Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OS_CJ-7MWmIVcvrarGUaPOuyFjw.cer
File: OS_CJ-7MWmIVcvrarGUaPOuyFjw.cer (raw, json)
Hash identifier: TjO8RC1TJaTgiFGQK57G3TwTr/DK2U2wifkR6V9YpSg=
Subject key identifier: 39:2F:C2:27:EE:CC:5A:62:15:72:FA:DA:AC:65:1A:3C:EB:B2:16:3C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 024F20
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/OS_CJ-7MWmIVcvrarGUaPOuyFjw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 19 Jun 2025 06:23:13 +0000
Certificate not after: Fri 01 May 2026 00:00:00 +0000
Subordinate resources: AS: 45267
AS: 55368
AS: 55397
AS: 134220
IP: 43.247.172.0/22
IP: 45.117.36.0/22
IP: 45.118.188.0/22
IP: 103.58.228.0/22
IP: 103.246.52.0/22
IP: 103.254.132.0/22
IP: 114.134.0.0/20
IP: 116.90.76.0/22
IP: 124.248.128.0/20
IP: 163.47.240.0/22
IP: 202.36.75.0/24
IP: 202.37.163.0/24
IP: 202.37.168.0/24
IP: 202.49.36.0/24
IP: 2400:bd00::/32
IP: 2402:6f80::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 06 Jul 2025 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 151328 (0x24f20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jun 19 06:23:13 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=A9115C2E, serialNumber=392FC227EECC5A621572FADAAC651A3CEBB2163C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1c:00:ca:6c:f9:c6:47:95:a5:e2:a5:8f:bd:
e2:b9:55:4d:a3:e0:09:39:96:0e:6f:d3:e5:88:77:
77:06:23:0d:34:74:32:e3:e3:56:1c:f1:c2:37:e0:
dc:8f:4b:8c:20:ef:36:bf:2f:83:2f:5b:b1:ed:e5:
56:35:63:15:16:00:15:da:8d:24:94:6f:34:7d:69:
3b:8c:10:d7:2d:3d:d5:65:35:c5:44:f2:56:49:6e:
ec:0f:3d:bd:4e:c6:b8:f6:24:0a:73:8d:66:9e:9c:
de:71:d7:bc:a1:e5:ac:5c:4c:da:cf:74:99:6c:f2:
78:ef:f7:3e:0d:74:9f:bf:58:37:71:80:04:92:d4:
70:7a:e5:54:20:e6:14:d4:99:92:ae:62:e0:8b:b1:
0a:d1:83:9d:c2:bf:e8:aa:a2:fa:d2:18:6d:46:62:
b7:8a:92:fc:74:18:4f:13:ee:09:0c:ec:69:eb:af:
7e:18:ac:c4:43:c1:17:a5:22:da:49:60:73:f4:ac:
1f:4d:9c:09:2e:17:33:fb:9f:01:8e:31:e6:f5:a1:
d1:23:ce:d3:7a:c7:14:c6:63:1a:bb:f8:6d:f4:65:
23:8b:1d:1d:70:25:ba:1a:4a:65:b3:1d:2f:54:be:
df:a7:bb:de:66:48:e4:99:a0:9e:9f:e5:b4:ef:07:
cc:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:2F:C2:27:EE:CC:5A:62:15:72:FA:DA:AC:65:1A:3C:EB:B2:16:3C
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/OS_CJ-7MWmIVcvrarGUaPOuyFjw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
45267
55368
55397
134220
sbgp-ipAddrBlock: critical
IPv4:
43.247.172.0/22
45.117.36.0/22
45.118.188.0/22
103.58.228.0/22
103.246.52.0/22
103.254.132.0/22
114.134.0.0/20
116.90.76.0/22
124.248.128.0/20
163.47.240.0/22
202.36.75.0/24
202.37.163.0/24
202.37.168.0/24
202.49.36.0/24
IPv6:
2400:bd00::/32
2402:6f80::/32
Signature Algorithm: sha256WithRSAEncryption
8a:95:cc:ae:84:9a:78:9a:91:d6:be:27:41:e0:fd:d4:e7:5c:
7c:15:47:ea:5e:d8:35:25:c1:50:97:2a:ad:83:5f:83:a4:cd:
53:ec:96:60:76:e2:fb:60:b5:43:65:ee:da:c9:df:88:50:d2:
2f:49:89:f4:e8:99:55:e9:6f:ae:b3:4a:49:2f:39:66:2d:2b:
91:03:e5:ba:ed:de:bc:68:83:ff:68:fd:4d:58:27:d5:1d:a8:
3a:96:1f:2c:6e:2e:b5:7d:e5:ac:e2:8a:9e:ba:9f:a0:a6:4a:
77:b7:44:be:42:4b:bd:30:fa:4d:c3:f9:61:5e:f1:7d:2b:52:
10:94:67:06:2a:b3:39:92:98:82:93:53:16:05:1a:f8:a4:b8:
f4:68:6a:86:9d:f5:ee:58:23:99:c0:d9:5a:c1:ae:cf:60:51:
70:50:58:be:7e:92:b8:4d:67:c5:e8:c2:93:b6:dc:a0:e5:f7:
33:fe:2b:f7:87:d7:18:77:27:0a:5c:76:f2:95:b9:4c:c0:1e:
ce:54:66:f8:4a:da:a5:62:4f:83:cd:13:89:15:16:1b:89:c0:
17:7b:82:15:d2:dc:81:bb:49:44:44:7b:09:6e:0e:8c:89:26:
9e:c8:c1:5f:89:1f:15:d3:c7:62:2a:99:5a:8e:34:bd:24:08:
9c:89:26:d5
-----BEGIN CERTIFICATE-----
MIIGjjCCBXagAwIBAgIDAk8gMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDYxOTA2MjMxM1oXDTI2MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTVDMkUxMTAvBgNVBAUTKDM5MkZDMjI3RUVDQzVBNjIxNTcyRkFE
QUFDNjUxQTNDRUJCMjE2M0MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDTHADKbPnGR5Wl4qWPveK5VU2j4Ak5lg5v0+WId3cGIw00dDLj41Yc8cI34NyP
S4wg7za/L4MvW7Ht5VY1YxUWABXajSSUbzR9aTuMENctPdVlNcVE8lZJbuwPPb1O
xrj2JApzjWaenN5x17yh5axcTNrPdJls8njv9z4NdJ+/WDdxgASS1HB65VQg5hTU
mZKuYuCLsQrRg53Cv+iqovrSGG1GYreKkvx0GE8T7gkM7Gnrr34YrMRDwRelItpJ
YHP0rB9NnAkuFzP7nwGOMeb1odEjztN6xxTGYxq7+G30ZSOLHR1wJboaSmWzHS9U
vt+nu95mSOSZoJ6f5bTvB8xJAgMBAAGjggODMIIDfzAdBgNVHQ4EFgQUOS/CJ+7M
WmIVcvrarGUaPOuyFjwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTE1QzJFLzM4RDE0MDFDODM0ODExRUFBN0M0NzU3NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExNUMyRS8zOEQxNDAxQzgzNDgxMUVBQTdDNDc1NzZDNEY5QUUwMi9PU19DSi03
TVdtSVZjdnJhckdVYVBPdXlGancubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKQYIKwYBBQUHAQgBAf8EGjAY
oBYwFAIDALDTAgMA2EgCAwDYZQIDAgxMMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQC
AAEwVAMEAiv3rAMEAi11JAMEAi12vAMEAmc65AMEAmf2NAMEAmf+hAMEBHKGAAME
AnRaTAMEBHz4gAMEAqMv8AMEAMokSwMEAMolowMEAMolqAMEAMoxJDAUBAIAAjAO
AwUAJAC9AAMFACQCb4AwDQYJKoZIhvcNAQELBQADggEBAIqVzK6Emniakda+J0Hg
/dTnXHwVR+pe2DUlwVCXKq2DX4OkzVPslmB24vtgtUNl7trJ34hQ0i9JifTomVXp
b66zSkkvOWYtK5ED5brt3rxog/9o/U1YJ9UdqDqWHyxuLrV95aziip66n6CmSne3
RL5CS70w+k3D+WFe8X0rUhCUZwYqszmSmIKTUxYFGvikuPRoaoad9e5YI5nA2VrB
rs9gUXBQWL5+krhNZ8XowpO23KDl9zP+K/eH1xh3JwpcdvKVuUzAHs5UZvhK2qVi
T4PNE4kVFhuJwBd7ghXS3IG7SUREewluDoyJJp7IwV+JHxXTx2IqmVqONL0kCJyJ
JtU=
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:24:27 2025 by rpki-client