Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OS_CJ-7MWmIVcvrarGUaPOuyFjw.cer
File: OS_CJ-7MWmIVcvrarGUaPOuyFjw.cer (raw, json)
Hash identifier: E2e1/2jQIP5ZoshUvYIRYhL3n/eDi54wtSEWTivpamU=
Subject key identifier: 39:2F:C2:27:EE:CC:5A:62:15:72:FA:DA:AC:65:1A:3C:EB:B2:16:3C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02A1E6
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/OS_CJ-7MWmIVcvrarGUaPOuyFjw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 03 Mar 2026 12:24:06 +0000
Certificate not after: Sat 01 May 2027 00:00:00 +0000
Subordinate resources: AS: 45267
AS: 55368
AS: 55397
AS: 134220
IP: 43.247.172.0/22
IP: 45.117.36.0/22
IP: 45.118.188.0/22
IP: 103.58.228.0/22
IP: 103.246.52.0/22
IP: 103.254.132.0/22
IP: 114.134.0.0/20
IP: 116.90.76.0/22
IP: 124.248.128.0/20
IP: 163.47.240.0/22
IP: 202.36.75.0/24
IP: 202.37.163.0/24
IP: 202.37.168.0/24
IP: 202.49.36.0/24
IP: 2400:bd00::/32
IP: 2402:6f80::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 Apr 2026 14:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172518 (0x2a1e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Mar 3 12:24:06 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=A9115C2E, serialNumber=392FC227EECC5A621572FADAAC651A3CEBB2163C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1c:00:ca:6c:f9:c6:47:95:a5:e2:a5:8f:bd:
e2:b9:55:4d:a3:e0:09:39:96:0e:6f:d3:e5:88:77:
77:06:23:0d:34:74:32:e3:e3:56:1c:f1:c2:37:e0:
dc:8f:4b:8c:20:ef:36:bf:2f:83:2f:5b:b1:ed:e5:
56:35:63:15:16:00:15:da:8d:24:94:6f:34:7d:69:
3b:8c:10:d7:2d:3d:d5:65:35:c5:44:f2:56:49:6e:
ec:0f:3d:bd:4e:c6:b8:f6:24:0a:73:8d:66:9e:9c:
de:71:d7:bc:a1:e5:ac:5c:4c:da:cf:74:99:6c:f2:
78:ef:f7:3e:0d:74:9f:bf:58:37:71:80:04:92:d4:
70:7a:e5:54:20:e6:14:d4:99:92:ae:62:e0:8b:b1:
0a:d1:83:9d:c2:bf:e8:aa:a2:fa:d2:18:6d:46:62:
b7:8a:92:fc:74:18:4f:13:ee:09:0c:ec:69:eb:af:
7e:18:ac:c4:43:c1:17:a5:22:da:49:60:73:f4:ac:
1f:4d:9c:09:2e:17:33:fb:9f:01:8e:31:e6:f5:a1:
d1:23:ce:d3:7a:c7:14:c6:63:1a:bb:f8:6d:f4:65:
23:8b:1d:1d:70:25:ba:1a:4a:65:b3:1d:2f:54:be:
df:a7:bb:de:66:48:e4:99:a0:9e:9f:e5:b4:ef:07:
cc:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:2F:C2:27:EE:CC:5A:62:15:72:FA:DA:AC:65:1A:3C:EB:B2:16:3C
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/OS_CJ-7MWmIVcvrarGUaPOuyFjw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
45267
55368
55397
134220
sbgp-ipAddrBlock: critical
IPv4:
43.247.172.0/22
45.117.36.0/22
45.118.188.0/22
103.58.228.0/22
103.246.52.0/22
103.254.132.0/22
114.134.0.0/20
116.90.76.0/22
124.248.128.0/20
163.47.240.0/22
202.36.75.0/24
202.37.163.0/24
202.37.168.0/24
202.49.36.0/24
IPv6:
2400:bd00::/32
2402:6f80::/32
Signature Algorithm: sha256WithRSAEncryption
d0:22:56:5e:88:e2:a2:9d:95:f8:0c:6c:c4:92:14:76:f3:97:
f2:8b:49:47:d1:28:9e:29:9d:a0:be:e2:8d:92:2e:50:81:77:
a2:8a:2c:f7:03:56:c4:54:09:d6:af:b3:d2:da:46:7f:b8:be:
08:0a:21:ba:c5:c6:3a:34:87:06:ff:a2:cc:fe:94:ac:2b:68:
be:97:22:45:47:36:a3:1c:d1:6d:a1:a6:5f:b9:59:30:89:62:
ac:bb:97:e3:e3:1d:b1:a4:2b:39:2c:23:67:6a:aa:76:9c:bf:
2c:5d:c7:83:6e:8c:57:98:da:b3:dd:12:3b:e3:05:fc:75:4d:
65:df:53:c1:80:fa:50:b8:c8:6b:62:7f:9e:7c:48:a4:6d:96:
c7:bf:5f:1b:b8:07:c7:3b:41:5b:74:88:c2:10:5b:ef:08:f6:
3f:93:99:a5:c7:e4:5a:e8:31:1e:f3:7d:26:f0:9a:ba:44:32:
52:1f:bf:2b:a3:4c:4c:8e:08:cf:f8:c4:60:96:60:b7:89:ac:
0e:c3:1b:fb:63:b1:eb:e9:51:a0:28:56:82:d3:02:a8:60:22:
8d:7b:fe:bb:77:cf:df:91:0d:5e:d1:1b:b0:4b:fe:fe:34:71:
e4:91:e6:af:c0:ba:de:18:ac:fd:dc:0d:20:ea:0d:b1:63:0a:
cd:6f:db:80
-----BEGIN CERTIFICATE-----
MIIGjjCCBXagAwIBAgIDAqHmMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDMwMzEyMjQwNloXDTI3MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTVDMkUxMTAvBgNVBAUTKDM5MkZDMjI3RUVDQzVBNjIxNTcyRkFE
QUFDNjUxQTNDRUJCMjE2M0MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDTHADKbPnGR5Wl4qWPveK5VU2j4Ak5lg5v0+WId3cGIw00dDLj41Yc8cI34NyP
S4wg7za/L4MvW7Ht5VY1YxUWABXajSSUbzR9aTuMENctPdVlNcVE8lZJbuwPPb1O
xrj2JApzjWaenN5x17yh5axcTNrPdJls8njv9z4NdJ+/WDdxgASS1HB65VQg5hTU
mZKuYuCLsQrRg53Cv+iqovrSGG1GYreKkvx0GE8T7gkM7Gnrr34YrMRDwRelItpJ
YHP0rB9NnAkuFzP7nwGOMeb1odEjztN6xxTGYxq7+G30ZSOLHR1wJboaSmWzHS9U
vt+nu95mSOSZoJ6f5bTvB8xJAgMBAAGjggODMIIDfzAdBgNVHQ4EFgQUOS/CJ+7M
WmIVcvrarGUaPOuyFjwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTE1QzJFLzM4RDE0MDFDODM0ODExRUFBN0M0NzU3NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExNUMyRS8zOEQxNDAxQzgzNDgxMUVBQTdDNDc1NzZDNEY5QUUwMi9PU19DSi03
TVdtSVZjdnJhckdVYVBPdXlGancubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKQYIKwYBBQUHAQgBAf8EGjAY
oBYwFAIDALDTAgMA2EgCAwDYZQIDAgxMMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQC
AAEwVAMEAiv3rAMEAi11JAMEAi12vAMEAmc65AMEAmf2NAMEAmf+hAMEBHKGAAME
AnRaTAMEBHz4gAMEAqMv8AMEAMokSwMEAMolowMEAMolqAMEAMoxJDAUBAIAAjAO
AwUAJAC9AAMFACQCb4AwDQYJKoZIhvcNAQELBQADggEBANAiVl6I4qKdlfgMbMSS
FHbzl/KLSUfRKJ4pnaC+4o2SLlCBd6KKLPcDVsRUCdavs9LaRn+4vggKIbrFxjo0
hwb/osz+lKwraL6XIkVHNqMc0W2hpl+5WTCJYqy7l+PjHbGkKzksI2dqqnacvyxd
x4NujFeY2rPdEjvjBfx1TWXfU8GA+lC4yGtif558SKRtlse/Xxu4B8c7QVt0iMIQ
W+8I9j+TmaXH5FroMR7zfSbwmrpEMlIfvyujTEyOCM/4xGCWYLeJrA7DG/tjsevp
UaAoVoLTAqhgIo17/rt3z9+RDV7RG7BL/v40ceSR5q/Aut4YrP3cDSDqDbFjCs1v
24A=
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:20:31 2026 by rpki-client