Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hrKx0eeCRIuE9pgY8WofcHtUyGw.cer
File: hrKx0eeCRIuE9pgY8WofcHtUyGw.cer (raw, json)
Hash identifier: dn//sA5W8qZWp+FGxUTViSThuB/5/pQ2g24hOQeAv3c=
Subject key identifier: 86:B2:B1:D1:E7:82:44:8B:84:F6:98:18:F1:6A:1F:70:7B:54:C8:6C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02456F
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91EC979/ED633E865FD911EBA30EE37BC4F9AE02/hrKx0eeCRIuE9pgY8WofcHtUyGw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91EC979/ED633E865FD911EBA30EE37BC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sat 10 May 2025 00:24:00 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 138675
IP: 103.136.104.0/22
IP: 2404:90c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 17 May 2025 18:24:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148847 (0x2456f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 10 00:24:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A91EC979, serialNumber=86B2B1D1E782448B84F69818F16A1F707B54C86C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:8f:de:da:bd:05:a3:f8:f5:7a:40:78:33:c8:
1b:e3:aa:47:03:65:51:de:bf:68:18:e8:47:9b:81:
c0:fe:70:a6:4d:01:77:80:40:69:63:a7:b0:a4:98:
10:ab:ba:a8:7c:33:e8:d2:e7:e6:ad:6b:57:a5:7f:
98:d8:cb:03:57:97:6c:cb:86:aa:f1:ed:89:c9:b5:
83:7c:5d:1b:c2:6f:3b:4b:6b:d2:70:67:77:bf:e5:
1a:e6:d2:b5:50:de:55:6d:11:b6:91:48:f6:a4:90:
db:76:52:a8:d8:ae:46:cf:c4:d8:a4:38:97:6f:89:
9f:e9:9d:aa:53:93:7d:a0:32:bb:56:6d:b4:14:83:
35:41:9e:38:b3:fd:0f:69:de:8e:8b:8e:fd:6a:33:
0c:0d:ea:a0:24:64:7e:ea:18:81:df:ed:67:1c:b8:
95:b8:63:70:39:56:43:14:97:ee:31:9e:67:f1:43:
52:83:c2:ac:5f:c8:ab:f6:8a:f3:ee:21:2b:95:ee:
74:03:bc:36:84:88:d7:db:41:db:60:51:30:aa:11:
2d:4e:74:61:09:6c:53:61:15:43:c1:c4:0f:a3:d8:
6f:85:bc:50:6b:4a:58:f6:8f:de:2d:8e:97:6c:ca:
1c:a8:a7:b4:12:f8:c9:d4:5e:2c:89:4c:24:be:58:
9c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B2:B1:D1:E7:82:44:8B:84:F6:98:18:F1:6A:1F:70:7B:54:C8:6C
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91EC979/ED633E865FD911EBA30EE37BC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91EC979/ED633E865FD911EBA30EE37BC4F9AE02/hrKx0eeCRIuE9pgY8WofcHtUyGw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
138675
sbgp-ipAddrBlock: critical
IPv4:
103.136.104.0/22
IPv6:
2404:90c0::/32
Signature Algorithm: sha256WithRSAEncryption
32:1c:c3:9e:f6:5e:ac:ba:b9:bc:29:30:e2:fc:a7:9e:82:f7:
76:24:03:0b:2d:ed:6c:37:93:c8:57:15:25:77:77:0b:21:77:
c7:a8:72:00:3e:d3:15:f9:14:f8:cc:50:75:c2:10:d4:f2:3f:
46:13:54:81:b9:92:42:dc:7c:eb:94:e3:a7:d0:e0:f0:cb:bf:
0b:13:a6:33:d8:11:17:41:9b:36:75:7a:2d:19:17:fc:4c:50:
ee:78:87:b6:d4:36:ef:f5:57:26:09:17:44:12:21:7e:6a:bf:
16:83:65:41:32:b6:6f:14:69:6a:d4:95:f4:27:51:73:c7:cd:
c3:5b:01:33:73:57:2f:89:cb:06:4f:1d:ec:e5:50:da:2d:cd:
ab:37:2b:d9:09:0b:cc:63:54:2f:b5:24:6f:08:bc:e1:23:91:
e4:ab:72:27:f7:8e:99:8f:76:6f:e1:9f:c0:da:a0:65:98:b4:
1c:66:71:fb:23:db:ab:50:a3:8c:36:31:28:c4:91:c7:f3:3d:
48:ea:aa:9c:16:4a:a1:88:3d:74:8b:8d:67:4e:da:9d:d0:a2:
79:b4:9e:62:98:fe:2e:3f:84:8d:73:e7:79:7c:d8:4a:36:41:
7c:f4:21:8a:43:39:b6:49:a3:70:91:19:e2:c8:19:2d:26:ad:
bd:f4:ec:4e
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAkVvMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUxMDAwMjQwMFoXDTI2MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRUM5NzkxMTAvBgNVBAUTKDg2QjJCMUQxRTc4MjQ0OEI4NEY2OTgx
OEYxNkExRjcwN0I1NEM4NkMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDuj97avQWj+PV6QHgzyBvjqkcDZVHev2gY6EebgcD+cKZNAXeAQGljp7CkmBCr
uqh8M+jS5+ata1elf5jYywNXl2zLhqrx7YnJtYN8XRvCbztLa9JwZ3e/5Rrm0rVQ
3lVtEbaRSPakkNt2UqjYrkbPxNikOJdviZ/pnapTk32gMrtWbbQUgzVBnjiz/Q9p
3o6Ljv1qMwwN6qAkZH7qGIHf7WccuJW4Y3A5VkMUl+4xnmfxQ1KDwqxfyKv2ivPu
ISuV7nQDvDaEiNfbQdtgUTCqES1OdGEJbFNhFUPBxA+j2G+FvFBrSlj2j94tjpds
yhyop7QS+MnUXiyJTCS+WJzVAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUhrKx0eeC
RIuE9pgY8WofcHtUyGwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUVDOTc5L0VENjMzRTg2NUZEOTExRUJBMzBFRTM3QkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFQzk3OS9FRDYzM0U4NjVGRDkxMUVCQTMwRUUzN0JDNEY5QUUwMi9ockt4MGVl
Q1JJdUU5cGdZOFdvZmNIdFV5R3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAh2zMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ4hoMA0EAgAC
MAcDBQAkBJDAMA0GCSqGSIb3DQEBCwUAA4IBAQAyHMOe9l6surm8KTDi/Keegvd2
JAMLLe1sN5PIVxUld3cLIXfHqHIAPtMV+RT4zFB1whDU8j9GE1SBuZJC3HzrlOOn
0ODwy78LE6Yz2BEXQZs2dXotGRf8TFDueIe21Dbv9VcmCRdEEiF+ar8Wg2VBMrZv
FGlq1JX0J1Fzx83DWwEzc1cvicsGTx3s5VDaLc2rNyvZCQvMY1QvtSRvCLzhI5Hk
q3In946Zj3Zv4Z/A2qBlmLQcZnH7I9urUKOMNjEoxJHH8z1I6qqcFkqhiD10i41n
Ttqd0KJ5tJ5imP4uP4SNc+d5fNhKNkF89CGKQzm2SaNwkRniyBktJq299OxO
-----END CERTIFICATE-----
Generated at Sat May 10 20:45:29 2025 by rpki-client