Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U2v43c6AJmc3j0e9SVSpC3xwCcE.cer
File: U2v43c6AJmc3j0e9SVSpC3xwCcE.cer (raw, json)
Hash identifier: 39q4tfeY5YOch2aM6pS90d+wgBB8fmbSr5ql2b3vs6Q=
Subject key identifier: 53:6B:F8:DD:CE:80:26:67:37:8F:47:BD:49:54:A9:0B:7C:70:09:C1
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 024391
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A5849/DBAD384EF79E11EEA45AAE2CC4F9AE02/U2v43c6AJmc3j0e9SVSpC3xwCcE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A5849/DBAD384EF79E11EEA45AAE2CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 02 May 2025 18:46:51 +0000
Certificate not after: Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 202.37.173.0/24
IP: 2001:df3:aac0::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 11 May 2025 18:51:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148369 (0x24391)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 2 18:46:51 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=A91A5849, serialNumber=536BF8DDCE802667378F47BD4954A90B7C7009C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d8:21:ef:f9:ba:dc:8d:97:da:37:38:18:c1:
32:39:fb:d4:52:32:ac:73:41:91:21:06:b0:1d:f8:
0b:c7:de:e8:61:ef:99:8d:35:13:3d:71:24:a3:94:
6d:9b:26:c1:a5:d8:b1:7c:7d:fc:2d:8a:db:f7:ef:
fc:be:b3:e2:1d:33:86:be:3a:74:f7:dc:8b:6e:53:
ad:08:d8:16:b2:13:6a:a7:08:35:56:bf:21:98:a5:
e5:24:8f:a7:57:8f:9a:a6:81:2f:e0:a8:a5:9f:c2:
62:7a:8c:b7:43:0a:53:13:40:13:a3:bf:b0:bd:ac:
06:2d:36:45:21:df:c9:f4:b1:d9:95:58:96:c2:ce:
d0:f0:2d:02:14:b9:47:20:26:fd:67:32:9f:67:ca:
7d:f1:de:71:53:74:dc:25:6b:90:51:c9:63:bc:5a:
69:f4:73:78:09:55:cf:69:94:29:c7:4c:b7:91:e4:
8a:a1:52:03:21:de:9d:b8:aa:e5:bf:15:23:f9:a6:
90:04:2b:20:38:97:21:2f:ab:97:b9:6b:9a:18:c6:
16:6b:cf:89:92:7f:39:6b:fc:f2:bf:3a:c0:89:db:
b4:b3:69:7b:96:fd:c3:bd:45:c0:e6:6a:0e:4e:1d:
ee:9b:69:46:d9:1e:cd:5c:cc:bc:5e:4d:ad:6d:27:
f9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:6B:F8:DD:CE:80:26:67:37:8F:47:BD:49:54:A9:0B:7C:70:09:C1
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A5849/DBAD384EF79E11EEA45AAE2CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A5849/DBAD384EF79E11EEA45AAE2CC4F9AE02/U2v43c6AJmc3j0e9SVSpC3xwCcE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.37.173.0/24
IPv6:
2001:df3:aac0::/48
Signature Algorithm: sha256WithRSAEncryption
95:d0:1f:99:e0:e7:17:17:c9:c1:24:ce:f1:81:7d:6a:7e:7d:
c2:66:ba:e0:fa:56:5e:29:90:d2:96:00:4b:c6:b2:ac:46:e4:
6a:de:48:b1:c7:64:9b:61:38:6d:22:f0:41:5b:73:77:6b:03:
94:a5:a9:f0:53:b1:6c:d5:a3:c1:41:dc:24:d7:a1:a1:be:2b:
0a:92:98:32:67:9a:95:ac:9e:62:2b:97:b3:da:c2:fe:91:c5:
49:75:6a:de:75:2e:a9:a6:bc:7f:5e:b8:fb:f9:35:14:ec:2c:
67:74:a2:13:d8:5a:5b:be:ee:87:de:6a:42:d2:18:ef:f6:d5:
b6:c2:84:0d:a1:0d:33:6a:ac:0b:9d:24:97:6d:da:94:85:1d:
60:74:04:b9:d3:00:30:bd:5c:2a:83:ba:0f:06:7e:5f:3a:53:
2a:f5:b8:12:3c:14:c3:ff:01:03:3b:e7:27:95:3a:3e:e8:48:
6c:90:96:e2:e1:18:91:ec:1e:d6:2f:a1:59:8c:e6:33:b5:76:
de:54:45:b9:ba:5b:72:8b:8f:ed:93:62:23:ad:cf:87:2e:84:
82:53:dd:5c:3d:79:03:ac:6e:18:26:e1:02:aa:61:d3:f3:1a:
7a:33:3a:a3:eb:06:bf:4c:af:b4:a0:b8:a5:e7:35:2b:73:b3:
1c:f4:88:73
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgIDAkORMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUwMjE4NDY1MVoXDTI2MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTU4NDkxMTAvBgNVBAUTKDUzNkJGOEREQ0U4MDI2NjczNzhGNDdC
RDQ5NTRBOTBCN0M3MDA5QzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC02CHv+brcjZfaNzgYwTI5+9RSMqxzQZEhBrAd+AvH3uhh75mNNRM9cSSjlG2b
JsGl2LF8ffwtitv37/y+s+IdM4a+OnT33ItuU60I2BayE2qnCDVWvyGYpeUkj6dX
j5qmgS/gqKWfwmJ6jLdDClMTQBOjv7C9rAYtNkUh38n0sdmVWJbCztDwLQIUuUcg
Jv1nMp9nyn3x3nFTdNwla5BRyWO8Wmn0c3gJVc9plCnHTLeR5IqhUgMh3p24quW/
FSP5ppAEKyA4lyEvq5e5a5oYxhZrz4mSfzlr/PK/OsCJ27SzaXuW/cO9RcDmag5O
He6baUbZHs1czLxeTa1tJ/mVAgMBAAGjggMEMIIDADAdBgNVHQ4EFgQUU2v43c6A
Jmc3j0e9SVSpC3xwCcEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE1ODQ5L0RCQUQzODRFRjc5RTExRUVBNDVBQUUyQ0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBNTg0OS9EQkFEMzg0RUY3OUUxMUVFQTQ1QUFFMkNDNEY5QUUwMi9VMnY0M2M2
QUptYzNqMGU5U1ZTcEMzeHdDY0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8EITAf
MAwEAgABMAYDBADKJa0wDwQCAAIwCQMHACABDfOqwDANBgkqhkiG9w0BAQsFAAOC
AQEAldAfmeDnFxfJwSTO8YF9an59wma64PpWXimQ0pYAS8ayrEbkat5Iscdkm2E4
bSLwQVtzd2sDlKWp8FOxbNWjwUHcJNehob4rCpKYMmealayeYiuXs9rC/pHFSXVq
3nUuqaa8f164+/k1FOwsZ3SiE9haW77uh95qQtIY7/bVtsKEDaENM2qsC50kl23a
lIUdYHQEudMAML1cKoO6DwZ+XzpTKvW4EjwUw/8BAzvnJ5U6PuhIbJCW4uEYkewe
1i+hWYzmM7V23lRFubpbcouP7ZNiI63Phy6EglPdXD15A6xuGCbhAqph0/MaejM6
o+sGv0yvtKC4pec1K3OzHPSIcw==
-----END CERTIFICATE-----
Generated at Sun May 4 21:47:26 2025 by rpki-client