Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KtPYi16OCwUUGjvJL4XkJzoFYqE.cer
File: KtPYi16OCwUUGjvJL4XkJzoFYqE.cer (raw, json)
Hash identifier: Ntjv8kqcX5sE263Crhdv5bN2uaS3kvyA1OxWNHjq9/I=
Subject key identifier: 2A:D3:D8:8B:5E:8E:0B:05:14:1A:3B:C9:2F:85:E4:27:3A:05:62:A1
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6384
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9132F27/7ACDF9AABB6C11EEA680AE6DC4F9AE02/KtPYi16OCwUUGjvJL4XkJzoFYqE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9132F27/7ACDF9AABB6C11EEA680AE6DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 31 Mar 2025 04:25:45 +0000
Certificate not after: Fri 01 May 2026 00:00:00 +0000
Subordinate resources: IP: 157.15.16.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 02:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25476 (0x6384)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Mar 31 04:25:45 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=A9132F27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:17:34:45:e2:ca:14:a1:b1:c9:7d:f6:24:7d:
61:c9:a4:e9:2b:1c:ce:cb:be:f5:da:74:3e:cd:29:
fa:28:0e:d7:de:af:a1:27:72:e8:db:0e:e6:12:4a:
78:3b:d3:f1:d3:7c:68:91:e3:1d:b7:fe:94:05:e3:
8e:a0:4e:3e:37:ef:01:c2:71:de:96:50:f4:44:47:
78:69:b3:57:84:a6:76:40:fa:62:4b:2d:d8:50:be:
86:09:d6:e3:a0:36:93:af:ef:50:b3:7b:2b:d3:b5:
00:d9:86:fd:a5:7c:df:6d:a3:ae:e2:f5:ab:7a:f5:
d0:96:60:6e:7f:3e:86:9d:c6:ef:b0:9d:5c:79:3a:
d1:70:8f:4a:eb:18:04:93:af:d9:a4:0e:5d:e2:eb:
1f:8e:00:cf:e7:07:18:c2:6d:9e:b7:ea:86:6b:60:
bb:ed:fe:f9:83:96:45:ce:08:61:ef:0f:32:20:78:
18:85:5e:fb:70:23:0f:ef:5c:16:65:39:c9:6a:a7:
98:40:79:ef:92:cc:e5:44:7d:66:e4:df:04:40:c6:
49:2a:f1:c5:f7:67:18:9f:35:aa:87:33:2e:aa:15:
ea:82:ae:1c:11:34:41:98:1f:11:ce:26:9d:58:dc:
dc:a2:ec:6c:90:b1:b8:f0:6b:1e:d0:37:12:15:31:
d4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D3:D8:8B:5E:8E:0B:05:14:1A:3B:C9:2F:85:E4:27:3A:05:62:A1
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9132F27/7ACDF9AABB6C11EEA680AE6DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9132F27/7ACDF9AABB6C11EEA680AE6DC4F9AE02/KtPYi16OCwUUGjvJL4XkJzoFYqE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.16.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:19:4e:d9:f0:1b:e2:4b:e7:e4:2e:45:b8:f6:d5:29:6c:fd:
f0:9a:30:17:8c:3b:aa:aa:17:23:e1:28:3d:c2:a8:e6:63:3e:
a5:83:7c:77:4d:c0:a6:6b:4c:73:c5:90:9f:f3:e5:38:58:25:
e4:ce:9b:d1:06:8f:ed:35:a9:13:5a:f9:e6:9e:5c:6b:fb:8c:
3e:1d:1a:dc:f9:d4:88:ff:1e:d0:34:a7:92:39:d9:d9:95:b7:
fc:26:f5:6b:c1:ca:ca:73:7d:f0:ad:ee:03:6b:71:1a:c6:df:
52:12:5e:29:1e:1d:e8:52:dc:40:cc:f0:db:95:02:81:bd:19:
14:f4:1f:28:db:5c:84:80:b0:f1:00:6b:85:57:5f:fc:7e:7b:
78:1d:c7:20:72:6b:94:aa:4b:eb:45:03:7e:cd:3e:af:f4:b2:
a3:d0:6b:cc:64:c7:cb:b2:53:65:7a:52:ba:ba:d1:e5:60:92:
35:32:86:54:97:64:ac:e9:1b:8a:76:7d:92:2e:12:9b:50:ef:
8a:70:f6:5f:f0:7e:bd:5d:87:e8:e4:61:bb:a7:90:90:d2:6d:
f2:18:95:62:a6:11:81:df:30:56:60:08:97:fc:c0:97:01:82:
7a:94:17:97:97:15:d2:22:09:7f:7b:4a:53:f5:4e:de:7b:5b:
2a:ab:ef:57
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICY4QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwMzMxMDQyNTQ1WhcNMjYwNTAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEzMkYyNzExMC8GA1UEBRMoMkFEM0Q4OEI1RThFMEIwNTE0MUEzQkM5
MkY4NUU0MjczQTA1NjJBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMAXNEXiyhShscl99iR9Ycmk6Ssczsu+9dp0Ps0p+igO196voSdy6NsO5hJKeDvT
8dN8aJHjHbf+lAXjjqBOPjfvAcJx3pZQ9ERHeGmzV4SmdkD6Ykst2FC+hgnW46A2
k6/vULN7K9O1ANmG/aV8322jruL1q3r10JZgbn8+hp3G77CdXHk60XCPSusYBJOv
2aQOXeLrH44Az+cHGMJtnrfqhmtgu+3++YOWRc4IYe8PMiB4GIVe+3AjD+9cFmU5
yWqnmEB575LM5UR9ZuTfBEDGSSrxxfdnGJ81qoczLqoV6oKuHBE0QZgfEc4mnVjc
3KLsbJCxuPBrHtA3EhUx1FMCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQq09iLXo4L
BRQaO8kvheQnOgVioTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzJGMjcvN0FDREY5QUFCQjZDMTFFRUE2ODBBRTZEQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTMyRjI3LzdBQ0RGOUFBQkI2QzExRUVBNjgwQUU2REM0RjlBRTAyL0t0UFlpMTZP
Q3dVVUdqdkpMNFhrSnpvRllxRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAJ0PEDANBgkqhkiG9w0BAQsFAAOCAQEAxxlO2fAb4kvn5C5FuPbV
KWz98JowF4w7qqoXI+EoPcKo5mM+pYN8d03ApmtMc8WQn/PlOFgl5M6b0QaP7TWp
E1r55p5ca/uMPh0a3PnUiP8e0DSnkjnZ2ZW3/Cb1a8HKynN98K3uA2txGsbfUhJe
KR4d6FLcQMzw25UCgb0ZFPQfKNtchICw8QBrhVdf/H57eB3HIHJrlKpL60UDfs0+
r/Syo9BrzGTHy7JTZXpSurrR5WCSNTKGVJdkrOkbinZ9ki4Sm1DvinD2X/B+vV2H
6ORhu6eQkNJt8hiVYqYRgd8wVmAIl/zAlwGCepQXl5cV0iIJf3tKU/VO3ntbKqvv
Vw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:44:02 2025 by rpki-client