Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Khx4XL6-fNe6tToSO2BVhg9gfxg.cer
File: Khx4XL6-fNe6tToSO2BVhg9gfxg.cer (raw, json)
Hash identifier: XRjZTlC0PXC9nYnBRFhnqVDA8bRI/MVbhRfSL9n6TBk=
Subject key identifier: 2A:1C:78:5C:BE:BE:7C:D7:BA:B5:3A:12:3B:60:55:86:0F:60:7F:18
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025C6E
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 10 Aug 2025 17:55:28 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: AS: 140950
IP: 103.153.174.0/23
IP: 2001:df4:5380::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Aug 2025 06:10:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154734 (0x25c6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 10 17:55:28 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A91D6AB2, serialNumber=2A1C785CBEBE7CD7BAB53A123B6055860F607F18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0d:52:ae:bc:eb:32:67:76:20:a3:52:ff:54:
fb:8e:a0:16:b7:da:4d:c2:ac:8e:f7:e6:ee:0f:f7:
cd:dd:c9:fc:52:2d:33:19:61:08:c2:14:bd:c6:41:
03:2e:1e:0c:3b:6f:97:97:db:41:cd:d7:f5:a4:5a:
ab:17:81:d6:7b:8a:43:08:8f:bb:91:7f:2b:37:d1:
b4:13:bb:c8:6a:25:11:c4:68:60:f8:56:14:46:10:
5a:58:27:ba:0e:0b:4e:e9:88:6e:e0:75:9d:14:66:
21:84:32:fc:f2:8d:4c:3a:f1:93:5b:f2:84:77:cc:
83:25:4e:5c:bc:76:d3:22:9b:f0:0e:c1:4f:17:a5:
41:14:13:84:43:c9:3b:34:36:d6:2b:25:b5:7a:b4:
de:96:8d:3e:bb:39:58:14:1f:85:9d:eb:ef:2d:e7:
7b:9d:7b:9e:3f:66:02:ae:c7:62:88:3e:8e:16:35:
44:35:da:fe:c2:47:d6:2b:5b:34:ef:cc:c9:eb:b4:
45:ef:3c:42:94:26:80:f5:76:c4:4c:1a:32:e9:1f:
ff:62:b4:f8:8d:6d:69:11:eb:3c:d4:89:c5:f8:be:
ee:55:d0:a0:cf:2c:a5:87:d5:3b:cc:a3:4b:e9:95:
a0:cd:4a:ef:6c:c8:2d:71:1b:77:c4:12:e6:b3:77:
db:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:1C:78:5C:BE:BE:7C:D7:BA:B5:3A:12:3B:60:55:86:0F:60:7F:18
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
140950
sbgp-ipAddrBlock: critical
IPv4:
103.153.174.0/23
IPv6:
2001:df4:5380::/48
Signature Algorithm: sha256WithRSAEncryption
a9:63:7d:89:b6:ab:ec:a9:1e:83:cc:2b:d7:af:cb:44:33:a3:
e2:5f:93:65:b2:32:23:63:5b:9f:ca:14:ff:63:55:03:f5:24:
ed:cc:63:c9:8d:2d:81:4f:5a:04:16:eb:3f:67:92:aa:65:2f:
80:13:0c:7d:72:90:7a:34:f0:f9:fc:7e:90:af:e0:32:f5:a9:
e2:4d:05:87:56:20:0c:3e:e8:b8:a6:95:a0:5c:56:de:ce:b6:
e0:d8:15:22:4d:56:20:21:af:2a:b9:36:7b:63:6c:a3:dd:7a:
42:76:d6:6f:50:7c:9a:d4:3f:6c:59:bf:66:43:11:9c:7d:6d:
35:bb:fb:34:bc:3b:a4:13:9d:54:d1:3f:45:de:90:f3:2b:68:
98:c3:e8:6b:6b:c7:77:fa:ec:a5:06:db:ff:5a:f6:86:73:ae:
ca:49:c2:d2:b6:9e:31:09:8a:90:18:f1:61:86:de:3f:74:09:
bb:e8:68:ad:1f:a4:26:79:09:42:ff:03:91:4e:48:d4:a2:e6:
c1:cc:27:01:d6:c5:22:97:55:9a:e5:72:f9:82:f8:7e:b6:9d:
b8:be:87:14:dd:4e:53:51:e5:a4:03:9b:1a:88:20:5e:db:35:
55:00:ad:bd:e1:48:e3:43:e2:47:4d:a8:b6:d4:05:f3:22:47:
db:ab:9a:25
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAlxuMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgxMDE3NTUyOFoXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDZBQjIxMTAvBgNVBAUTKDJBMUM3ODVDQkVCRTdDRDdCQUI1M0Ex
MjNCNjA1NTg2MEY2MDdGMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCnDVKuvOsyZ3Ygo1L/VPuOoBa32k3CrI735u4P983dyfxSLTMZYQjCFL3GQQMu
Hgw7b5eX20HN1/WkWqsXgdZ7ikMIj7uRfys30bQTu8hqJRHEaGD4VhRGEFpYJ7oO
C07piG7gdZ0UZiGEMvzyjUw68ZNb8oR3zIMlTly8dtMim/AOwU8XpUEUE4RDyTs0
NtYrJbV6tN6WjT67OVgUH4Wd6+8t53ude54/ZgKux2KIPo4WNUQ12v7CR9YrWzTv
zMnrtEXvPEKUJoD1dsRMGjLpH/9itPiNbWkR6zzUicX4vu5V0KDPLKWH1TvMo0vp
laDNSu9syC1xG3fEEuazd9svAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUKhx4XL6+
fNe6tToSO2BVhg9gfxgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQ2QUIyLzBBRjJFQUFBQ0Y3MDExRUE4QUU1NUQ0OEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFENkFCMi8wQUYyRUFBQUNGNzAxMUVBOEFFNTVENDhDNEY5QUUwMi9LaHg0WEw2
LWZOZTZ0VG9TTzJCVmhnOWdmeGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiaWMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ5muMA8EAgAC
MAkDBwAgAQ30U4AwDQYJKoZIhvcNAQELBQADggEBAKljfYm2q+ypHoPMK9evy0Qz
o+Jfk2WyMiNjW5/KFP9jVQP1JO3MY8mNLYFPWgQW6z9nkqplL4ATDH1ykHo08Pn8
fpCv4DL1qeJNBYdWIAw+6LimlaBcVt7OtuDYFSJNViAhryq5NntjbKPdekJ21m9Q
fJrUP2xZv2ZDEZx9bTW7+zS8O6QTnVTRP0XekPMraJjD6Gtrx3f67KUG2/9a9oZz
rspJwtK2njEJipAY8WGG3j90CbvoaK0fpCZ5CUL/A5FOSNSi5sHMJwHWxSKXVZrl
cvmC+H62nbi+hxTdTlNR5aQDmxqIIF7bNVUArb3hSOND4kdNqLbUBfMiR9urmiU=
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:15:51 2025 by rpki-client