Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrmIQthhrv6AMEAgDJqqiVYPK8o.cer
File: FrmIQthhrv6AMEAgDJqqiVYPK8o.cer (raw, json)
Hash identifier: bQa1uSrEXAl3VqGLubQ08VGTKvswVVzp4fhNUMx7JUs=
Subject key identifier: 16:B9:88:42:D8:61:AE:FE:80:30:40:20:0C:9A:AA:89:56:0F:2B:CA
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02A1A4
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91EABCB/342FFF187A8611EB97AE5160C4F9AE02/FrmIQthhrv6AMEAgDJqqiVYPK8o.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91EABCB/342FFF187A8611EB97AE5160C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 02 Mar 2026 21:47:23 +0000
Certificate not after: Fri 28 May 2027 00:00:00 +0000
Subordinate resources: IP: 103.86.84.0/22
IP: 2400:bac0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 Apr 2026 14:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172452 (0x2a1a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Mar 2 21:47:23 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=A91EABCB, serialNumber=16B98842D861AEFE803040200C9AAA89560F2BCA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:d6:3f:55:bc:15:81:87:32:a2:d7:d6:8f:88:
1f:38:a2:47:4a:a8:ee:48:89:2e:8f:bc:64:e6:80:
91:d6:9f:1c:1f:be:cf:f9:c0:19:8e:50:f6:23:8c:
88:82:c0:2b:a8:15:82:7f:7b:d7:5c:c5:91:e7:41:
39:05:43:d5:b4:0b:71:82:27:c4:f4:5a:60:4c:73:
ff:56:95:d9:91:03:99:93:2c:c7:0f:c5:92:4d:e4:
fe:92:7d:7e:bf:5a:1b:48:74:d4:0a:fe:8b:3b:d0:
0b:6c:08:2b:80:2a:17:bd:64:0c:8a:ca:ab:6f:fa:
e3:3b:24:1e:8b:3d:16:30:48:4f:9a:3c:8e:21:08:
44:2a:e3:ad:d9:64:e4:23:ee:2e:ed:cc:0f:a1:42:
1e:ad:c8:76:a8:43:7c:0a:78:ca:6a:fd:0c:ed:8a:
09:5a:5c:3f:b5:f3:2f:10:af:a5:bf:eb:c7:26:84:
2d:2c:5c:93:13:89:5d:6c:4f:8e:b6:a1:80:96:63:
eb:e3:9d:a1:8a:2a:d2:02:95:31:d9:98:83:ce:32:
e8:3f:5a:41:c7:fd:32:82:83:6d:22:2c:b1:e8:d6:
3f:2e:6a:64:b5:c4:07:5b:74:92:b1:b4:6c:e0:b6:
65:6d:fc:6c:4a:97:43:16:d3:2d:52:c9:a9:63:10:
f9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B9:88:42:D8:61:AE:FE:80:30:40:20:0C:9A:AA:89:56:0F:2B:CA
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91EABCB/342FFF187A8611EB97AE5160C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91EABCB/342FFF187A8611EB97AE5160C4F9AE02/FrmIQthhrv6AMEAgDJqqiVYPK8o.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.86.84.0/22
IPv6:
2400:bac0::/32
Signature Algorithm: sha256WithRSAEncryption
52:e7:38:08:0f:8a:ec:63:90:5d:73:aa:98:b3:79:bb:45:b2:
88:22:fb:b6:41:52:ec:d9:49:96:62:c5:39:a7:f9:2e:94:5d:
86:c0:8c:49:8b:7e:ab:2b:d6:d1:c8:cb:0d:1f:21:30:7e:4c:
98:93:03:17:bd:f8:34:84:ef:99:21:cc:a5:c1:00:ed:0a:68:
27:b5:f2:b3:92:2c:be:47:12:83:37:b5:04:d5:06:70:d6:b8:
0b:3f:20:e4:cd:45:21:3d:35:24:ad:16:fb:d7:ee:3f:b5:79:
c0:f4:23:b4:94:4b:2c:0b:3e:50:e1:fa:06:23:1d:54:64:12:
4d:60:8e:45:2d:54:f6:c4:97:b0:3f:aa:bb:42:83:3e:b7:8f:
5c:58:50:72:84:23:96:36:1e:a8:2b:94:0d:24:ec:71:d0:ba:
9d:c8:5f:1a:35:ca:39:2f:c2:48:93:d5:01:83:65:25:a6:38:
fa:40:ed:1d:96:ed:c9:c3:f2:5d:58:4d:9b:47:72:2b:aa:4f:
8b:0f:c9:9e:93:a1:25:98:c4:35:47:d1:3c:58:5f:82:dc:7b:
3d:4c:f6:fe:93:aa:4f:70:33:69:d0:e6:8e:6e:06:af:34:ac:
e9:7e:dc:36:ef:8a:80:ff:57:74:b0:1d:1a:63:ef:52:f3:49:
92:08:57:0a
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgIDAqGkMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDMwMjIxNDcyM1oXDTI3MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRUFCQ0IxMTAvBgNVBAUTKDE2Qjk4ODQyRDg2MUFFRkU4MDMwNDAy
MDBDOUFBQTg5NTYwRjJCQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDo1j9VvBWBhzKi19aPiB84okdKqO5IiS6PvGTmgJHWnxwfvs/5wBmOUPYjjIiC
wCuoFYJ/e9dcxZHnQTkFQ9W0C3GCJ8T0WmBMc/9WldmRA5mTLMcPxZJN5P6SfX6/
WhtIdNQK/os70AtsCCuAKhe9ZAyKyqtv+uM7JB6LPRYwSE+aPI4hCEQq463ZZOQj
7i7tzA+hQh6tyHaoQ3wKeMpq/QztiglaXD+18y8Qr6W/68cmhC0sXJMTiV1sT462
oYCWY+vjnaGKKtIClTHZmIPOMug/WkHH/TKCg20iLLHo1j8uamS1xAdbdJKxtGzg
tmVt/GxKl0MW0y1SyaljEPkfAgMBAAGjggMCMIIC/jAdBgNVHQ4EFgQUFrmIQthh
rv6AMEAgDJqqiVYPK8owHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUVBQkNCLzM0MkZGRjE4N0E4NjExRUI5N0FFNTE2MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFQUJDQi8zNDJGRkYxODdBODYxMUVCOTdBRTUxNjBDNEY5QUUwMi9Gcm1JUXRo
aHJ2NkFNRUFnREpxcWlWWVBLOG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8EHzAd
MAwEAgABMAYDBAJnVlQwDQQCAAIwBwMFACQAusAwDQYJKoZIhvcNAQELBQADggEB
AFLnOAgPiuxjkF1zqpizebtFsogi+7ZBUuzZSZZixTmn+S6UXYbAjEmLfqsr1tHI
yw0fITB+TJiTAxe9+DSE75khzKXBAO0KaCe18rOSLL5HEoM3tQTVBnDWuAs/IOTN
RSE9NSStFvvX7j+1ecD0I7SUSywLPlDh+gYjHVRkEk1gjkUtVPbEl7A/qrtCgz63
j1xYUHKEI5Y2HqgrlA0k7HHQup3IXxo1yjkvwkiT1QGDZSWmOPpA7R2W7cnD8l1Y
TZtHciuqT4sPyZ6ToSWYxDVH0TxYX4Lcez1M9v6Tqk9wM2nQ5o5uBq80rOl+3Dbv
ioD/V3SwHRpj71LzSZIIVwo=
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:20:07 2026 by rpki-client