Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MkK64Aup8N9Ontpv5cCPEp-RaIE.cer
File: MkK64Aup8N9Ontpv5cCPEp-RaIE.cer (raw, json)
Hash identifier: uXdpfb3G4s/Irur/iwb+6d1z68pBrAImhgxcXTc3bVU=
Subject key identifier: 32:42:BA:E0:0B:A9:F0:DF:4E:9E:DA:6F:E5:C0:8F:12:9F:91:68:81
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 024299
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A912B0A3/754545BC03B711EB97FBE568C4F9AE02/MkK64Aup8N9Ontpv5cCPEp-RaIE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A912B0A3/754545BC03B711EB97FBE568C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 30 Apr 2025 12:54:37 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 4739
AS: 4802
AS: 4854
AS: 7498
AS: 7718
AS: 9543
AS: 9556
AS: 18371
AS: 23645
AS: 24037
AS: 37928
IP: 14.2.0.0/16
IP: 58.6.0.0/15
IP: 59.167.0.0/16
IP: 106.68.0.0/15
IP: 114.30.96.0/19
IP: 114.198.0.0/17
IP: 115.166.0.0/18
IP: 115.178.28.0/22
IP: 118.208.0.0/14
IP: 121.44.0.0/15
IP: 121.127.192.0/19
IP: 122.49.128.0/18
IP: 122.99.64.0/19
IP: 124.148.0.0 -- 124.150.127.255
IP: 124.168.0.0/14
IP: 125.209.128.0/18
IP: 150.101.0.0/16
IP: 180.200.128.0 -- 180.200.223.255
IP: 180.222.0.0/19
IP: 180.235.192.0/19
IP: 182.239.128.0/17
IP: 202.0.154.0/24
IP: 202.6.128.0/19
IP: 202.7.144.0/20
IP: 202.45.96.0/19
IP: 202.55.144.0/20
IP: 202.59.96.0/20
IP: 202.71.160.0/20
IP: 202.72.128.0/18
IP: 202.129.64.0/18
IP: 202.136.96.0/20
IP: 202.159.128.0/18
IP: 202.161.0.0/19
IP: 202.173.128.0/18
IP: 203.0.178.0/24
IP: 203.2.124.0/24
IP: 203.2.134.0/24
IP: 203.4.172.0/23
IP: 203.7.0.0/17
IP: 203.10.1.0/24
IP: 203.10.110.0/24
IP: 203.12.52.0/23
IP: 203.13.37.0/24
IP: 203.13.74.0/24
IP: 203.14.168.0/21
IP: 203.15.242.0/23
IP: 203.16.135.0/24
IP: 203.16.208.0/21
IP: 203.17.60.0/22
IP: 203.17.96.0/21
IP: 203.19.70.0/24
IP: 203.20.228.0/23
IP: 203.21.20.0/24
IP: 203.21.78.0/24
IP: 203.22.216.0/24
IP: 203.23.22.0/24
IP: 203.23.72.0/24
IP: 203.23.138.0/24
IP: 203.23.225.0/24
IP: 203.24.207.0/24
IP: 203.25.186.0/24
IP: 203.25.247.0/24
IP: 203.26.70.0/24
IP: 203.26.94.0/23
IP: 203.26.145.0 -- 203.26.146.255
IP: 203.26.206.0/24
IP: 203.27.197.0 -- 203.27.198.255
IP: 203.28.159.0/24
IP: 203.28.183.0/24
IP: 203.29.58.0/24
IP: 203.29.86.0/23
IP: 203.30.206.0/23
IP: 203.31.12.0/24
IP: 203.31.240.0/23
IP: 203.32.137.0/24
IP: 203.33.160.0/21
IP: 203.33.241.0/24
IP: 203.33.255.0/24
IP: 203.34.6.0/24
IP: 203.34.115.0/24
IP: 203.34.186.0/24
IP: 203.34.218.0/24
IP: 203.55.40.0/24
IP: 203.55.63.0/24
IP: 203.55.77.0/24
IP: 203.55.106.0/24
IP: 203.55.157.0/24
IP: 203.55.228.0/22
IP: 203.56.17.0/24
IP: 203.56.30.0/23
IP: 203.56.62.0/23
IP: 203.56.224.0/24
IP: 203.57.208.0/21
IP: 203.59.0.0/16
IP: 203.113.192.0/18
IP: 203.122.192.0/18
IP: 203.129.32.0/19
IP: 203.158.32.0/19
IP: 203.166.224.0/19
IP: 203.173.0.0/18
IP: 203.206.0.0/16
IP: 203.208.64.0/18
IP: 203.214.0.0 -- 203.214.159.255
IP: 203.215.0.0/19
IP: 203.217.0.0 -- 203.217.95.255
IP: 210.15.192.0/18
IP: 210.84.0.0/18
IP: 218.100.50.0/24
IP: 219.90.128.0/17
IP: 220.235.0.0/16
IP: 220.253.0.0/16
IP: 2001:4478::/30
IP: 2001:44b8::/32
IP: 2402:a400::/32
IP: 2402:b800::/31
IP: 2404:b800::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 11 May 2025 18:51:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148121 (0x24299)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 30 12:54:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A912B0A3, serialNumber=3242BAE00BA9F0DF4E9EDA6FE5C08F129F916881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d9:43:0a:7c:c8:e1:ed:42:68:92:a4:8b:3d:
31:4c:41:02:43:ef:c0:a7:6c:74:d2:06:c4:2e:03:
96:00:18:9a:9f:07:24:b6:62:26:37:25:b4:4c:0a:
3f:14:bd:75:48:07:70:d4:3b:8f:69:9f:c5:86:88:
0c:11:5d:09:f4:93:29:41:e8:43:d9:7c:46:e9:f0:
6b:e9:5b:9c:48:fd:cf:fe:85:4b:77:30:db:54:c9:
47:6f:1e:c0:66:18:6e:c6:ee:0b:3b:4e:9e:99:c3:
21:02:51:87:e9:e0:2b:b7:de:bb:ae:3b:4c:9b:f4:
62:dd:73:9f:a1:84:a9:0e:88:f4:91:1f:d8:a6:7c:
fc:08:0e:92:aa:09:24:db:1e:6d:d8:36:90:ea:ec:
b0:28:05:49:62:7a:6a:66:5c:75:b9:89:e0:37:a3:
1b:a7:d8:1c:0d:cd:4c:b2:5b:1b:2b:b4:67:c1:9e:
17:61:55:e6:9e:1e:32:8c:60:f8:44:84:36:f3:c9:
d9:2e:fc:c6:31:33:63:48:24:d8:8c:f9:f5:a5:3d:
e9:d7:fd:1f:3c:8a:49:ac:44:2a:f3:1e:bd:1c:7c:
2d:59:9a:89:8b:b3:14:d2:61:66:54:d4:78:5e:9e:
4d:b1:dd:5e:48:4a:d6:05:bd:fe:e8:92:34:88:90:
88:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:42:BA:E0:0B:A9:F0:DF:4E:9E:DA:6F:E5:C0:8F:12:9F:91:68:81
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912B0A3/754545BC03B711EB97FBE568C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912B0A3/754545BC03B711EB97FBE568C4F9AE02/MkK64Aup8N9Ontpv5cCPEp-RaIE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
4739
4802
4854
7498
7718
9543
9556
18371
23645
24037
37928
sbgp-ipAddrBlock: critical
IPv4:
14.2.0.0/16
58.6.0.0/15
59.167.0.0/16
106.68.0.0/15
114.30.96.0/19
114.198.0.0/17
115.166.0.0/18
115.178.28.0/22
118.208.0.0/14
121.44.0.0/15
121.127.192.0/19
122.49.128.0/18
122.99.64.0/19
124.148.0.0-124.150.127.255
124.168.0.0/14
125.209.128.0/18
150.101.0.0/16
180.200.128.0-180.200.223.255
180.222.0.0/19
180.235.192.0/19
182.239.128.0/17
202.0.154.0/24
202.6.128.0/19
202.7.144.0/20
202.45.96.0/19
202.55.144.0/20
202.59.96.0/20
202.71.160.0/20
202.72.128.0/18
202.129.64.0/18
202.136.96.0/20
202.159.128.0/18
202.161.0.0/19
202.173.128.0/18
203.0.178.0/24
203.2.124.0/24
203.2.134.0/24
203.4.172.0/23
203.7.0.0/17
203.10.1.0/24
203.10.110.0/24
203.12.52.0/23
203.13.37.0/24
203.13.74.0/24
203.14.168.0/21
203.15.242.0/23
203.16.135.0/24
203.16.208.0/21
203.17.60.0/22
203.17.96.0/21
203.19.70.0/24
203.20.228.0/23
203.21.20.0/24
203.21.78.0/24
203.22.216.0/24
203.23.22.0/24
203.23.72.0/24
203.23.138.0/24
203.23.225.0/24
203.24.207.0/24
203.25.186.0/24
203.25.247.0/24
203.26.70.0/24
203.26.94.0/23
203.26.145.0-203.26.146.255
203.26.206.0/24
203.27.197.0-203.27.198.255
203.28.159.0/24
203.28.183.0/24
203.29.58.0/24
203.29.86.0/23
203.30.206.0/23
203.31.12.0/24
203.31.240.0/23
203.32.137.0/24
203.33.160.0/21
203.33.241.0/24
203.33.255.0/24
203.34.6.0/24
203.34.115.0/24
203.34.186.0/24
203.34.218.0/24
203.55.40.0/24
203.55.63.0/24
203.55.77.0/24
203.55.106.0/24
203.55.157.0/24
203.55.228.0/22
203.56.17.0/24
203.56.30.0/23
203.56.62.0/23
203.56.224.0/24
203.57.208.0/21
203.59.0.0/16
203.113.192.0/18
203.122.192.0/18
203.129.32.0/19
203.158.32.0/19
203.166.224.0/19
203.173.0.0/18
203.206.0.0/16
203.208.64.0/18
203.214.0.0-203.214.159.255
203.215.0.0/19
203.217.0.0-203.217.95.255
210.15.192.0/18
210.84.0.0/18
218.100.50.0/24
219.90.128.0/17
220.235.0.0/16
220.253.0.0/16
IPv6:
2001:4478::/30
2001:44b8::/32
2402:a400::/32
2402:b800::/31
2404:b800::/32
Signature Algorithm: sha256WithRSAEncryption
8b:33:48:35:f7:74:4c:14:61:d7:a5:2f:23:2d:38:d8:34:a6:
e7:79:17:46:4f:93:0f:40:15:1c:85:c6:9e:29:50:ec:08:26:
33:80:68:6d:34:13:cf:fa:ab:d2:bb:45:80:a4:3b:f1:0e:98:
7e:02:9b:2b:f8:2e:04:98:c5:34:5e:9c:a3:26:5b:fb:9d:c0:
40:c1:fc:50:37:91:26:e9:12:04:75:79:8d:11:0e:e7:be:f1:
34:07:55:f4:5c:9a:f0:47:0b:fd:d4:b1:97:a3:e8:c5:b1:be:
67:d4:f5:c7:45:e5:ad:64:ac:06:b0:cf:2b:cf:05:15:5d:39:
a3:b7:d7:25:4e:b2:2a:0a:68:a6:ed:7e:72:72:32:80:74:05:
b2:ee:a0:61:fd:0e:63:6a:af:24:fb:8c:39:5c:75:6f:f1:d1:
84:30:ef:74:60:7b:68:5e:49:01:fc:e2:24:c5:87:6e:bf:e8:
de:a4:fa:2c:d7:c2:d6:d6:f0:86:86:74:57:55:51:24:a6:ba:
c6:e7:33:fc:92:a0:fd:9b:aa:51:fd:c2:15:19:e5:b8:c4:bf:
76:0b:d0:c4:93:84:02:79:1d:a8:46:2a:45:8a:1c:f3:0b:8b:
f2:1f:e6:89:2d:ff:ed:f6:bf:f7:8a:3e:96:93:fc:0f:d5:4e:
87:99:fd:63
-----BEGIN CERTIFICATE-----
MIIJLDCCCBSgAwIBAgIDAkKZMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDQzMDEyNTQzN1oXDTI2MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMkIwQTMxMTAvBgNVBAUTKDMyNDJCQUUwMEJBOUYwREY0RTlFREE2
RkU1QzA4RjEyOUY5MTY4ODEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC02UMKfMjh7UJokqSLPTFMQQJD78CnbHTSBsQuA5YAGJqfByS2YiY3JbRMCj8U
vXVIB3DUO49pn8WGiAwRXQn0kylB6EPZfEbp8GvpW5xI/c/+hUt3MNtUyUdvHsBm
GG7G7gs7Tp6ZwyECUYfp4Cu33ruuO0yb9GLdc5+hhKkOiPSRH9imfPwIDpKqCSTb
Hm3YNpDq7LAoBUliempmXHW5ieA3oxun2BwNzUyyWxsrtGfBnhdhVeaeHjKMYPhE
hDbzydku/MYxM2NIJNiM+fWlPenX/R88ikmsRCrzHr0cfC1ZmomLsxTSYWZU1Hhe
nk2x3V5IStYFvf7okjSIkIjxAgMBAAGjggYhMIIGHTAdBgNVHQ4EFgQUMkK64Aup
8N9Ontpv5cCPEp+RaIEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTJCMEEzLzc1NDU0NUJDMDNCNzExRUI5N0ZCRTU2OEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyQjBBMy83NTQ1NDVCQzAzQjcxMUVCOTdGQkU1NjhDNEY5QUUwMi9Na0s2NEF1
cDhOOU9udHB2NWNDUEVwLVJhSUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQgBAf8EMzAx
oC8wLQICEoMCAhLCAgIS9gICHUoCAh4mAgIlRwICJVQCAkfDAgJcXQICXeUCAwCU
KDCCAwcGCCsGAQUFBwEHAQH/BIIC9jCCAvIwggLDBAIAATCCArsDAwAOAgMDAToG
AwMAO6cDAwFqRAMEBXIeYAMEB3LGAAMEBnOmAAMEAnOyHAMDAnbQAwMBeSwDBAV5
f8ADBAZ6MYADBAV6Y0AwCwMDAnyUAwQHfJYAAwMCfKgDBAZ90YADAwCWZTAMAwQH
tMiAAwQFtMjAAwQFtN4AAwQFtOvAAwQHtu+AAwQAygCaAwQFygaAAwQEygeQAwQF
yi1gAwQEyjeQAwQEyjtgAwQEykegAwQGykiAAwQGyoFAAwQEyohgAwQGyp+AAwQF
yqEAAwQGyq2AAwQAywCyAwQAywJ8AwQAywKGAwQBywSsAwQHywcAAwQAywoBAwQA
ywpuAwQByww0AwQAyw0lAwQAyw1KAwQDyw6oAwQByw/yAwQAyxCHAwQDyxDQAwQC
yxE8AwQDyxFgAwQAyxNGAwQByxTkAwQAyxUUAwQAyxVOAwQAyxbYAwQAyxcWAwQA
yxdIAwQAyxeKAwQAyxfhAwQAyxjPAwQAyxm6AwQAyxn3AwQAyxpGAwQByxpeMAwD
BADLGpEDBADLGpIDBADLGs4wDAMEAMsbxQMEAMsbxgMEAMscnwMEAMsctwMEAMsd
OgMEAcsdVgMEAcsezgMEAMsfDAMEAcsf8AMEAMsgiQMEA8shoAMEAMsh8QMEAMsh
/wMEAMsiBgMEAMsicwMEAMsiugMEAMsi2gMEAMs3KAMEAMs3PwMEAMs3TQMEAMs3
agMEAMs3nQMEAss35AMEAMs4EQMEAcs4HgMEAcs4PgMEAMs44AMEA8s50AMDAMs7
AwQGy3HAAwQGy3rAAwQFy4EgAwQFy54gAwQFy6bgAwQGy60AAwMAy84DBAbL0EAw
CwMDAcvWAwQFy9aAAwQFy9cAMAsDAwDL2QMEBcvZQAMEBtIPwAMEBtJUAAMEANpk
MgMEB9tagAMDANzrAwMA3P0wKQQCAAIwIwMFAiABRHgDBQAgAUS4AwUAJAKkAAMF
ASQCuAADBQAkBLgAMA0GCSqGSIb3DQEBCwUAA4IBAQCLM0g193RMFGHXpS8jLTjY
NKbneRdGT5MPQBUchcaeKVDsCCYzgGhtNBPP+qvSu0WApDvxDph+Apsr+C4EmMU0
XpyjJlv7ncBAwfxQN5Em6RIEdXmNEQ7nvvE0B1X0XJrwRwv91LGXo+jFsb5n1PXH
ReWtZKwGsM8rzwUVXTmjt9clTrIqCmim7X5ycjKAdAWy7qBh/Q5jaq8k+4w5XHVv
8dGEMO90YHtoXkkB/OIkxYduv+jepPos18LW1vCGhnRXVVEkprrG5zP8kqD9m6pR
/cIVGeW4xL92C9DEk4QCeR2oRipFihzzC4vyH+aJLf/t9r/3ij6Wk/wP1U6Hmf1j
-----END CERTIFICATE-----
Generated at Sun May 4 21:12:54 2025 by rpki-client