This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer File: BfycW4hQb3wNP4YsiJW-1n6fjro.cer (raw, json) Hash identifier: +AjUepjN2p0SJzt2s8+An2+KbBX5Kp/X+mNL+Wcm5/s= Subject key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F Certificate serial: 0285BA Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer Manifest: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft caRepository: rsync://rpki.cernet.net/repo/cernet/0/ Notify URL: https://rpki.cernet.net/rrdp/notification.xml Certificate not before: Tue 13 Jan 2026 01:04:39 +0000 Certificate not after: Wed 30 Sep 2026 00:00:00 +0000 Subordinate resources: AS: 4538 AS: 23910 AS: 142067 -- 142106 AS: 142650 -- 146745 IP: 2001:253::/32 IP: 240a:a000::/20 Validation: OK Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 31 Jan 2026 22:55:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 165306 (0x285ba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F Validity Not Before: Jan 13 01:04:39 2026 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:80:bf:01:79:b7:28:78:35:cd:1a:63:11:bf: c3:9c:75:21:45:8c:af:24:3d:2b:29:e2:00:99:59: a6:44:13:76:a5:be:57:4e:c0:a0:db:84:4b:18:96: 81:96:9a:77:bb:55:8d:fa:3e:b7:57:ab:8c:9d:65: f8:a1:58:74:4d:66:77:fd:f1:c2:a0:23:71:2c:a3: 61:74:94:aa:8b:5c:7f:a3:49:df:b0:03:1d:86:58: 7d:38:10:11:37:d6:38:53:a5:ae:60:5d:e4:3e:de: a4:46:99:5a:37:5f:38:4e:f2:20:fc:f6:58:08:5f: 0c:23:3b:58:6f:8c:81:4b:d2:06:99:5d:91:a8:cf: 25:a1:a6:f7:22:2e:a4:7c:99:6c:48:bb:75:26:93: f6:78:25:a1:20:76:17:8b:20:94:c6:b7:97:b7:c8: 61:54:c3:ac:8d:63:e6:aa:42:a6:20:76:9f:c3:47: 78:9a:3c:a1:19:af:67:7c:18:47:72:5f:47:23:c6: 50:9b:44:cd:9a:d6:6a:73:06:4d:9c:ef:20:8e:80: f9:e3:e8:f5:fb:dc:e4:46:2e:1e:01:10:66:9c:20: ff:bf:c6:b2:5c:8f:82:63:7d:08:7e:e9:a4:4b:75: 5e:bd:6e:06:06:d3:ea:15:c1:43:39:70:ec:93:a1: 96:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Authority Key Identifier: keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: CA Repository - URI:rsync://rpki.cernet.net/repo/cernet/0/ RPKI Manifest - URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft RPKI Notify - URI:https://rpki.cernet.net/rrdp/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 4538 23910 142067-142106 142650-146745 sbgp-ipAddrBlock: critical IPv6: 2001:253::/32 240a:a000::/20 Signature Algorithm: sha256WithRSAEncryption 2e:c2:c2:01:a6:94:5e:dd:41:6e:04:47:1c:c2:be:e6:f4:4d: 9b:e6:ed:45:3c:3d:5a:d8:53:52:a0:c2:a3:c5:8d:1f:89:5e: a5:f4:89:a2:75:c5:f3:91:83:3d:91:f9:59:cc:1e:29:ec:7b: f0:5c:8f:65:ad:af:bc:e2:e5:89:56:40:90:38:11:89:71:47: a2:91:aa:1d:64:e0:50:27:80:a9:49:d4:e7:00:be:28:c0:da: ae:fa:d8:25:0a:bb:94:37:6d:0e:fd:1a:de:3a:ea:91:a1:91: 41:5e:81:4a:8c:23:9c:6c:a2:10:6c:7e:b5:20:68:5c:3b:17: b5:42:87:0b:64:48:48:d4:1f:f2:02:86:84:c8:44:ed:1d:32: bf:de:b9:73:63:d5:71:75:b8:7e:ff:1b:a5:04:7b:a7:73:4d: 3e:42:81:fb:46:16:1e:9d:cc:6c:7c:05:10:16:b4:5d:cd:13: 63:74:1f:53:26:4b:0b:96:4b:89:1b:41:f3:00:c5:b1:f4:d2: e7:af:d4:18:c6:dc:7c:b3:f8:10:c5:4d:4f:0c:6f:91:16:08: 1f:cd:ea:e6:37:e6:7c:d5:2f:0a:1e:19:2d:58:ca:2b:f9:af: f7:42:cb:87:6b:6a:d2:47:98:cd:14:df:0f:34:85:32:2a:6a: f1:76:57:03 -----BEGIN CERTIFICATE----- MIIF9jCCBN6gAwIBAgIDAoW6MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4 QzkwN0FBNzlGMB4XDTI2MDExMzAxMDQzOVoXDTI2MDkzMDAwMDAwMFowSjEVMBMG A1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4NTA2RjdDMEQz Rjg2MkM4ODk1QkVENjdFOUY4RUJBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEA3YC/AXm3KHg1zRpjEb/DnHUhRYyvJD0rKeIAmVmmRBN2pb5XTsCg24RL GJaBlpp3u1WN+j63V6uMnWX4oVh0TWZ3/fHCoCNxLKNhdJSqi1x/o0nfsAMdhlh9 OBARN9Y4U6WuYF3kPt6kRplaN184TvIg/PZYCF8MIztYb4yBS9IGmV2RqM8loab3 Ii6kfJlsSLt1JpP2eCWhIHYXiyCUxreXt8hhVMOsjWPmqkKmIHafw0d4mjyhGa9n fBhHcl9HI8ZQm0TNmtZqcwZNnO8gjoD54+j1+9zkRi4eARBmnCD/v8ayXI+CY30I fumkS3VevW4GBtPqFcFDOXDsk6GW9wIDAQABo4IC5zCCAuMwHQYDVR0OBBYEFAX8 nFuIUG98DT+GLIiVvtZ+n466MB8GA1UdIwQYMBaAFA5lpPX9NrW9aOs8kjQIl4yQ eqefMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MHMGA1UdHwRsMGow aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1 ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9EbVdrOWYwMnRiMW82enlTTkFpWGpK QjZwNTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3RTExRTdBOTZBMzk1 MjFBNEY0RkI0L0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1OC5jZXIwSgYDVR0g AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h cG5pYy5uZXQvUlBLSS9DUFMucGRmMIHfBggrBgEFBQcBCwSB0jCBzzAyBggrBgEF BQcwBYYmcnN5bmM6Ly9ycGtpLmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wXgYI KwYBBQUHMAqGUnJzeW5jOi8vcnBraS5jZXJuZXQubmV0L3JlcG8vY2VybmV0LzAv MDVGQzlDNUI4ODUwNkY3QzBEM0Y4NjJDODg5NUJFRDY3RTlGOEVCQS5tZnQwOQYI KwYBBQUHMA2GLWh0dHBzOi8vcnBraS5jZXJuZXQubmV0L3JyZHAvbm90aWZpY2F0 aW9uLnhtbDA1BggrBgEFBQcBCAEB/wQmMCSgIjAgAgIRugICXWYwCgIDAirzAgMC KxowCgIDAi06AgMCPTkwJgYIKwYBBQUHAQcBAf8EFzAVMBMEAgACMA0DBQAgAQJT AwQEJAqgMA0GCSqGSIb3DQEBCwUAA4IBAQAuwsIBppRe3UFuBEccwr7m9E2b5u1F PD1a2FNSoMKjxY0fiV6l9ImidcXzkYM9kflZzB4p7HvwXI9lra+84uWJVkCQOBGJ cUeikaodZOBQJ4CpSdTnAL4owNqu+tglCruUN20O/RreOuqRoZFBXoFKjCOcbKIQ bH61IGhcOxe1QocLZEhI1B/yAoaEyETtHTK/3rlzY9Vxdbh+/xulBHunc00+QoH7 RhYencxsfAUQFrRdzRNjdB9TJksLlkuJG0HzAMWx9NLnr9QYxtx8s/gQxU1PDG+R FggfzermN+Z81S8KHhktWMor+a/3QsuHa2rSR5jNFN8PNIUyKmrxdlcD -----END CERTIFICATE-----Generated at Sun Jan 25 01:11:57 2026 by rpki-client