Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NkXNkOP0PAEtqzvzly6GvJTd1FQ.cer
File: NkXNkOP0PAEtqzvzly6GvJTd1FQ.cer (raw, json)
Hash identifier: ohCxVlhKFKFB8C0UtdXMBRZiBysdndkMV8vK1US3MLw=
Subject key identifier: 36:45:CD:90:E3:F4:3C:01:2D:AB:3B:F3:97:2E:86:BC:94:DD:D4:54
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025379
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91CFC1C/3C142B1657FE11EEAA553060C4F9AE02/NkXNkOP0PAEtqzvzly6GvJTd1FQ.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91CFC1C/3C142B1657FE11EEAA553060C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 04 Jul 2025 02:12:10 +0000
Certificate not after: Wed 30 Sep 2026 00:00:00 +0000
Subordinate resources: AS: 58421
IP: 202.49.208.0/21
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Jul 2025 03:15:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152441 (0x25379)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 4 02:12:10 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=A91CFC1C, serialNumber=3645CD90E3F43C012DAB3BF3972E86BC94DDD454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:66:bd:a6:1a:54:6d:1a:e1:39:81:56:d3:eb:
54:99:8d:18:c3:94:3d:43:8a:c4:09:fa:38:cc:b8:
0c:c2:de:06:c4:95:26:ca:99:88:27:86:a2:8e:ed:
8c:48:15:1e:21:5b:23:09:90:1a:0f:c6:9e:83:1e:
51:56:00:fe:50:56:3d:bb:97:ed:0b:9d:36:ba:2d:
31:7d:a4:70:75:a7:af:b6:f0:3c:1c:a3:ff:d8:8c:
ad:82:c0:5b:d4:15:c9:f4:21:f3:0e:bf:85:af:19:
f0:71:f7:15:10:e1:37:a1:cd:b2:20:96:04:5a:46:
d2:79:e5:c5:b1:80:11:c7:c3:fd:32:60:39:ea:e9:
0c:a3:8e:82:4a:99:72:41:6e:dd:06:92:a7:aa:40:
13:d8:61:37:79:75:55:1d:c3:ff:f5:52:f4:76:77:
76:74:ba:78:00:66:81:55:28:0e:6b:25:eb:67:ca:
88:1a:b7:c5:08:50:30:bf:0c:51:4d:c6:e5:2d:77:
d6:fc:13:e3:bd:48:0e:a1:b0:a1:ee:9a:b9:b1:5c:
7d:cd:48:84:be:0e:f5:9a:24:d4:b5:75:1a:c6:fe:
99:44:7a:1e:33:96:27:f0:bc:8d:36:7e:bb:73:9e:
1f:f5:4b:0b:58:9d:f7:f6:c6:52:03:20:37:bb:b6:
cb:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:45:CD:90:E3:F4:3C:01:2D:AB:3B:F3:97:2E:86:BC:94:DD:D4:54
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CFC1C/3C142B1657FE11EEAA553060C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CFC1C/3C142B1657FE11EEAA553060C4F9AE02/NkXNkOP0PAEtqzvzly6GvJTd1FQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
58421
sbgp-ipAddrBlock: critical
IPv4:
202.49.208.0/21
Signature Algorithm: sha256WithRSAEncryption
4d:56:c7:2b:30:37:7a:bb:fc:26:59:ee:61:62:7e:20:09:60:
9a:2e:34:8e:ec:ce:d0:77:69:0e:27:fc:93:9b:0a:5c:06:13:
d7:db:d5:67:ca:0e:f2:b9:5e:01:1b:bb:5a:07:d4:a8:9d:db:
a7:32:ab:51:1c:cc:2b:42:7b:02:07:95:3e:0b:a2:8f:1c:ea:
6f:fe:bb:38:fd:6d:cd:aa:6e:8e:5a:76:83:42:ae:b4:1e:61:
1a:8c:ef:95:78:8f:c4:d7:11:53:ae:8c:fa:73:90:87:b2:46:
44:47:2f:84:c0:9c:7d:dc:28:6b:c0:2e:5b:7f:ba:6d:b0:97:
e6:29:f2:33:d7:37:ef:a0:cb:82:9b:ac:ce:df:05:a1:e0:4b:
fa:99:58:17:3d:3f:d9:d7:97:ab:0d:bc:d0:71:06:e5:44:c2:
05:92:fd:8b:51:b0:12:e9:80:85:3a:1d:0c:2d:a8:42:de:9d:
6c:88:81:f8:f8:0f:2c:c5:74:98:a1:fc:0a:3b:2b:ec:7d:4b:
35:ce:55:26:78:c2:3f:95:fe:e7:5b:ba:25:e3:be:59:26:13:
eb:d6:bc:06:d2:1a:0b:fb:63:fa:e9:df:90:d0:8c:9d:90:58:
1d:ac:ae:a3:a7:82:07:7e:5a:95:06:3f:b6:f1:5c:99:22:f7:
d9:93:6e:7b
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAlN5MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDcwNDAyMTIxMFoXDTI2MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQ0ZDMUMxMTAvBgNVBAUTKDM2NDVDRDkwRTNGNDNDMDEyREFCM0JG
Mzk3MkU4NkJDOTREREQ0NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDOZr2mGlRtGuE5gVbT61SZjRjDlD1DisQJ+jjMuAzC3gbElSbKmYgnhqKO7YxI
FR4hWyMJkBoPxp6DHlFWAP5QVj27l+0LnTa6LTF9pHB1p6+28Dwco//YjK2CwFvU
Fcn0IfMOv4WvGfBx9xUQ4TehzbIglgRaRtJ55cWxgBHHw/0yYDnq6QyjjoJKmXJB
bt0GkqeqQBPYYTd5dVUdw//1UvR2d3Z0ungAZoFVKA5rJetnyogat8UIUDC/DFFN
xuUtd9b8E+O9SA6hsKHumrmxXH3NSIS+DvWaJNS1dRrG/plEeh4zlifwvI02frtz
nh/1SwtYnff2xlIDIDe7tssVAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUNkXNkOP0
PAEtqzvzly6GvJTd1FQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNGQzFDLzNDMTQyQjE2NTdGRTExRUVBQTU1MzA2MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDRkMxQy8zQzE0MkIxNjU3RkUxMUVFQUE1NTMwNjBDNEY5QUUwMi9Oa1hOa09Q
MFBBRXRxenZ6bHk2R3ZKVGQxRlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAOQ1MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDyjHQMA0GCSqG
SIb3DQEBCwUAA4IBAQBNVscrMDd6u/wmWe5hYn4gCWCaLjSO7M7Qd2kOJ/yTmwpc
BhPX29Vnyg7yuV4BG7taB9SondunMqtRHMwrQnsCB5U+C6KPHOpv/rs4/W3Nqm6O
WnaDQq60HmEajO+VeI/E1xFTroz6c5CHskZERy+EwJx93ChrwC5bf7ptsJfmKfIz
1zfvoMuCm6zO3wWh4Ev6mVgXPT/Z15erDbzQcQblRMIFkv2LUbAS6YCFOh0MLahC
3p1siIH4+A8sxXSYofwKOyvsfUs1zlUmeMI/lf7nW7ol475ZJhPr1rwG0hoL+2P6
6d+Q0IydkFgdrK6jp4IHflqVBj+28VyZIvfZk257
-----END CERTIFICATE-----
Generated at Fri Jul 4 18:36:11 2025 by rpki-client