Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vaPoqCMceH9rfxi8FGuV-1wDjtk.cer
File: vaPoqCMceH9rfxi8FGuV-1wDjtk.cer (raw, json)
Hash identifier: kfvVHwG+/UQP6PoP6ZAgSKarqHE3pTnRdWpv8Q4jE7M=
Subject key identifier: BD:A3:E8:A8:23:1C:78:7F:6B:7F:18:BC:14:6B:95:FB:5C:03:8E:D9
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 62B0
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91AE8D7/4B01C4A6F93F11EFB7EAB425C4F9AE02/vaPoqCMceH9rfxi8FGuV-1wDjtk.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91AE8D7/4B01C4A6F93F11EFB7EAB425C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 04 Mar 2025 21:26:16 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: IP: 160.191.68.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25264 (0x62b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Mar 4 21:26:16 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A91AE8D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:28:fa:09:11:a9:16:68:08:d4:ea:7c:c1:c5:
13:e4:e8:e2:95:16:3e:db:5b:49:ee:60:a4:36:7f:
1d:5e:4e:d6:43:26:8e:45:20:86:93:b5:1d:99:3b:
20:af:a8:ff:85:5a:b8:f1:75:39:e3:e4:3e:b6:68:
ab:70:4d:b1:00:bf:ef:40:4c:b1:ea:d4:6a:4a:0c:
ab:ca:15:3b:dd:97:eb:99:d8:6c:86:e7:bb:a3:9a:
53:68:be:2e:37:55:06:a3:a4:d0:78:5e:ad:77:f6:
b2:c3:9a:57:5c:d2:b5:6b:95:18:88:86:33:62:23:
bc:26:04:32:12:f9:3b:7f:41:25:39:95:f5:29:99:
69:4f:af:52:3f:f3:b7:45:d2:29:1f:38:4f:20:be:
8c:26:7e:29:3c:78:e3:e2:14:09:af:56:bb:fa:f6:
14:b4:f9:fc:bd:0a:04:79:e0:85:94:f7:24:22:04:
9f:a7:16:d5:d3:1b:19:b1:c4:71:ea:ef:f5:aa:3f:
dc:53:df:89:38:7f:29:8b:89:ea:dc:ec:f5:cc:76:
29:79:a5:04:f3:a0:7b:57:96:f0:1c:cc:18:c4:13:
78:47:5e:40:9f:3b:50:3a:ec:cc:c1:9d:d1:30:02:
5e:cc:ef:1c:a1:ed:cb:e3:71:7d:11:a2:63:57:c3:
94:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:A3:E8:A8:23:1C:78:7F:6B:7F:18:BC:14:6B:95:FB:5C:03:8E:D9
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91AE8D7/4B01C4A6F93F11EFB7EAB425C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91AE8D7/4B01C4A6F93F11EFB7EAB425C4F9AE02/vaPoqCMceH9rfxi8FGuV-1wDjtk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.68.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:a4:01:07:41:ea:e3:6c:40:b9:d4:15:c7:99:26:2a:c1:ad:
ce:77:25:93:cd:6d:cf:b7:ad:b3:56:6b:e8:a5:48:59:d7:97:
ed:7d:4d:01:f4:a3:22:75:ff:aa:fb:f5:e9:db:61:08:33:59:
e2:b3:84:d9:4f:ed:b8:7f:09:90:66:92:13:cc:39:55:72:ff:
56:d3:a2:69:bb:07:c1:61:b2:d1:76:e0:3c:ba:40:b0:d3:5d:
b0:e0:40:0f:c0:8e:a2:a1:5e:09:45:1c:dd:1c:8b:a2:b2:01:
88:77:1d:9a:df:03:78:a7:15:4f:8a:e6:bd:03:b9:fb:46:67:
b8:39:94:28:ba:f9:9e:7b:35:65:54:e0:7f:fc:7c:a1:39:0c:
15:18:16:6d:44:60:35:fe:f2:58:36:1e:60:71:d9:66:87:69:
06:16:05:ef:05:e3:18:fc:8e:92:45:eb:c9:5d:81:d5:16:c7:
df:e4:a1:cd:49:49:73:e2:92:c2:14:53:1f:41:48:4c:ac:0c:
da:7e:36:63:f1:c3:02:1f:f0:24:a6:6f:92:cf:8d:71:7a:d4:
63:d4:a7:87:3a:34:c2:e6:03:a3:23:d4:dd:19:74:e7:c0:e1:
dc:b7:22:cb:b0:fa:ad:8e:c0:f3:3a:55:0c:7a:1f:41:57:0f:
26:e0:8f:94
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICYrAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwMzA0MjEyNjE2WhcNMjYwMTMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFBRThENzExMC8GA1UEBRMoQkRBM0U4QTgyMzFDNzg3RjZCN0YxOEJD
MTQ2Qjk1RkI1QzAzOEVEOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANIo+gkRqRZoCNTqfMHFE+To4pUWPttbSe5gpDZ/HV5O1kMmjkUghpO1HZk7IK+o
/4VauPF1OePkPrZoq3BNsQC/70BMserUakoMq8oVO92X65nYbIbnu6OaU2i+LjdV
BqOk0HherXf2ssOaV1zStWuVGIiGM2IjvCYEMhL5O39BJTmV9SmZaU+vUj/zt0XS
KR84TyC+jCZ+KTx44+IUCa9Wu/r2FLT5/L0KBHnghZT3JCIEn6cW1dMbGbHEcerv
9ao/3FPfiTh/KYuJ6tzs9cx2KXmlBPOge1eW8BzMGMQTeEdeQJ87UDrszMGd0TAC
XszvHKHty+NxfRGiY1fDlMcCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBS9o+ioIxx4
f2t/GLwUa5X7XAOO2TAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUU4RDcvNEIwMUM0QTZGOTNGMTFFRkI3RUFCNDI1QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUFFOEQ3LzRCMDFDNEE2RjkzRjExRUZCN0VBQjQyNUM0RjlBRTAyL3ZhUG9xQ01j
ZUg5cmZ4aThGR3VWLTF3RGp0ay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaC/RDANBgkqhkiG9w0BAQsFAAOCAQEAX6QBB0Hq42xAudQVx5km
KsGtznclk81tz7ets1Zr6KVIWdeX7X1NAfSjInX/qvv16dthCDNZ4rOE2U/tuH8J
kGaSE8w5VXL/VtOiabsHwWGy0XbgPLpAsNNdsOBAD8COoqFeCUUc3RyLorIBiHcd
mt8DeKcVT4rmvQO5+0ZnuDmUKLr5nns1ZVTgf/x8oTkMFRgWbURgNf7yWDYeYHHZ
ZodpBhYF7wXjGPyOkkXryV2B1RbH3+ShzUlJc+KSwhRTH0FITKwM2n42Y/HDAh/w
JKZvks+NcXrUY9Snhzo0wuYDoyPU3Rl058Dh3Lciy7D6rY7A8zpVDHofQVcPJuCP
lA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:34:33 2025 by rpki-client