Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer
File: 3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer (raw, json)
Hash identifier: IoOovSg05dDcAd2yd7H8E26WAw6YDUq1E+/7DFIbiRI=
Subject key identifier: DC:1B:39:B5:4F:60:89:1A:C7:78:A9:31:6D:71:B0:BE:80:06:39:6E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 024397
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 02 May 2025 20:45:13 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 136473
IP: 103.89.140.0/22
IP: 202.14.204.0/22
IP: 2400:f040::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 11 May 2025 18:51:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148375 (0x24397)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 2 20:45:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A91DC4E1, serialNumber=DC1B39B54F60891AC778A9316D71B0BE8006396E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6f:08:84:8a:44:28:7c:8f:eb:aa:54:93:1f:
5e:98:e0:95:d1:a9:ec:9f:65:f7:b4:db:9f:ca:39:
42:43:40:6e:6c:2d:98:2c:23:55:89:ec:71:3f:98:
89:8e:73:53:46:88:60:0f:ff:c3:06:aa:e9:20:4a:
3f:4d:3f:4b:53:de:09:b0:c0:8a:28:74:a0:93:f1:
af:90:1a:bd:39:e2:af:17:bd:fa:93:29:cf:68:bd:
dd:4c:7c:65:cd:b6:cc:a2:e1:99:f1:d9:4e:74:95:
cf:d6:ec:fb:3a:29:44:3d:a2:cc:f1:a6:58:44:ab:
bc:0f:11:c3:52:81:df:7b:9b:57:27:5a:42:4a:23:
2f:61:49:97:1e:16:96:03:5e:6d:7a:59:fb:44:e9:
85:2e:b4:18:f3:99:78:e2:cf:5c:fb:b7:46:d8:b3:
e8:70:5c:74:39:2b:d2:89:65:77:39:5c:f4:e0:fc:
3f:5f:a6:94:b0:70:ff:96:89:c6:57:8c:e2:b1:8b:
ec:5e:76:58:94:79:d5:c0:42:d0:80:05:0f:1b:29:
4e:d4:e0:c3:0c:19:ae:9e:d4:0e:23:7b:13:56:b8:
0d:a2:49:7c:77:bb:a8:82:99:10:60:f7:68:d9:16:
08:af:8b:17:5c:4f:b2:53:af:de:e9:8f:4d:91:43:
d0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:1B:39:B5:4F:60:89:1A:C7:78:A9:31:6D:71:B0:BE:80:06:39:6E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
136473
sbgp-ipAddrBlock: critical
IPv4:
103.89.140.0/22
202.14.204.0/22
IPv6:
2400:f040::/32
Signature Algorithm: sha256WithRSAEncryption
c7:d8:b1:7c:1c:05:7e:9c:d7:c7:09:05:03:ac:77:6a:93:f1:
41:3b:56:a9:63:5b:36:d3:fc:d2:c3:3a:3b:3e:93:ca:2d:ea:
ab:f9:fe:31:83:f0:40:78:08:3d:c0:98:bb:6b:2d:25:e2:5b:
b1:c5:d8:5b:5e:26:47:59:be:4f:c9:6c:87:15:cc:74:70:d3:
a4:fb:a8:97:92:26:f4:41:4f:7d:81:88:84:c2:69:54:c1:0b:
4c:c1:95:3f:15:2c:b5:b0:00:6e:30:5a:02:dc:c5:d3:79:8b:
78:fb:22:b0:ca:32:25:6b:08:77:49:93:fb:83:3f:72:00:0c:
34:07:85:01:1a:5d:98:74:39:55:56:ef:ac:d0:39:46:9c:fe:
95:77:43:50:6b:28:b3:bd:05:f2:2f:c6:fa:0c:b5:5c:56:19:
c0:05:ec:a6:de:31:e2:c0:c3:b8:fd:3a:4c:08:2c:40:ea:d8:
5c:c9:e9:e6:03:57:07:c4:a1:8b:47:e5:6c:46:a6:73:20:0f:
14:98:91:57:a5:ba:d5:8a:21:ea:a0:f6:db:ff:0d:95:25:a7:
3f:9b:38:bd:80:b1:1a:0d:68:19:d6:ab:30:b4:9a:ca:21:fe:
06:f1:d4:94:85:e1:56:27:fa:40:8f:6d:91:c7:d2:5c:18:a2:
62:fc:26:6d
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAkOXMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUwMjIwNDUxM1oXDTI2MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxREM0RTExMTAvBgNVBAUTKERDMUIzOUI1NEY2MDg5MUFDNzc4QTkz
MTZENzFCMEJFODAwNjM5NkUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDcbwiEikQofI/rqlSTH16Y4JXRqeyfZfe025/KOUJDQG5sLZgsI1WJ7HE/mImO
c1NGiGAP/8MGqukgSj9NP0tT3gmwwIoodKCT8a+QGr054q8XvfqTKc9ovd1MfGXN
tsyi4Znx2U50lc/W7Ps6KUQ9oszxplhEq7wPEcNSgd97m1cnWkJKIy9hSZceFpYD
Xm16WftE6YUutBjzmXjiz1z7t0bYs+hwXHQ5K9KJZXc5XPTg/D9fppSwcP+WicZX
jOKxi+xedliUedXAQtCABQ8bKU7U4MMMGa6e1A4jexNWuA2iSXx3u6iCmRBg92jZ
FgivixdcT7JTr97pj02RQ9ArAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQU3Bs5tU9g
iRrHeKkxbXGwvoAGOW4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MURDNEUxLzIwMDRGMTQ0MTYwMTExRTdBOEFDMjI1REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEQzRFMS8yMDA0RjE0NDE2MDExMUU3QThBQzIyNURDNEY5QUUwMi8zQnM1dFU5
Z2lSckhlS2t4YlhHd3ZvQUdPVzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhUZMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ1mMAwQCyg7M
MA0EAgACMAcDBQAkAPBAMA0GCSqGSIb3DQEBCwUAA4IBAQDH2LF8HAV+nNfHCQUD
rHdqk/FBO1apY1s20/zSwzo7PpPKLeqr+f4xg/BAeAg9wJi7ay0l4luxxdhbXiZH
Wb5PyWyHFcx0cNOk+6iXkib0QU99gYiEwmlUwQtMwZU/FSy1sABuMFoC3MXTeYt4
+yKwyjIlawh3SZP7gz9yAAw0B4UBGl2YdDlVVu+s0DlGnP6Vd0NQayizvQXyL8b6
DLVcVhnABeym3jHiwMO4/TpMCCxA6thcyenmA1cHxKGLR+VsRqZzIA8UmJFXpbrV
iiHqoPbb/w2VJac/mzi9gLEaDWgZ1qswtJrKIf4G8dSUheFWJ/pAj22Rx9JcGKJi
/CZt
-----END CERTIFICATE-----
Generated at Sun May 4 22:20:55 2025 by rpki-client