Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XBevLgqvSQzqqE4qqnFIPQOV8eQ.cer
File: XBevLgqvSQzqqE4qqnFIPQOV8eQ.cer (raw, json)
Hash identifier: AmYoumwiiIhaMghipvh9untupDihRDa0wV2Xh3uPwHQ=
Subject key identifier: 5C:17:AF:2E:0A:AF:49:0C:EA:A8:4E:2A:AA:71:48:3D:03:95:F1:E4
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 024220
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91923A9/A6387684FAA511EDB2B2957FC4F9AE02/XBevLgqvSQzqqE4qqnFIPQOV8eQ.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91923A9/A6387684FAA511EDB2B2957FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 29 Apr 2025 03:56:04 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 103.91.156.0/22
IP: 123.253.44.0/22
IP: 2406:1ec0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 11 May 2025 18:51:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148000 (0x24220)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 29 03:56:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A91923A9, serialNumber=5C17AF2E0AAF490CEAA84E2AAA71483D0395F1E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:32:da:01:c2:9b:69:37:54:71:98:70:e1:e9:
09:db:c6:15:d8:4f:f8:fe:b8:22:4f:65:dc:8c:28:
94:f7:9f:23:9d:12:dd:d3:55:19:0f:1a:b0:63:23:
3d:33:84:08:22:38:03:cd:d0:59:38:92:d2:34:5c:
39:fd:03:a1:f8:3b:16:b9:f9:a9:b3:32:24:e0:cc:
22:29:84:35:8f:88:b5:d6:17:32:63:b2:8c:e4:92:
4f:9f:70:dd:19:28:24:c0:29:9b:ad:30:23:0d:cc:
fb:b0:cb:5b:7c:6a:49:f8:a5:2f:47:da:93:da:08:
d0:27:8f:c9:ff:58:9a:28:ba:38:dd:a8:e2:82:0b:
1f:07:e0:99:1b:36:52:97:89:7e:83:65:5d:16:0b:
63:c2:f0:38:61:d6:4b:6c:33:f8:74:fa:47:b4:d1:
1a:dd:45:d3:8b:5a:c0:0c:0b:a0:65:94:5e:ee:36:
28:02:f0:9c:b3:52:d8:11:c7:9b:06:67:ef:19:2d:
c6:f9:d4:c4:ac:93:93:21:c8:cb:e8:53:b6:ac:24:
eb:40:ce:7b:54:fb:18:09:ab:a9:c9:6d:dd:73:70:
be:ea:29:79:7e:e8:0c:2d:eb:55:96:9d:ee:17:0a:
d2:e5:cd:4f:9c:c4:92:d5:ab:7a:62:69:fe:62:15:
ec:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:17:AF:2E:0A:AF:49:0C:EA:A8:4E:2A:AA:71:48:3D:03:95:F1:E4
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91923A9/A6387684FAA511EDB2B2957FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91923A9/A6387684FAA511EDB2B2957FC4F9AE02/XBevLgqvSQzqqE4qqnFIPQOV8eQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.91.156.0/22
123.253.44.0/22
IPv6:
2406:1ec0::/32
Signature Algorithm: sha256WithRSAEncryption
6a:5b:6d:2f:81:89:76:92:8d:15:23:cd:5b:51:b8:f8:d4:92:
47:70:04:b4:99:fd:01:e7:13:bd:20:cb:f4:2b:ef:73:fe:7d:
85:a5:5c:fd:6e:0e:e6:fd:c3:8b:ab:97:35:f0:34:80:38:af:
23:fe:c5:44:d8:16:b6:c6:07:d8:67:e7:c8:ca:6f:8f:c9:0e:
e4:6d:cf:4a:2d:22:dd:88:05:78:e6:f5:42:ae:ca:4d:8e:f8:
7b:90:cb:3f:61:d4:6f:7e:b1:95:8c:aa:a9:e5:43:37:c1:03:
a8:02:d2:9e:a3:f3:11:7c:8f:5f:fb:c4:1b:9a:3f:cd:3a:bb:
a1:f4:82:6a:97:e1:2a:76:88:32:c5:41:75:e7:b9:a5:87:be:
78:68:70:02:a1:a1:7d:0f:c0:ce:5f:c1:69:0d:d2:c3:01:0f:
75:01:95:a6:56:f9:80:af:79:10:bb:7e:0f:b3:a0:59:62:29:
ad:83:39:9d:3f:ad:76:5b:96:e3:66:24:2f:a2:ba:cb:26:ce:
f3:f6:ba:07:d5:9e:1d:04:a0:9a:27:4d:74:ca:d6:6a:f1:d2:
36:07:97:01:41:f0:5a:87:d8:46:0c:1d:da:aa:58:02:94:bb:
9c:16:b6:5b:1e:15:e0:05:a1:b0:f0:4d:d8:95:d8:69:4e:09:
29:05:aa:15
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgIDAkIgMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDQyOTAzNTYwNFoXDTI2MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTIzQTkxMTAvBgNVBAUTKDVDMTdBRjJFMEFBRjQ5MENFQUE4NEUy
QUFBNzE0ODNEMDM5NUYxRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBMtoBwptpN1RxmHDh6QnbxhXYT/j+uCJPZdyMKJT3nyOdEt3TVRkPGrBjIz0z
hAgiOAPN0Fk4ktI0XDn9A6H4Oxa5+amzMiTgzCIphDWPiLXWFzJjsozkkk+fcN0Z
KCTAKZutMCMNzPuwy1t8akn4pS9H2pPaCNAnj8n/WJooujjdqOKCCx8H4JkbNlKX
iX6DZV0WC2PC8Dhh1ktsM/h0+ke00RrdRdOLWsAMC6BllF7uNigC8JyzUtgRx5sG
Z+8ZLcb51MSsk5MhyMvoU7asJOtAzntU+xgJq6nJbd1zcL7qKXl+6Awt61WWne4X
CtLlzU+cxJLVq3piaf5iFeztAgMBAAGjggMIMIIDBDAdBgNVHQ4EFgQUXBevLgqv
SQzqqE4qqnFIPQOV8eQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTkyM0E5L0E2Mzg3Njg0RkFBNTExRURCMkIyOTU3RkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5MjNBOS9BNjM4NzY4NEZBQTUxMUVEQjJCMjk1N0ZDNEY5QUUwMi9YQmV2TGdx
dlNRenFxRTRxcW5GSVBRT1Y4ZVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8EJTAj
MBIEAgABMAwDBAJnW5wDBAJ7/SwwDQQCAAIwBwMFACQGHsAwDQYJKoZIhvcNAQEL
BQADggEBAGpbbS+BiXaSjRUjzVtRuPjUkkdwBLSZ/QHnE70gy/Qr73P+fYWlXP1u
Dub9w4urlzXwNIA4ryP+xUTYFrbGB9hn58jKb4/JDuRtz0otIt2IBXjm9UKuyk2O
+HuQyz9h1G9+sZWMqqnlQzfBA6gC0p6j8xF8j1/7xBuaP806u6H0gmqX4Sp2iDLF
QXXnuaWHvnhocAKhoX0PwM5fwWkN0sMBD3UBlaZW+YCveRC7fg+zoFliKa2DOZ0/
rXZbluNmJC+iussmzvP2ugfVnh0EoJonTXTK1mrx0jYHlwFB8FqH2EYMHdqqWAKU
u5wWtlseFeAFobDwTdiV2GlOCSkFqhU=
-----END CERTIFICATE-----
Generated at Sun May 4 22:32:40 2025 by rpki-client