Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ztCtuZ-AP0QfUNzLg87nIHbcMog.cer
File: ztCtuZ-AP0QfUNzLg87nIHbcMog.cer (raw, json)
Hash identifier: VUwN+in6FUvW/gnNODDfjQMWr7F0GL8EGmLktWDDHqU=
Subject key identifier: CE:D0:AD:B9:9F:80:3F:44:1F:50:DC:CB:83:CE:E7:20:76:DC:32:88
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6071
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9158D5B/7CC8F19E45B711EFA6DFD032C4F9AE02/ztCtuZ-AP0QfUNzLg87nIHbcMog.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9158D5B/7CC8F19E45B711EFA6DFD032C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 08 Jan 2025 15:10:29 +0000
Certificate not after: Mon 02 Mar 2026 00:00:00 +0000
Subordinate resources: IP: 157.10.144.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 02:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24689 (0x6071)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 8 15:10:29 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=A9158D5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:24:5f:84:7f:36:86:83:e1:5d:2d:f0:4e:d8:
8a:8b:08:f9:d1:fe:6b:f4:0c:4b:a0:be:ee:30:cd:
a9:00:4e:ce:47:ed:4f:8c:13:fc:b2:f6:6a:7c:36:
76:23:8b:45:4d:9c:77:b2:3d:61:72:fe:ff:39:9e:
50:fc:1d:f1:50:f0:b4:01:c9:81:49:9b:c6:ec:0a:
dc:59:8a:a1:e1:84:8a:44:0d:c3:74:c2:91:5b:35:
bc:cd:6c:6a:60:76:ab:e6:ea:dc:0d:f5:f8:e6:e2:
60:90:06:24:f7:96:59:ec:6e:ba:2e:92:90:73:07:
dc:43:b4:8a:db:b9:d6:c6:3e:b6:84:b8:dc:88:38:
36:8d:08:9a:12:d6:29:e3:66:88:ef:49:11:75:33:
3a:42:fc:9b:51:6d:c2:e8:c6:f3:f5:e5:06:8a:6c:
31:fd:31:0e:45:ec:43:ea:a2:86:92:e9:f4:88:81:
c6:c4:79:0c:04:5c:d6:3c:5a:32:e4:e3:5e:67:b6:
4e:a6:94:82:1d:df:b5:84:5d:11:81:cc:e3:ea:b7:
d8:a7:fa:47:0c:e7:1e:45:50:b0:3e:a2:52:02:bc:
d5:44:0f:d4:cc:40:2a:af:d5:e5:d3:54:b4:8c:12:
a3:9d:64:4f:14:cf:6e:3e:3f:99:57:c9:08:2a:6e:
e2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D0:AD:B9:9F:80:3F:44:1F:50:DC:CB:83:CE:E7:20:76:DC:32:88
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9158D5B/7CC8F19E45B711EFA6DFD032C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9158D5B/7CC8F19E45B711EFA6DFD032C4F9AE02/ztCtuZ-AP0QfUNzLg87nIHbcMog.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.144.0/23
Signature Algorithm: sha256WithRSAEncryption
21:f7:5e:7e:03:17:65:6b:fe:be:df:2c:00:89:df:07:d6:b0:
55:ab:c0:20:f6:8f:09:e2:db:cc:a4:51:ad:ed:f1:86:5c:af:
c9:b1:45:cf:ad:e3:cf:63:1d:e4:06:04:90:b6:f8:3a:e2:88:
fd:d5:bc:64:2d:bf:75:67:6f:88:1c:a0:75:e8:1e:76:b2:08:
a1:ae:e6:7e:53:00:0c:fd:87:6c:10:a3:51:05:e3:68:f4:c9:
8b:57:42:09:ec:97:64:17:8f:72:09:5b:53:65:73:d9:f6:a8:
b8:f0:87:3b:3d:06:ce:a9:d0:04:b0:2f:c4:a5:84:be:f9:cd:
58:99:14:e3:6f:1e:3a:c7:bf:a9:5a:c3:3f:d8:18:4e:8c:56:
27:38:c0:e2:3d:7c:9b:3f:9c:7c:aa:f8:8b:b0:41:73:73:9e:
d9:d8:60:58:6a:33:ba:92:f8:c8:ab:6e:95:01:03:f0:ab:1f:
06:09:1e:38:98:13:8c:94:38:d9:fc:39:c2:d1:16:0c:0c:36:
d5:ae:c8:d6:49:53:3f:e7:ef:78:a0:1d:fe:8d:45:ee:6a:32:
bd:07:7d:dd:f2:36:09:56:fa:ec:9a:32:60:97:42:bd:22:d0:
36:34:9a:f9:37:2a:dc:fe:d8:cd:4e:02:73:27:78:56:97:71:
d2:65:7d:00
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICYHEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwMTA4MTUxMDI5WhcNMjYwMzAyMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE1OEQ1QjExMC8GA1UEBRMoQ0VEMEFEQjk5RjgwM0Y0NDFGNTBEQ0NC
ODNDRUU3MjA3NkRDMzI4ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AK4kX4R/NoaD4V0t8E7YiosI+dH+a/QMS6C+7jDNqQBOzkftT4wT/LL2anw2diOL
RU2cd7I9YXL+/zmeUPwd8VDwtAHJgUmbxuwK3FmKoeGEikQNw3TCkVs1vM1samB2
q+bq3A31+ObiYJAGJPeWWexuui6SkHMH3EO0itu51sY+toS43Ig4No0ImhLWKeNm
iO9JEXUzOkL8m1FtwujG8/XlBopsMf0xDkXsQ+qihpLp9IiBxsR5DARc1jxaMuTj
Xme2TqaUgh3ftYRdEYHM4+q32Kf6RwznHkVQsD6iUgK81UQP1MxAKq/V5dNUtIwS
o51kTxTPbj4/mVfJCCpu4rECAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTO0K25n4A/
RB9Q3MuDzucgdtwyiDAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NThENUIvN0NDOEYxOUU0NUI3MTFFRkE2REZEMDMyQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTU4RDVCLzdDQzhGMTlFNDVCNzExRUZBNkRGRDAzMkM0RjlBRTAyL3p0Q3R1Wi1B
UDBRZlVOekxnODduSUhiY01vZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0KkDANBgkqhkiG9w0BAQsFAAOCAQEAIfdefgMXZWv+vt8sAInf
B9awVavAIPaPCeLbzKRRre3xhlyvybFFz63jz2Md5AYEkLb4OuKI/dW8ZC2/dWdv
iBygdegedrIIoa7mflMADP2HbBCjUQXjaPTJi1dCCeyXZBePcglbU2Vz2faouPCH
Oz0GzqnQBLAvxKWEvvnNWJkU428eOse/qVrDP9gYToxWJzjA4j18mz+cfKr4i7BB
c3Oe2dhgWGozupL4yKtulQED8KsfBgkeOJgTjJQ42fw5wtEWDAw21a7I1klTP+fv
eKAd/o1F7moyvQd93fI2CVb67JoyYJdCvSLQNjSa+Tcq3P7YzU4Ccyd4Vpdx0mV9
AA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:39:36 2025 by rpki-client