Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MkK64Aup8N9Ontpv5cCPEp-RaIE.cer
File: MkK64Aup8N9Ontpv5cCPEp-RaIE.cer (raw, json)
Hash identifier: 856Sw1OwLBcHBWztT55Q8slFxDNiqrKKwQ7bpgbbESE=
Subject key identifier: 32:42:BA:E0:0B:A9:F0:DF:4E:9E:DA:6F:E5:C0:8F:12:9F:91:68:81
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02B30F
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A912B0A3/754545BC03B711EB97FBE568C4F9AE02/MkK64Aup8N9Ontpv5cCPEp-RaIE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A912B0A3/754545BC03B711EB97FBE568C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 07 May 2026 12:39:12 +0000
Certificate not after: Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources: AS: 4739
AS: 4802
AS: 4854
AS: 7498
AS: 7718
AS: 9543
AS: 9556
AS: 18371
AS: 23645
AS: 24037
AS: 37928
IP: 14.2.0.0/16
IP: 58.6.0.0/15
IP: 59.167.0.0/16
IP: 106.68.0.0/15
IP: 114.30.96.0/19
IP: 114.198.0.0/17
IP: 115.166.0.0/18
IP: 115.178.28.0/22
IP: 118.208.0.0/14
IP: 121.44.0.0/15
IP: 121.127.192.0/19
IP: 122.49.128.0/18
IP: 122.99.64.0/19
IP: 124.148.0.0 -- 124.150.127.255
IP: 124.168.0.0/14
IP: 125.209.128.0/18
IP: 150.101.0.0/16
IP: 180.200.128.0 -- 180.200.223.255
IP: 180.222.0.0/19
IP: 180.235.192.0/19
IP: 182.239.128.0/17
IP: 202.0.154.0/24
IP: 202.6.128.0/19
IP: 202.7.144.0/20
IP: 202.45.96.0/19
IP: 202.55.144.0/20
IP: 202.59.96.0/20
IP: 202.71.160.0/20
IP: 202.72.128.0/18
IP: 202.129.64.0/18
IP: 202.136.96.0/20
IP: 202.159.128.0/18
IP: 202.161.0.0/19
IP: 202.173.128.0/18
IP: 203.0.178.0/24
IP: 203.2.124.0/24
IP: 203.2.134.0/24
IP: 203.4.172.0/23
IP: 203.7.0.0/17
IP: 203.10.1.0/24
IP: 203.10.110.0/24
IP: 203.12.52.0/23
IP: 203.13.37.0/24
IP: 203.13.74.0/24
IP: 203.14.168.0/21
IP: 203.15.242.0/23
IP: 203.16.135.0/24
IP: 203.16.208.0/21
IP: 203.17.60.0/22
IP: 203.17.96.0/21
IP: 203.19.70.0/24
IP: 203.20.228.0/23
IP: 203.21.20.0/24
IP: 203.21.78.0/24
IP: 203.22.216.0/24
IP: 203.23.22.0/24
IP: 203.23.72.0/24
IP: 203.23.138.0/24
IP: 203.23.225.0/24
IP: 203.24.207.0/24
IP: 203.25.186.0/24
IP: 203.25.247.0/24
IP: 203.26.70.0/24
IP: 203.26.94.0/23
IP: 203.26.145.0 -- 203.26.146.255
IP: 203.26.206.0/24
IP: 203.27.197.0 -- 203.27.198.255
IP: 203.28.159.0/24
IP: 203.28.183.0/24
IP: 203.29.58.0/24
IP: 203.29.86.0/23
IP: 203.30.206.0/23
IP: 203.31.12.0/24
IP: 203.31.240.0/23
IP: 203.32.137.0/24
IP: 203.33.160.0/21
IP: 203.33.241.0/24
IP: 203.33.255.0/24
IP: 203.34.6.0/24
IP: 203.34.115.0/24
IP: 203.34.186.0/24
IP: 203.34.218.0/24
IP: 203.55.40.0/24
IP: 203.55.63.0/24
IP: 203.55.77.0/24
IP: 203.55.106.0/24
IP: 203.55.157.0/24
IP: 203.55.228.0/22
IP: 203.56.17.0/24
IP: 203.56.30.0/23
IP: 203.56.62.0/23
IP: 203.56.224.0/24
IP: 203.57.208.0/21
IP: 203.59.0.0/16
IP: 203.113.192.0/18
IP: 203.122.192.0/18
IP: 203.129.32.0/19
IP: 203.158.32.0/19
IP: 203.166.224.0/19
IP: 203.173.0.0/18
IP: 203.206.0.0/16
IP: 203.208.64.0/18
IP: 203.214.0.0 -- 203.214.159.255
IP: 203.215.0.0/19
IP: 203.217.0.0 -- 203.217.95.255
IP: 210.15.192.0/18
IP: 210.84.0.0/18
IP: 218.100.50.0/24
IP: 219.90.128.0/17
IP: 220.235.0.0/16
IP: 220.253.0.0/16
IP: 2001:4478::/30
IP: 2001:44b8::/32
IP: 2402:a400::/32
IP: 2402:b800::/31
IP: 2404:b800::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 19:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176911 (0x2b30f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 7 12:39:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=A912B0A3, serialNumber=3242BAE00BA9F0DF4E9EDA6FE5C08F129F916881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d9:43:0a:7c:c8:e1:ed:42:68:92:a4:8b:3d:
31:4c:41:02:43:ef:c0:a7:6c:74:d2:06:c4:2e:03:
96:00:18:9a:9f:07:24:b6:62:26:37:25:b4:4c:0a:
3f:14:bd:75:48:07:70:d4:3b:8f:69:9f:c5:86:88:
0c:11:5d:09:f4:93:29:41:e8:43:d9:7c:46:e9:f0:
6b:e9:5b:9c:48:fd:cf:fe:85:4b:77:30:db:54:c9:
47:6f:1e:c0:66:18:6e:c6:ee:0b:3b:4e:9e:99:c3:
21:02:51:87:e9:e0:2b:b7:de:bb:ae:3b:4c:9b:f4:
62:dd:73:9f:a1:84:a9:0e:88:f4:91:1f:d8:a6:7c:
fc:08:0e:92:aa:09:24:db:1e:6d:d8:36:90:ea:ec:
b0:28:05:49:62:7a:6a:66:5c:75:b9:89:e0:37:a3:
1b:a7:d8:1c:0d:cd:4c:b2:5b:1b:2b:b4:67:c1:9e:
17:61:55:e6:9e:1e:32:8c:60:f8:44:84:36:f3:c9:
d9:2e:fc:c6:31:33:63:48:24:d8:8c:f9:f5:a5:3d:
e9:d7:fd:1f:3c:8a:49:ac:44:2a:f3:1e:bd:1c:7c:
2d:59:9a:89:8b:b3:14:d2:61:66:54:d4:78:5e:9e:
4d:b1:dd:5e:48:4a:d6:05:bd:fe:e8:92:34:88:90:
88:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:42:BA:E0:0B:A9:F0:DF:4E:9E:DA:6F:E5:C0:8F:12:9F:91:68:81
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912B0A3/754545BC03B711EB97FBE568C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912B0A3/754545BC03B711EB97FBE568C4F9AE02/MkK64Aup8N9Ontpv5cCPEp-RaIE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
4739
4802
4854
7498
7718
9543
9556
18371
23645
24037
37928
sbgp-ipAddrBlock: critical
IPv4:
14.2.0.0/16
58.6.0.0/15
59.167.0.0/16
106.68.0.0/15
114.30.96.0/19
114.198.0.0/17
115.166.0.0/18
115.178.28.0/22
118.208.0.0/14
121.44.0.0/15
121.127.192.0/19
122.49.128.0/18
122.99.64.0/19
124.148.0.0-124.150.127.255
124.168.0.0/14
125.209.128.0/18
150.101.0.0/16
180.200.128.0-180.200.223.255
180.222.0.0/19
180.235.192.0/19
182.239.128.0/17
202.0.154.0/24
202.6.128.0/19
202.7.144.0/20
202.45.96.0/19
202.55.144.0/20
202.59.96.0/20
202.71.160.0/20
202.72.128.0/18
202.129.64.0/18
202.136.96.0/20
202.159.128.0/18
202.161.0.0/19
202.173.128.0/18
203.0.178.0/24
203.2.124.0/24
203.2.134.0/24
203.4.172.0/23
203.7.0.0/17
203.10.1.0/24
203.10.110.0/24
203.12.52.0/23
203.13.37.0/24
203.13.74.0/24
203.14.168.0/21
203.15.242.0/23
203.16.135.0/24
203.16.208.0/21
203.17.60.0/22
203.17.96.0/21
203.19.70.0/24
203.20.228.0/23
203.21.20.0/24
203.21.78.0/24
203.22.216.0/24
203.23.22.0/24
203.23.72.0/24
203.23.138.0/24
203.23.225.0/24
203.24.207.0/24
203.25.186.0/24
203.25.247.0/24
203.26.70.0/24
203.26.94.0/23
203.26.145.0-203.26.146.255
203.26.206.0/24
203.27.197.0-203.27.198.255
203.28.159.0/24
203.28.183.0/24
203.29.58.0/24
203.29.86.0/23
203.30.206.0/23
203.31.12.0/24
203.31.240.0/23
203.32.137.0/24
203.33.160.0/21
203.33.241.0/24
203.33.255.0/24
203.34.6.0/24
203.34.115.0/24
203.34.186.0/24
203.34.218.0/24
203.55.40.0/24
203.55.63.0/24
203.55.77.0/24
203.55.106.0/24
203.55.157.0/24
203.55.228.0/22
203.56.17.0/24
203.56.30.0/23
203.56.62.0/23
203.56.224.0/24
203.57.208.0/21
203.59.0.0/16
203.113.192.0/18
203.122.192.0/18
203.129.32.0/19
203.158.32.0/19
203.166.224.0/19
203.173.0.0/18
203.206.0.0/16
203.208.64.0/18
203.214.0.0-203.214.159.255
203.215.0.0/19
203.217.0.0-203.217.95.255
210.15.192.0/18
210.84.0.0/18
218.100.50.0/24
219.90.128.0/17
220.235.0.0/16
220.253.0.0/16
IPv6:
2001:4478::/30
2001:44b8::/32
2402:a400::/32
2402:b800::/31
2404:b800::/32
Signature Algorithm: sha256WithRSAEncryption
cc:44:e1:aa:d2:ba:e6:04:14:ed:5a:27:c2:98:c9:1f:8c:64:
12:66:b3:39:8c:a6:99:2f:fe:79:a7:46:f7:8f:67:22:d2:cb:
2d:63:fe:a7:b3:93:c2:3b:63:27:89:c9:d3:34:0a:82:bf:6f:
4a:dd:ae:b9:1d:02:1c:38:76:5c:bd:f4:a6:92:43:fc:3e:3f:
06:18:fe:d5:eb:2d:c2:40:d0:1f:28:15:d0:17:82:7c:af:ef:
7c:9d:15:50:35:d8:05:3a:a2:5e:ca:8c:fc:91:60:8a:6d:68:
b1:40:68:eb:63:fe:fd:4e:e7:f2:07:a1:cd:92:b9:eb:84:8e:
90:be:8b:f0:c3:2f:ed:b5:95:8e:0f:a2:c9:38:53:80:3d:c2:
e6:8f:bb:3e:53:ca:a0:87:ab:56:d2:62:d2:0a:5d:c4:f0:64:
24:c8:9e:b4:24:30:d3:1d:0c:e9:02:ee:e4:84:19:fc:d4:83:
83:98:28:6a:be:e1:55:d2:ad:8a:8a:c8:3c:5f:09:44:1b:5f:
52:3a:cd:ae:1f:f7:b9:e0:79:dd:e7:ba:c2:02:22:9a:ef:df:
9a:4a:0a:f7:d1:ae:03:7e:02:05:b7:a0:e7:6e:a0:b0:17:c9:
7d:75:6f:8d:1b:f3:4f:75:d1:d8:d8:1a:81:9f:04:d2:0d:f1:
b6:4e:fe:e9
-----BEGIN CERTIFICATE-----
MIIJLDCCCBSgAwIBAgIDArMPMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDUwNzEyMzkxMloXDTI3MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMkIwQTMxMTAvBgNVBAUTKDMyNDJCQUUwMEJBOUYwREY0RTlFREE2
RkU1QzA4RjEyOUY5MTY4ODEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC02UMKfMjh7UJokqSLPTFMQQJD78CnbHTSBsQuA5YAGJqfByS2YiY3JbRMCj8U
vXVIB3DUO49pn8WGiAwRXQn0kylB6EPZfEbp8GvpW5xI/c/+hUt3MNtUyUdvHsBm
GG7G7gs7Tp6ZwyECUYfp4Cu33ruuO0yb9GLdc5+hhKkOiPSRH9imfPwIDpKqCSTb
Hm3YNpDq7LAoBUliempmXHW5ieA3oxun2BwNzUyyWxsrtGfBnhdhVeaeHjKMYPhE
hDbzydku/MYxM2NIJNiM+fWlPenX/R88ikmsRCrzHr0cfC1ZmomLsxTSYWZU1Hhe
nk2x3V5IStYFvf7okjSIkIjxAgMBAAGjggYhMIIGHTAdBgNVHQ4EFgQUMkK64Aup
8N9Ontpv5cCPEp+RaIEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTJCMEEzLzc1NDU0NUJDMDNCNzExRUI5N0ZCRTU2OEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyQjBBMy83NTQ1NDVCQzAzQjcxMUVCOTdGQkU1NjhDNEY5QUUwMi9Na0s2NEF1
cDhOOU9udHB2NWNDUEVwLVJhSUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQgBAf8EMzAx
oC8wLQICEoMCAhLCAgIS9gICHUoCAh4mAgIlRwICJVQCAkfDAgJcXQICXeUCAwCU
KDCCAwcGCCsGAQUFBwEHAQH/BIIC9jCCAvIwggLDBAIAATCCArsDAwAOAgMDAToG
AwMAO6cDAwFqRAMEBXIeYAMEB3LGAAMEBnOmAAMEAnOyHAMDAnbQAwMBeSwDBAV5
f8ADBAZ6MYADBAV6Y0AwCwMDAnyUAwQHfJYAAwMCfKgDBAZ90YADAwCWZTAMAwQH
tMiAAwQFtMjAAwQFtN4AAwQFtOvAAwQHtu+AAwQAygCaAwQFygaAAwQEygeQAwQF
yi1gAwQEyjeQAwQEyjtgAwQEykegAwQGykiAAwQGyoFAAwQEyohgAwQGyp+AAwQF
yqEAAwQGyq2AAwQAywCyAwQAywJ8AwQAywKGAwQBywSsAwQHywcAAwQAywoBAwQA
ywpuAwQByww0AwQAyw0lAwQAyw1KAwQDyw6oAwQByw/yAwQAyxCHAwQDyxDQAwQC
yxE8AwQDyxFgAwQAyxNGAwQByxTkAwQAyxUUAwQAyxVOAwQAyxbYAwQAyxcWAwQA
yxdIAwQAyxeKAwQAyxfhAwQAyxjPAwQAyxm6AwQAyxn3AwQAyxpGAwQByxpeMAwD
BADLGpEDBADLGpIDBADLGs4wDAMEAMsbxQMEAMsbxgMEAMscnwMEAMsctwMEAMsd
OgMEAcsdVgMEAcsezgMEAMsfDAMEAcsf8AMEAMsgiQMEA8shoAMEAMsh8QMEAMsh
/wMEAMsiBgMEAMsicwMEAMsiugMEAMsi2gMEAMs3KAMEAMs3PwMEAMs3TQMEAMs3
agMEAMs3nQMEAss35AMEAMs4EQMEAcs4HgMEAcs4PgMEAMs44AMEA8s50AMDAMs7
AwQGy3HAAwQGy3rAAwQFy4EgAwQFy54gAwQFy6bgAwQGy60AAwMAy84DBAbL0EAw
CwMDAcvWAwQFy9aAAwQFy9cAMAsDAwDL2QMEBcvZQAMEBtIPwAMEBtJUAAMEANpk
MgMEB9tagAMDANzrAwMA3P0wKQQCAAIwIwMFAiABRHgDBQAgAUS4AwUAJAKkAAMF
ASQCuAADBQAkBLgAMA0GCSqGSIb3DQEBCwUAA4IBAQDMROGq0rrmBBTtWifCmMkf
jGQSZrM5jKaZL/55p0b3j2ci0sstY/6ns5PCO2MnicnTNAqCv29K3a65HQIcOHZc
vfSmkkP8Pj8GGP7V6y3CQNAfKBXQF4J8r+98nRVQNdgFOqJeyoz8kWCKbWixQGjr
Y/79TufyB6HNkrnrhI6Qvovwwy/ttZWOD6LJOFOAPcLmj7s+U8qgh6tW0mLSCl3E
8GQkyJ60JDDTHQzpAu7khBn81IODmChqvuFV0q2Kisg8XwlEG19SOs2uH/e54Hnd
57rCAiKa79+aSgr30a4DfgIFt6DnbqCwF8l9dW+NG/NPddHY2BqBnwTSDfG2Tv7p
-----END CERTIFICATE-----
Generated at Wed May 13 00:08:14 2026 by rpki-client