Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_K1GEVffaBwFC9O-7qLqzfttUks.cer
File: _K1GEVffaBwFC9O-7qLqzfttUks.cer (raw, json)
Hash identifier: X6UHMXRUWfDdeL6CtXdIf8rUulSadxbggVwJY3n1hDE=
Subject key identifier: FC:AD:46:11:57:DF:68:1C:05:0B:D3:BE:EE:A2:EA:CD:FB:6D:52:4B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 024211
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91CE3C4/7692278A7F9711EBADDC5F15C4F9AE02/_K1GEVffaBwFC9O-7qLqzfttUks.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91CE3C4/7692278A7F9711EBADDC5F15C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 29 Apr 2025 02:37:25 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 17477
AS: 18349
AS: 55455
AS: 56183
AS: 136043
AS: 137214
AS: 140637
AS: 141230
IP: 103.7.164.0/22
IP: 103.232.116.0/22
IP: 119.161.32.0/20
IP: 124.47.128.0/18
IP: 125.7.0.0/17
IP: 163.47.60.0/22
IP: 163.47.92.0/22
IP: 202.2.92.0/22
IP: 202.191.48.0/21
IP: 203.12.216.0/23
IP: 203.15.95.0/24
IP: 203.22.107.0/24
IP: 203.26.130.0/24
IP: 203.110.128.0/19
IP: 210.193.128.0/17
IP: 2400:cc00::/32
IP: 2402:17c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 11 May 2025 18:51:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147985 (0x24211)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 29 02:37:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A91CE3C4, serialNumber=FCAD461157DF681C050BD3BEEEA2EACDFB6D524B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8a:bc:17:35:88:21:ee:80:b8:c5:cd:65:ff:
8b:2c:06:6b:dc:5b:68:ab:59:58:6e:1e:80:cb:d9:
f8:4d:66:9e:9b:af:52:4a:d8:2d:55:b6:f1:7b:91:
40:e7:c0:a8:8f:6c:3f:5c:7a:7b:35:9b:27:ee:63:
7f:28:6b:76:58:b9:e4:5d:6c:a0:f0:2e:fd:82:9c:
2c:11:28:e1:16:81:57:54:89:7c:b0:3d:06:08:84:
ff:2c:5f:4e:e2:31:5a:24:8f:b1:10:46:fb:1c:e5:
fc:2d:49:a6:a6:35:9f:db:50:75:6a:86:13:91:02:
e9:f5:df:d2:1f:5b:1e:a9:91:2a:e0:cf:bf:54:07:
02:71:49:11:fd:49:0f:a1:28:38:67:40:bd:ce:d0:
68:41:79:86:97:45:c9:61:9f:c9:a9:a7:c2:67:68:
92:01:62:62:f0:08:4e:63:99:5d:1a:ff:0e:30:40:
6c:b9:e9:96:30:72:8b:17:a7:3a:d8:01:9e:1c:e3:
76:15:29:2a:2c:04:08:42:e5:1b:89:7a:ae:9c:75:
8b:ac:b7:33:f1:5c:f9:1d:9f:f6:9d:c7:c1:3a:13:
c3:94:d6:f2:eb:4b:10:9d:30:94:94:94:f5:d1:e9:
96:31:90:3f:94:c1:cc:05:64:69:03:df:a1:76:16:
0b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:AD:46:11:57:DF:68:1C:05:0B:D3:BE:EE:A2:EA:CD:FB:6D:52:4B
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CE3C4/7692278A7F9711EBADDC5F15C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CE3C4/7692278A7F9711EBADDC5F15C4F9AE02/_K1GEVffaBwFC9O-7qLqzfttUks.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
17477
18349
55455
56183
136043
137214
140637
141230
sbgp-ipAddrBlock: critical
IPv4:
103.7.164.0/22
103.232.116.0/22
119.161.32.0/20
124.47.128.0/18
125.7.0.0/17
163.47.60.0/22
163.47.92.0/22
202.2.92.0/22
202.191.48.0/21
203.12.216.0/23
203.15.95.0/24
203.22.107.0/24
203.26.130.0/24
203.110.128.0/19
210.193.128.0/17
IPv6:
2400:cc00::/32
2402:17c0::/32
Signature Algorithm: sha256WithRSAEncryption
7e:03:77:28:74:41:29:5b:7a:c1:c4:61:71:31:ce:0b:37:8a:
53:63:58:8c:d7:72:95:04:df:b1:03:88:21:55:cf:5a:3a:e7:
69:63:59:21:0b:7c:56:6b:85:1b:8a:6a:a4:00:ee:ae:c7:d0:
37:e4:be:f5:53:3a:ed:87:c6:48:28:85:aa:f2:a9:ef:bb:fd:
4f:5e:20:a6:dd:69:65:44:78:01:17:95:ce:cd:0e:dc:84:06:
f4:e3:09:7c:c1:8f:b1:4f:29:47:54:f2:14:42:21:cf:52:8e:
c1:a2:fa:48:6d:98:91:9e:85:f2:b1:f7:e4:b6:b3:2a:4b:e7:
58:6e:15:77:85:13:68:a9:da:ab:03:d5:94:87:d8:fd:e0:13:
de:b5:cb:96:e0:04:29:2a:5b:bf:4b:48:f7:eb:5c:01:ea:3b:
b8:fe:32:b1:6c:01:dc:5d:9f:c8:6a:56:e0:8f:fd:8b:24:73:
59:6e:bd:02:26:3b:fc:53:95:f8:7d:5a:5d:4e:41:4d:4b:54:
a0:8d:c3:ff:9a:77:03:10:2b:80:e6:61:3c:3b:66:96:1b:e0:
9c:5b:b1:ab:21:a4:b7:55:73:33:0a:6a:34:34:0b:5b:40:55:
66:1e:1e:9a:37:97:15:cf:39:52:7b:6d:43:37:11:3f:06:14:
61:34:d9:45
-----BEGIN CERTIFICATE-----
MIIGpjCCBY6gAwIBAgIDAkIRMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDQyOTAyMzcyNVoXDTI2MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQ0UzQzQxMTAvBgNVBAUTKEZDQUQ0NjExNTdERjY4MUMwNTBCRDNC
RUVFQTJFQUNERkI2RDUyNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC4irwXNYgh7oC4xc1l/4ssBmvcW2irWVhuHoDL2fhNZp6br1JK2C1VtvF7kUDn
wKiPbD9cens1myfuY38oa3ZYueRdbKDwLv2CnCwRKOEWgVdUiXywPQYIhP8sX07i
MVokj7EQRvsc5fwtSaamNZ/bUHVqhhORAun139IfWx6pkSrgz79UBwJxSRH9SQ+h
KDhnQL3O0GhBeYaXRclhn8mpp8JnaJIBYmLwCE5jmV0a/w4wQGy56ZYwcosXpzrY
AZ4c43YVKSosBAhC5RuJeq6cdYustzPxXPkdn/adx8E6E8OU1vLrSxCdMJSUlPXR
6ZYxkD+UwcwFZGkD36F2FgtXAgMBAAGjggObMIIDlzAdBgNVHQ4EFgQU/K1GEVff
aBwFC9O+7qLqzfttUkswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNFM0M0Lzc2OTIyNzhBN0Y5NzExRUJBRERDNUYxNUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDRTNDNC83NjkyMjc4QTdGOTcxMUVCQUREQzVGMTVDNEY5QUUwMi9fSzFHRVZm
ZmFCd0ZDOU8tN3FMcXpmdHRVa3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQgBAf8ELDAq
oCgwJgICREUCAketAgMA2J8CAwDbdwIDAhNrAgMCF/4CAwIlXQIDAieuMIGJBggr
BgEFBQcBBwEB/wR6MHgwYAQCAAEwWgMEAmcHpAMEAmfodAMEBHehIAMEBnwvgAME
B30HAAMEAqMvPAMEAqMvXAMEAsoCXAMEA8q/MAMEAcsM2AMEAMsPXwMEAMsWawME
AMsaggMEBctugAMEB9LBgDAUBAIAAjAOAwUAJADMAAMFACQCF8AwDQYJKoZIhvcN
AQELBQADggEBAH4Ddyh0QSlbesHEYXExzgs3ilNjWIzXcpUE37EDiCFVz1o652lj
WSELfFZrhRuKaqQA7q7H0DfkvvVTOu2Hxkgoharyqe+7/U9eIKbdaWVEeAEXlc7N
DtyEBvTjCXzBj7FPKUdU8hRCIc9SjsGi+khtmJGehfKx9+S2sypL51huFXeFE2ip
2qsD1ZSH2P3gE961y5bgBCkqW79LSPfrXAHqO7j+MrFsAdxdn8hqVuCP/Yskc1lu
vQImO/xTlfh9Wl1OQU1LVKCNw/+adwMQK4DmYTw7ZpYb4JxbsashpLdVczMKajQ0
C1tAVWYeHpo3lxXPOVJ7bUM3ET8GFGE02UU=
-----END CERTIFICATE-----
Generated at Sun May 4 21:25:14 2025 by rpki-client