This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer File: HsQsG2nhb183xz2Bv5-rH0ukIyk.cer (raw, json) Hash identifier: TCTkTCNkX8xujjqr2/8rL/bD2y4a+KskDGvzNv7liic= Subject key identifier: 1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29 Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F Certificate serial: 027363 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer Manifest: rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.mft caRepository: rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/ Notify URL: https://rrdp.apnic.net/notification.xml Certificate not before: Wed 05 Nov 2025 18:10:20 +0000 Certificate not after: Sun 31 Jan 2027 00:00:00 +0000 Subordinate resources: IP: 1.32.192.0/18 IP: 14.128.32.0/19 IP: 27.50.48.0/20 IP: 27.124.0.0/18 IP: 103.200.200.0/22 IP: 118.107.0.0/18 IP: 118.107.176.0/22 IP: 180.215.0.0/16 IP: 180.222.204.0/22 IP: 182.173.68.0/22 IP: 202.36.48.0/20 IP: 202.61.128.0/18 IP: 202.79.160.0/20 IP: 202.95.0.0/19 IP: 202.162.96.0/20 IP: 2407:7580::/32 Validation: OK Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 11:04:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 160611 (0x27363) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F Validity Not Before: Nov 5 18:10:20 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=A918C661, serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:43:77:e1:9a:19:25:49:ea:da:f7:46:94:12: c8:47:3c:3b:2a:1c:1f:c5:49:4a:25:de:26:64:64: 61:3c:6c:f1:d7:a4:ef:a3:f6:70:14:5c:1d:bc:59: 23:a6:66:ed:3c:fc:81:97:0d:6d:0b:ee:83:e7:1a: bd:0c:a5:58:8d:20:24:65:06:af:a5:a1:d1:e0:c1: f9:5b:19:f4:99:ef:47:fe:28:a3:c0:2a:e4:79:69: 1e:c4:5d:96:e4:ac:65:fc:94:5f:e2:60:62:5e:23: e2:36:f4:f8:1a:c7:6a:f7:bd:a1:bd:a8:5b:7f:74: 33:95:b8:2c:cf:95:69:15:b1:06:82:08:af:ef:21: 40:01:26:80:60:9e:e1:63:c7:8f:9e:e2:83:71:6f: 2c:6c:97:1b:0e:df:bc:c6:78:28:96:56:d1:ff:10: 02:85:6a:ca:53:6c:c1:4f:bd:35:bf:92:6b:d1:aa: 76:93:49:30:ae:5d:51:4b:bd:79:b3:be:04:de:42: 01:af:38:bc:a9:e5:86:b1:54:b0:6d:4d:37:a4:ce: 79:d9:08:c6:79:e3:bb:56:1f:f7:a1:ea:bb:c9:cd: f4:7e:21:03:be:1e:29:60:40:b2:21:6d:d8:11:ab: 2e:0c:b6:14:f9:c6:19:07:83:d4:74:27:c5:bd:52: 11:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29 X509v3 Authority Key Identifier: keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/ RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 1.32.192.0/18 14.128.32.0/19 27.50.48.0/20 27.124.0.0/18 103.200.200.0/22 118.107.0.0/18 118.107.176.0/22 180.215.0.0/16 180.222.204.0/22 182.173.68.0/22 202.36.48.0/20 202.61.128.0/18 202.79.160.0/20 202.95.0.0/19 202.162.96.0/20 IPv6: 2407:7580::/32 Signature Algorithm: sha256WithRSAEncryption 4d:f4:c3:11:22:c0:a9:b4:fb:62:97:64:ab:c3:db:cd:2b:64: ba:c7:ea:42:8a:48:d8:1b:65:76:ac:81:c3:00:e7:4b:ba:47: 4d:0f:62:13:fe:52:8e:78:ff:7a:6a:96:86:d8:92:8f:ca:76: 07:b5:ec:f4:de:88:1e:dd:89:dd:d1:a7:7f:d7:11:24:7c:f9: 2f:4d:78:fe:de:9a:d3:1e:0f:5e:63:a5:d7:81:33:b9:3e:da: 32:07:4e:9c:f1:86:5b:b6:53:de:d9:e2:91:e8:68:2e:36:95: 67:0c:e2:8e:81:79:f4:cc:08:51:b8:7c:c5:f7:ce:cb:a3:ff: a7:b9:84:31:c0:a1:0b:f5:ce:91:d3:d1:80:da:60:9a:32:53: 38:d4:12:80:51:80:45:81:a9:47:3d:44:1f:3f:25:0b:69:43: 1c:09:b4:a1:da:9a:d7:02:0f:b1:c2:19:03:0a:20:bb:e5:3c: db:d6:e3:23:12:e4:29:33:18:16:6b:65:ed:48:a7:79:ac:41: 4b:9b:40:ac:38:f5:3f:b4:ca:1f:61:11:fc:e3:93:0f:0c:1d: 68:00:22:a1:af:25:73:05:6e:e6:36:84:fc:cf:5e:e1:70:3e: fe:30:9e:1c:4a:d7:ad:e7:04:b1:7f:e9:28:25:ce:1d:80:bd: 4e:4b:b1:03 -----BEGIN CERTIFICATE----- MIIGYTCCBUmgAwIBAgIDAnNjMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4 QzkwN0FBNzlGMB4XDTI1MTEwNTE4MTAyMFoXDTI3MDEzMTAwMDAwMFowRjERMA8G A1UEAxMIQTkxOEM2NjExMTAvBgNVBAUTKDFFQzQyQzFCNjlFMTZGNUYzN0M3M0Q4 MUJGOUZBQjFGNEJBNDIzMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDLQ3fhmhklSera90aUEshHPDsqHB/FSUol3iZkZGE8bPHXpO+j9nAUXB28WSOm Zu08/IGXDW0L7oPnGr0MpViNICRlBq+lodHgwflbGfSZ70f+KKPAKuR5aR7EXZbk rGX8lF/iYGJeI+I29Pgax2r3vaG9qFt/dDOVuCzPlWkVsQaCCK/vIUABJoBgnuFj x4+e4oNxbyxslxsO37zGeCiWVtH/EAKFaspTbMFPvTW/kmvRqnaTSTCuXVFLvXmz vgTeQgGvOLyp5YaxVLBtTTekznnZCMZ547tWH/eh6rvJzfR+IQO+HilgQLIhbdgR qy4MthT5xhkHg9R0J8W9UhGhAgMBAAGjggNWMIIDUjAdBgNVHQ4EFgQUHsQsG2nh b183xz2Bv5+rH0ukIykwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2 NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1 OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0 RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThDNjYxLzBCQkQ5RUEyODM2RDExRUFCNEEyRDc2REM0RjlBRTAyLzB+BggrBgEF BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B OTE4QzY2MS8wQkJEOUVBMjgzNkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9Ic1FzRzJu aGIxODN4ejJCdjUtckgwdWtJeWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYEGCCsGAQUFBwEHAQH/BHIw cDBfBAIAATBZAwQGASDAAwQFDoAgAwQEGzIwAwQGG3wAAwQCZ8jIAwQGdmsAAwQC dmuwAwMAtNcDBAK03swDBAK2rUQDBATKJDADBAbKPYADBATKT6ADBAXKXwADBATK omAwDQQCAAIwBwMFACQHdYAwDQYJKoZIhvcNAQELBQADggEBAE30wxEiwKm0+2KX ZKvD280rZLrH6kKKSNgbZXasgcMA50u6R00PYhP+Uo54/3pqlobYko/Kdge17PTe iB7did3Rp3/XESR8+S9NeP7emtMeD15jpdeBM7k+2jIHTpzxhlu2U97Z4pHoaC42 lWcM4o6BefTMCFG4fMX3zsuj/6e5hDHAoQv1zpHT0YDaYJoyUzjUEoBRgEWBqUc9 RB8/JQtpQxwJtKHamtcCD7HCGQMKILvlPNvW4yMS5CkzGBZrZe1Ip3msQUubQKw4 9T+0yh9hEfzjkw8MHWgAIqGvJXMFbuY2hPzPXuFwPv4wnhxK163nBLF/6Sglzh2A vU5LsQM= -----END CERTIFICATE-----Generated at Sat Dec 6 13:48:38 2025 by rpki-client