Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XDJ7SiNb-JD9JpH7A-lKbxbL8jw.cer
File: XDJ7SiNb-JD9JpH7A-lKbxbL8jw.cer (raw, json)
Hash identifier: NtRrONlNaYEb7+B61rHfxAfnIB+Z0p/e4e/JrVfwvL8=
Subject key identifier: 5C:32:7B:4A:23:5B:F8:90:FD:26:91:FB:03:E9:4A:6F:16:CB:F2:3C
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 4F44
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91FBD89/75B286C2AE9611ED8A965664C4F9AE02/XDJ7SiNb-JD9JpH7A-lKbxbL8jw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91FBD89/75B286C2AE9611ED8A965664C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 06 Dec 2023 22:03:12 +0000
Certificate not after: Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources: IP: 192.102.239.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20292 (0x4f44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Dec 6 22:03:12 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=A91FBD89/serialNumber=5C327B4A235BF890FD2691FB03E94A6F16CBF23C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1e:a9:c3:b6:a5:4b:ab:e4:55:12:5c:0d:71:
b6:3e:f3:e6:3e:3a:0e:70:34:f5:75:39:6d:1a:d6:
71:1c:94:1c:73:1d:b0:7d:bf:e4:17:bb:9d:d3:01:
c0:79:6b:2b:f7:db:50:4b:5f:4a:45:d3:6a:e3:d5:
f2:3f:2e:d7:10:f2:ab:80:61:5a:ab:b7:d4:88:82:
77:96:cf:c5:ff:e7:21:fe:4b:eb:44:42:bc:f3:d3:
ea:a6:78:80:d0:a9:5d:97:df:40:11:4f:41:5e:d4:
7e:e2:f5:d5:b3:d8:55:c5:c7:42:ef:e4:ba:1a:3a:
02:c3:04:fc:c9:3a:e7:bd:4d:3a:4d:54:6e:3a:dc:
f9:de:24:ad:08:a1:6b:3a:05:d8:d7:b4:c7:41:e8:
4f:64:e0:81:ff:d3:39:a1:5b:8e:91:db:2b:4c:13:
b2:68:b3:67:0e:fd:3c:87:2e:16:96:d7:48:79:f3:
10:5d:46:fd:d5:9f:2a:3d:c7:ad:14:8b:88:0a:0a:
1a:74:ca:a5:77:14:7a:fb:1e:c0:b7:55:70:99:19:
1e:74:29:6e:d8:f6:16:10:88:b8:ea:5a:c1:28:91:
58:5a:a1:37:61:80:bc:00:57:07:0f:fb:02:41:4c:
4e:72:71:72:7d:2c:78:ea:e2:3d:53:42:b0:9d:cc:
68:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:32:7B:4A:23:5B:F8:90:FD:26:91:FB:03:E9:4A:6F:16:CB:F2:3C
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91FBD89/75B286C2AE9611ED8A965664C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91FBD89/75B286C2AE9611ED8A965664C4F9AE02/XDJ7SiNb-JD9JpH7A-lKbxbL8jw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.102.239.0/24
Signature Algorithm: sha256WithRSAEncryption
00:24:6d:3d:0c:ab:d4:07:42:39:9c:98:ca:c7:3b:2e:47:81:
fa:b4:69:ad:53:d8:dd:3a:55:4e:a1:ff:68:01:6d:14:09:d9:
52:60:c9:43:d5:de:1f:7f:52:68:1c:46:1e:d4:63:ab:8f:9a:
0e:42:90:d4:dc:b4:a8:7e:84:cb:f7:37:18:c5:4f:28:13:08:
5b:da:97:de:1f:5b:b7:e0:f0:10:0a:28:0f:43:4b:00:7c:ae:
6e:3b:c0:99:ef:1d:71:05:14:b9:d0:e7:7b:1b:86:f0:7f:e0:
f4:5f:3d:3b:57:8f:1f:00:f6:70:57:c9:d5:a4:a5:9f:0a:5b:
18:ef:ca:55:1c:55:23:05:30:33:be:54:bc:0d:27:39:eb:40:
ad:da:30:bb:f7:20:e7:b2:62:b1:3e:b6:20:8f:c3:17:57:da:
e8:60:7f:2f:77:b1:78:2a:41:da:c1:fa:db:a7:89:04:0d:51:
ae:53:2e:80:2c:04:61:75:8a:b2:e3:92:d5:68:de:ed:cb:5c:
61:fb:19:3f:cd:f7:35:b6:bb:c2:f3:41:b8:90:b9:75:13:ae:
0f:2d:1c:28:12:df:9b:d3:d9:e4:4d:94:43:43:e8:db:04:7a:
51:ac:82:88:1b:c3:a5:cf:77:74:00:e2:b5:34:c3:cd:42:2c:
18:b2:0e:fb
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICT0QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjMxMjA2MjIwMzEyWhcNMjUwMzAyMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFGQkQ4OTExMC8GA1UEBRMoNUMzMjdCNEEyMzVCRjg5MEZEMjY5MUZC
MDNFOTRBNkYxNkNCRjIzQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKMeqcO2pUur5FUSXA1xtj7z5j46DnA09XU5bRrWcRyUHHMdsH2/5Be7ndMBwHlr
K/fbUEtfSkXTauPV8j8u1xDyq4BhWqu31IiCd5bPxf/nIf5L60RCvPPT6qZ4gNCp
XZffQBFPQV7UfuL11bPYVcXHQu/kuho6AsME/Mk6571NOk1Ubjrc+d4krQihazoF
2Ne0x0HoT2Tggf/TOaFbjpHbK0wTsmizZw79PIcuFpbXSHnzEF1G/dWfKj3HrRSL
iAoKGnTKpXcUevsewLdVcJkZHnQpbtj2FhCIuOpawSiRWFqhN2GAvABXBw/7AkFM
TnJxcn0seOriPVNCsJ3MaHkCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRcMntKI1v4
kP0mkfsD6UpvFsvyPDAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkJEODkvNzVCMjg2QzJBRTk2MTFFRDhBOTY1NjY0QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUZCRDg5Lzc1QjI4NkMyQUU5NjExRUQ4QTk2NTY2NEM0RjlBRTAyL1hESjdTaU5i
LUpEOUpwSDdBLWxLYnhiTDhqdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAMBm7zANBgkqhkiG9w0BAQsFAAOCAQEAACRtPQyr1AdCOZyYysc7
LkeB+rRprVPY3TpVTqH/aAFtFAnZUmDJQ9XeH39SaBxGHtRjq4+aDkKQ1Ny0qH6E
y/c3GMVPKBMIW9qX3h9bt+DwEAooD0NLAHyubjvAme8dcQUUudDnexuG8H/g9F89
O1ePHwD2cFfJ1aSlnwpbGO/KVRxVIwUwM75UvA0nOetArdowu/cg57JisT62II/D
F1fa6GB/L3exeCpB2sH626eJBA1RrlMugCwEYXWKsuOS1Wje7ctcYfsZP833Nba7
wvNBuJC5dROuDy0cKBLfm9PZ5E2UQ0Po2wR6UayCiBvDpc93dADitTTDzUIsGLIO
+w==
-----END CERTIFICATE-----
Generated at Thu May 9 03:29:32 2024 by rpki-client on console-fra.rpki-client.org