Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0ZKhG930cTTZqMGuAaTn88qYBo.cer
File: d0ZKhG930cTTZqMGuAaTn88qYBo.cer (raw, json)
Hash identifier: tVJkj1m4p8i2FWeTovVBfW9bfeflyeyPnKUCIgkSfRo=
Subject key identifier: 77:46:4A:84:6F:77:D1:C4:D3:66:A3:06:B8:06:93:9F:CF:2A:60:1A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 026902
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91B74D6/DE22AD240CDF11EF9484E62AC4F9AE02/d0ZKhG930cTTZqMGuAaTn88qYBo.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91B74D6/DE22AD240CDF11EF9484E62AC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 01 Oct 2025 05:50:54 +0000
Certificate not after: Tue 01 Dec 2026 00:00:00 +0000
Subordinate resources: AS: 24298
AS: 136961
IP: 103.123.144.0/22
IP: 202.60.8.0/21
IP: 2401:ab40::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 26 Oct 2025 20:17:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157954 (0x26902)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 1 05:50:54 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=A91B74D6, serialNumber=77464A846F77D1C4D366A306B806939FCF2A601A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9e:9e:26:c6:ac:93:18:35:93:d0:6c:56:94:
8d:09:5d:f5:6c:40:59:b4:6c:11:ea:1b:c3:48:6d:
39:7b:60:1f:20:90:3f:9c:dc:83:97:26:b9:6d:0b:
3d:ee:d2:b8:4c:eb:b7:f0:1c:e6:62:63:22:2e:24:
aa:5e:79:c9:34:50:f2:91:a7:3c:2e:44:f5:2f:e5:
24:a8:22:42:4a:33:33:b7:92:a2:85:c0:3f:9d:56:
1c:9e:a1:55:2b:a5:74:cb:36:02:14:3c:fe:19:e2:
3d:06:e2:af:3e:7e:dc:e3:f2:b8:28:33:bf:1f:e4:
b9:86:16:94:d3:ca:85:4d:81:2e:a6:d6:d7:12:4b:
e8:f9:88:0e:f9:39:4c:8c:30:48:91:48:ac:85:21:
25:85:04:bf:63:3d:a1:56:cd:04:16:c2:43:3a:e0:
2d:fd:d4:a8:23:62:aa:29:c2:99:24:9b:e6:56:95:
28:76:22:53:0e:c0:ca:15:22:67:3a:e5:37:b8:b3:
5a:58:73:90:39:0d:f2:a5:41:e1:5a:b9:fe:68:95:
71:16:f9:4f:9b:4c:c1:a8:d4:1b:02:f6:3c:16:02:
f5:ae:fc:ac:04:2f:b6:75:8d:ee:8d:47:0f:04:7c:
30:37:8b:72:00:40:cc:10:df:99:ab:df:f4:c1:fd:
4f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:46:4A:84:6F:77:D1:C4:D3:66:A3:06:B8:06:93:9F:CF:2A:60:1A
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B74D6/DE22AD240CDF11EF9484E62AC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B74D6/DE22AD240CDF11EF9484E62AC4F9AE02/d0ZKhG930cTTZqMGuAaTn88qYBo.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24298
136961
sbgp-ipAddrBlock: critical
IPv4:
103.123.144.0/22
202.60.8.0/21
IPv6:
2401:ab40::/32
Signature Algorithm: sha256WithRSAEncryption
8a:e6:ee:6d:0e:5d:52:57:39:80:45:94:b9:d8:43:74:a7:b5:
2f:a6:65:1e:4a:35:59:5f:e7:0d:7d:a7:cf:ea:4f:b2:a2:93:
df:7d:40:27:e8:64:1f:e7:b6:59:c7:c3:b0:95:91:87:4d:53:
4b:0e:73:64:74:24:3d:79:9a:3b:be:d5:67:7b:00:7f:7e:4c:
4b:0b:70:33:aa:b3:30:c0:0d:f8:07:b1:74:65:41:9a:11:97:
3f:c1:84:f1:0e:46:59:85:ef:db:23:49:92:6e:6c:91:28:23:
fe:ae:1a:fc:ca:30:0a:3d:80:b6:77:19:a5:92:10:1c:57:f1:
ea:8c:c6:0a:cb:09:6a:61:bb:e6:65:6e:8d:e5:41:71:f7:e9:
f5:4c:22:bb:ab:6e:db:bf:45:70:c1:08:64:47:7c:d3:2e:18:
6b:7f:ce:17:81:bb:a7:49:20:0f:97:c6:40:7d:3b:0d:c3:24:
d3:50:21:5f:6b:ec:3a:44:d0:01:f4:20:85:4a:6a:e4:1e:df:
32:28:ec:8b:e2:15:25:8e:97:36:c8:18:73:6a:81:dc:08:99:
c9:61:61:d0:d2:f4:fb:a2:f5:47:85:bc:e8:2e:39:68:d9:ac:
10:d4:1b:27:ee:5b:a3:40:4a:23:97:55:36:7b:33:3f:0f:0a:
ed:b3:27:a7
-----BEGIN CERTIFICATE-----
MIIGMzCCBRugAwIBAgIDAmkCMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MTAwMTA1NTA1NFoXDTI2MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjc0RDYxMTAvBgNVBAUTKDc3NDY0QTg0NkY3N0QxQzREMzY2QTMw
NkI4MDY5MzlGQ0YyQTYwMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCknp4mxqyTGDWT0GxWlI0JXfVsQFm0bBHqG8NIbTl7YB8gkD+c3IOXJrltCz3u
0rhM67fwHOZiYyIuJKpeeck0UPKRpzwuRPUv5SSoIkJKMzO3kqKFwD+dVhyeoVUr
pXTLNgIUPP4Z4j0G4q8+ftzj8rgoM78f5LmGFpTTyoVNgS6m1tcSS+j5iA75OUyM
MEiRSKyFISWFBL9jPaFWzQQWwkM64C391KgjYqopwpkkm+ZWlSh2IlMOwMoVImc6
5Te4s1pYc5A5DfKlQeFauf5olXEW+U+bTMGo1BsC9jwWAvWu/KwEL7Z1je6NRw8E
fDA3i3IAQMwQ35mr3/TB/U/nAgMBAAGjggMoMIIDJDAdBgNVHQ4EFgQUd0ZKhG93
0cTTZqMGuAaTn88qYBowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUI3NEQ2L0RFMjJBRDI0MENERjExRUY5NDg0RTYyQUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCNzRENi9ERTIyQUQyNDBDREYxMUVGOTQ4NEU2MkFDNEY5QUUwMi9kMFpLaEc5
MzBjVFRacU1HdUFhVG44OHFZQm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQgBAf8EDzAN
oAswCQICXuoCAwIXATA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAmd7kAME
A8o8CDANBAIAAjAHAwUAJAGrQDANBgkqhkiG9w0BAQsFAAOCAQEAiububQ5dUlc5
gEWUudhDdKe1L6ZlHko1WV/nDX2nz+pPsqKT331AJ+hkH+e2WcfDsJWRh01TSw5z
ZHQkPXmaO77VZ3sAf35MSwtwM6qzMMAN+AexdGVBmhGXP8GE8Q5GWYXv2yNJkm5s
kSgj/q4a/MowCj2AtncZpZIQHFfx6ozGCssJamG75mVujeVBcffp9Uwiu6tu279F
cMEIZEd80y4Ya3/OF4G7p0kgD5fGQH07DcMk01AhX2vsOkTQAfQghUpq5B7fMijs
i+IVJY6XNsgYc2qB3AiZyWFh0NL0+6L1R4W86C45aNmsENQbJ+5bo0BKI5dVNnsz
Pw8K7bMnpw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:45:58 2025 by rpki-client