Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y3nZvhDc9wJG_GlGNFiuyiQly44.cer
File: y3nZvhDc9wJG_GlGNFiuyiQly44.cer (raw, json)
Hash identifier: lqWNCQH/djEUz9BS+50IQ/EfOflhvdzD95N/Oefvo/k=
Subject key identifier: CB:79:D9:BE:10:DC:F7:02:46:FC:69:46:34:58:AE:CA:24:25:CB:8E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02635A
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A912756D/8DCA32CE6B5411EFB8A8A61AC4F9AE02/y3nZvhDc9wJG_GlGNFiuyiQly44.mft
caRepository: rsync://rpki.apnic.net/member_repository/A912756D/8DCA32CE6B5411EFB8A8A61AC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 04 Sep 2025 13:21:43 +0000
Certificate not after: Tue 01 Dec 2026 00:00:00 +0000
Subordinate resources: AS: 153201
IP: 2401:bae0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 27 Oct 2025 06:49:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156506 (0x2635a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Sep 4 13:21:43 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=A912756D, serialNumber=CB79D9BE10DCF70246FC69463458AECA2425CB8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b0:58:33:06:9b:a2:7f:47:bb:98:e4:12:30:
b1:18:32:2f:e1:66:d4:03:43:fa:0a:f0:0a:95:75:
ab:2f:99:f5:a1:39:dc:64:20:62:a9:dd:21:b9:cc:
91:19:a5:37:14:12:7f:c1:b9:79:fa:5b:89:cd:82:
39:4c:ef:5f:be:9a:c6:34:bb:4f:dd:ff:61:da:a3:
c8:60:cc:62:89:42:5b:3f:0b:39:bf:dc:bd:78:79:
29:51:c7:5e:ed:9c:90:62:94:b3:56:87:4e:4d:9f:
c9:81:5b:f4:95:f3:81:f3:c1:56:01:ec:c6:71:9d:
59:ac:ff:f9:d1:89:1f:4d:19:fa:7d:14:a2:de:48:
7d:47:4c:90:19:84:af:97:16:40:2d:0b:1f:52:4a:
f5:8c:7b:d3:87:8f:f1:e7:d7:43:10:9f:d6:b1:bf:
fd:7e:43:b8:d8:b1:4e:fb:03:92:20:a4:9f:d0:fb:
00:8f:24:db:da:22:40:fd:7a:7f:32:7a:01:76:9c:
4f:d8:b1:90:d0:7d:9f:d1:5c:3b:c9:7a:b5:2f:5b:
14:79:8b:4a:cf:c2:17:6a:5b:0d:82:a0:a3:dd:3b:
5f:10:96:94:3e:9e:a1:b5:84:91:21:97:37:0e:5e:
b7:c4:63:b5:1b:4c:89:a1:2d:b3:03:53:42:07:08:
8f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:79:D9:BE:10:DC:F7:02:46:FC:69:46:34:58:AE:CA:24:25:CB:8E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912756D/8DCA32CE6B5411EFB8A8A61AC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912756D/8DCA32CE6B5411EFB8A8A61AC4F9AE02/y3nZvhDc9wJG_GlGNFiuyiQly44.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
153201
sbgp-ipAddrBlock: critical
IPv6:
2401:bae0::/32
Signature Algorithm: sha256WithRSAEncryption
69:1d:67:72:38:39:b0:69:1a:77:92:1f:ed:88:32:f6:50:16:
b3:74:d7:db:b5:58:1b:f5:81:64:00:08:38:fc:cc:37:d9:c1:
6d:db:59:28:b8:c4:2d:ed:e9:94:9e:0b:6c:c3:65:3d:0a:b9:
cc:24:35:ee:fd:cd:5a:6b:2e:49:3b:8b:f0:5f:dc:21:32:6b:
56:aa:dd:f5:35:0d:db:25:67:7d:93:4c:a9:35:90:68:ac:00:
a3:8e:4a:f0:b2:f7:16:51:e5:31:9a:5b:46:33:b9:9d:8e:e4:
8b:f8:6a:3a:86:f1:e0:df:a1:dc:ec:38:44:b5:b0:14:73:0e:
9f:68:0d:cd:6a:53:5a:0f:47:13:72:21:65:3b:31:3e:bd:2a:
1e:23:98:8d:eb:cf:c5:3a:45:1f:53:69:f5:aa:b1:f0:1e:bd:
17:df:e8:29:fb:0a:aa:d7:26:23:b0:36:86:2e:3a:7d:79:7f:
b4:9b:0a:5a:1f:c7:8f:fd:cc:d6:01:74:d2:89:53:00:45:53:
cc:eb:40:d6:b7:62:e1:05:40:a0:c5:2c:29:4d:0f:ad:3c:a8:
d3:c6:26:bb:fb:b9:35:8d:ea:43:6f:c1:f0:af:10:d4:5a:18:
c3:d8:23:bc:1a:9f:ec:1b:35:c6:cc:96:59:77:b0:f4:5c:07:
14:43:8a:bb
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIDAmNaMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDkwNDEzMjE0M1oXDTI2MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjc1NkQxMTAvBgNVBAUTKENCNzlEOUJFMTBEQ0Y3MDI0NkZDNjk0
NjM0NThBRUNBMjQyNUNCOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDWsFgzBpuif0e7mOQSMLEYMi/hZtQDQ/oK8AqVdasvmfWhOdxkIGKp3SG5zJEZ
pTcUEn/BuXn6W4nNgjlM71++msY0u0/d/2Hao8hgzGKJQls/Czm/3L14eSlRx17t
nJBilLNWh05Nn8mBW/SV84HzwVYB7MZxnVms//nRiR9NGfp9FKLeSH1HTJAZhK+X
FkAtCx9SSvWMe9OHj/Hn10MQn9axv/1+Q7jYsU77A5IgpJ/Q+wCPJNvaIkD9en8y
egF2nE/YsZDQfZ/RXDvJerUvWxR5i0rPwhdqWw2CoKPdO18QlpQ+nqG1hJEhlzcO
XrfEY7UbTImhLbMDU0IHCI/xAgMBAAGjggMQMIIDDDAdBgNVHQ4EFgQUy3nZvhDc
9wJG/GlGNFiuyiQly44wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTI3NTZELzhEQ0EzMkNFNkI1NDExRUZCOEE4QTYxQUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyNzU2RC84RENBMzJDRTZCNTQxMUVGQjhBOEE2MUFDNEY5QUUwMi95M25admhE
Yzl3SkdfR2xHTkZpdXlpUWx5NDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlZxMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAG64DANBgkq
hkiG9w0BAQsFAAOCAQEAaR1ncjg5sGkad5If7Ygy9lAWs3TX27VYG/WBZAAIOPzM
N9nBbdtZKLjELe3plJ4LbMNlPQq5zCQ17v3NWmsuSTuL8F/cITJrVqrd9TUN2yVn
fZNMqTWQaKwAo45K8LL3FlHlMZpbRjO5nY7ki/hqOobx4N+h3Ow4RLWwFHMOn2gN
zWpTWg9HE3IhZTsxPr0qHiOYjevPxTpFH1Np9aqx8B69F9/oKfsKqtcmI7A2hi46
fXl/tJsKWh/Hj/3M1gF00olTAEVTzOtA1rdi4QVAoMUsKU0PrTyo08Ymu/u5NY3q
Q2/B8K8Q1FoYw9gjvBqf7Bs1xsyWWXew9FwHFEOKuw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:35:17 2025 by rpki-client