Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/7ITWD3lr9Bb4-B0Yutov_4fBXyY.cer
File: 7ITWD3lr9Bb4-B0Yutov_4fBXyY.cer (raw, json)
Hash identifier: xkVKqj/IRainVqPSEosY1Mi8YlpIMT5ftwVTEo67VA0=
Subject key identifier: EC:84:D6:0F:79:6B:F4:16:F8:F8:1D:18:BA:DA:2F:FF:87:C1:5F:26
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6323
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A917ACF1/86835506A03911EC8A1F1C23C4F9AE02/7ITWD3lr9Bb4-B0Yutov_4fBXyY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A917ACF1/86835506A03911EC8A1F1C23C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 19 Mar 2025 00:46:50 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 161.64.0.0/16
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 02:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25379 (0x6323)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Mar 19 00:46:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A917ACF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f8:d2:8d:e9:45:1c:45:89:87:b2:83:4d:9a:
e2:1c:ce:11:b8:d9:4a:ba:44:1c:a1:62:4b:96:ad:
49:c4:8f:87:bf:b7:e2:c9:60:36:39:c6:76:e1:36:
d9:5a:00:9f:84:f6:1c:8f:4c:55:1b:15:02:dd:dd:
40:68:d6:fd:ce:86:3a:cd:d1:b2:f7:cd:98:48:6c:
5f:b1:81:f7:83:47:81:98:e5:94:08:bc:da:6d:75:
d3:52:89:e4:03:13:0a:b4:9d:df:01:ec:73:33:8d:
bb:e5:dc:16:74:b9:2b:bc:5f:a6:e0:41:e7:92:b0:
43:59:4e:5c:d3:08:0f:04:a4:a5:6b:ca:e3:e9:a8:
84:68:8a:b0:a4:fe:25:c4:c1:5e:dc:a3:23:9d:c4:
6f:9f:d8:52:fa:2b:62:8e:57:92:27:24:4b:10:f6:
4c:da:73:06:46:95:14:34:d0:8c:31:3d:02:2f:0c:
f4:d1:98:cf:27:d1:b3:56:58:5c:7b:9d:5f:3a:59:
24:10:63:f3:39:8a:eb:79:08:ef:04:bd:88:8f:6d:
53:8e:1c:ac:ce:f4:f1:47:08:43:0b:8f:7b:75:03:
a6:6f:16:1b:ea:b0:98:c1:4e:7b:17:18:1d:75:57:
0c:63:82:d2:e0:4d:96:6d:82:60:e5:dd:78:55:3a:
71:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:84:D6:0F:79:6B:F4:16:F8:F8:1D:18:BA:DA:2F:FF:87:C1:5F:26
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917ACF1/86835506A03911EC8A1F1C23C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917ACF1/86835506A03911EC8A1F1C23C4F9AE02/7ITWD3lr9Bb4-B0Yutov_4fBXyY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.64.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:76:01:95:c6:cd:69:89:4e:d4:02:b8:3e:a4:14:c0:ff:e1:
3c:61:50:2c:98:87:de:62:8e:89:b8:24:5f:4c:f2:24:b0:4f:
27:98:1f:7e:19:07:3d:59:ca:45:9f:8d:93:ce:76:71:81:f8:
b1:6b:61:1b:25:01:c2:cd:53:35:40:fe:85:5d:83:dd:74:9a:
cb:a5:e8:38:48:12:8d:d1:d2:f3:b5:e3:68:0b:12:60:ab:c9:
34:02:a2:8d:d0:ef:98:f0:69:7d:20:05:7e:33:87:f8:65:b7:
5a:7f:f5:3d:1a:ad:f1:d0:dc:0f:60:56:37:23:29:35:ef:c2:
64:ea:74:a0:6b:04:3d:ad:22:64:58:b8:f1:5b:f1:c2:d4:03:
2c:6e:15:b1:91:a3:77:f8:6b:ba:4e:8b:ac:42:b1:fe:a9:d5:
69:60:3a:a4:bf:41:02:9d:b9:d3:c6:eb:d1:32:85:fa:e7:47:
5b:87:82:8d:ef:b1:6e:e4:2e:fe:75:34:d6:32:a6:df:d7:5e:
eb:c5:4e:5d:62:01:94:fa:15:92:f6:76:e1:a5:99:a5:f8:8c:
4f:92:2e:7f:94:27:eb:f3:4a:d4:34:97:71:68:13:f5:0b:a8:
0e:0a:1e:73:54:64:cc:4c:3b:93:7b:0c:23:7b:72:a0:fe:98:
1c:5a:4b:55
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgICYyMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwMzE5MDA0NjUwWhcNMjYwNzAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE3QUNGMTExMC8GA1UEBRMoRUM4NEQ2MEY3OTZCRjQxNkY4RjgxRDE4
QkFEQTJGRkY4N0MxNUYyNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM/40o3pRRxFiYeyg02a4hzOEbjZSrpEHKFiS5atScSPh7+34slgNjnGduE22VoA
n4T2HI9MVRsVAt3dQGjW/c6GOs3RsvfNmEhsX7GB94NHgZjllAi82m1101KJ5AMT
CrSd3wHsczONu+XcFnS5K7xfpuBB55KwQ1lOXNMIDwSkpWvK4+mohGiKsKT+JcTB
XtyjI53Eb5/YUvorYo5XkickSxD2TNpzBkaVFDTQjDE9Ai8M9NGYzyfRs1ZYXHud
XzpZJBBj8zmK63kI7wS9iI9tU44crM708UcIQwuPe3UDpm8WG+qwmMFOexcYHXVX
DGOC0uBNlm2CYOXdeFU6cSsCAwEAAaOCAvIwggLuMB0GA1UdDgQWBBTshNYPeWv0
Fvj4HRi62i//h8FfJjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0FDRjEvODY4MzU1MDZBMDM5MTFFQzhBMUYxQzIzQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTdBQ0YxLzg2ODM1NTA2QTAzOTExRUM4QTFGMUMyM0M0RjlBRTAyLzdJVFdEM2xy
OUJiNC1CMFl1dG92XzRmQlh5WS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAeBggrBgEFBQcBBwEB/wQPMA0w
CwQCAAEwBQMDAKFAMA0GCSqGSIb3DQEBCwUAA4IBAQBMdgGVxs1piU7UArg+pBTA
/+E8YVAsmIfeYo6JuCRfTPIksE8nmB9+GQc9WcpFn42TznZxgfixa2EbJQHCzVM1
QP6FXYPddJrLpeg4SBKN0dLzteNoCxJgq8k0AqKN0O+Y8Gl9IAV+M4f4Zbdaf/U9
Gq3x0NwPYFY3Iyk178Jk6nSgawQ9rSJkWLjxW/HC1AMsbhWxkaN3+Gu6TousQrH+
qdVpYDqkv0ECnbnTxuvRMoX650dbh4KN77Fu5C7+dTTWMqbf117rxU5dYgGU+hWS
9nbhpZml+IxPki5/lCfr80rUNJdxaBP1C6gOCh5zVGTMTDuTewwje3Kg/pgcWktV
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:38:49 2025 by rpki-client