Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4bkQuccxDJ9lWU_G6JifyVOzblE.cer
File: 4bkQuccxDJ9lWU_G6JifyVOzblE.cer (raw, json)
Hash identifier: lNSq+PqomDz3CD3w4eekrIeUohKFW0/9/I8dikXKWco=
Subject key identifier: E1:B9:10:B9:C7:31:0C:9F:65:59:4F:C6:E8:98:9F:C9:53:B3:6E:51
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5F21
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/4bkQuccxDJ9lWU_G6JifyVOzblE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 09 Dec 2024 15:48:55 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: IP: 52.128.224.0/19
IP: 148.66.0.0/19
IP: 216.118.224.0/19
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24353 (0x5f21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Dec 9 15:48:55 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A9178EB0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:98:0d:be:da:a7:ca:34:17:78:2e:e2:5d:88:
22:15:d0:24:1a:ff:8b:b3:6c:f6:ae:2c:d4:8e:e4:
1f:89:d7:cc:ad:34:e3:f8:f4:0d:d2:ff:57:68:0a:
41:44:cf:2b:f1:82:24:48:41:58:bc:45:39:6c:00:
4a:17:36:74:70:fa:37:23:55:22:3d:57:84:3a:f6:
3c:2e:05:88:42:e6:2a:de:49:8c:44:48:ef:38:13:
bf:70:cc:97:29:dd:0b:eb:4b:8d:50:94:cd:51:23:
c1:7c:5a:d1:be:cb:1f:30:bd:e4:3b:a2:bc:80:2d:
1f:49:cb:f6:bd:42:d9:d0:00:f7:8a:d3:38:9e:c7:
70:46:2c:42:48:ab:cf:49:8d:18:ad:bc:9b:17:57:
ef:c4:bb:f2:96:ee:0e:df:ba:f7:47:a2:f0:d8:94:
e0:ef:33:7f:b3:f6:9f:b1:8f:2d:b9:c4:9c:f5:7b:
ae:2e:48:90:d9:bf:4b:05:34:4e:8e:68:5d:17:ba:
1c:67:32:a5:7e:d5:27:f3:bc:f9:0e:c4:82:fd:c6:
ce:e4:b5:3e:c7:ec:25:1a:50:9c:0d:45:ac:cd:07:
de:7e:e2:2b:80:7a:19:d5:ee:7e:3e:9e:59:06:c3:
18:a8:49:47:1e:d1:49:22:42:38:ca:91:e0:c6:57:
e2:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:B9:10:B9:C7:31:0C:9F:65:59:4F:C6:E8:98:9F:C9:53:B3:6E:51
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/4bkQuccxDJ9lWU_G6JifyVOzblE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
52.128.224.0/19
148.66.0.0/19
216.118.224.0/19
Signature Algorithm: sha256WithRSAEncryption
89:fd:1c:e1:e5:37:d9:69:ef:99:09:26:65:dc:8c:ff:24:ab:
4b:f4:e5:76:1b:9c:1c:63:e8:90:f4:2e:cd:77:9d:4c:d9:e7:
de:58:09:a8:a3:80:9e:0c:30:ec:9a:11:43:00:d8:c3:4d:70:
ca:93:f5:82:41:dd:df:72:96:38:bc:26:95:b6:96:28:34:6d:
6c:9f:d9:8a:9f:d4:4f:e9:be:db:df:86:73:b4:75:61:5d:a0:
38:9e:33:2d:4d:14:22:fe:d9:19:fb:f3:39:d5:6a:49:c0:8c:
47:9c:fb:ee:02:c1:a0:79:89:cf:1b:0e:9e:e3:c7:8c:d8:2c:
09:dc:c1:14:ff:05:24:00:80:98:29:11:2c:71:f3:55:87:16:
0f:4b:a6:6d:46:10:d1:d2:04:e4:e5:4a:67:9f:66:57:a9:01:
84:54:18:5a:7c:d5:3b:e0:16:56:52:e2:06:0b:33:1f:95:4b:
57:37:f7:e9:0b:86:28:b3:75:70:9b:a7:4d:66:15:57:8a:f3:
6b:58:df:3e:67:2b:3a:09:4e:c5:85:0d:9d:9a:7d:f7:3a:ad:
ea:fb:d1:5d:82:2f:5c:da:c8:f7:e4:50:f1:51:f6:01:99:b9:
a5:72:2e:92:c8:05:4f:ba:da:18:45:53:65:d1:5c:8c:ee:08:
48:e5:27:46
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgICXyEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQxMjA5MTU0ODU1WhcNMjYwMTMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE3OEVCMDExMC8GA1UEBRMoRTFCOTEwQjlDNzMxMEM5RjY1NTk0RkM2
RTg5ODlGQzk1M0IzNkU1MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKWYDb7ap8o0F3gu4l2IIhXQJBr/i7Ns9q4s1I7kH4nXzK004/j0DdL/V2gKQUTP
K/GCJEhBWLxFOWwAShc2dHD6NyNVIj1XhDr2PC4FiELmKt5JjERI7zgTv3DMlynd
C+tLjVCUzVEjwXxa0b7LHzC95DuivIAtH0nL9r1C2dAA94rTOJ7HcEYsQkirz0mN
GK28mxdX78S78pbuDt+690ei8NiU4O8zf7P2n7GPLbnEnPV7ri5IkNm/SwU0To5o
XRe6HGcypX7VJ/O8+Q7Egv3GzuS1PsfsJRpQnA1FrM0H3n7iK4B6GdXufj6eWQbD
GKhJRx7RSSJCOMqR4MZX4usCAwEAAaOCAv8wggL7MB0GA1UdDgQWBBThuRC5xzEM
n2VZT8bomJ/JU7NuUTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzhFQjAvRTMyQzg3Q0M1MEQ1MTFFQ0IzRjhENTI5QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTc4RUIwL0UzMkM4N0NDNTBENTExRUNCM0Y4RDUyOUM0RjlBRTAyLzRia1F1Y2N4
REo5bFdVX0c2SmlmeVZPemJsRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQcMBow
GAQCAAEwEgMEBTSA4AMEBZRCAAMEBdh24DANBgkqhkiG9w0BAQsFAAOCAQEAif0c
4eU32WnvmQkmZdyM/ySrS/TldhucHGPokPQuzXedTNnn3lgJqKOAngww7JoRQwDY
w01wypP1gkHd33KWOLwmlbaWKDRtbJ/Zip/UT+m+29+Gc7R1YV2gOJ4zLU0UIv7Z
GfvzOdVqScCMR5z77gLBoHmJzxsOnuPHjNgsCdzBFP8FJACAmCkRLHHzVYcWD0um
bUYQ0dIE5OVKZ59mV6kBhFQYWnzVO+AWVlLiBgszH5VLVzf36QuGKLN1cJunTWYV
V4rza1jfPmcrOglOxYUNnZp99zqt6vvRXYIvXNrI9+RQ8VH2AZm5pXIuksgFT7ra
GEVTZdFcjO4ISOUnRg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:40:27 2025 by rpki-client