This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ycx5T_y0zfLZ373rdjgJuH0tj1c.cer File: ycx5T_y0zfLZ373rdjgJuH0tj1c.cer (raw, json) Hash identifier: +2aB2h5UfaW/Iy7aKIeut0V3HIPyswlD8JEDv3sIeA0= Subject key identifier: C9:CC:79:4F:FC:B4:CD:F2:D9:DF:BD:EB:76:38:09:B8:7D:2D:8F:57 Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F Certificate serial: 027467 Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer Manifest: rsync://rpki.apnic.net/member_repository/A9147456/6154D168372E11E581F0FB39C4F9AE02/ycx5T_y0zfLZ373rdjgJuH0tj1c.mft caRepository: rsync://rpki.apnic.net/member_repository/A9147456/6154D168372E11E581F0FB39C4F9AE02/ Notify URL: https://rrdp.apnic.net/notification.xml Certificate not before: Tue 11 Nov 2025 00:12:22 +0000 Certificate not after: Sat 31 Oct 2026 00:00:00 +0000 Subordinate resources: AS: 63849 AS: 63946 AS: 64047 AS: 132818 IP: 43.251.32.0/22 IP: 45.125.112.0/22 IP: 103.1.36.0/22 IP: 103.25.252.0/22 IP: 103.71.28.0/22 IP: 103.193.248.0/22 IP: 117.18.110.0/23 IP: 202.4.26.0/23 IP: 202.6.0.0/23 IP: 202.181.144.0/23 IP: 202.181.190.0/23 IP: 202.181.248.0/23 IP: 2402:b780::/32 Validation: OK Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 15:10:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 160871 (0x27467) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F Validity Not Before: Nov 11 00:12:22 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=A9147456, serialNumber=C9CC794FFCB4CDF2D9DFBDEB763809B87D2D8F57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:72:df:fb:29:9c:9e:3f:58:68:47:a0:1f:31: 72:bb:0e:1e:79:07:2b:63:71:e9:8e:f1:3b:5f:77: ef:75:bf:20:41:1e:0f:13:eb:38:3d:72:57:8d:c3: b1:ae:c7:7f:06:b0:1a:fc:52:15:f1:05:f7:e8:d5: b0:4d:d3:11:cc:e3:6f:4f:e5:70:63:67:74:57:ee: 77:29:03:a5:af:b3:ad:f2:5b:00:b4:88:71:c0:a2: ed:83:4b:99:4e:cb:fb:5a:99:96:c1:8c:53:8a:7c: f4:bb:82:fc:24:7b:38:b9:9e:91:03:72:70:7e:f4: 31:d0:04:97:c0:de:12:a5:be:62:1c:55:ec:cc:f6: 21:dc:b4:8f:29:a0:c4:78:b1:08:43:5b:8f:f9:d5: af:1e:d3:a7:9f:1a:dc:ce:65:a5:a3:a7:bf:a7:5f: 41:4f:8c:34:6a:b7:f1:55:42:7b:09:36:d6:cc:f7: 9d:2a:44:41:26:d1:f1:11:27:1f:11:7a:9e:be:59: 82:b1:4a:7f:e9:39:b7:0d:cc:c0:31:db:4b:99:39: d8:4d:c6:8c:52:34:da:61:6b:da:34:fd:82:a5:c8: ee:80:ec:aa:39:96:a9:82:5d:54:21:8b:3a:cc:6d: 09:4a:c7:2c:6b:6b:2e:60:a2:fe:8b:d8:e3:4c:ff: 14:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:CC:79:4F:FC:B4:CD:F2:D9:DF:BD:EB:76:38:09:B8:7D:2D:8F:57 X509v3 Authority Key Identifier: keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9147456/6154D168372E11E581F0FB39C4F9AE02/ RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9147456/6154D168372E11E581F0FB39C4F9AE02/ycx5T_y0zfLZ373rdjgJuH0tj1c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 63849 63946 64047 132818 sbgp-ipAddrBlock: critical IPv4: 43.251.32.0/22 45.125.112.0/22 103.1.36.0/22 103.25.252.0/22 103.71.28.0/22 103.193.248.0/22 117.18.110.0/23 202.4.26.0/23 202.6.0.0/23 202.181.144.0/23 202.181.190.0/23 202.181.248.0/23 IPv6: 2402:b780::/32 Signature Algorithm: sha256WithRSAEncryption a3:7b:5a:60:47:b7:05:80:67:1b:61:47:2c:d3:43:31:ef:a0: f8:a9:eb:72:55:35:a9:cf:e3:c7:d9:56:ce:a6:b7:2b:a8:9d: 8d:b6:f6:b5:ae:e8:ec:d9:0d:fb:4c:f0:81:5d:89:0c:e9:26: 53:12:34:81:9f:4f:2d:c5:6b:00:bb:46:b6:f8:72:8f:ba:ac: 49:e6:90:9a:ec:6f:5d:e2:59:a0:4a:2d:d1:a5:eb:9f:fa:a0: 8a:21:8c:23:f7:e5:db:e1:32:4d:60:56:c6:a4:5d:88:96:e6: 88:dd:f2:cc:ed:cf:29:56:87:74:d3:6d:8b:0a:4d:ef:97:17: f7:35:05:d2:7c:6c:4c:44:15:74:b8:cd:f4:01:f3:d6:41:2c: 66:8d:55:8e:81:1f:18:2c:60:73:93:65:b2:51:10:cb:db:f4: f4:9d:8b:ed:55:e8:a0:f8:08:a2:18:99:16:a7:c2:bf:d9:1d: de:62:ad:f3:95:3d:07:fa:c2:e9:7a:e6:28:2d:a5:51:fe:1b: 25:30:29:8b:b4:4d:17:3d:a5:4c:32:0e:7c:f9:0d:a5:e1:c0: b4:1e:64:36:7e:51:d9:44:85:f9:e7:b5:a6:01:7f:45:0e:76: e1:a8:1f:30:87:3a:b5:95:1e:4e:71:20:bc:31:73:a5:d6:53: 9b:51:a0:5a -----BEGIN CERTIFICATE----- MIIGejCCBWKgAwIBAgIDAnRnMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4 QzkwN0FBNzlGMB4XDTI1MTExMTAwMTIyMloXDTI2MTAzMTAwMDAwMFowRjERMA8G A1UEAxMIQTkxNDc0NTYxMTAvBgNVBAUTKEM5Q0M3OTRGRkNCNENERjJEOURGQkRF Qjc2MzgwOUI4N0QyRDhGNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC6ct/7KZyeP1hoR6AfMXK7Dh55BytjcemO8Ttfd+91vyBBHg8T6zg9cleNw7Gu x38GsBr8UhXxBffo1bBN0xHM429P5XBjZ3RX7ncpA6Wvs63yWwC0iHHAou2DS5lO y/tamZbBjFOKfPS7gvwkezi5npEDcnB+9DHQBJfA3hKlvmIcVezM9iHctI8poMR4 sQhDW4/51a8e06efGtzOZaWjp7+nX0FPjDRqt/FVQnsJNtbM950qREEm0fERJx8R ep6+WYKxSn/pObcNzMAx20uZOdhNxoxSNNpha9o0/YKlyO6A7Ko5lqmCXVQhizrM bQlKxyxray5gov6L2ONM/xS7AgMBAAGjggNvMIIDazAdBgNVHQ4EFgQUycx5T/y0 zfLZ373rdjgJuH0tj1cwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2 NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1 OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0 RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MTQ3NDU2LzYxNTREMTY4MzcyRTExRTU4MUYwRkIzOUM0RjlBRTAyLzB+BggrBgEF BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B OTE0NzQ1Ni82MTU0RDE2ODM3MkUxMUU1ODFGMEZCMzlDNEY5QUUwMi95Y3g1VF95 MHpmTFozNzNyZGpnSnVIMHRqMWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKQYIKwYBBQUHAQgBAf8EGjAY oBYwFAIDAPlpAgMA+coCAwD6LwIDAgbSMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIA ATBIAwQCK/sgAwQCLX1wAwQCZwEkAwQCZxn8AwQCZ0ccAwQCZ8H4AwQBdRJuAwQB ygQaAwQBygYAAwQByrWQAwQByrW+AwQByrX4MA0EAgACMAcDBQAkAreAMA0GCSqG SIb3DQEBCwUAA4IBAQCje1pgR7cFgGcbYUcs00Mx76D4qetyVTWpz+PH2VbOprcr qJ2Ntva1rujs2Q37TPCBXYkM6SZTEjSBn08txWsAu0a2+HKPuqxJ5pCa7G9d4lmg Si3Rpeuf+qCKIYwj9+Xb4TJNYFbGpF2IluaI3fLM7c8pVod0022LCk3vlxf3NQXS fGxMRBV0uM30AfPWQSxmjVWOgR8YLGBzk2WyURDL2/T0nYvtVeig+AiiGJkWp8K/ 2R3eYq3zlT0H+sLpeuYoLaVR/hslMCmLtE0XPaVMMg58+Q2l4cC0HmQ2flHZRIX5 57WmAX9FDnbhqB8whzq1lR5OcSC8MXOl1lObUaBa -----END CERTIFICATE-----Generated at Sat Dec 6 22:29:52 2025 by rpki-client