This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WxrYLw59x3GBmpomZ0mSo5Ubk3M.cer File: WxrYLw59x3GBmpomZ0mSo5Ubk3M.cer (raw, json) Hash identifier: wJIivWY+qsqh73JIzZUmKxPdKsyMUx08LoVQUKBuagY= Subject key identifier: 5B:1A:D8:2F:0E:7D:C7:71:81:9A:9A:26:67:49:92:A3:95:1B:93:73 Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F Certificate serial: 027AF5 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer Manifest: rsync://rpki.roa.net/rrdp/xTom/58/5B1AD82F0E7DC771819A9A26674992A3951B9373.mft caRepository: rsync://rpki.roa.net/rrdp/xTom/58/ Notify URL: https://rpki.roa.net/rrdp/notification.xml Certificate not before: Tue 02 Dec 2025 20:22:46 +0000 Certificate not after: Mon 02 Mar 2026 00:00:00 +0000 Subordinate resources: AS: 4785 AS: 138038 IP: 103.201.128.0/22 IP: 202.5.220.0/22 IP: 2403:ac80::/32 Validation: OK Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 02:50:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 162549 (0x27af5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F Validity Not Before: Dec 2 20:22:46 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=A91FFE3F0000, serialNumber=5B1AD82F0E7DC771819A9A26674992A3951B9373 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:74:f9:f3:38:2d:de:06:75:21:73:ab:8f:06: a5:b6:8b:6b:b7:60:fc:89:1c:2d:69:d4:04:f0:e9: 74:e3:13:3e:1b:ff:bc:36:37:b3:b4:37:b7:f6:df: c3:aa:af:a7:9b:38:e5:30:af:8e:b9:0b:cd:7a:84: 1c:69:dc:ad:38:69:40:9b:08:ed:1a:1f:97:42:53: d8:df:61:7c:7b:3f:86:0a:c6:ea:24:a8:85:03:72: 14:b8:66:41:08:6f:b5:96:34:48:40:59:d4:07:8e: 56:2e:f7:80:5b:91:64:2c:c1:2e:b5:ea:7e:93:30: 0d:e7:20:c8:08:62:55:1c:f8:7e:bd:31:21:5f:5c: 8c:6f:98:c6:9d:ac:0e:b6:0c:ae:6e:63:bc:21:50: 98:97:74:e9:7b:73:98:11:3e:8e:7f:f1:05:ae:e9: e0:92:73:13:6c:23:02:1c:1c:2c:25:d8:37:cc:3d: 48:9d:9b:42:e7:d8:53:08:d1:9c:33:75:b1:f1:72: 7f:2b:7f:bf:49:a5:05:89:f4:3a:94:23:0b:24:38: 75:2c:cf:20:de:0c:53:da:c9:34:02:d6:1d:65:ae: 38:76:49:15:43:b8:23:f3:e2:91:b9:cf:8b:f3:9c: 1a:9c:ab:a0:66:2f:ca:7f:a0:99:b3:44:4c:bd:b4: 75:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:1A:D8:2F:0E:7D:C7:71:81:9A:9A:26:67:49:92:A3:95:1B:93:73 X509v3 Authority Key Identifier: keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: CA Repository - URI:rsync://rpki.roa.net/rrdp/xTom/58/ RPKI Manifest - URI:rsync://rpki.roa.net/rrdp/xTom/58/5B1AD82F0E7DC771819A9A26674992A3951B9373.mft RPKI Notify - URI:https://rpki.roa.net/rrdp/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 4785 138038 sbgp-ipAddrBlock: critical IPv4: 103.201.128.0/22 202.5.220.0/22 IPv6: 2403:ac80::/32 Signature Algorithm: sha256WithRSAEncryption 4c:6d:eb:2e:da:c2:41:79:dd:df:c4:fb:90:93:31:c2:f2:5a: ca:7a:66:c9:85:bf:66:b1:b9:f8:e7:25:af:c3:66:cd:47:f0: a2:2a:66:00:49:16:2f:32:b0:8c:65:b3:50:14:3f:fb:c8:2e: 22:71:03:51:da:38:11:8a:7c:26:61:97:40:2e:25:ad:ea:c5: 3b:d6:94:99:ac:a3:26:b1:19:4e:4c:bd:19:88:5b:1d:16:8c: 52:3a:5f:2f:c3:a9:98:0d:2a:d2:ea:d6:f2:9c:c3:7d:38:05: c2:90:0a:bc:52:b3:df:26:00:7d:8d:d5:c2:cb:de:ad:b8:4c: 73:5e:3b:06:07:bc:58:4b:87:9b:f1:f5:94:9e:13:2e:f5:ce: 90:8a:7c:51:56:6c:ed:75:9e:1b:a9:e0:11:25:06:f1:9b:3c: ff:5f:99:2a:d3:7f:92:d6:98:79:a3:68:43:0e:a9:d8:58:05: b9:6b:22:f9:af:9a:bd:44:e2:e2:eb:62:25:3d:fd:04:fe:99: 5a:43:83:03:86:ab:21:44:7b:04:2d:b9:13:d5:07:09:82:bd: 97:47:ac:5b:51:81:28:5b:5d:e2:e6:e9:ef:10:de:32:f4:2e: 51:1b:aa:28:cc:63:3f:3c:b8:82:0d:d9:b5:8d:61:84:e0:33: e3:8d:51:5a -----BEGIN CERTIFICATE----- MIIF4jCCBMqgAwIBAgIDAnr1MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4 QzkwN0FBNzlGMB4XDTI1MTIwMjIwMjI0NloXDTI2MDMwMjAwMDAwMFowSjEVMBMG A1UEAxMMQTkxRkZFM0YwMDAwMTEwLwYDVQQFEyg1QjFBRDgyRjBFN0RDNzcxODE5 QTlBMjY2NzQ5OTJBMzk1MUI5MzczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAt3T58zgt3gZ1IXOrjwaltotrt2D8iRwtadQE8Ol04xM+G/+8NjeztDe3 9t/Dqq+nmzjlMK+OuQvNeoQcadytOGlAmwjtGh+XQlPY32F8ez+GCsbqJKiFA3IU uGZBCG+1ljRIQFnUB45WLveAW5FkLMEutep+kzAN5yDICGJVHPh+vTEhX1yMb5jG nawOtgyubmO8IVCYl3Tpe3OYET6Of/EFrungknMTbCMCHBwsJdg3zD1InZtC59hT CNGcM3Wx8XJ/K3+/SaUFifQ6lCMLJDh1LM8g3gxT2sk0AtYdZa44dkkVQ7gj8+KR uc+L85wanKugZi/Kf6CZs0RMvbR1WwIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFFsa 2C8OfcdxgZqaJmdJkqOVG5NzMB8GA1UdIwQYMBaAFA5lpPX9NrW9aOs8kjQIl4yQ eqefMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MHMGA1UdHwRsMGow aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1 ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9EbVdrOWYwMnRiMW82enlTTkFpWGpK QjZwNTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3RTExRTdBOTZBMzk1 MjFBNEY0RkI0L0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1OC5jZXIwSgYDVR0g AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h cG5pYy5uZXQvUlBLSS9DUFMucGRmMIHUBggrBgEFBQcBCwSBxzCBxDAuBggrBgEF BQcwBYYicnN5bmM6Ly9ycGtpLnJvYS5uZXQvcnJkcC94VG9tLzU4LzBaBggrBgEF BQcwCoZOcnN5bmM6Ly9ycGtpLnJvYS5uZXQvcnJkcC94VG9tLzU4LzVCMUFEODJG MEU3REM3NzE4MTlBOUEyNjY3NDk5MkEzOTUxQjkzNzMubWZ0MDYGCCsGAQUFBzAN hipodHRwczovL3Jwa2kucm9hLm5ldC9ycmRwL25vdGlmaWNhdGlvbi54bWwwHgYI KwYBBQUHAQgBAf8EDzANoAswCQICErECAwIbNjA0BggrBgEFBQcBBwEB/wQlMCMw EgQCAAEwDAMEAmfJgAMEAsoF3DANBAIAAjAHAwUAJAOsgDANBgkqhkiG9w0BAQsF AAOCAQEATG3rLtrCQXnd38T7kJMxwvJaynpmyYW/ZrG5+Oclr8NmzUfwoipmAEkW LzKwjGWzUBQ/+8guInEDUdo4EYp8JmGXQC4lrerFO9aUmayjJrEZTky9GYhbHRaM UjpfL8OpmA0q0urW8pzDfTgFwpAKvFKz3yYAfY3VwsverbhMc147Bge8WEuHm/H1 lJ4TLvXOkIp8UVZs7XWeG6ngESUG8Zs8/1+ZKtN/ktaYeaNoQw6p2FgFuWsi+a+a vUTi4utiJT39BP6ZWkODA4arIUR7BC25E9UHCYK9l0esW1GBKFtd4ubp7xDeMvQu URuqKMxjPzy4gg3ZtY1hhOAz441RWg== -----END CERTIFICATE-----Generated at Sat Dec 6 05:44:59 2025 by rpki-client