Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ycx5T_y0zfLZ373rdjgJuH0tj1c.cer
File: ycx5T_y0zfLZ373rdjgJuH0tj1c.cer (raw, json)
Hash identifier: TB5X9Ez0Zi94pceCjn+dURyTLdNAFH8A+SV+ynPhHIY=
Subject key identifier: C9:CC:79:4F:FC:B4:CD:F2:D9:DF:BD:EB:76:38:09:B8:7D:2D:8F:57
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02AD6E
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9147456/6154D168372E11E581F0FB39C4F9AE02/ycx5T_y0zfLZ373rdjgJuH0tj1c.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9147456/6154D168372E11E581F0FB39C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 20 Apr 2026 03:42:53 +0000
Certificate not after: Sat 31 Oct 2026 00:00:00 +0000
Subordinate resources: AS: 63849
AS: 63946
AS: 64047
AS: 132818
IP: 43.251.32.0/22
IP: 45.125.112.0/22
IP: 103.1.36.0/22
IP: 103.25.252.0/22
IP: 103.71.28.0/22
IP: 103.152.190.0/23
IP: 103.193.248.0/22
IP: 117.18.110.0/23
IP: 202.4.26.0/23
IP: 202.6.0.0/23
IP: 202.181.144.0/23
IP: 202.181.190.0/23
IP: 202.181.248.0/23
IP: 2402:b780::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 20 May 2026 02:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175470 (0x2ad6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 20 03:42:53 2026 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=A9147456, serialNumber=C9CC794FFCB4CDF2D9DFBDEB763809B87D2D8F57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:72:df:fb:29:9c:9e:3f:58:68:47:a0:1f:31:
72:bb:0e:1e:79:07:2b:63:71:e9:8e:f1:3b:5f:77:
ef:75:bf:20:41:1e:0f:13:eb:38:3d:72:57:8d:c3:
b1:ae:c7:7f:06:b0:1a:fc:52:15:f1:05:f7:e8:d5:
b0:4d:d3:11:cc:e3:6f:4f:e5:70:63:67:74:57:ee:
77:29:03:a5:af:b3:ad:f2:5b:00:b4:88:71:c0:a2:
ed:83:4b:99:4e:cb:fb:5a:99:96:c1:8c:53:8a:7c:
f4:bb:82:fc:24:7b:38:b9:9e:91:03:72:70:7e:f4:
31:d0:04:97:c0:de:12:a5:be:62:1c:55:ec:cc:f6:
21:dc:b4:8f:29:a0:c4:78:b1:08:43:5b:8f:f9:d5:
af:1e:d3:a7:9f:1a:dc:ce:65:a5:a3:a7:bf:a7:5f:
41:4f:8c:34:6a:b7:f1:55:42:7b:09:36:d6:cc:f7:
9d:2a:44:41:26:d1:f1:11:27:1f:11:7a:9e:be:59:
82:b1:4a:7f:e9:39:b7:0d:cc:c0:31:db:4b:99:39:
d8:4d:c6:8c:52:34:da:61:6b:da:34:fd:82:a5:c8:
ee:80:ec:aa:39:96:a9:82:5d:54:21:8b:3a:cc:6d:
09:4a:c7:2c:6b:6b:2e:60:a2:fe:8b:d8:e3:4c:ff:
14:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:CC:79:4F:FC:B4:CD:F2:D9:DF:BD:EB:76:38:09:B8:7D:2D:8F:57
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9147456/6154D168372E11E581F0FB39C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9147456/6154D168372E11E581F0FB39C4F9AE02/ycx5T_y0zfLZ373rdjgJuH0tj1c.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
63849
63946
64047
132818
sbgp-ipAddrBlock: critical
IPv4:
43.251.32.0/22
45.125.112.0/22
103.1.36.0/22
103.25.252.0/22
103.71.28.0/22
103.152.190.0/23
103.193.248.0/22
117.18.110.0/23
202.4.26.0/23
202.6.0.0/23
202.181.144.0/23
202.181.190.0/23
202.181.248.0/23
IPv6:
2402:b780::/32
Signature Algorithm: sha256WithRSAEncryption
ab:c2:89:73:3a:3c:55:cb:db:a8:57:f1:54:76:70:78:99:a9:
f4:4b:1d:b1:64:17:81:6b:a6:69:52:2d:53:d2:87:a8:55:8b:
ac:c3:4e:7e:bb:4e:cd:7a:61:8b:55:11:ca:a2:32:65:bf:b3:
bb:9c:b8:60:5b:c6:e1:45:1b:10:09:66:c1:0f:04:47:57:e6:
55:e9:9e:74:b4:dd:8d:73:97:76:a8:dc:ae:95:b4:85:a4:90:
97:7e:19:40:9a:7c:ac:a5:f7:03:91:91:85:25:62:e3:6a:3d:
0a:5c:27:14:ac:a1:df:56:d5:e6:ba:2c:02:80:e0:4b:d4:d6:
0c:86:f4:74:68:e8:7e:35:50:9a:0d:12:a9:fa:4a:e6:86:7c:
19:cf:5f:e9:66:13:6d:d1:74:7d:32:c3:95:ca:eb:cd:34:a9:
88:7c:2b:91:2b:32:d3:a4:c4:2e:cb:ef:a6:43:90:92:7f:bd:
1f:df:6a:66:f7:45:f3:c5:16:34:88:34:bd:3b:f1:da:b1:cf:
d3:ed:6d:b2:73:80:f5:98:5d:4c:a3:f2:cf:25:f7:ad:c3:66:
2c:9e:ea:df:01:a6:58:11:7a:92:ab:48:47:1c:85:04:22:01:
13:b0:98:27:f2:0a:05:a1:fb:0c:a3:53:f2:0c:99:81:73:fa:
4d:9a:5a:0d
-----BEGIN CERTIFICATE-----
MIIGgDCCBWigAwIBAgIDAq1uMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDQyMDAzNDI1M1oXDTI2MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNDc0NTYxMTAvBgNVBAUTKEM5Q0M3OTRGRkNCNENERjJEOURGQkRF
Qjc2MzgwOUI4N0QyRDhGNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6ct/7KZyeP1hoR6AfMXK7Dh55BytjcemO8Ttfd+91vyBBHg8T6zg9cleNw7Gu
x38GsBr8UhXxBffo1bBN0xHM429P5XBjZ3RX7ncpA6Wvs63yWwC0iHHAou2DS5lO
y/tamZbBjFOKfPS7gvwkezi5npEDcnB+9DHQBJfA3hKlvmIcVezM9iHctI8poMR4
sQhDW4/51a8e06efGtzOZaWjp7+nX0FPjDRqt/FVQnsJNtbM950qREEm0fERJx8R
ep6+WYKxSn/pObcNzMAx20uZOdhNxoxSNNpha9o0/YKlyO6A7Ko5lqmCXVQhizrM
bQlKxyxray5gov6L2ONM/xS7AgMBAAGjggN1MIIDcTAdBgNVHQ4EFgQUycx5T/y0
zfLZ373rdjgJuH0tj1cwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTQ3NDU2LzYxNTREMTY4MzcyRTExRTU4MUYwRkIzOUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0NzQ1Ni82MTU0RDE2ODM3MkUxMUU1ODFGMEZCMzlDNEY5QUUwMi95Y3g1VF95
MHpmTFozNzNyZGpnSnVIMHRqMWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKQYIKwYBBQUHAQgBAf8EGjAY
oBYwFAIDAPlpAgMA+coCAwD6LwIDAgbSMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIA
ATBOAwQCK/sgAwQCLX1wAwQCZwEkAwQCZxn8AwQCZ0ccAwQBZ5i+AwQCZ8H4AwQB
dRJuAwQBygQaAwQBygYAAwQByrWQAwQByrW+AwQByrX4MA0EAgACMAcDBQAkAreA
MA0GCSqGSIb3DQEBCwUAA4IBAQCrwolzOjxVy9uoV/FUdnB4man0Sx2xZBeBa6Zp
Ui1T0oeoVYusw05+u07NemGLVRHKojJlv7O7nLhgW8bhRRsQCWbBDwRHV+ZV6Z50
tN2Nc5d2qNyulbSFpJCXfhlAmnyspfcDkZGFJWLjaj0KXCcUrKHfVtXmuiwCgOBL
1NYMhvR0aOh+NVCaDRKp+krmhnwZz1/pZhNt0XR9MsOVyuvNNKmIfCuRKzLTpMQu
y++mQ5CSf70f32pm90XzxRY0iDS9O/Hasc/T7W2yc4D1mF1Mo/LPJfetw2Ysnurf
AaZYEXqSq0hHHIUEIgETsJgn8goFofsMo1PyDJmBc/pNmloN
-----END CERTIFICATE-----
Generated at Wed May 13 07:16:44 2026 by rpki-client