6Fit EDHnmPoHTxYJRca1ZgONcAXq/Ss4YMIBX8jPLy6vGln+JimWyDxVuK8PERJ0tElc wi0io9T2CG8+d/eVffhG+foDTCDbbcRPzit8dMaU0mbLxK+XPdXdm+fo2r1JTWUN 0EIjl+J/xjEZjux/wBcbZ6hDDDl9Fp8+2ZDl9buUe2sP+w9roabHDaeCEj36ylKI 9q+jsZ2A3feKpJTLleFFbdceaeFZftpbJiSHDJ7Dfk+1kQIa8QArUz+7w/7Igz6l 2qkrRwfKDbTI97FnWSsrPBAdAgMBAAGjggOuMIIDqjAdBgNVHQ4EFgQU31FHCxXo wUGvL6hGoowDs4WRurQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2 NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1 OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0 RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MURCN0U5L0U5OUU3RjUyNkUyRTExRUU4NUQ5MkQzMkM0RjlBRTAyLzB+BggrBgEF BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B OTFEQjdFOS9FOTlFN0Y1MjZFMkUxMUVFODVEOTJEMzJDNEY5QUUwMi8zMUZIQ3hY b3dVR3ZMNmhHb293RHM0V1J1clEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQgBAf8EMjAw oC4wLAICJ34CAwCX+gIDALLbAgMA2OQCAwDZlgIDAgDIAgMCCygCAwIRBwIDAiAI MIGWBggrBgEFBQcBBwEB/wSBhjCBgzBkBAIAATBeAwQCG2BAAwQCMQAcMAwDBALK AgQDBATKAgADBADKDtgDBADKG3MDBAHKJOADBATKJQADBAHKJSoDBAPKMQADBADK MlowDAMEBMoy0AMEAsoy2AMEAMoy/AMEAcuwmjAbBAIAAjAVAwUAJAMKAAMFACQE SQADBQAkBSYAMA0GCSqGSIb3DQEBCwUAA4IBAQC1Q7Ad3cmRwjEz06zEl8DfK94x ltontPNCkPi2hstaed6Q4QlMDPXbYY7e4uPUqR2dA0phnnd5RYt8hi+ac0dsHokK y/S/cFmDJna4wwMdX/soaoSxLRRd+8qcdtc+T2kIzbriXcedisxDD8dssyFJMDfI KhsVs5l2lcEhaGsWn84utR+ToXekA4ZAgOSqKY0YO7OaLvXYP/pYJmfYty43c7+9 FbTYzBBdSsvgGs8V+Ya8xQ8Twi7vLxOB2wylD7DjgoMLTU2XnIj0+hO9ah4AybtU k91fla4aIbfW1waQk2c9rJcC804sZByJXfEuBQbgMqFq/HRppX9v5i490sWy -----END CERTIFICATE-----Generated at Sun Jan 25 02:49:21 2026 by rpki-client