Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ctH2ecltIFwtRxyUqA3vYNkRJhw.cer
File: ctH2ecltIFwtRxyUqA3vYNkRJhw.cer (raw, json)
Hash identifier: KGwjne/fTwFN+IXdXxszKvmKW97VQfEWbtG8Dx5FLtk=
Subject key identifier: 72:D1:F6:79:C9:6D:20:5C:2D:47:1C:94:A8:0D:EF:60:D9:11:26:1C
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6367
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A918E85E/5BC1267AEFF311EE977CAC31C4F9AE02/ctH2ecltIFwtRxyUqA3vYNkRJhw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A918E85E/5BC1267AEFF311EE977CAC31C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 27 Mar 2025 16:28:07 +0000
Certificate not after: Thu 28 May 2026 00:00:00 +0000
Subordinate resources: IP: 157.20.148.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25447 (0x6367)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Mar 27 16:28:07 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=A918E85E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:0b:fb:66:da:9f:5c:11:96:4b:23:5c:30:8d:
9f:69:5b:47:98:2b:4a:f7:e3:a9:b5:96:ef:73:68:
48:15:3a:ae:ea:ee:61:58:3a:b8:98:04:01:ed:51:
f2:1f:42:93:28:2b:9a:d9:71:3d:1c:21:bc:36:95:
e9:45:51:81:ac:be:6c:0c:e0:10:5b:ba:66:c7:9d:
c0:a3:26:3f:d7:56:0d:16:62:58:1d:72:0a:f0:1c:
69:da:5a:68:23:b6:11:96:70:f5:a3:b2:83:67:78:
26:4c:e3:c4:bd:a9:1a:c0:49:91:9f:e6:96:09:60:
ae:72:5f:6a:7d:5a:15:70:44:63:89:de:31:ff:0d:
18:9e:80:86:3f:7d:66:a2:c4:03:77:33:b0:d6:98:
28:63:0e:74:d4:ca:61:c2:a5:61:92:dd:b7:3a:57:
38:63:e8:8e:21:04:38:3e:44:a7:d7:ae:ac:aa:e3:
5c:e8:26:ea:e9:76:06:66:57:c2:62:58:54:71:43:
a5:56:f0:75:31:90:62:2a:52:cb:e3:38:be:2b:15:
cd:c8:a0:3a:2e:18:ab:17:3c:f5:32:3c:fb:7f:69:
40:43:37:42:8f:53:f8:24:a9:ec:01:fa:e0:22:4e:
2c:0a:10:8a:96:37:68:68:9e:0a:bb:6c:89:c7:f8:
2b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D1:F6:79:C9:6D:20:5C:2D:47:1C:94:A8:0D:EF:60:D9:11:26:1C
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918E85E/5BC1267AEFF311EE977CAC31C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918E85E/5BC1267AEFF311EE977CAC31C4F9AE02/ctH2ecltIFwtRxyUqA3vYNkRJhw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.148.0/23
Signature Algorithm: sha256WithRSAEncryption
59:97:fb:81:6d:77:e7:16:44:51:e8:57:84:58:6b:0c:bd:cd:
f6:5c:4b:be:14:6b:49:2b:36:df:b9:df:07:60:53:80:23:c2:
4e:32:90:6a:f9:5c:a9:5e:64:6e:20:e9:11:87:25:c3:18:d4:
53:01:4e:c7:9f:6e:3f:18:5d:6d:0a:e1:1b:8f:99:3a:ad:21:
86:ac:58:c9:82:fd:86:db:ba:9a:22:66:37:0a:22:d8:62:77:
0d:5d:86:3c:28:bb:eb:82:3b:37:8a:1d:9a:77:6e:0c:db:c4:
bf:bf:ef:e4:41:fd:09:f6:70:db:ae:bc:81:26:8c:df:95:7b:
b7:17:61:09:1a:33:f2:b9:af:85:12:4f:b6:1b:00:8e:dd:73:
6d:23:df:df:fb:bc:89:54:82:d7:08:3e:76:f1:f7:9d:bb:4b:
c8:5e:d3:ec:10:9e:0b:f0:98:2c:02:a8:d2:aa:bb:68:25:1e:
54:f7:d6:a2:bd:7d:fe:ee:25:ec:e6:a9:3d:be:8b:91:50:f6:
7a:27:ff:25:21:a1:f6:c0:73:12:2d:a9:5f:aa:c8:43:16:2e:
6b:32:74:ed:d0:f9:a8:0b:3f:85:67:69:90:cd:10:e2:cd:39:
87:5f:9d:89:27:00:50:a4:78:7c:ee:a6:ba:82:cb:e9:76:39:
75:7e:66:53
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICY2cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwMzI3MTYyODA3WhcNMjYwNTI4MDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE4RTg1RTExMC8GA1UEBRMoNzJEMUY2NzlDOTZEMjA1QzJENDcxQzk0
QTgwREVGNjBEOTExMjYxQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AOEL+2ban1wRlksjXDCNn2lbR5grSvfjqbWW73NoSBU6ruruYVg6uJgEAe1R8h9C
kygrmtlxPRwhvDaV6UVRgay+bAzgEFu6ZsedwKMmP9dWDRZiWB1yCvAcadpaaCO2
EZZw9aOyg2d4JkzjxL2pGsBJkZ/mlglgrnJfan1aFXBEY4neMf8NGJ6Ahj99ZqLE
A3czsNaYKGMOdNTKYcKlYZLdtzpXOGPojiEEOD5Ep9eurKrjXOgm6ul2BmZXwmJY
VHFDpVbwdTGQYipSy+M4visVzcigOi4Yqxc89TI8+39pQEM3Qo9T+CSp7AH64CJO
LAoQipY3aGieCrtsicf4K9ECAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRy0fZ5yW0g
XC1HHJSoDe9g2REmHDAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEU4NUUvNUJDMTI2N0FFRkYzMTFFRTk3N0NBQzMxQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFODVFLzVCQzEyNjdBRUZGMzExRUU5NzdDQUMzMUM0RjlBRTAyL2N0SDJlY2x0
SUZ3dFJ4eVVxQTN2WU5rUkpody5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0UlDANBgkqhkiG9w0BAQsFAAOCAQEAWZf7gW135xZEUehXhFhr
DL3N9lxLvhRrSSs237nfB2BTgCPCTjKQavlcqV5kbiDpEYclwxjUUwFOx59uPxhd
bQrhG4+ZOq0hhqxYyYL9htu6miJmNwoi2GJ3DV2GPCi764I7N4odmnduDNvEv7/v
5EH9CfZw2668gSaM35V7txdhCRoz8rmvhRJPthsAjt1zbSPf3/u8iVSC1wg+dvH3
nbtLyF7T7BCeC/CYLAKo0qq7aCUeVPfWor19/u4l7OapPb6LkVD2eif/JSGh9sBz
Ei2pX6rIQxYuazJ07dD5qAs/hWdpkM0Q4s05h1+diScAUKR4fO6muoLL6XY5dX5m
Uw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:51:22 2025 by rpki-client