Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y1kwnvSbRF9utTMb3wqUxcbvw3s.cer
File: Y1kwnvSbRF9utTMb3wqUxcbvw3s.cer (raw, json)
Hash identifier: 7yxOIf2q7cvZyVw3/5ZFJYP0UcWQnOZVkyXANfvqHfk=
Subject key identifier: 63:59:30:9E:F4:9B:44:5F:6E:B5:33:1B:DF:0A:94:C5:C6:EF:C3:7B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 025FBC
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A935D/F500F7288AB811EB8707E11AC4F9AE02/Y1kwnvSbRF9utTMb3wqUxcbvw3s.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A935D/F500F7288AB811EB8707E11AC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 26 Aug 2025 17:40:16 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: AS: 136805
IP: 103.96.141.0/24
IP: 103.109.123.0/24
IP: 103.109.132.0/23
IP: 2001:df1:df00::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 26 Oct 2025 18:03:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155580 (0x25fbc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 26 17:40:16 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A91A935D, serialNumber=6359309EF49B445F6EB5331BDF0A94C5C6EFC37B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1c:e6:98:15:e4:54:0e:58:08:1b:ab:8d:92:
d9:73:70:5d:74:a0:a3:79:91:16:26:08:5c:f9:5d:
d2:00:c7:3b:78:76:88:50:7a:4c:f4:50:75:ac:52:
68:37:76:cc:d4:08:b9:cf:92:a3:c5:92:d8:fe:0e:
7d:35:84:93:74:2d:f1:3a:40:d9:15:d8:cc:54:55:
a5:25:dd:3c:b9:4e:51:6f:6b:f6:4f:e8:21:30:86:
69:7d:01:76:06:6d:bd:c9:6f:bf:2d:14:c2:3a:6f:
6c:78:bb:dc:b5:cb:08:96:88:ae:d9:0d:0d:61:e7:
22:4c:ff:51:10:a2:c6:3b:fa:20:c8:3e:fc:0f:fb:
ae:bd:06:e6:67:55:e8:7c:ce:49:0e:44:0f:d0:a6:
21:e1:46:50:df:4f:a7:22:ab:ea:86:84:df:31:0b:
66:1f:7b:e0:f8:23:bf:92:c9:0c:68:5d:af:70:e9:
03:ea:3d:e0:6e:52:16:dd:a9:fd:6c:33:8e:f5:7b:
16:68:37:2c:f1:ba:ab:2b:bf:9a:78:d0:4e:0b:13:
72:42:5b:5f:6d:45:9b:ef:98:a4:3e:35:81:07:23:
a6:22:9b:d4:29:3b:62:d9:c5:28:c6:aa:3e:c4:de:
e0:fb:db:ca:c3:47:b9:91:bd:88:34:0e:cc:83:a4:
2f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:59:30:9E:F4:9B:44:5F:6E:B5:33:1B:DF:0A:94:C5:C6:EF:C3:7B
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A935D/F500F7288AB811EB8707E11AC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A935D/F500F7288AB811EB8707E11AC4F9AE02/Y1kwnvSbRF9utTMb3wqUxcbvw3s.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
136805
sbgp-ipAddrBlock: critical
IPv4:
103.96.141.0/24
103.109.123.0/24
103.109.132.0/23
IPv6:
2001:df1:df00::/48
Signature Algorithm: sha256WithRSAEncryption
69:9b:9b:f8:c9:af:e8:ce:8f:49:03:0a:72:31:14:f4:36:e6:
7e:1b:48:0c:4c:cc:26:bf:8e:e4:9d:a6:6e:21:0c:6a:9b:3f:
bd:c8:4a:57:d5:04:c2:43:ff:fd:66:d7:c9:20:d1:bb:aa:47:
34:ee:2e:4a:3c:78:cd:1b:e0:51:95:d4:50:a7:46:fc:35:9b:
13:1e:52:f7:e8:1c:6d:9d:79:e6:26:36:71:ae:e4:f5:f5:e3:
15:6a:85:34:f2:f6:18:0e:e3:99:4a:c7:a0:e3:ca:de:7b:b6:
63:cc:76:08:c0:4d:1b:8f:93:85:25:b4:60:a3:6c:55:93:a1:
87:80:83:75:dd:50:cc:21:79:ce:98:11:7b:e1:13:88:69:41:
f0:63:b2:e7:ac:f0:a9:60:02:cd:2c:da:1c:a2:ac:18:8b:0a:
3f:c8:31:35:14:29:7d:af:f8:2f:52:c5:30:7b:c2:27:09:87:
e4:f3:92:65:64:ee:25:d3:5e:c8:d1:b7:36:71:76:6a:40:48:
87:ef:84:a4:9b:e7:b5:1f:f6:57:2e:e0:9d:8a:91:89:ac:51:
55:5e:0d:ae:b7:18:6f:37:20:93:12:54:f0:82:3d:e4:31:e7:
7c:e7:d2:fe:28:9f:a4:94:03:4a:51:65:6a:b2:8a:bd:56:0a:
57:1c:cd:39
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgIDAl+8MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDgyNjE3NDAxNloXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTkzNUQxMTAvBgNVBAUTKDYzNTkzMDlFRjQ5QjQ0NUY2RUI1MzMx
QkRGMEE5NEM1QzZFRkMzN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIHOaYFeRUDlgIG6uNktlzcF10oKN5kRYmCFz5XdIAxzt4dohQekz0UHWsUmg3
dszUCLnPkqPFktj+Dn01hJN0LfE6QNkV2MxUVaUl3Ty5TlFva/ZP6CEwhml9AXYG
bb3Jb78tFMI6b2x4u9y1ywiWiK7ZDQ1h5yJM/1EQosY7+iDIPvwP+669BuZnVeh8
zkkORA/QpiHhRlDfT6ciq+qGhN8xC2Yfe+D4I7+SyQxoXa9w6QPqPeBuUhbdqf1s
M471exZoNyzxuqsrv5p40E4LE3JCW19tRZvvmKQ+NYEHI6Yim9QpO2LZxSjGqj7E
3uD728rDR7mRvYg0DsyDpC+pAgMBAAGjggMsMIIDKDAdBgNVHQ4EFgQUY1kwnvSb
RF9utTMb3wqUxcbvw3swHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE5MzVEL0Y1MDBGNzI4OEFCODExRUI4NzA3RTExQUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBOTM1RC9GNTAwRjcyODhBQjgxMUVCODcwN0UxMUFDNEY5QUUwMi9ZMWt3bnZT
YlJGOXV0VE1iM3dxVXhjYnZ3M3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhZlMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAZ2CNAwQAZ217
AwQBZ22EMA8EAgACMAkDBwAgAQ3x3wAwDQYJKoZIhvcNAQELBQADggEBAGmbm/jJ
r+jOj0kDCnIxFPQ25n4bSAxMzCa/juSdpm4hDGqbP73ISlfVBMJD//1m18kg0buq
RzTuLko8eM0b4FGV1FCnRvw1mxMeUvfoHG2deeYmNnGu5PX14xVqhTTy9hgO45lK
x6Djyt57tmPMdgjATRuPk4UltGCjbFWToYeAg3XdUMwhec6YEXvhE4hpQfBjsues
8KlgAs0s2hyirBiLCj/IMTUUKX2v+C9SxTB7wicJh+TzkmVk7iXTXsjRtzZxdmpA
SIfvhKSb57Uf9lcu4J2KkYmsUVVeDa63GG83IJMSVPCCPeQx53zn0v4on6SUA0pR
ZWqyir1WClcczTk=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:10:05 2025 by rpki-client