Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YVa-ygMQxwC4tK9DxHLXIr9uFpQ.cer
File: YVa-ygMQxwC4tK9DxHLXIr9uFpQ.cer (raw, json)
Hash identifier: JJUBe0GqzXK0KfcN9ZrpL+BL86zogEr39koCPVa37Qc=
Subject key identifier: 61:56:BE:CA:03:10:C7:00:B8:B4:AF:43:C4:72:D7:22:BF:6E:16:94
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02A5A7
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.sub.apnic.net/repository/A912C2530000/0/6156BECA0310C700B8B4AF43C472D722BF6E1694.mft
caRepository: rsync://rpki.sub.apnic.net/repository/A912C2530000/0/
Notify URL: https://rrdp.sub.apnic.net/notification.xml
Certificate not before: Sat 21 Mar 2026 12:38:55 +0000
Certificate not after: Fri 28 May 2027 00:00:00 +0000
Subordinate resources: IP: 14.137.224.0/19
IP: 163.128.72.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 04 Apr 2026 06:24:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173479 (0x2a5a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Mar 21 12:38:55 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=A912C2530000, serialNumber=6156BECA0310C700B8B4AF43C472D722BF6E1694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:15:65:81:3e:99:06:75:ca:1d:e0:b7:06:62:
50:f1:24:8b:76:37:3a:58:75:be:f2:2b:6d:0a:ff:
da:91:81:d2:72:78:ac:47:04:4a:a6:d5:89:0a:74:
26:d5:d4:09:f8:0e:5a:e1:3b:da:cb:f7:af:2e:a1:
95:12:25:b1:c0:93:91:bf:5c:91:89:e7:e7:54:1e:
c9:81:81:9e:2d:87:74:50:3a:f7:c7:c1:59:1e:7b:
b0:43:7f:5d:e8:aa:1f:7d:59:59:72:c4:08:17:50:
e5:d1:9b:2e:4e:c8:29:fd:f5:f2:83:1b:e6:dc:82:
dc:96:20:57:8d:8c:37:e6:03:c7:06:1a:20:9d:ca:
a9:02:2e:12:2a:2a:fb:a1:8c:e5:1b:4e:ad:d5:6a:
0f:50:b8:20:d0:35:e5:42:b2:0c:5e:32:89:3f:46:
b7:d9:25:80:53:32:c4:30:b5:ac:a5:66:19:d1:67:
57:e4:48:48:80:56:74:64:2d:ef:c4:2e:24:ad:e1:
c8:24:bd:2a:5a:49:c6:bb:8b:6f:98:7b:71:60:2c:
91:d5:14:7f:9b:97:d7:ff:22:a2:e7:f2:4b:cd:0d:
a5:7b:9c:24:2e:97:fd:a2:ec:b3:e0:88:b6:38:82:
6b:93:d2:ad:51:13:4f:07:39:fc:97:e8:6e:9d:ee:
aa:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:56:BE:CA:03:10:C7:00:B8:B4:AF:43:C4:72:D7:22:BF:6E:16:94
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.sub.apnic.net/repository/A912C2530000/0/
RPKI Manifest - URI:rsync://rpki.sub.apnic.net/repository/A912C2530000/0/6156BECA0310C700B8B4AF43C472D722BF6E1694.mft
RPKI Notify - URI:https://rrdp.sub.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.137.224.0/19
163.128.72.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:30:ca:d9:2f:3e:04:f7:be:e0:7d:48:28:de:97:90:56:db:
6c:0a:12:1b:2b:5d:d3:9e:60:fb:0b:0c:ce:45:2c:d9:91:90:
60:65:99:90:2d:88:68:fc:0e:d6:0f:f6:2e:30:05:30:56:c4:
38:95:b0:10:66:8a:4a:aa:a3:3d:b7:0c:f0:9a:dc:75:76:d5:
45:88:c2:10:4b:b5:0a:46:5d:3a:5b:6b:37:0b:8d:69:97:9a:
ad:34:14:f5:48:ff:f0:84:dd:3e:a3:80:1d:d9:40:28:2b:a0:
72:dc:1a:0f:13:0c:d9:21:88:9c:e8:75:d6:4a:86:85:82:19:
8a:ba:a6:5a:d0:2d:32:73:73:42:a7:0e:de:ab:f5:2c:37:02:
f7:70:88:d5:9e:52:d9:d6:4a:91:9e:4c:f9:31:b1:d2:49:74:
f1:93:1c:49:78:4e:77:80:76:bc:b6:81:ba:c6:80:38:76:23:
be:10:7b:0a:fa:1a:05:be:19:be:51:9f:1f:d6:82:ac:c0:ad:
62:b8:18:53:04:9a:cb:02:66:95:6c:f0:f1:97:ac:99:ce:a3:
21:fa:6c:05:9d:8f:2b:ac:21:75:e6:32:58:9a:99:4e:8d:1b:
86:60:7f:c6:25:eb:38:70:76:26:98:85:ff:26:db:de:03:56:
5a:ee:45:ee
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgIDAqWnMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDMyMTEyMzg1NVoXDTI3MDUyODAwMDAwMFowSjEVMBMG
A1UEAxMMQTkxMkMyNTMwMDAwMTEwLwYDVQQFEyg2MTU2QkVDQTAzMTBDNzAwQjhC
NEFGNDNDNDcyRDcyMkJGNkUxNjk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0BVlgT6ZBnXKHeC3BmJQ8SSLdjc6WHW+8ittCv/akYHScnisRwRKptWJ
CnQm1dQJ+A5a4Tvay/evLqGVEiWxwJORv1yRiefnVB7JgYGeLYd0UDr3x8FZHnuw
Q39d6KoffVlZcsQIF1Dl0ZsuTsgp/fXygxvm3ILcliBXjYw35gPHBhogncqpAi4S
Kir7oYzlG06t1WoPULgg0DXlQrIMXjKJP0a32SWAUzLEMLWspWYZ0WdX5EhIgFZ0
ZC3vxC4kreHIJL0qWknGu4tvmHtxYCyR1RR/m5fX/yKi5/JLzQ2le5wkLpf9ouyz
4Ii2OIJrk9KtURNPBzn8l+hune6qAQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFGFW
vsoDEMcAuLSvQ8Ry1yK/bhaUMB8GA1UdIwQYMBaAFA5lpPX9NrW9aOs8kjQIl4yQ
eqefMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1
ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9EbVdrOWYwMnRiMW82enlTTkFpWGpK
QjZwNTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3RTExRTdBOTZBMzk1
MjFBNEY0RkI0L0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1OC5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMIH7BggrBgEFBQcBCwSB7jCB6zBBBggrBgEF
BQcwBYY1cnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTEy
QzI1MzAwMDAvMC8wbQYIKwYBBQUHMAqGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMu
bmV0L3JlcG9zaXRvcnkvQTkxMkMyNTMwMDAwLzAvNjE1NkJFQ0EwMzEwQzcwMEI4
QjRBRjQzQzQ3MkQ3MjJCRjZFMTY5NC5tZnQwNwYIKwYBBQUHMA2GK2h0dHBzOi8v
cnJkcC5zdWIuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcB
Af8EFjAUMBIEAgABMAwDBAUOieADBAGjgEgwDQYJKoZIhvcNAQELBQADggEBAA4w
ytkvPgT3vuB9SCjel5BW22wKEhsrXdOeYPsLDM5FLNmRkGBlmZAtiGj8DtYP9i4w
BTBWxDiVsBBmikqqoz23DPCa3HV21UWIwhBLtQpGXTpbazcLjWmXmq00FPVI//CE
3T6jgB3ZQCgroHLcGg8TDNkhiJzoddZKhoWCGYq6plrQLTJzc0KnDt6r9Sw3Avdw
iNWeUtnWSpGeTPkxsdJJdPGTHEl4TneAdry2gbrGgDh2I74Qewr6GgW+Gb5Rnx/W
gqzArWK4GFMEmssCZpVs8PGXrJnOoyH6bAWdjyusIXXmMliamU6NG4Zgf8Yl6zhw
diaYhf8m294DVlruRe4=
-----END CERTIFICATE-----
Generated at Sat Mar 28 08:49:00 2026 by rpki-client