Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nWx1DOA5PCAKv4pnHB8sIGoMtHE.cer
File: nWx1DOA5PCAKv4pnHB8sIGoMtHE.cer (raw, json)
Hash identifier: 3rYJ+mQNaaJT3vnmLkiVJTwGm70plo0Y7xJh+XV8YRI=
Subject key identifier: 9D:6C:75:0C:E0:39:3C:20:0A:BF:8A:67:1C:1F:2C:20:6A:0C:B4:71
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0244A3
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91113E7/9D3A20002F5611EFA23E5A23C4F9AE02/nWx1DOA5PCAKv4pnHB8sIGoMtHE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91113E7/9D3A20002F5611EFA23E5A23C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 07 May 2025 05:15:41 +0000
Certificate not after: Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 152703
IP: 103.16.4.0/23
IP: 2401:9520::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 17 May 2025 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148643 (0x244a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 7 05:15:41 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=A91113E7, serialNumber=9D6C750CE0393C200ABF8A671C1F2C206A0CB471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:17:a9:7f:4e:dc:87:b9:a0:9f:7c:8f:ef:e9:
f8:ae:a2:2a:75:74:25:12:ee:ae:ef:63:f9:1a:16:
c8:75:0a:e8:e9:0d:15:56:0a:60:d1:b3:30:0e:8a:
f4:69:d3:57:63:e3:0e:dc:2c:b8:44:55:26:fb:b3:
54:4b:48:c1:37:00:e8:9c:c2:20:22:5d:d0:6a:e5:
22:84:58:5b:81:78:54:b8:b4:08:8e:88:21:f5:1f:
22:85:13:e7:40:02:d8:69:0d:36:9b:59:85:ec:c2:
46:72:38:aa:25:38:45:37:42:06:f6:17:e7:1b:a6:
e2:e9:0d:ca:9e:45:7e:4e:b3:e9:3d:3e:46:26:e9:
a3:2e:3a:2b:20:78:f2:18:8a:e7:bb:3f:50:ad:6e:
6f:6d:ba:25:a1:8e:a7:76:09:ee:34:47:b5:ab:7c:
07:a1:d3:8c:ad:52:e6:8c:15:b7:bf:78:38:22:a4:
ec:26:62:5d:ce:c8:25:90:cb:e0:74:c8:9b:c3:8a:
14:54:be:9c:34:15:7b:c6:dd:b9:81:7f:b9:0f:74:
ce:d5:60:ac:1c:5b:5f:d3:05:62:5a:5c:3c:c1:07:
4b:b9:8a:76:94:98:40:98:0b:a9:86:96:1d:94:ad:
a2:17:0b:1a:a0:20:fc:5d:48:19:32:0a:25:ba:eb:
27:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:6C:75:0C:E0:39:3C:20:0A:BF:8A:67:1C:1F:2C:20:6A:0C:B4:71
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91113E7/9D3A20002F5611EFA23E5A23C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91113E7/9D3A20002F5611EFA23E5A23C4F9AE02/nWx1DOA5PCAKv4pnHB8sIGoMtHE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
152703
sbgp-ipAddrBlock: critical
IPv4:
103.16.4.0/23
IPv6:
2401:9520::/32
Signature Algorithm: sha256WithRSAEncryption
d2:9b:db:75:b6:32:a2:d3:38:ef:c2:6f:e3:d7:93:d7:37:13:
c7:d8:c9:89:82:5c:7b:ca:01:7f:ab:9a:7e:61:ea:a7:36:a0:
ef:0f:ba:66:03:fb:e6:7c:8f:da:6b:5a:13:70:35:54:4a:60:
01:9d:01:08:0e:4c:97:db:a5:94:bc:35:5f:ca:f1:55:b9:eb:
98:2b:5b:1a:cc:e4:c2:6f:ab:41:3d:9b:05:b5:17:b3:02:37:
13:e7:ce:3b:62:34:b5:82:fa:a1:5d:8b:fa:01:e5:d0:78:0d:
ef:0d:e0:10:a5:29:57:57:41:83:f5:c5:6c:b9:d3:8e:db:ce:
fe:a1:c2:b1:ee:15:e5:fe:e1:7f:93:68:0d:ac:c9:49:7f:50:
5c:aa:a6:91:39:7e:1c:52:ae:27:e1:1a:ae:96:56:06:49:1f:
bd:38:7c:a3:1a:1e:5a:b2:9e:8e:f8:0d:e5:16:c3:93:c0:9f:
5e:76:f5:20:f0:d5:8c:d7:83:1e:e7:d9:83:64:c0:46:c6:34:
34:61:45:a8:f9:64:a8:be:22:55:34:b2:2c:8d:82:14:d7:e7:
94:b8:0e:1d:35:c2:b5:36:f7:e5:fc:c4:3d:af:d5:86:92:d3:
8a:e1:99:cb:ce:c3:e1:2f:85:ec:84:38:c4:b1:21:8f:47:48:
e8:93:6c:ca
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAkSjMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUwNzA1MTU0MVoXDTI2MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTEzRTcxMTAvBgNVBAUTKDlENkM3NTBDRTAzOTNDMjAwQUJGOEE2
NzFDMUYyQzIwNkEwQ0I0NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCxF6l/TtyHuaCffI/v6fiuoip1dCUS7q7vY/kaFsh1CujpDRVWCmDRszAOivRp
01dj4w7cLLhEVSb7s1RLSME3AOicwiAiXdBq5SKEWFuBeFS4tAiOiCH1HyKFE+dA
AthpDTabWYXswkZyOKolOEU3Qgb2F+cbpuLpDcqeRX5Os+k9PkYm6aMuOisgePIY
iue7P1Ctbm9tuiWhjqd2Ce40R7WrfAeh04ytUuaMFbe/eDgipOwmYl3OyCWQy+B0
yJvDihRUvpw0FXvG3bmBf7kPdM7VYKwcW1/TBWJaXDzBB0u5inaUmECYC6mGlh2U
raIXCxqgIPxdSBkyCiW66ydfAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUnWx1DOA5
PCAKv4pnHB8sIGoMtHEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTExM0U3LzlEM0EyMDAwMkY1NjExRUZBMjNFNUEyM0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExMTNFNy85RDNBMjAwMDJGNTYxMUVGQTIzRTVBMjNDNEY5QUUwMi9uV3gxRE9B
NVBDQUt2NHBuSEI4c0lHb010SEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlR/MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZxAEMA0EAgAC
MAcDBQAkAZUgMA0GCSqGSIb3DQEBCwUAA4IBAQDSm9t1tjKi0zjvwm/j15PXNxPH
2MmJglx7ygF/q5p+YeqnNqDvD7pmA/vmfI/aa1oTcDVUSmABnQEIDkyX26WUvDVf
yvFVueuYK1sazOTCb6tBPZsFtRezAjcT5847YjS1gvqhXYv6AeXQeA3vDeAQpSlX
V0GD9cVsudOO287+ocKx7hXl/uF/k2gNrMlJf1BcqqaROX4cUq4n4RqullYGSR+9
OHyjGh5asp6O+A3lFsOTwJ9edvUg8NWM14Me59mDZMBGxjQ0YUWo+WSoviJVNLIs
jYIU1+eUuA4dNcK1Nvfl/MQ9r9WGktOK4ZnLzsPhL4XshDjEsSGPR0jok2zK
-----END CERTIFICATE-----
Generated at Sat May 10 09:52:58 2025 by rpki-client