Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NHTCU5hhEAr9ljoWPIAtAmT47H0.cer
File: NHTCU5hhEAr9ljoWPIAtAmT47H0.cer (raw, json)
Hash identifier: Esm43kygVdlsNu/drCeJcaCnmJJeiZ7dMLwtQBDs2y4=
Subject key identifier: 34:74:C2:53:98:61:10:0A:FD:96:3A:16:3C:80:2D:02:64:F8:EC:7D
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6215
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D63AF/4DFE6824B6B711EEA9D7FC3AC4F9AE02/NHTCU5hhEAr9ljoWPIAtAmT47H0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D63AF/4DFE6824B6B711EEA9D7FC3AC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 12 Feb 2025 20:28:08 +0000
Certificate not after: Fri 01 May 2026 00:00:00 +0000
Subordinate resources: IP: 157.10.250.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 02:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25109 (0x6215)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Feb 12 20:28:08 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=A91D63AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:20:71:d6:73:96:f5:ae:64:a0:dd:ed:bd:fa:
bc:e6:26:fa:7f:89:f9:f5:32:ea:f6:1d:9c:2d:1b:
37:d6:0e:85:5e:0f:e0:7f:f2:40:c7:a1:72:08:21:
a8:98:48:f7:dd:ba:83:2c:fc:2e:43:51:50:a2:84:
7d:3f:d6:3b:56:c1:fd:a7:b4:c9:0e:83:58:35:ab:
4b:ab:13:fe:3e:d5:f4:8f:d7:8f:44:ca:46:00:e1:
0d:ab:e3:24:5b:79:94:da:18:c3:3c:c6:98:ee:93:
9c:b7:f3:a0:a8:0f:fd:12:c7:e9:a4:c2:3a:29:22:
4b:01:8e:4c:d9:79:f8:13:82:8d:39:fa:86:8e:de:
f1:51:f8:bb:20:3f:47:84:30:41:97:0d:56:5b:ab:
8d:70:9a:db:40:65:74:8f:94:a2:61:0e:09:e0:3c:
49:0e:ea:c4:a8:ab:4f:8e:cf:dd:ca:aa:a4:93:eb:
55:e0:2a:46:7d:38:6c:03:c9:dd:f3:0f:39:49:25:
c5:dd:83:2c:9c:2b:cb:8a:c4:c6:cb:db:14:59:7b:
57:ff:84:7f:b5:10:cd:84:c2:b5:d1:84:b9:e0:52:
36:d5:bc:18:cb:cd:8f:ab:d7:76:55:82:d9:45:6c:
73:44:ac:fc:c2:1c:28:16:7e:7c:77:5d:d4:e1:13:
5d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:74:C2:53:98:61:10:0A:FD:96:3A:16:3C:80:2D:02:64:F8:EC:7D
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D63AF/4DFE6824B6B711EEA9D7FC3AC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D63AF/4DFE6824B6B711EEA9D7FC3AC4F9AE02/NHTCU5hhEAr9ljoWPIAtAmT47H0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.250.0/23
Signature Algorithm: sha256WithRSAEncryption
82:4b:c1:b8:93:81:51:43:22:39:ed:80:33:97:c4:6c:c0:8d:
f8:f9:64:d5:99:19:83:6d:70:ef:52:77:d1:da:61:be:d9:ba:
e4:a1:2e:e6:76:61:44:09:50:38:47:5c:64:2b:a7:c2:21:70:
e6:ae:2b:02:09:ff:4b:d1:90:70:28:76:49:46:c8:c8:5a:e3:
ed:ca:5b:2a:45:7e:e5:c9:a4:4c:d8:f6:78:1b:8e:dc:16:1f:
e3:7d:22:04:c5:b2:1b:a9:dc:50:bb:45:9c:f9:24:73:40:42:
8d:b4:9b:52:14:68:e8:95:33:01:c5:97:24:af:53:b1:67:64:
17:88:6b:81:63:84:72:94:61:66:dc:8e:2d:67:99:55:06:1b:
09:10:af:ab:bd:49:fa:81:69:01:6e:60:f7:64:d1:40:88:d8:
5a:f6:03:47:4e:a7:d5:56:10:b2:b2:8f:13:2f:d1:2c:55:42:
b8:16:bb:2f:ba:58:cf:ad:b2:3b:c7:ce:d4:36:47:43:53:72:
20:b1:77:89:3b:9e:96:7a:d0:b9:8b:bf:ab:fc:67:df:bc:b2:
e4:85:75:5b:53:f4:eb:b3:08:7d:46:78:48:5d:5f:f4:91:94:
21:54:8d:5a:c7:85:1f:59:77:e3:4b:a6:82:0b:77:1b:dc:bc:
05:a2:74:7a
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICYhUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwMjEyMjAyODA4WhcNMjYwNTAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFENjNBRjExMC8GA1UEBRMoMzQ3NEMyNTM5ODYxMTAwQUZEOTYzQTE2
M0M4MDJEMDI2NEY4RUM3RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANQgcdZzlvWuZKDd7b36vOYm+n+J+fUy6vYdnC0bN9YOhV4P4H/yQMehcgghqJhI
9926gyz8LkNRUKKEfT/WO1bB/ae0yQ6DWDWrS6sT/j7V9I/Xj0TKRgDhDavjJFt5
lNoYwzzGmO6TnLfzoKgP/RLH6aTCOikiSwGOTNl5+BOCjTn6ho7e8VH4uyA/R4Qw
QZcNVlurjXCa20BldI+UomEOCeA8SQ7qxKirT47P3cqqpJPrVeAqRn04bAPJ3fMP
OUklxd2DLJwry4rExsvbFFl7V/+Ef7UQzYTCtdGEueBSNtW8GMvNj6vXdlWC2UVs
c0Ss/MIcKBZ+fHdd1OETXQUCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQ0dMJTmGEQ
Cv2WOhY8gC0CZPjsfTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDYzQUYvNERGRTY4MjRCNkI3MTFFRUE5RDdGQzNBQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQ2M0FGLzRERkU2ODI0QjZCNzExRUVBOUQ3RkMzQUM0RjlBRTAyL05IVENVNWho
RUFyOWxqb1dQSUF0QW1UNDdIMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0K+jANBgkqhkiG9w0BAQsFAAOCAQEAgkvBuJOBUUMiOe2AM5fE
bMCN+Plk1ZkZg21w71J30dphvtm65KEu5nZhRAlQOEdcZCunwiFw5q4rAgn/S9GQ
cCh2SUbIyFrj7cpbKkV+5cmkTNj2eBuO3BYf430iBMWyG6ncULtFnPkkc0BCjbSb
UhRo6JUzAcWXJK9TsWdkF4hrgWOEcpRhZtyOLWeZVQYbCRCvq71J+oFpAW5g92TR
QIjYWvYDR06n1VYQsrKPEy/RLFVCuBa7L7pYz62yO8fO1DZHQ1NyILF3iTuelnrQ
uYu/q/xn37yy5IV1W1P067MIfUZ4SF1f9JGUIVSNWseFH1l340umggt3G9y8BaJ0
eg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:33:12 2025 by rpki-client