Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/O6SMSvsA9zNCJMBRU6rG8mhoQ7c.cer
File: O6SMSvsA9zNCJMBRU6rG8mhoQ7c.cer (raw, json)
Hash identifier: xj/tGxDrwfrncbisVk5KrjOwSV6TvHRrNjrBcSVXfuY=
Subject key identifier: 3B:A4:8C:4A:FB:00:F7:33:42:24:C0:51:53:AA:C6:F2:68:68:43:B7
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6296
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91AB92D/80B8171ACED111EE8BF64B73C4F9AE02/O6SMSvsA9zNCJMBRU6rG8mhoQ7c.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91AB92D/80B8171ACED111EE8BF64B73C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 03 Mar 2025 04:46:56 +0000
Certificate not after: Fri 01 May 2026 00:00:00 +0000
Subordinate resources: IP: 157.20.64.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 02:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25238 (0x6296)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Mar 3 04:46:56 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=A91AB92D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:fe:2c:ab:c3:ac:c4:99:db:0e:b4:91:c2:8f:
34:56:9b:c2:25:d5:d5:43:d2:07:b9:cb:ac:fa:03:
1b:5b:22:66:8a:46:b4:c7:f8:6f:49:c0:bc:24:c9:
0b:01:8f:aa:ea:67:5b:c4:01:05:dc:ad:23:fa:a4:
3a:50:32:b7:c1:05:f3:88:fe:1b:9f:13:45:69:35:
b2:de:11:55:72:fe:65:95:92:dd:71:15:e6:42:8c:
7d:71:b0:f1:ef:fc:85:92:cf:f3:3b:b4:0a:64:d4:
5b:c3:33:f5:7c:24:7d:8e:c5:21:75:9e:68:45:4e:
4c:5e:0d:e6:22:c8:0f:24:59:13:34:bf:05:52:77:
77:54:83:00:1f:3c:56:b9:43:ce:2c:61:2e:55:2a:
c4:80:e5:5d:43:7c:fa:f1:b3:01:f0:8d:a6:c8:bf:
fc:c2:8e:92:f2:27:9b:21:02:2a:b8:42:df:e6:8b:
c9:34:b8:a8:f1:f6:4c:57:06:53:56:e7:4e:a5:69:
d7:1b:16:04:66:2a:4e:39:28:02:c0:3f:7e:dc:9c:
1a:03:fb:e8:73:e1:8d:fd:5b:5a:79:c9:2b:aa:b4:
57:01:0f:e3:42:e5:d3:b4:6b:9e:23:fe:0e:13:c3:
37:de:02:89:16:39:69:b4:85:4c:07:c7:a4:62:f6:
e3:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:A4:8C:4A:FB:00:F7:33:42:24:C0:51:53:AA:C6:F2:68:68:43:B7
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91AB92D/80B8171ACED111EE8BF64B73C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91AB92D/80B8171ACED111EE8BF64B73C4F9AE02/O6SMSvsA9zNCJMBRU6rG8mhoQ7c.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.64.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:ef:ca:ac:32:87:1d:72:24:bf:1b:b1:fc:dd:2b:55:48:6f:
a3:56:71:61:df:93:8f:c6:59:54:b6:c9:21:f3:01:ff:8c:ac:
41:59:f5:8b:85:8e:8b:ad:6d:cf:da:9c:fd:5a:4a:6a:23:15:
1b:ec:71:cc:6b:e5:f1:1e:54:7d:ab:bc:cf:1c:a1:3a:f6:7b:
1f:12:3f:e2:f9:8c:1b:84:5d:68:30:5e:5a:a4:65:ae:ff:ae:
58:46:b9:5b:fe:cc:9f:30:fd:a1:c3:bc:5f:93:0f:41:fb:89:
44:40:ff:c9:ef:ba:10:09:c0:f9:36:1a:1d:e1:4b:b9:96:b7:
66:d1:68:25:59:4b:71:05:e6:22:86:58:ef:8a:29:97:72:c4:
5e:91:53:7c:ec:cc:3b:48:e6:96:59:8c:23:34:22:84:28:75:
6b:4b:6c:6b:45:17:ce:fa:a6:c8:72:f7:06:77:00:55:9a:b6:
4c:80:ba:18:4b:1e:89:b1:39:12:b6:3d:fe:d8:9f:d8:35:4f:
bf:69:7e:6d:bd:6f:6d:ae:2f:09:1a:4a:15:34:76:ec:a2:a3:
d7:94:f5:47:c2:df:cd:47:82:a0:24:1d:38:c0:95:31:70:cb:
e3:ac:3e:1e:25:dc:7b:07:52:d7:9a:d1:73:0b:af:12:73:b1:
40:22:dd:50
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICYpYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwMzAzMDQ0NjU2WhcNMjYwNTAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFBQjkyRDExMC8GA1UEBRMoM0JBNDhDNEFGQjAwRjczMzQyMjRDMDUx
NTNBQUM2RjI2ODY4NDNCNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM7+LKvDrMSZ2w60kcKPNFabwiXV1UPSB7nLrPoDG1siZopGtMf4b0nAvCTJCwGP
qupnW8QBBdytI/qkOlAyt8EF84j+G58TRWk1st4RVXL+ZZWS3XEV5kKMfXGw8e/8
hZLP8zu0CmTUW8Mz9XwkfY7FIXWeaEVOTF4N5iLIDyRZEzS/BVJ3d1SDAB88VrlD
zixhLlUqxIDlXUN8+vGzAfCNpsi//MKOkvInmyECKrhC3+aLyTS4qPH2TFcGU1bn
TqVp1xsWBGYqTjkoAsA/ftycGgP76HPhjf1bWnnJK6q0VwEP40Ll07RrniP+DhPD
N94CiRY5abSFTAfHpGL24y8CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQ7pIxK+wD3
M0IkwFFTqsbyaGhDtzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUI5MkQvODBCODE3MUFDRUQxMTFFRThCRjY0QjczQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUFCOTJELzgwQjgxNzFBQ0VEMTExRUU4QkY2NEI3M0M0RjlBRTAyL082U01TdnNB
OXpOQ0pNQlJVNnJHOG1ob1E3Yy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAJ0UQDANBgkqhkiG9w0BAQsFAAOCAQEAm+/KrDKHHXIkvxux/N0r
VUhvo1ZxYd+Tj8ZZVLbJIfMB/4ysQVn1i4WOi61tz9qc/VpKaiMVG+xxzGvl8R5U
fau8zxyhOvZ7HxI/4vmMG4RdaDBeWqRlrv+uWEa5W/7MnzD9ocO8X5MPQfuJRED/
ye+6EAnA+TYaHeFLuZa3ZtFoJVlLcQXmIoZY74opl3LEXpFTfOzMO0jmllmMIzQi
hCh1a0tsa0UXzvqmyHL3BncAVZq2TIC6GEseibE5ErY9/tif2DVPv2l+bb1vba4v
CRpKFTR27KKj15T1R8LfzUeCoCQdOMCVMXDL46w+HiXcewdS15rRcwuvEnOxQCLd
UA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:40:27 2025 by rpki-client