Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BDQBcYbbhMqJR3Vw3aEK1zFZf_E.cer
File: BDQBcYbbhMqJR3Vw3aEK1zFZf_E.cer (raw, json)
Hash identifier: O7UY10PXoCXYnYZyHpjCC/z/Kw24/RCsfhVIK4ZyH0Q=
Subject key identifier: 04:34:01:71:86:DB:84:CA:89:47:75:70:DD:A1:0A:D7:31:59:7F:F1
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 024B2E
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9160244/7EAFECB03C0711E5B16CEF63C4F9AE02/BDQBcYbbhMqJR3Vw3aEK1zFZf_E.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9160244/7EAFECB03C0711E5B16CEF63C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 02 Jun 2025 15:55:37 +0000
Certificate not after: Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 58921
IP: 43.225.176.0/22
IP: 103.248.4.0/22
IP: 2406:ef00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 06 Jul 2025 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150318 (0x24b2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jun 2 15:55:37 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=A9160244, serialNumber=0434017186DB84CA89477570DDA10AD731597FF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b0:46:4a:43:38:89:63:d6:4a:a4:f7:be:5d:
2f:9f:33:67:6b:52:3a:d7:be:1e:9d:db:2e:d6:c2:
03:25:ad:10:3f:a9:42:a5:45:1e:ce:53:0c:e2:b5:
3a:57:ef:92:9b:3c:58:57:99:33:7b:67:0c:1a:70:
3b:d4:1c:d6:a7:bc:99:60:0f:c0:62:b3:59:d1:75:
9f:0e:98:fe:f5:06:5e:e5:92:77:e3:89:93:b4:c5:
e3:17:64:73:19:71:a0:b4:68:38:8c:9a:b6:11:52:
a1:0d:22:8d:3b:de:11:a5:47:0e:29:c1:06:b9:00:
44:b1:4b:c5:78:57:f9:56:92:e8:9c:f8:3f:aa:f8:
b2:91:a4:7a:89:1a:06:16:2a:15:f7:36:b4:cd:aa:
36:50:0e:6f:d0:18:9e:42:1e:53:4c:f5:e8:1a:83:
73:ec:11:04:45:41:4e:a1:aa:09:b9:49:a4:db:e4:
3e:99:c4:26:d6:f9:59:75:40:94:7b:36:ed:e1:b6:
09:68:fc:6b:2c:da:aa:f1:18:b5:24:e7:f5:48:00:
66:19:56:d4:8d:53:24:1b:ac:8b:aa:08:0e:c7:b5:
36:90:e2:69:4f:63:a3:b5:54:94:45:6a:3b:68:6d:
e3:20:e6:97:9b:5a:5e:c1:fb:80:ec:ec:f2:4b:c4:
19:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:34:01:71:86:DB:84:CA:89:47:75:70:DD:A1:0A:D7:31:59:7F:F1
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9160244/7EAFECB03C0711E5B16CEF63C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9160244/7EAFECB03C0711E5B16CEF63C4F9AE02/BDQBcYbbhMqJR3Vw3aEK1zFZf_E.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
58921
sbgp-ipAddrBlock: critical
IPv4:
43.225.176.0/22
103.248.4.0/22
IPv6:
2406:ef00::/32
Signature Algorithm: sha256WithRSAEncryption
c7:de:06:b2:de:3d:1b:05:20:78:06:14:80:3c:da:9d:1f:5f:
26:25:01:90:3a:00:dc:e0:96:ac:65:04:8f:b0:e8:90:0f:16:
a9:d4:cb:a8:96:e0:01:aa:2d:0d:98:02:6b:11:8f:a4:bd:ab:
86:01:cb:40:72:68:8b:53:55:a9:61:7a:17:ca:60:d9:e7:54:
e9:de:3b:6c:97:c7:d1:18:6b:c1:83:65:8a:31:66:2d:fc:f8:
bf:e1:c8:ee:39:c5:db:e3:6c:2a:8b:3d:5f:d0:cc:27:4c:6e:
c3:b8:c7:f5:b5:36:0b:7d:ce:c6:0c:bf:81:93:9c:88:a5:1a:
05:9d:5b:fd:ef:cc:7e:83:97:d5:0e:35:1a:c7:e9:21:43:55:
61:e4:e2:aa:e8:fb:25:af:33:24:50:f4:8d:32:4b:e2:98:9e:
dc:23:26:85:8a:cf:58:ab:c5:ed:ea:bc:a8:b5:53:d2:18:32:
40:e0:b5:18:64:1f:52:f9:f7:ec:af:b6:b8:7e:e9:88:f6:3e:
a4:f0:70:38:de:2c:a6:f1:43:9c:d8:46:6d:27:71:e2:f3:4c:
ab:70:b5:1d:70:29:24:08:74:ab:85:ee:6c:c6:31:78:22:eb:
1e:a0:9b:3f:92:7a:a0:81:d6:78:75:aa:ec:fe:36:e9:89:c1:
da:9b:aa:2f
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAksuMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDYwMjE1NTUzN1oXDTI2MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNjAyNDQxMTAvBgNVBAUTKDA0MzQwMTcxODZEQjg0Q0E4OTQ3NzU3
MEREQTEwQUQ3MzE1OTdGRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDWsEZKQziJY9ZKpPe+XS+fM2drUjrXvh6d2y7WwgMlrRA/qUKlRR7OUwzitTpX
75KbPFhXmTN7ZwwacDvUHNanvJlgD8Bis1nRdZ8OmP71Bl7lknfjiZO0xeMXZHMZ
caC0aDiMmrYRUqENIo073hGlRw4pwQa5AESxS8V4V/lWkuic+D+q+LKRpHqJGgYW
KhX3NrTNqjZQDm/QGJ5CHlNM9egag3PsEQRFQU6hqgm5SaTb5D6ZxCbW+Vl1QJR7
Nu3htglo/Gss2qrxGLUk5/VIAGYZVtSNUyQbrIuqCA7HtTaQ4mlPY6O1VJRFajto
beMg5pebWl7B+4Ds7PJLxBnPAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUBDQBcYbb
hMqJR3Vw3aEK1zFZf/EwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTYwMjQ0LzdFQUZFQ0IwM0MwNzExRTVCMTZDRUY2M0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2MDI0NC83RUFGRUNCMDNDMDcxMUU1QjE2Q0VGNjNDNEY5QUUwMi9CRFFCY1li
YmhNcUpSM1Z3M2FFSzF6RlpmX0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAOYpMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCK+GwAwQCZ/gE
MA0EAgACMAcDBQAkBu8AMA0GCSqGSIb3DQEBCwUAA4IBAQDH3gay3j0bBSB4BhSA
PNqdH18mJQGQOgDc4JasZQSPsOiQDxap1MuoluABqi0NmAJrEY+kvauGActAcmiL
U1WpYXoXymDZ51Tp3jtsl8fRGGvBg2WKMWYt/Pi/4cjuOcXb42wqiz1f0MwnTG7D
uMf1tTYLfc7GDL+Bk5yIpRoFnVv978x+g5fVDjUax+khQ1Vh5OKq6PslrzMkUPSN
MkvimJ7cIyaFis9Yq8Xt6ryotVPSGDJA4LUYZB9S+ffsr7a4fumI9j6k8HA43iym
8UOc2EZtJ3Hi80yrcLUdcCkkCHSrhe5sxjF4IuseoJs/knqggdZ4dars/jbpicHa
m6ov
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:42:20 2025 by rpki-client