Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/De7tE2IUPDYvJPl8Z8jk7OLHpWE.cer
File: De7tE2IUPDYvJPl8Z8jk7OLHpWE.cer (raw, json)
Hash identifier: 1eI+NIyuP1IGbEXkKyP+BO1k6DY6w4fiStAHMhxt5pI=
Subject key identifier: 0D:EE:ED:13:62:14:3C:36:2F:24:F9:7C:67:C8:E4:EC:E2:C7:A5:61
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 52AB
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/De7tE2IUPDYvJPl8Z8jk7OLHpWE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 26 Feb 2024 17:39:03 +0000
Certificate not after: Thu 01 May 2025 00:00:00 +0000
Subordinate resources: IP: 144.6.0.0/16
IP: 159.196.0.0/16
IP: 167.179.128.0/18
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21163 (0x52ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Feb 26 17:39:03 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=A91B1FA8/serialNumber=0DEEED1362143C362F24F97C67C8E4ECE2C7A561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5a:9b:c6:cf:4c:b0:c4:4f:63:0d:41:7e:10:
18:e0:42:7e:82:25:68:53:15:17:4e:79:2d:8e:3e:
26:63:b0:7c:0f:12:d9:f3:9e:72:57:31:02:b7:25:
15:a9:7e:5c:87:9b:cd:f0:01:ca:bf:1f:e3:bb:0f:
84:f0:86:5c:42:4d:4d:60:c6:08:51:1c:05:c9:4b:
24:eb:27:55:8b:50:89:62:17:08:29:db:9e:71:92:
0d:64:00:cc:d4:e3:81:da:47:4e:f8:ec:87:34:3d:
42:92:80:bf:18:59:c5:c6:6a:91:fc:ad:51:be:58:
08:51:ef:65:9d:2f:22:28:dc:35:c2:c4:c4:bd:4a:
63:c8:ef:a9:76:a8:d9:fa:0c:93:ec:6e:c1:7a:53:
4a:aa:63:fa:06:da:fe:f7:6e:78:32:d3:08:1c:1f:
6a:6e:5e:6c:ae:43:38:a9:75:88:d2:dc:32:eb:a1:
1a:8d:66:60:d8:3a:28:63:d4:72:d2:d2:b5:df:11:
7d:38:f9:8c:37:7e:ec:6a:26:fc:6c:b0:b8:04:21:
8d:ad:a4:f4:7c:1a:3f:c2:eb:82:f7:25:2f:a2:8d:
eb:41:e7:90:c9:93:ad:cc:25:95:81:87:7a:80:c5:
6a:8f:5f:54:d8:16:21:81:a1:89:db:78:3d:3d:35:
96:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:EE:ED:13:62:14:3C:36:2F:24:F9:7C:67:C8:E4:EC:E2:C7:A5:61
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/De7tE2IUPDYvJPl8Z8jk7OLHpWE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
144.6.0.0/16
159.196.0.0/16
167.179.128.0/18
Signature Algorithm: sha256WithRSAEncryption
04:6c:a6:40:5a:5e:46:e7:39:19:de:6f:ec:c6:47:f6:d7:2c:
55:d0:e0:d4:d2:fe:88:2c:8e:a4:c3:03:77:22:91:b2:13:e2:
80:41:14:f8:96:b5:df:0d:d0:69:53:0d:43:e9:fc:3c:29:46:
d5:6c:e5:c8:15:d8:ea:c1:91:cd:54:8c:95:d5:e4:24:fb:37:
fe:28:04:c1:1d:82:20:3c:f9:b8:b2:2c:5c:ba:16:29:40:97:
71:3a:09:13:a3:d2:22:d6:84:90:06:20:fd:30:4c:5b:f8:40:
b4:a3:23:5d:f3:9c:c7:1f:35:18:7d:97:61:e7:47:cd:42:cd:
62:ee:a0:77:e9:0d:dd:3e:2f:b9:02:7d:a5:b7:df:fc:cc:e3:
2c:ac:50:51:32:95:b5:6d:df:87:51:ab:fb:de:60:a8:e0:88:
d2:d7:12:b5:27:2c:e7:3c:68:77:46:53:fd:7f:99:89:09:a1:
55:7f:3d:9d:00:4e:15:fa:66:92:89:27:0d:6a:ba:b0:34:96:
5a:55:6c:89:0d:04:ce:10:77:d8:99:49:ad:8f:5b:0f:72:da:
93:1d:ba:ed:93:0c:5a:81:9e:a8:b2:9f:f1:a5:ad:43:e0:7e:
78:7c:a6:06:0d:c3:84:13:98:2a:7b:b0:6c:a0:49:06:e3:49:
49:5a:48:d5
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgICUqswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwMjI2MTczOTAzWhcNMjUwNTAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFCMUZBODExMC8GA1UEBRMoMERFRUVEMTM2MjE0M0MzNjJGMjRGOTdD
NjdDOEU0RUNFMkM3QTU2MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMdam8bPTLDET2MNQX4QGOBCfoIlaFMVF055LY4+JmOwfA8S2fOeclcxArclFal+
XIebzfAByr8f47sPhPCGXEJNTWDGCFEcBclLJOsnVYtQiWIXCCnbnnGSDWQAzNTj
gdpHTvjshzQ9QpKAvxhZxcZqkfytUb5YCFHvZZ0vIijcNcLExL1KY8jvqXao2foM
k+xuwXpTSqpj+gba/vdueDLTCBwfam5ebK5DOKl1iNLcMuuhGo1mYNg6KGPUctLS
td8RfTj5jDd+7Gom/GywuAQhja2k9HwaP8LrgvclL6KN60HnkMmTrcwllYGHeoDF
ao9fVNgWIYGhidt4PT01lpMCAwEAAaOCAv0wggL5MB0GA1UdDgQWBBQN7u0TYhQ8
Ni8k+XxnyOTs4selYTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjFGQTgvREY0NzA5MDJBRkQ5MTFFOEIyRUQ0QzdGQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUIxRkE4L0RGNDcwOTAyQUZEOTExRThCMkVENEM3RkM0RjlBRTAyL0RlN3RFMklV
UERZdkpQbDhaOGprN09MSHBXRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDApBggrBgEFBQcBBwEB/wQaMBgw
FgQCAAEwEAMDAJAGAwMAn8QDBAans4AwDQYJKoZIhvcNAQELBQADggEBAARspkBa
XkbnORneb+zGR/bXLFXQ4NTS/ogsjqTDA3cikbIT4oBBFPiWtd8N0GlTDUPp/Dwp
RtVs5cgV2OrBkc1UjJXV5CT7N/4oBMEdgiA8+biyLFy6FilAl3E6CROj0iLWhJAG
IP0wTFv4QLSjI13znMcfNRh9l2HnR81CzWLuoHfpDd0+L7kCfaW33/zM4yysUFEy
lbVt34dRq/veYKjgiNLXErUnLOc8aHdGU/1/mYkJoVV/PZ0AThX6ZpKJJw1qurA0
llpVbIkNBM4Qd9iZSa2PWw9y2pMduu2TDFqBnqiyn/GlrUPgfnh8pgYNw4QTmCp7
sGygSQbjSUlaSNU=
-----END CERTIFICATE-----
Generated at Wed May 8 20:36:14 2024 by rpki-client on console-ams.rpki-client.org