Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QMhVkA6-tN3uEZyAjkWar991tYQ.cer
File: QMhVkA6-tN3uEZyAjkWar991tYQ.cer (raw, json)
Hash identifier: EaQNs+L2g+j8RymRLqESaQG2GdtAYM7SV68+1b7Y5lE=
Subject key identifier: 40:C8:55:90:0E:BE:B4:DD:EE:11:9C:80:8E:45:9A:AF:DF:75:B5:84
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02A59B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D1C2E/A44847B824D811F1971FE104AC833773/QMhVkA6-tN3uEZyAjkWar991tYQ.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D1C2E/A44847B824D811F1971FE104AC833773/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sat 21 Mar 2026 03:47:16 +0000
Certificate not after: Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 58.97.144.0/20
IP: 103.230.64.0/22
IP: 202.86.24.0/21
IP: 2001:df5:4800::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 Apr 2026 14:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173467 (0x2a59b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Mar 21 03:47:16 2026 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=A91D1C2E, serialNumber=40C855900EBEB4DDEE119C808E459AAFDF75B584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:38:44:86:15:2b:11:b7:a5:c1:aa:15:92:86:
08:3b:a8:45:b2:69:9b:f8:6f:07:db:8c:34:a0:42:
b6:9c:27:b5:56:07:88:06:d6:71:b5:e7:98:3f:ea:
69:a4:78:d7:3e:47:f4:99:e8:94:c1:a0:20:fc:23:
b0:da:c5:36:77:89:40:76:06:aa:27:ef:e5:ff:e5:
94:43:a1:8b:aa:df:45:63:cb:ee:b4:9b:70:07:10:
98:84:d1:47:fc:7b:49:77:d8:b3:d3:46:9f:a5:c1:
5b:cd:7a:de:ca:c8:7d:17:64:42:bd:d7:8e:4c:8d:
3c:f6:45:a2:0c:67:80:2b:c7:34:80:6d:80:b7:17:
fc:c5:00:66:a1:6e:72:32:33:e8:31:36:62:27:c0:
df:0a:68:f0:19:9c:c4:a6:fb:c4:78:b3:17:51:3c:
26:76:eb:9e:0e:31:3f:20:49:be:f3:6f:51:90:8e:
ff:87:80:9e:f7:4f:83:d4:4e:16:89:cb:d0:1e:b7:
82:76:ce:34:1e:c8:66:1c:4a:70:9e:34:4d:4e:7f:
51:22:80:9a:63:49:5e:f7:bf:1e:d2:43:ff:0c:91:
7d:07:d1:42:83:3b:1a:43:fd:88:23:06:75:03:f5:
f6:59:96:c0:a6:9f:0e:f3:2e:fd:e8:bd:b7:a2:01:
02:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C8:55:90:0E:BE:B4:DD:EE:11:9C:80:8E:45:9A:AF:DF:75:B5:84
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D1C2E/A44847B824D811F1971FE104AC833773/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D1C2E/A44847B824D811F1971FE104AC833773/QMhVkA6-tN3uEZyAjkWar991tYQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.97.144.0/20
103.230.64.0/22
202.86.24.0/21
IPv6:
2001:df5:4800::/48
Signature Algorithm: sha256WithRSAEncryption
75:c9:a9:d6:93:48:bb:39:95:9a:d3:b8:38:70:33:27:79:23:
b1:bb:a0:52:d9:07:ae:94:84:90:73:cc:bf:50:2f:0f:68:2d:
4e:73:6f:ae:ea:ac:8a:72:a4:08:a3:16:e9:74:e2:52:dc:bb:
74:ea:5b:f2:c7:0a:c1:6a:9e:ec:c1:23:9c:76:fd:0d:c8:bd:
fd:b4:18:7b:8e:fc:56:3b:cd:39:af:bc:ff:5c:cb:34:31:19:
f7:75:6b:c2:ba:ac:c2:55:bb:31:df:5d:5c:de:dd:ef:64:7f:
6b:a7:21:94:e2:cf:7d:58:d6:3e:38:9d:f5:ef:38:b7:34:c4:
c3:6e:a4:a7:65:cc:98:50:8b:77:6d:0f:87:13:b1:c4:d8:a9:
e1:32:21:3b:67:c3:b9:b9:51:04:37:4a:6a:9e:58:10:74:48:
ee:8b:62:c2:82:e6:80:79:f1:c4:3e:9e:f5:69:04:69:13:52:
69:4d:1c:6c:0f:e3:a9:fe:1e:07:72:24:5f:c8:bc:b3:b6:c0:
58:22:62:58:96:27:e1:38:58:58:06:e3:b2:21:c5:34:43:d9:
eb:7a:f5:a5:cd:b8:41:d9:a6:fe:b3:74:19:f1:56:b3:cf:9f:
72:ed:b7:b6:e2:71:28:7b:da:8f:e9:de:1a:0d:5d:5c:b9:22:
0b:3c:ac:ba
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIDAqWbMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDMyMTAzNDcxNloXDTI2MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDFDMkUxMTAvBgNVBAUTKDQwQzg1NTkwMEVCRUI0RERFRTExOUM4
MDhFNDU5QUFGREY3NUI1ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5OESGFSsRt6XBqhWShgg7qEWyaZv4bwfbjDSgQracJ7VWB4gG1nG155g/6mmk
eNc+R/SZ6JTBoCD8I7DaxTZ3iUB2Bqon7+X/5ZRDoYuq30Vjy+60m3AHEJiE0Uf8
e0l32LPTRp+lwVvNet7KyH0XZEK9145MjTz2RaIMZ4ArxzSAbYC3F/zFAGahbnIy
M+gxNmInwN8KaPAZnMSm+8R4sxdRPCZ2654OMT8gSb7zb1GQjv+HgJ73T4PUThaJ
y9Aet4J2zjQeyGYcSnCeNE1Of1EigJpjSV73vx7SQ/8MkX0H0UKDOxpD/YgjBnUD
9fZZlsCmnw7zLv3ovbeiAQJrAgMBAAGjggMQMIIDDDAdBgNVHQ4EFgQUQMhVkA6+
tN3uEZyAjkWar991tYQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQxQzJFL0E0NDg0N0I4MjREODExRjE5NzFGRTEwNEFDODMzNzczLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEMUMyRS9BNDQ4NDdCODI0RDgxMUYxOTcxRkUxMDRBQzgzMzc3My9RTWhWa0E2
LXROM3VFWnlBamtXYXI5OTF0WVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8ELTAr
MBgEAgABMBIDBAQ6YZADBAJn5kADBAPKVhgwDwQCAAIwCQMHACABDfVIADANBgkq
hkiG9w0BAQsFAAOCAQEAdcmp1pNIuzmVmtO4OHAzJ3kjsbugUtkHrpSEkHPMv1Av
D2gtTnNvruqsinKkCKMW6XTiUty7dOpb8scKwWqe7MEjnHb9Dci9/bQYe478VjvN
Oa+8/1zLNDEZ93VrwrqswlW7Md9dXN7d72R/a6chlOLPfVjWPjid9e84tzTEw26k
p2XMmFCLd20PhxOxxNip4TIhO2fDublRBDdKap5YEHRI7otiwoLmgHnxxD6e9WkE
aRNSaU0cbA/jqf4eB3IkX8i8s7bAWCJiWJYn4ThYWAbjsiHFNEPZ63r1pc24Qdmm
/rN0GfFWs8+fcu23tuJxKHvaj+neGg1dXLkiCzysug==
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:10:40 2026 by rpki-client