Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cLDwRtLzp0OW6Cx56OPazyYLOe4.cer
File: cLDwRtLzp0OW6Cx56OPazyYLOe4.cer (raw, json)
Hash identifier: fj6jDC284n2iV+w+SaYa5Qc4o4HpUqLeWMgRxAJO1Pw=
Subject key identifier: 70:B0:F0:46:D2:F3:A7:43:96:E8:2C:79:E8:E3:DA:CF:26:0B:39:EE
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 024319
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A916B6AA/46C7F1724F1611E58D2A3327C4F9AE02/cLDwRtLzp0OW6Cx56OPazyYLOe4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A916B6AA/46C7F1724F1611E58D2A3327C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 01 May 2025 18:51:57 +0000
Certificate not after: Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 202.12.27.0/24
IP: 2001:200::/32
IP: 2001:dc3::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 11 May 2025 18:51:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148249 (0x24319)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 1 18:51:57 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=A916B6AA, serialNumber=70B0F046D2F3A74396E82C79E8E3DACF260B39EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b7:96:9f:de:3f:b5:85:f7:01:96:4d:89:54:
ed:59:cb:b1:a5:99:8a:77:8d:36:ce:83:35:23:a0:
44:a5:94:bc:b6:61:6a:a1:98:22:a0:1e:aa:b0:34:
c4:33:48:97:65:28:ea:dc:54:24:0b:f6:61:9f:71:
ee:71:b5:77:c5:5c:b7:a4:4e:e1:16:5f:9b:c2:86:
31:de:f2:d7:20:74:99:72:63:ae:d2:66:f9:f6:ee:
eb:7f:02:ca:80:19:b2:bd:37:ef:b1:bb:ce:bf:6b:
39:e0:31:6e:e1:c3:e4:e5:09:7b:2b:3c:d3:a3:e4:
6b:cf:e2:8d:9c:61:48:b0:de:e4:31:18:71:f8:2e:
80:b2:d5:4e:0e:7b:3a:61:57:31:25:bf:6f:b5:24:
79:76:20:18:e7:9e:c8:0b:fa:3a:82:6f:ba:d5:53:
4a:b6:03:c7:fb:46:a4:8c:dd:ae:aa:09:fa:69:a5:
0f:55:6f:a7:75:af:77:38:ca:bf:eb:1b:d6:f2:f9:
66:28:26:8c:37:35:85:e5:db:97:1d:c7:d9:04:b5:
34:5b:9e:b8:97:ed:44:a0:93:8a:80:a3:20:d9:8e:
21:69:cf:e0:55:7e:61:c2:b4:b7:6b:73:37:d8:11:
57:e4:fa:88:d3:58:f4:aa:a2:24:f9:0c:02:31:04:
e7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B0:F0:46:D2:F3:A7:43:96:E8:2C:79:E8:E3:DA:CF:26:0B:39:EE
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A916B6AA/46C7F1724F1611E58D2A3327C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A916B6AA/46C7F1724F1611E58D2A3327C4F9AE02/cLDwRtLzp0OW6Cx56OPazyYLOe4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.12.27.0/24
IPv6:
2001:200::/32
2001:dc3::/32
Signature Algorithm: sha256WithRSAEncryption
68:9c:3f:d3:79:2d:f2:7e:86:ae:18:b9:cd:1c:06:e1:5a:0e:
68:9c:39:8c:03:3f:7b:9e:9e:c5:f9:d7:34:90:40:94:57:aa:
65:90:e3:2e:f7:db:f7:ed:0b:ec:1d:dd:27:81:e9:e9:08:e1:
d7:58:ab:e5:43:0c:52:c7:0d:0c:bb:cf:a8:62:c4:49:f7:c3:
96:b2:49:cb:ed:5d:e1:cd:21:92:91:e4:77:34:49:13:ac:31:
26:71:17:5f:dd:68:f5:69:6e:9f:81:c1:23:88:8c:65:47:dc:
77:2e:d4:a1:a6:14:2f:07:f8:f0:77:0a:d3:47:3c:27:9b:72:
18:84:a9:57:13:65:32:f4:e0:e6:3b:9e:b9:6d:9a:76:a7:42:
a6:31:94:a6:2f:d9:35:9f:f1:f8:da:b5:22:fe:93:8d:13:7c:
a3:e5:10:53:43:d1:aa:c0:73:a9:82:2e:3e:83:92:eb:f3:3f:
15:42:0b:20:70:21:2c:4f:c5:f0:63:e6:6b:1f:fb:c6:20:75:
07:e9:ec:c2:28:d9:bd:67:d9:e8:41:fe:34:be:41:18:75:a3:
6a:d2:ba:39:68:6d:78:51:c8:fc:bd:3a:65:dc:63:c7:ec:70:
a2:f4:24:19:9a:db:65:86:5f:bb:9f:9f:ad:18:60:a1:a5:18:
c8:f3:b6:02
-----BEGIN CERTIFICATE-----
MIIGFDCCBPygAwIBAgIDAkMZMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUwMTE4NTE1N1oXDTI2MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNkI2QUExMTAvBgNVBAUTKDcwQjBGMDQ2RDJGM0E3NDM5NkU4MkM3
OUU4RTNEQUNGMjYwQjM5RUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBt5af3j+1hfcBlk2JVO1Zy7GlmYp3jTbOgzUjoESllLy2YWqhmCKgHqqwNMQz
SJdlKOrcVCQL9mGfce5xtXfFXLekTuEWX5vChjHe8tcgdJlyY67SZvn27ut/AsqA
GbK9N++xu86/azngMW7hw+TlCXsrPNOj5GvP4o2cYUiw3uQxGHH4LoCy1U4Oezph
VzElv2+1JHl2IBjnnsgL+jqCb7rVU0q2A8f7RqSM3a6qCfpppQ9Vb6d1r3c4yr/r
G9by+WYoJow3NYXl25cdx9kEtTRbnriX7USgk4qAoyDZjiFpz+BVfmHCtLdrczfY
EVfk+ojTWPSqoiT5DAIxBOerAgMBAAGjggMJMIIDBTAdBgNVHQ4EFgQUcLDwRtLz
p0OW6Cx56OPazyYLOe4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTZCNkFBLzQ2QzdGMTcyNEYxNjExRTU4RDJBMzMyN0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2QjZBQS80NkM3RjE3MjRGMTYxMUU1OEQyQTMzMjdDNEY5QUUwMi9jTER3UnRM
enAwT1c2Q3g1Nk9QYXp5WUxPZTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8EJjAk
MAwEAgABMAYDBADKDBswFAQCAAIwDgMFACABAgADBQAgAQ3DMA0GCSqGSIb3DQEB
CwUAA4IBAQBonD/TeS3yfoauGLnNHAbhWg5onDmMAz97np7F+dc0kECUV6plkOMu
99v37QvsHd0ngenpCOHXWKvlQwxSxw0Mu8+oYsRJ98OWsknL7V3hzSGSkeR3NEkT
rDEmcRdf3Wj1aW6fgcEjiIxlR9x3LtShphQvB/jwdwrTRzwnm3IYhKlXE2Uy9ODm
O565bZp2p0KmMZSmL9k1n/H42rUi/pONE3yj5RBTQ9GqwHOpgi4+g5Lr8z8VQgsg
cCEsT8XwY+ZrH/vGIHUH6ezCKNm9Z9noQf40vkEYdaNq0ro5aG14Ucj8vTpl3GPH
7HCi9CQZmttlhl+7n5+tGGChpRjI87YC
-----END CERTIFICATE-----
Generated at Sun May 4 21:31:43 2025 by rpki-client