Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vdXpp28axMjlF5fs6Z49zuzudJM.cer
File: vdXpp28axMjlF5fs6Z49zuzudJM.cer (raw, json)
Hash identifier: GWPcVwvSDHKAFAUXaOCYvtrQD7WtzDF/S4MOWVkO7uk=
Subject key identifier: BD:D5:E9:A7:6F:1A:C4:C8:E5:17:97:EC:E9:9E:3D:CE:EC:EE:74:93
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5443
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/vdXpp28axMjlF5fs6Z49zuzudJM.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 04 Apr 2024 20:52:58 +0000
Certificate not after: Wed 28 May 2025 00:00:00 +0000
Subordinate resources: IP: 152.32.128.0/17
IP: 165.154.0.0 -- 165.154.191.255
IP: 165.154.218.0 -- 165.154.223.255
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21571 (0x5443)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Apr 4 20:52:58 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=A9186E8A/serialNumber=BDD5E9A76F1AC4C8E51797ECE99E3DCEECEE7493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c2:f9:0b:1e:e5:f6:79:5c:cb:9d:21:16:2d:
1f:fb:31:22:31:96:7c:d6:e2:0d:1c:2b:c5:26:a0:
35:a9:d6:a9:19:0b:9f:d0:be:2a:64:42:4b:9b:39:
e8:75:d9:2b:78:eb:99:cf:9a:68:35:a1:f5:02:b9:
d6:16:a0:e5:8a:5a:17:1e:81:48:f6:0d:71:43:ee:
b0:89:6f:44:b5:a7:3d:60:56:54:95:0c:16:f8:6b:
05:80:ff:9b:6f:34:5c:86:d6:71:af:45:b6:25:2a:
d4:b9:e1:2b:86:61:9b:4d:53:99:b6:e6:a7:86:14:
95:5f:cd:d3:ff:c1:21:82:fb:9a:70:2b:6e:67:8d:
2c:fc:a4:92:c1:24:02:c8:76:9f:7e:0d:56:a2:e7:
27:64:27:81:3c:0e:90:24:27:06:2b:a3:9c:be:d9:
55:12:d4:02:71:8f:0e:e5:48:b6:c1:5c:84:ed:90:
77:5e:7d:ad:ea:af:8a:ba:f1:d4:53:50:93:92:9d:
a0:40:8e:1a:1d:b9:b1:7b:cf:48:07:7c:5c:6a:67:
9e:ee:81:9d:e7:98:0c:4f:22:de:fd:b1:9e:c3:84:
21:92:ed:d7:cf:33:a7:8c:57:05:44:3f:2a:c4:85:
42:a7:34:7b:d2:36:0d:ef:fd:50:a1:bd:ca:c1:fb:
e7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D5:E9:A7:6F:1A:C4:C8:E5:17:97:EC:E9:9E:3D:CE:EC:EE:74:93
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/vdXpp28axMjlF5fs6Z49zuzudJM.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
152.32.128.0/17
165.154.0.0-165.154.191.255
165.154.218.0-165.154.223.255
Signature Algorithm: sha256WithRSAEncryption
44:98:e7:83:a7:5e:ef:11:e3:83:98:a6:45:d8:d2:41:94:fa:
81:35:99:10:ee:e7:f7:52:3f:22:48:86:a2:9c:b6:00:2a:ba:
c2:d0:8f:b9:2b:17:f2:c8:81:5d:e7:ee:ce:33:98:78:76:00:
05:ee:df:40:d8:2f:24:fe:8d:31:47:e4:f5:0a:de:02:7f:55:
92:25:63:fe:eb:35:fa:18:eb:b0:d0:75:29:15:89:a2:8b:af:
35:7d:2d:63:ff:74:9f:75:3b:5d:50:9e:31:9f:55:2b:14:93:
e1:b2:4d:af:17:b3:52:db:32:27:b7:77:dd:d5:06:1c:ec:13:
31:83:c1:3a:cd:66:98:2b:21:2d:66:51:fd:b0:d2:9a:d6:f5:
70:36:af:e9:a9:9b:02:80:e7:07:08:d6:e3:74:a0:e5:09:6c:
be:2d:1b:2a:81:fa:51:e8:9f:95:5d:21:8f:4e:61:f9:8d:ea:
23:f6:bb:60:a8:4a:27:cd:ce:fe:5b:aa:97:c1:d7:51:4f:14:
17:db:b5:6e:4a:2d:8a:90:f5:14:b6:bb:12:ac:38:68:dd:9e:
9e:9d:8a:6f:2d:3d:d6:28:e7:6e:e2:0e:ad:44:01:8a:4c:cb:
09:33:f5:dc:2d:f7:be:6f:b9:85:96:14:6b:5d:a5:ed:24:98:
ea:dc:ce:e2
-----BEGIN CERTIFICATE-----
MIIGGDCCBQCgAwIBAgICVEMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwNDA0MjA1MjU4WhcNMjUwNTI4MDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE4NkU4QTExMC8GA1UEBRMoQkRENUU5QTc2RjFBQzRDOEU1MTc5N0VD
RTk5RTNEQ0VFQ0VFNzQ5MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANnC+Qse5fZ5XMudIRYtH/sxIjGWfNbiDRwrxSagNanWqRkLn9C+KmRCS5s56HXZ
K3jrmc+aaDWh9QK51hag5YpaFx6BSPYNcUPusIlvRLWnPWBWVJUMFvhrBYD/m280
XIbWca9FtiUq1LnhK4Zhm01Tmbbmp4YUlV/N0//BIYL7mnArbmeNLPykksEkAsh2
n34NVqLnJ2QngTwOkCQnBiujnL7ZVRLUAnGPDuVItsFchO2Qd159reqvirrx1FNQ
k5KdoECOGh25sXvPSAd8XGpnnu6BneeYDE8i3v2xnsOEIZLt188zp4xXBUQ/KsSF
Qqc0e9I2De/9UKG9ysH758sCAwEAAaOCAw4wggMKMB0GA1UdDgQWBBS91emnbxrE
yOUXl+zpnj3O7O50kzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZFOEEvMzE0OERDOUUyREZGMTFFQjg2OEE5MTM1QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTg2RThBLzMxNDhEQzlFMkRGRjExRUI4NjhBOTEzNUM0RjlBRTAyL3ZkWHBwMjhh
eE1qbEY1ZnM2WjQ5enV6dWRKTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA6BggrBgEFBQcBBwEB/wQrMCkw
JwQCAAEwIQMEB5gggDALAwMBpZoDBAalmoAwDAMEAaWa2gMEBaWawDANBgkqhkiG
9w0BAQsFAAOCAQEARJjng6de7xHjg5imRdjSQZT6gTWZEO7n91I/IkiGopy2ACq6
wtCPuSsX8siBXefuzjOYeHYABe7fQNgvJP6NMUfk9QreAn9VkiVj/us1+hjrsNB1
KRWJoouvNX0tY/90n3U7XVCeMZ9VKxST4bJNrxezUtsyJ7d33dUGHOwTMYPBOs1m
mCshLWZR/bDSmtb1cDav6ambAoDnBwjW43Sg5Qlsvi0bKoH6UeiflV0hj05h+Y3q
I/a7YKhKJ83O/luql8HXUU8UF9u1bkotipD1FLa7Eqw4aN2enp2Kby091ijnbuIO
rUQBikzLCTP13C33vm+5hZYUa12l7SSY6tzO4g==
-----END CERTIFICATE-----
Generated at Thu May 9 03:29:32 2024 by rpki-client on console-fra.rpki-client.org