Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvPmBKY_LO9L3eN9yokNBFGWeuw.cer
File: nvPmBKY_LO9L3eN9yokNBFGWeuw.cer (raw, json)
Hash identifier: e4mn1FuVHu2XwVrKUnEOdbAPvNdNjPdmzpFZ61IhHxI=
Subject key identifier: 9E:F3:E6:04:A6:3F:2C:EF:4B:DD:E3:7D:CA:89:0D:04:51:96:7A:EC
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0251F8
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91EB002/E24F8234022E11EF856F5132C4F9AE02/nvPmBKY_LO9L3eN9yokNBFGWeuw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91EB002/E24F8234022E11EF856F5132C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 01 Jul 2025 06:02:01 +0000
Certificate not after: Thu 30 Oct 2025 00:00:00 +0000
Subordinate resources: AS: 152714
IP: 103.40.166.0/23
IP: 2001:df3:b8c0::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 08 Jul 2025 15:45:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152056 (0x251f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 1 06:02:01 2025 GMT
Not After : Oct 30 00:00:00 2025 GMT
Subject: CN=A91EB002, serialNumber=9EF3E604A63F2CEF4BDDE37DCA890D0451967AEC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e0:ec:f2:7f:80:77:df:5e:73:7e:7a:4d:41:
f7:6f:66:81:53:de:a0:27:66:e9:b0:f0:67:0c:af:
a7:d9:49:0c:15:8a:74:21:f8:40:6a:d7:1a:00:ab:
63:46:93:42:98:9e:f1:2f:4c:9e:ce:35:b0:ca:fa:
61:2c:bc:35:a1:da:4a:ed:69:40:14:e4:a1:ff:83:
eb:8b:72:0c:3f:f1:09:37:4c:a2:1c:bd:9d:59:2b:
c9:86:f6:be:b2:cf:97:98:fa:7f:02:97:6e:cc:b1:
6d:f8:13:26:18:66:d8:fc:92:39:b4:b2:9e:f6:d0:
2b:1f:3b:2e:7e:f0:7c:14:dd:76:37:02:79:51:17:
61:fe:95:53:37:c9:98:c4:8b:f8:15:a9:07:9f:99:
bf:67:3f:e2:ad:0e:9a:10:62:f0:93:2d:d8:d2:29:
b5:e0:cf:ca:65:53:f6:13:0f:dc:de:d1:1a:35:91:
b3:a1:96:51:11:09:42:61:3a:81:ea:84:54:38:33:
2e:89:f2:53:16:31:07:ab:f8:45:98:b5:c9:44:80:
6e:97:74:a5:36:67:5d:95:7b:0e:8c:62:14:e6:90:
06:b6:57:54:68:d4:bd:18:14:44:84:65:28:a9:06:
af:c2:34:ea:d5:f7:0d:1f:3b:1d:54:d2:ea:e9:e7:
a3:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:F3:E6:04:A6:3F:2C:EF:4B:DD:E3:7D:CA:89:0D:04:51:96:7A:EC
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91EB002/E24F8234022E11EF856F5132C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91EB002/E24F8234022E11EF856F5132C4F9AE02/nvPmBKY_LO9L3eN9yokNBFGWeuw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
152714
sbgp-ipAddrBlock: critical
IPv4:
103.40.166.0/23
IPv6:
2001:df3:b8c0::/48
Signature Algorithm: sha256WithRSAEncryption
29:b8:0a:77:04:a0:47:3c:e0:8e:47:58:f3:6b:3b:59:0d:8a:
9e:cd:27:cf:5f:e0:21:fd:a0:23:94:aa:7f:ab:29:fa:be:34:
1c:cf:f0:73:ee:7f:96:11:8c:bc:07:4e:85:a4:72:cc:5d:d5:
be:b8:c2:2e:27:d1:8f:f1:a4:79:05:8f:4d:cb:d4:8a:0a:92:
e4:69:cd:d4:ef:7b:7a:a9:3c:26:15:93:e9:24:54:10:ca:58:
b7:07:f0:35:88:68:33:2a:75:eb:90:5e:ac:ea:7f:2a:33:75:
09:c3:33:22:80:0e:be:41:04:95:b4:08:c6:b6:64:be:f8:36:
c3:e2:a7:c4:3e:d3:f3:81:cf:e3:b2:4f:1d:70:38:72:5d:56:
ca:4b:b1:20:2b:ef:5d:50:d6:d3:16:e0:88:3d:7a:c7:6d:52:
27:f2:86:7e:c3:27:f4:ae:73:4c:8c:29:ab:ab:97:a5:5c:6d:
c4:94:0d:fc:07:97:50:21:b4:a7:23:1b:8a:b7:18:64:64:c7:
a8:77:8b:f0:55:05:3d:d1:e2:a8:5b:ea:16:e4:e2:44:1e:5a:
84:d6:56:a8:06:28:46:2e:ce:84:08:0b:d8:63:e9:3c:f3:c6:
00:f4:9f:bc:0c:ce:28:e3:e7:01:79:b5:74:70:8e:9d:9f:c3:
a5:11:20:b5
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAlH4MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDcwMTA2MDIwMVoXDTI1MTAzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRUIwMDIxMTAvBgNVBAUTKDlFRjNFNjA0QTYzRjJDRUY0QkRERTM3
RENBODkwRDA0NTE5NjdBRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDM4Ozyf4B3315zfnpNQfdvZoFT3qAnZumw8GcMr6fZSQwVinQh+EBq1xoAq2NG
k0KYnvEvTJ7ONbDK+mEsvDWh2krtaUAU5KH/g+uLcgw/8Qk3TKIcvZ1ZK8mG9r6y
z5eY+n8Cl27MsW34EyYYZtj8kjm0sp720CsfOy5+8HwU3XY3AnlRF2H+lVM3yZjE
i/gVqQefmb9nP+KtDpoQYvCTLdjSKbXgz8plU/YTD9ze0Ro1kbOhllERCUJhOoHq
hFQ4My6J8lMWMQer+EWYtclEgG6XdKU2Z12Vew6MYhTmkAa2V1Ro1L0YFESEZSip
Bq/CNOrV9w0fOx1U0urp56NPAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUnvPmBKY/
LO9L3eN9yokNBFGWeuwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUVCMDAyL0UyNEY4MjM0MDIyRTExRUY4NTZGNTEzMkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFQjAwMi9FMjRGODIzNDAyMkUxMUVGODU2RjUxMzJDNEY5QUUwMi9udlBtQktZ
X0xPOUwzZU45eW9rTkJGR1dldXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlSKMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZyimMA8EAgAC
MAkDBwAgAQ3zuMAwDQYJKoZIhvcNAQELBQADggEBACm4CncEoEc84I5HWPNrO1kN
ip7NJ89f4CH9oCOUqn+rKfq+NBzP8HPuf5YRjLwHToWkcsxd1b64wi4n0Y/xpHkF
j03L1IoKkuRpzdTve3qpPCYVk+kkVBDKWLcH8DWIaDMqdeuQXqzqfyozdQnDMyKA
Dr5BBJW0CMa2ZL74NsPip8Q+0/OBz+OyTx1wOHJdVspLsSAr711Q1tMW4Ig9esdt
Uifyhn7DJ/Suc0yMKaurl6VcbcSUDfwHl1AhtKcjG4q3GGRkx6h3i/BVBT3R4qhb
6hbk4kQeWoTWVqgGKEYuzoQIC9hj6TzzxgD0n7wMzijj5wF5tXRwjp2fw6URILU=
-----END CERTIFICATE-----
Generated at Tue Jul 1 17:05:56 2025 by rpki-client