Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3zHPGFCQ4VSWXv_7xmS91yHYB18.cer
File: 3zHPGFCQ4VSWXv_7xmS91yHYB18.cer (raw, json)
Hash identifier: 3XmabSTGURdmmVXUfaqiEw6Y0ddbvMUxetb5fmzN82M=
Subject key identifier: DF:31:CF:18:50:90:E1:54:96:5E:FF:FB:C6:64:BD:D7:21:D8:07:5F
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0242BC
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9155ECF/EF6B905C25F511F08BEFDA49C4F9AE02/3zHPGFCQ4VSWXv_7xmS91yHYB18.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9155ECF/EF6B905C25F511F08BEFDA49C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 30 Apr 2025 19:04:31 +0000
Certificate not after: Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 153810
IP: 163.227.128.0/23
IP: 2001:df5:6840::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 11 May 2025 18:51:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148156 (0x242bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 30 19:04:31 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=A9155ECF, serialNumber=DF31CF185090E154965EFFFBC664BDD721D8075F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:41:fb:9d:1a:1f:4e:d3:32:37:c7:6c:15:44:
35:48:8b:1a:2b:d9:50:b5:46:cc:04:dd:19:9f:4c:
49:5c:be:d1:93:7c:26:d7:8e:a1:78:03:eb:a0:a6:
e8:f9:e8:b9:ee:f6:0b:99:b1:31:cb:9e:4e:f1:95:
d3:f5:28:58:d5:28:ca:a1:e7:8a:a7:48:24:84:4c:
ae:8f:dc:1c:8c:1e:a2:f7:90:20:13:c7:76:2a:94:
87:a2:84:fd:2d:fb:71:dc:11:38:13:8d:fa:26:0d:
30:03:57:06:2a:79:22:d9:a3:82:9d:4c:7f:78:aa:
3c:4f:d3:51:6d:b9:9d:fd:95:c2:08:03:6b:d5:c1:
29:54:7f:70:51:a0:05:ea:83:bf:f3:ca:71:6c:41:
94:b4:ba:5b:a9:9f:5e:30:11:ab:3d:c1:08:82:a3:
bd:bd:d3:25:0c:3c:37:ec:35:b4:31:17:ba:0e:6c:
0a:28:18:cf:b6:74:25:dc:ae:98:48:b3:d6:e4:5d:
f2:56:73:a2:5d:39:ca:96:d5:a2:56:f0:47:44:c8:
7a:84:a9:34:06:f9:f7:e1:21:8b:62:01:81:2c:aa:
c0:de:26:6a:13:67:63:d9:e1:12:15:c6:88:e5:d7:
08:13:1b:e2:fc:59:0f:46:97:e0:e6:ab:b9:81:30:
07:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:31:CF:18:50:90:E1:54:96:5E:FF:FB:C6:64:BD:D7:21:D8:07:5F
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9155ECF/EF6B905C25F511F08BEFDA49C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9155ECF/EF6B905C25F511F08BEFDA49C4F9AE02/3zHPGFCQ4VSWXv_7xmS91yHYB18.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
153810
sbgp-ipAddrBlock: critical
IPv4:
163.227.128.0/23
IPv6:
2001:df5:6840::/48
Signature Algorithm: sha256WithRSAEncryption
bb:12:44:f8:bc:8c:76:18:d9:fd:50:0e:10:1f:97:16:af:29:
20:98:6d:3c:91:f0:4a:43:45:9c:bd:2c:dc:af:b3:d3:17:e0:
b5:8c:e4:86:f8:f9:92:43:94:57:28:12:3b:fd:d0:17:96:58:
53:a4:b1:3a:01:8b:45:90:2e:20:7b:be:0f:a4:b7:f3:cc:31:
c1:16:8d:cc:12:50:a8:b4:f7:ac:0c:d6:e2:68:ab:0b:fa:f9:
84:d5:fe:33:a7:db:6a:58:1f:8b:9d:a1:07:00:c8:28:3c:3a:
59:35:c4:c1:39:39:31:41:05:ad:18:d7:b3:f2:7e:e2:c3:7b:
92:0c:12:8d:ee:a9:56:20:89:c6:c4:22:a4:d9:1b:23:66:b9:
e5:6d:35:66:ba:95:27:82:67:30:35:ce:ac:f2:be:0b:73:3c:
04:26:72:c4:06:cc:12:33:66:b2:a1:56:48:9c:90:35:44:ff:
8e:6b:fc:4f:32:5f:24:38:2f:0d:66:40:94:a1:eb:a3:1c:c1:
ec:39:df:20:45:d7:c1:d7:ea:ab:c6:f3:f1:af:d3:05:73:59:
54:cd:05:ea:9a:6e:00:0c:5f:1c:b1:d8:02:6e:cc:7f:16:e4:
7a:22:1d:11:92:5e:dc:17:1a:4a:b1:6a:ae:74:2a:df:b1:fe:
2f:ad:2c:28
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAkK8MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDQzMDE5MDQzMVoXDTI2MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTVFQ0YxMTAvBgNVBAUTKERGMzFDRjE4NTA5MEUxNTQ5NjVFRkZG
QkM2NjRCREQ3MjFEODA3NUYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDAQfudGh9O0zI3x2wVRDVIixor2VC1RswE3RmfTElcvtGTfCbXjqF4A+ugpuj5
6Lnu9guZsTHLnk7xldP1KFjVKMqh54qnSCSETK6P3ByMHqL3kCATx3YqlIeihP0t
+3HcETgTjfomDTADVwYqeSLZo4KdTH94qjxP01FtuZ39lcIIA2vVwSlUf3BRoAXq
g7/zynFsQZS0ulupn14wEas9wQiCo7290yUMPDfsNbQxF7oObAooGM+2dCXcrphI
s9bkXfJWc6JdOcqW1aJW8EdEyHqEqTQG+ffhIYtiAYEsqsDeJmoTZ2PZ4RIVxojl
1wgTG+L8WQ9Gl+Dmq7mBMAclAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQU3zHPGFCQ
4VSWXv/7xmS91yHYB18wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTU1RUNGL0VGNkI5MDVDMjVGNTExRjA4QkVGREE0OUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1NUVDRi9FRjZCOTA1QzI1RjUxMUYwOEJFRkRBNDlDNEY5QUUwMi8zekhQR0ZD
UTRWU1dYdl83eG1TOTF5SFlCMTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAljSMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBo+OAMA8EAgAC
MAkDBwAgAQ31aEAwDQYJKoZIhvcNAQELBQADggEBALsSRPi8jHYY2f1QDhAflxav
KSCYbTyR8EpDRZy9LNyvs9MX4LWM5Ib4+ZJDlFcoEjv90BeWWFOksToBi0WQLiB7
vg+kt/PMMcEWjcwSUKi096wM1uJoqwv6+YTV/jOn22pYH4udoQcAyCg8Olk1xME5
OTFBBa0Y17PyfuLDe5IMEo3uqVYgicbEIqTZGyNmueVtNWa6lSeCZzA1zqzyvgtz
PAQmcsQGzBIzZrKhVkickDVE/45r/E8yXyQ4Lw1mQJSh66Mcwew53yBF18HX6qvG
8/Gv0wVzWVTNBeqabgAMXxyx2AJuzH8W5HoiHRGSXtwXGkqxaq50Kt+x/i+tLCg=
-----END CERTIFICATE-----
Generated at Sun May 4 22:45:07 2025 by rpki-client