Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ovb2YTEslb8FoLUjCxNx1GIv1ic.cer
File: ovb2YTEslb8FoLUjCxNx1GIv1ic.cer (raw, json)
Hash identifier: CsfFKO3PJMzDs3hC0YW+WiYkdLiY9hRH5CDhlJ8JYu8=
Subject key identifier: A2:F6:F6:61:31:2C:95:BF:05:A0:B5:23:0B:13:71:D4:62:2F:D6:27
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 615D
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 22 Jan 2025 17:56:15 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: IP: 161.142.0.0/16
IP: 192.228.128.0/17
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 02:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24925 (0x615d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 22 17:56:15 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=A91E7BC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:cb:8c:c9:6a:11:2c:07:ba:bd:05:90:e5:c5:
56:0c:f1:a2:4f:9c:37:a3:4d:b0:51:09:7a:63:b6:
82:cf:d1:5b:b4:2f:c0:e8:32:82:b6:61:4d:6b:c7:
0b:d6:bf:db:d0:26:d1:96:13:18:c0:6f:2c:fa:e6:
8a:a4:0a:d4:df:a7:0d:6f:42:2e:63:7a:88:ca:c1:
2c:ae:6e:1d:f4:1d:99:0c:c9:7d:98:8a:b0:e6:e9:
d9:3b:f6:b1:e9:55:72:1d:9c:05:91:75:f9:fd:7d:
4f:7a:a3:ff:6f:3a:0b:b8:10:d3:a4:17:c2:5f:75:
71:a5:9c:13:48:fa:7d:a6:53:2a:7f:34:3b:d0:1c:
df:3d:b5:2c:f0:ca:c4:9a:85:0c:07:6e:f6:65:d8:
c3:ca:f9:ff:5a:f2:b7:30:6c:ae:0d:8d:51:43:ec:
be:c5:13:03:b3:c1:35:e5:e9:a7:09:97:34:01:c5:
4a:5a:d1:6e:13:8a:b2:f7:32:56:29:14:86:80:fe:
a5:5d:79:33:72:0d:81:9b:bf:25:3d:bc:d0:cc:65:
db:72:a5:87:17:2c:09:d3:04:82:4f:d8:c8:9d:62:
0f:81:df:9d:00:43:11:07:78:5d:98:40:b0:c5:9d:
96:59:26:9b:fa:df:3d:55:7f:7f:8d:ba:96:0a:5a:
e1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:F6:F6:61:31:2C:95:BF:05:A0:B5:23:0B:13:71:D4:62:2F:D6:27
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.142.0.0/16
192.228.128.0/17
Signature Algorithm: sha256WithRSAEncryption
a7:b7:14:4d:8f:a1:ee:55:11:c6:83:fa:a8:ac:82:3b:30:3d:
f4:5c:bb:0b:75:c3:20:d2:7a:43:ac:fa:32:37:4d:67:50:90:
48:c3:13:74:2e:62:a3:dd:6f:04:89:87:0c:59:8e:e5:23:43:
98:e2:e8:04:60:ca:27:63:80:56:c4:b5:cf:6a:d8:e1:c6:7e:
14:bb:2f:db:a3:97:3d:e2:74:3c:6e:95:19:9c:10:a7:3d:74:
b1:a3:dc:1e:9c:12:2b:96:da:b5:ed:33:85:f2:12:8a:80:fe:
69:b7:5f:2b:b8:e8:1b:43:8b:01:be:ee:63:33:44:f2:3c:3c:
45:47:75:e6:96:63:54:06:e6:2a:a0:ff:25:c6:ff:2e:a7:ae:
44:5d:d9:7d:68:42:cf:47:4d:78:14:00:27:d3:c6:1b:0e:ac:
5d:6e:fe:64:84:db:7c:20:39:89:59:2e:8b:67:5d:38:3a:05:
72:38:b5:5a:4d:02:f6:a2:fa:30:4e:08:a5:01:3d:b7:e2:44:
94:df:a0:39:25:ed:ab:fd:6d:0f:21:fc:91:90:78:6c:91:80:
8b:5b:61:00:d3:33:f4:ca:4d:00:4d:2d:33:82:e4:43:82:bf:
4f:c8:00:02:86:8d:bf:e5:6d:91:28:b3:ac:5d:79:c7:ac:bf:
08:f6:17:92
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgICYV0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwMTIyMTc1NjE1WhcNMjYwMzMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFFN0JDNDExMC8GA1UEBRMoQTJGNkY2NjEzMTJDOTVCRjA1QTBCNTIz
MEIxMzcxRDQ2MjJGRDYyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKnLjMlqESwHur0FkOXFVgzxok+cN6NNsFEJemO2gs/RW7QvwOgygrZhTWvHC9a/
29Am0ZYTGMBvLPrmiqQK1N+nDW9CLmN6iMrBLK5uHfQdmQzJfZiKsObp2Tv2selV
ch2cBZF1+f19T3qj/286C7gQ06QXwl91caWcE0j6faZTKn80O9Ac3z21LPDKxJqF
DAdu9mXYw8r5/1rytzBsrg2NUUPsvsUTA7PBNeXppwmXNAHFSlrRbhOKsvcyVikU
hoD+pV15M3INgZu/JT280Mxl23KlhxcsCdMEgk/YyJ1iD4HfnQBDEQd4XZhAsMWd
llkmm/rfPVV/f426lgpa4UMCAwEAAaOCAvgwggL0MB0GA1UdDgQWBBSi9vZhMSyV
vwWgtSMLE3HUYi/WJzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTdCQzQvMjYxRDI4MzBENTBEMTFFOUJBRDZDMjI2QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU3QkM0LzI2MUQyODMwRDUwRDExRTlCQUQ2QzIyNkM0RjlBRTAyL292YjJZVEVz
bGI4Rm9MVWpDeE54MUdJdjFpYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAkBggrBgEFBQcBBwEB/wQVMBMw
EQQCAAEwCwMDAKGOAwQHwOSAMA0GCSqGSIb3DQEBCwUAA4IBAQCntxRNj6HuVRHG
g/qorII7MD30XLsLdcMg0npDrPoyN01nUJBIwxN0LmKj3W8EiYcMWY7lI0OY4ugE
YMonY4BWxLXPatjhxn4Uuy/bo5c94nQ8bpUZnBCnPXSxo9wenBIrltq17TOF8hKK
gP5pt18ruOgbQ4sBvu5jM0TyPDxFR3XmlmNUBuYqoP8lxv8up65EXdl9aELPR014
FAAn08YbDqxdbv5khNt8IDmJWS6LZ104OgVyOLVaTQL2ovowTgilAT234kSU36A5
Je2r/W0PIfyRkHhskYCLW2EA0zP0yk0ATS0zguRDgr9PyAACho2/5W2RKLOsXXnH
rL8I9heS
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:43:13 2025 by rpki-client