Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DKto4GkIOkOI6PxpdY8EWWL9Aa8.cer
File: DKto4GkIOkOI6PxpdY8EWWL9Aa8.cer (raw, json)
Hash identifier: FFDTKZEHhxWvEbdWhAhJJfKc/5tnVaOszzFGtOswzRg=
Subject key identifier: 0C:AB:68:E0:69:08:3A:43:88:E8:FC:69:75:8F:04:59:62:FD:01:AF
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0266B9
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9135D1F/AD2021A4977411F080BF1E64C4F9AE02/DKto4GkIOkOI6PxpdY8EWWL9Aa8.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9135D1F/AD2021A4977411F080BF1E64C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 22 Sep 2025 05:26:27 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: IP: 203.21.65.0/24
IP: 203.28.195.0/24
IP: 203.32.55.0/24
IP: 203.34.190.0/24
IP: 2001:df2:d440::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 27 Oct 2025 04:50:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157369 (0x266b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Sep 22 05:26:27 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A9135D1F, serialNumber=0CAB68E069083A4388E8FC69758F045962FD01AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:88:63:9c:12:4e:bf:c7:9a:3a:2c:78:69:de:
77:89:59:67:24:8a:92:a5:a0:5e:fd:91:f3:7a:df:
b5:c3:58:fb:3f:5f:6e:1e:f1:0a:10:df:e0:5a:58:
9d:43:6f:2b:f1:95:a7:27:86:b8:e0:f8:9a:c9:38:
0c:f2:18:fe:90:51:db:7e:6e:a2:ff:0c:24:77:d6:
49:bf:88:a7:c4:1a:39:46:31:ac:8d:0e:c9:21:ec:
51:35:d1:f0:e2:12:05:16:a9:de:24:7f:8f:30:ae:
df:9a:f5:56:e4:fb:f4:6f:c0:36:ab:76:63:3e:39:
10:49:bf:d3:1e:39:6f:88:48:3e:a2:74:d5:7a:b6:
34:06:85:5d:6c:a0:f5:d5:40:33:72:23:54:ad:dd:
a1:6f:c2:12:aa:8b:81:e1:b5:5f:0d:d4:57:36:e0:
b1:a5:66:c6:8c:07:81:bc:b5:38:ba:5c:19:01:22:
48:c8:95:f8:ab:39:13:ec:51:93:24:4c:52:1a:a6:
0e:18:ef:b8:de:08:9a:15:99:be:8b:aa:78:f5:63:
2b:cd:46:da:85:b2:56:b4:a1:5f:6f:f5:40:7d:10:
47:61:ef:9a:36:8d:39:fd:5a:9c:bd:15:dd:90:bb:
fc:31:fa:b8:f9:73:82:ff:ee:7b:46:68:d1:90:7c:
0c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:AB:68:E0:69:08:3A:43:88:E8:FC:69:75:8F:04:59:62:FD:01:AF
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9135D1F/AD2021A4977411F080BF1E64C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9135D1F/AD2021A4977411F080BF1E64C4F9AE02/DKto4GkIOkOI6PxpdY8EWWL9Aa8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.21.65.0/24
203.28.195.0/24
203.32.55.0/24
203.34.190.0/24
IPv6:
2001:df2:d440::/48
Signature Algorithm: sha256WithRSAEncryption
7b:08:a8:29:81:60:bc:05:54:db:0d:a1:f8:f8:58:b2:a6:d4:
69:f1:cb:8d:f3:e7:28:19:d0:c8:18:35:d1:67:5c:6f:05:20:
c6:a8:b2:73:80:cc:f1:a7:37:ea:2a:63:4a:0f:95:58:99:6d:
f2:1d:72:7c:3f:2c:a4:74:19:87:23:fb:66:09:62:e7:69:a7:
41:64:31:be:c9:aa:90:e1:c0:d6:c9:4a:ba:c4:87:28:dc:ec:
6b:a7:38:13:7f:79:c8:ad:e8:dc:c1:05:e0:30:94:4c:70:bf:
1a:0b:67:fa:08:fb:c6:c6:a6:14:71:14:0c:c0:35:b2:97:67:
f9:d6:a6:46:ad:37:a2:44:79:aa:8f:88:2d:68:e2:c8:24:65:
06:a2:9b:ae:ad:be:ef:4b:63:b1:33:2a:f6:83:6f:7d:d8:4a:
99:fb:eb:14:7e:54:2c:26:98:68:f0:10:13:29:8d:9d:c8:7c:
96:f2:97:bb:0d:b5:a7:25:23:a5:1a:1e:55:9f:5a:e6:71:b1:
e7:24:f4:90:a8:60:a2:e0:42:2f:30:b9:e4:a6:46:bc:2c:f8:
36:70:0e:89:7f:95:fe:da:e8:d8:56:4c:1b:28:56:7e:d4:8d:
3f:30:45:eb:fb:e8:40:aa:b9:03:d3:f7:c2:8a:6b:dd:ac:34:
77:43:09:49
-----BEGIN CERTIFICATE-----
MIIGITCCBQmgAwIBAgIDAma5MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDkyMjA1MjYyN1oXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzVEMUYxMTAvBgNVBAUTKDBDQUI2OEUwNjkwODNBNDM4OEU4RkM2
OTc1OEYwNDU5NjJGRDAxQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD4iGOcEk6/x5o6LHhp3neJWWckipKloF79kfN637XDWPs/X24e8QoQ3+BaWJ1D
byvxlacnhrjg+JrJOAzyGP6QUdt+bqL/DCR31km/iKfEGjlGMayNDskh7FE10fDi
EgUWqd4kf48wrt+a9Vbk+/RvwDardmM+ORBJv9MeOW+ISD6idNV6tjQGhV1soPXV
QDNyI1St3aFvwhKqi4HhtV8N1Fc24LGlZsaMB4G8tTi6XBkBIkjIlfirORPsUZMk
TFIapg4Y77jeCJoVmb6Lqnj1YyvNRtqFsla0oV9v9UB9EEdh75o2jTn9Wpy9Fd2Q
u/wx+rj5c4L/7ntGaNGQfAxVAgMBAAGjggMWMIIDEjAdBgNVHQ4EFgQUDKto4GkI
OkOI6PxpdY8EWWL9Aa8wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM1RDFGL0FEMjAyMUE0OTc3NDExRjA4MEJGMUU2NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzNUQxRi9BRDIwMjFBNDk3NzQxMUYwODBCRjFFNjRDNEY5QUUwMi9ES3RvNEdr
SU9rT0k2UHhwZFk4RVdXTDlBYTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8EMzAx
MB4EAgABMBgDBADLFUEDBADLHMMDBADLIDcDBADLIr4wDwQCAAIwCQMHACABDfLU
QDANBgkqhkiG9w0BAQsFAAOCAQEAewioKYFgvAVU2w2h+PhYsqbUafHLjfPnKBnQ
yBg10WdcbwUgxqiyc4DM8ac36ipjSg+VWJlt8h1yfD8spHQZhyP7Zgli52mnQWQx
vsmqkOHA1slKusSHKNzsa6c4E395yK3o3MEF4DCUTHC/Ggtn+gj7xsamFHEUDMA1
spdn+damRq03okR5qo+ILWjiyCRlBqKbrq2+70tjsTMq9oNvfdhKmfvrFH5ULCaY
aPAQEymNnch8lvKXuw21pyUjpRoeVZ9a5nGx5yT0kKhgouBCLzC55KZGvCz4NnAO
iX+V/tro2FZMGyhWftSNPzBF6/voQKq5A9P3wopr3aw0d0MJSQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:50:24 2025 by rpki-client