Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RwqTRJ5hH6mtBaKJ1hiCILX8_Do.cer
File: RwqTRJ5hH6mtBaKJ1hiCILX8_Do.cer (raw, json)
Hash identifier: qKl3PznEKugH8jAGuwmR7q22LvUquhXy4BqO+y7vTYc=
Subject key identifier: 47:0A:93:44:9E:61:1F:A9:AD:05:A2:89:D6:18:82:20:B5:FC:FC:3A
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 61E5
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91CB8BA/2B732E70BA8511EABA838E30C4F9AE02/RwqTRJ5hH6mtBaKJ1hiCILX8_Do.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91CB8BA/2B732E70BA8511EABA838E30C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 05 Feb 2025 19:30:23 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: IP: 104.250.32.0/19
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 02:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25061 (0x61e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Feb 5 19:30:23 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=A91CB8BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:38:68:7b:ac:73:bc:24:0f:c0:e4:03:eb:cd:
94:5e:0f:d0:a7:2d:43:50:81:f7:76:87:d2:e1:7e:
b1:d1:3e:ea:5c:e1:ef:59:11:0c:08:19:ef:77:d8:
1f:27:47:86:0c:49:b2:c0:8a:32:5f:8d:0c:75:c0:
69:48:57:c4:b0:85:46:ce:d4:18:16:8a:09:fa:e3:
4f:ff:97:c1:5c:5e:c4:fc:32:f6:6b:b0:53:bd:b7:
43:e4:be:b9:ae:0c:6a:d9:75:f1:96:85:83:ce:d5:
98:9f:b7:10:ad:55:81:b7:84:74:09:6a:ae:28:b3:
d2:1f:41:29:12:ee:75:a2:dc:15:ea:f9:8f:d8:be:
87:07:5b:24:72:9b:4e:1f:cc:e8:92:58:5c:00:77:
e4:91:5e:d8:91:4d:21:78:dd:55:8d:bd:41:0b:60:
ac:66:d9:7e:17:d9:53:49:3e:e1:d3:96:c2:d7:b8:
85:53:65:73:79:6a:90:30:21:5d:36:82:35:9f:e9:
92:3a:fe:89:e7:78:1a:3f:1d:51:b3:5e:4c:8d:b6:
e6:b2:9a:29:a2:36:94:bd:9c:e1:97:7a:65:1e:dc:
e8:fc:e1:f8:a5:af:25:ab:14:59:e4:4a:3a:cf:30:
20:6a:55:35:d0:e3:7c:06:1c:0f:35:f3:40:9d:df:
92:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:0A:93:44:9E:61:1F:A9:AD:05:A2:89:D6:18:82:20:B5:FC:FC:3A
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CB8BA/2B732E70BA8511EABA838E30C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CB8BA/2B732E70BA8511EABA838E30C4F9AE02/RwqTRJ5hH6mtBaKJ1hiCILX8_Do.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
104.250.32.0/19
Signature Algorithm: sha256WithRSAEncryption
90:79:b4:51:61:75:e8:4e:ed:8e:ff:ab:53:4d:2a:7e:d0:93:
2b:8f:a3:f9:f8:4c:ec:25:46:2c:74:bd:68:b2:9e:e0:8f:06:
30:47:46:bf:0a:bc:57:7d:7e:38:df:8c:14:dc:cb:42:cc:1f:
72:20:9d:7e:7c:72:6a:e5:90:bd:4a:0e:88:1b:3d:d6:60:70:
0c:08:e5:cc:8d:50:87:2c:27:22:00:1a:ef:21:78:32:68:3f:
46:ae:9c:fe:cc:44:e2:ae:e5:b0:cc:73:73:10:3a:20:2e:47:
99:5a:1b:eb:24:fe:93:51:22:41:26:83:79:d3:5b:31:2b:cb:
70:c6:6c:30:04:31:2f:ac:e0:72:7d:cd:44:20:94:40:e4:b0:
5b:77:d2:2e:99:45:93:ef:4a:85:3a:cc:a7:02:df:c9:48:be:
e2:b2:82:12:e2:e7:f3:0b:ec:5f:00:1b:a9:94:18:9f:ac:58:
fd:4c:81:62:ed:63:02:c2:f6:51:3c:dc:51:53:58:b7:2d:6c:
d5:37:ba:be:89:e7:79:1b:0c:7c:50:65:f0:08:87:10:91:d0:
5c:92:ae:69:86:ca:29:d8:e8:59:d3:17:58:67:27:a4:3d:4c:
9b:c1:e5:d9:14:d5:e0:27:7a:42:ca:9c:a9:87:80:61:89:ea:
fb:2f:5f:67
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICYeUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwMjA1MTkzMDIzWhcNMjYwMzMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDQjhCQTExMC8GA1UEBRMoNDcwQTkzNDQ5RTYxMUZBOUFEMDVBMjg5
RDYxODgyMjBCNUZDRkMzQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKo4aHusc7wkD8DkA+vNlF4P0KctQ1CB93aH0uF+sdE+6lzh71kRDAgZ73fYHydH
hgxJssCKMl+NDHXAaUhXxLCFRs7UGBaKCfrjT/+XwVxexPwy9muwU723Q+S+ua4M
atl18ZaFg87VmJ+3EK1VgbeEdAlqriiz0h9BKRLudaLcFer5j9i+hwdbJHKbTh/M
6JJYXAB35JFe2JFNIXjdVY29QQtgrGbZfhfZU0k+4dOWwte4hVNlc3lqkDAhXTaC
NZ/pkjr+ied4Gj8dUbNeTI225rKaKaI2lL2c4Zd6ZR7c6Pzh+KWvJasUWeRKOs8w
IGpVNdDjfAYcDzXzQJ3fkusCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRHCpNEnmEf
qa0FoonWGIIgtfz8OjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I4QkEvMkI3MzJFNzBCQTg1MTFFQUJBODM4RTMwQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNCOEJBLzJCNzMyRTcwQkE4NTExRUFCQTgzOEUzMEM0RjlBRTAyL1J3cVRSSjVo
SDZtdEJhS0oxaGlDSUxYOF9Eby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEBWj6IDANBgkqhkiG9w0BAQsFAAOCAQEAkHm0UWF16E7tjv+rU00q
ftCTK4+j+fhM7CVGLHS9aLKe4I8GMEdGvwq8V31+ON+MFNzLQswfciCdfnxyauWQ
vUoOiBs91mBwDAjlzI1QhywnIgAa7yF4Mmg/Rq6c/sxE4q7lsMxzcxA6IC5HmVob
6yT+k1EiQSaDedNbMSvLcMZsMAQxL6zgcn3NRCCUQOSwW3fSLplFk+9KhTrMpwLf
yUi+4rKCEuLn8wvsXwAbqZQYn6xY/UyBYu1jAsL2UTzcUVNYty1s1Te6vonneRsM
fFBl8AiHEJHQXJKuaYbKKdjoWdMXWGcnpD1Mm8Hl2RTV4Cd6QsqcqYeAYYnq+y9f
Zw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:39:35 2025 by rpki-client