Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XDJ7SiNb-JD9JpH7A-lKbxbL8jw.cer
File: XDJ7SiNb-JD9JpH7A-lKbxbL8jw.cer (raw, json)
Hash identifier: MMwmhLCcXLVBaxURwzkvwudyLoRfOAFKhsYsay6pzEw=
Subject key identifier: 5C:32:7B:4A:23:5B:F8:90:FD:26:91:FB:03:E9:4A:6F:16:CB:F2:3C
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6064
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91FBD89/75B286C2AE9611ED8A965664C4F9AE02/XDJ7SiNb-JD9JpH7A-lKbxbL8jw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91FBD89/75B286C2AE9611ED8A965664C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 07 Jan 2025 21:20:03 +0000
Certificate not after: Mon 02 Mar 2026 00:00:00 +0000
Subordinate resources: IP: 192.102.239.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24676 (0x6064)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 7 21:20:03 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=A91FBD89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1e:a9:c3:b6:a5:4b:ab:e4:55:12:5c:0d:71:
b6:3e:f3:e6:3e:3a:0e:70:34:f5:75:39:6d:1a:d6:
71:1c:94:1c:73:1d:b0:7d:bf:e4:17:bb:9d:d3:01:
c0:79:6b:2b:f7:db:50:4b:5f:4a:45:d3:6a:e3:d5:
f2:3f:2e:d7:10:f2:ab:80:61:5a:ab:b7:d4:88:82:
77:96:cf:c5:ff:e7:21:fe:4b:eb:44:42:bc:f3:d3:
ea:a6:78:80:d0:a9:5d:97:df:40:11:4f:41:5e:d4:
7e:e2:f5:d5:b3:d8:55:c5:c7:42:ef:e4:ba:1a:3a:
02:c3:04:fc:c9:3a:e7:bd:4d:3a:4d:54:6e:3a:dc:
f9:de:24:ad:08:a1:6b:3a:05:d8:d7:b4:c7:41:e8:
4f:64:e0:81:ff:d3:39:a1:5b:8e:91:db:2b:4c:13:
b2:68:b3:67:0e:fd:3c:87:2e:16:96:d7:48:79:f3:
10:5d:46:fd:d5:9f:2a:3d:c7:ad:14:8b:88:0a:0a:
1a:74:ca:a5:77:14:7a:fb:1e:c0:b7:55:70:99:19:
1e:74:29:6e:d8:f6:16:10:88:b8:ea:5a:c1:28:91:
58:5a:a1:37:61:80:bc:00:57:07:0f:fb:02:41:4c:
4e:72:71:72:7d:2c:78:ea:e2:3d:53:42:b0:9d:cc:
68:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:32:7B:4A:23:5B:F8:90:FD:26:91:FB:03:E9:4A:6F:16:CB:F2:3C
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91FBD89/75B286C2AE9611ED8A965664C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91FBD89/75B286C2AE9611ED8A965664C4F9AE02/XDJ7SiNb-JD9JpH7A-lKbxbL8jw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.102.239.0/24
Signature Algorithm: sha256WithRSAEncryption
69:23:5a:66:42:cb:97:fb:b1:51:ad:0d:80:45:ba:b1:ef:43:
c3:e8:84:28:b5:4d:e2:6b:23:c0:1d:1f:f6:b5:cd:29:2b:57:
3d:72:95:08:0b:9c:6a:1c:a5:c7:d5:69:ac:59:86:34:89:a1:
07:31:aa:f3:6d:5d:fa:cb:f7:8d:5e:43:32:8a:5d:be:5d:28:
64:35:d3:b0:ee:fb:d6:19:7a:97:d1:2a:c1:68:9c:c4:2a:ec:
dc:e4:b3:b5:26:8f:0a:de:a9:cb:55:54:8a:fb:69:a0:04:20:
48:8e:f1:81:96:8a:c2:4c:5a:cc:ed:75:fd:7a:38:51:92:c7:
35:c0:a5:97:39:c1:d7:9a:14:66:49:00:01:36:2e:f5:74:77:
3d:c6:1f:33:4c:88:42:22:f2:5e:5b:16:a4:a3:e1:bf:04:c6:
0a:96:8c:79:f9:d0:c7:d8:ce:16:1c:e7:98:48:0d:0e:4e:c3:
25:bd:75:aa:27:bc:85:f0:7c:28:a1:bd:f1:00:09:49:32:5b:
76:48:50:9f:e6:22:24:70:6e:dd:da:50:da:e9:a8:75:a7:46:
23:13:90:a4:c0:67:ef:34:40:37:27:50:bd:20:bb:51:ed:d9:
60:c2:d3:25:e6:1f:be:b9:9b:1a:98:5d:5a:93:c2:43:0d:5f:
fd:b0:4b:fb
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICYGQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwMTA3MjEyMDAzWhcNMjYwMzAyMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFGQkQ4OTExMC8GA1UEBRMoNUMzMjdCNEEyMzVCRjg5MEZEMjY5MUZC
MDNFOTRBNkYxNkNCRjIzQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKMeqcO2pUur5FUSXA1xtj7z5j46DnA09XU5bRrWcRyUHHMdsH2/5Be7ndMBwHlr
K/fbUEtfSkXTauPV8j8u1xDyq4BhWqu31IiCd5bPxf/nIf5L60RCvPPT6qZ4gNCp
XZffQBFPQV7UfuL11bPYVcXHQu/kuho6AsME/Mk6571NOk1Ubjrc+d4krQihazoF
2Ne0x0HoT2Tggf/TOaFbjpHbK0wTsmizZw79PIcuFpbXSHnzEF1G/dWfKj3HrRSL
iAoKGnTKpXcUevsewLdVcJkZHnQpbtj2FhCIuOpawSiRWFqhN2GAvABXBw/7AkFM
TnJxcn0seOriPVNCsJ3MaHkCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRcMntKI1v4
kP0mkfsD6UpvFsvyPDAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkJEODkvNzVCMjg2QzJBRTk2MTFFRDhBOTY1NjY0QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUZCRDg5Lzc1QjI4NkMyQUU5NjExRUQ4QTk2NTY2NEM0RjlBRTAyL1hESjdTaU5i
LUpEOUpwSDdBLWxLYnhiTDhqdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAMBm7zANBgkqhkiG9w0BAQsFAAOCAQEAaSNaZkLLl/uxUa0NgEW6
se9Dw+iEKLVN4msjwB0f9rXNKStXPXKVCAucahylx9VprFmGNImhBzGq821d+sv3
jV5DMopdvl0oZDXTsO771hl6l9EqwWicxCrs3OSztSaPCt6py1VUivtpoAQgSI7x
gZaKwkxazO11/Xo4UZLHNcCllznB15oUZkkAATYu9XR3PcYfM0yIQiLyXlsWpKPh
vwTGCpaMefnQx9jOFhznmEgNDk7DJb11qie8hfB8KKG98QAJSTJbdkhQn+YiJHBu
3dpQ2umodadGIxOQpMBn7zRANydQvSC7Ue3ZYMLTJeYfvrmbGphdWpPCQw1f/bBL
+w==
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:45:42 2025 by rpki-client