Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Ycen8b73n3HG36JXIoEw9ACHYU.cer
File: 1Ycen8b73n3HG36JXIoEw9ACHYU.cer (raw, json)
Hash identifier: 1JH6LYQD8d9tsOO4t3ROmJNDBqsqxzMIpwgAEGUUTcs=
Subject key identifier: D5:87:1E:9F:C6:FB:DE:7D:C7:1B:7E:89:5C:8A:04:C3:D0:02:1D:85
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023063
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91F8A49/47D0446447B711EE8A0A9C43C4F9AE02/1Ycen8b73n3HG36JXIoEw9ACHYU.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91F8A49/47D0446447B711EE8A0A9C43C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 11 Feb 2025 03:54:55 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: AS: 4865
AS: 134783
IP: 103.250.0.0/22
IP: 202.6.120.0/22
IP: 202.58.248.0/22
IP: 2406:cd00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Apr 2025 23:51:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143459 (0x23063)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Feb 11 03:54:55 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A91F8A49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ef:63:ce:07:0e:17:38:9e:50:89:2e:d1:9d:
b6:f0:08:b1:9e:c7:9c:57:33:4c:6c:88:3d:24:43:
66:6f:f7:2f:e0:6a:7e:12:c0:f7:47:54:ee:12:4c:
db:59:c0:43:7e:c4:bf:91:33:4c:9a:49:2c:ff:05:
e0:e5:da:4b:5e:06:61:da:21:ef:b0:ad:91:5d:60:
e7:ea:9b:34:51:bc:4a:5c:42:2d:e3:54:75:81:d2:
41:67:65:e1:ad:37:db:db:b1:2c:7d:c4:29:ed:c8:
46:b6:38:6c:9f:d6:06:21:53:0e:38:3d:11:f0:cc:
85:0c:5e:23:f2:9a:24:f8:45:71:33:28:b6:20:e5:
cf:59:f6:2b:54:89:4a:08:e4:65:7a:ed:c9:af:ce:
dd:b7:96:a3:9d:7a:36:8f:ca:57:88:44:ce:f2:58:
a7:de:9a:46:91:32:5b:ee:17:4f:6c:62:c3:83:82:
d9:6a:67:3c:d5:34:34:1a:dc:31:e0:78:61:4b:62:
03:0e:77:6d:36:72:74:7d:1c:bd:dd:d6:fb:02:c6:
89:1d:7c:63:92:3c:4f:2e:84:aa:58:a1:4c:0a:9f:
c8:17:5f:08:36:67:d7:d7:f1:1f:4c:33:07:c2:e3:
50:b2:67:da:31:15:a5:30:35:aa:84:8d:76:01:b2:
47:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:87:1E:9F:C6:FB:DE:7D:C7:1B:7E:89:5C:8A:04:C3:D0:02:1D:85
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F8A49/47D0446447B711EE8A0A9C43C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F8A49/47D0446447B711EE8A0A9C43C4F9AE02/1Ycen8b73n3HG36JXIoEw9ACHYU.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
4865
134783
sbgp-ipAddrBlock: critical
IPv4:
103.250.0.0/22
202.6.120.0/22
202.58.248.0/22
IPv6:
2406:cd00::/32
Signature Algorithm: sha256WithRSAEncryption
76:e1:6c:87:27:dd:01:83:2e:e0:4e:52:cc:b1:11:f0:97:91:
12:e6:01:37:e3:18:a7:29:31:08:d9:23:8b:4c:af:e7:6d:b5:
40:12:1e:57:10:f7:6e:3f:15:2b:10:2b:b2:f7:74:07:a0:e6:
be:e7:df:cc:d3:0c:27:40:f9:5f:f8:d6:21:fa:34:48:f6:6a:
eb:e0:0c:03:cd:56:f7:89:0a:7b:7f:f9:42:3b:5d:44:84:64:
a0:fe:9f:26:af:63:49:1c:41:f6:53:5a:3a:bb:58:24:f7:18:
c7:9b:da:4b:d2:27:15:83:ef:0f:86:18:de:b1:8b:55:d9:fe:
c2:71:04:37:13:06:89:a2:dd:15:ad:e6:7a:eb:4d:25:e5:20:
98:fe:21:dd:c8:9b:ec:75:18:e0:61:03:b6:0b:da:e2:4b:46:
5e:a8:ce:cf:77:b7:17:8c:01:4c:a1:e9:70:f9:d3:1c:3d:42:
64:6e:9f:f3:61:18:9f:9e:43:58:db:e4:3f:a8:bf:26:b6:cd:
b2:35:91:c4:61:22:b3:84:56:7f:b9:0f:0f:ae:9c:53:2f:e2:
df:d8:e0:d8:7e:e9:49:3b:d5:d4:e4:de:b5:f7:e3:88:33:eb:
3d:8b:cc:20:ab:97:21:33:5a:46:6b:89:7d:71:f8:e2:67:d1:
ac:f9:92:f2
-----BEGIN CERTIFICATE-----
MIIGOTCCBSGgAwIBAgIDAjBjMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDIxMTAzNTQ1NVoXDTI2MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRjhBNDkxMTAvBgNVBAUTKEQ1ODcxRTlGQzZGQkRFN0RDNzFCN0U4
OTVDOEEwNEMzRDAwMjFEODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDf72POBw4XOJ5QiS7RnbbwCLGex5xXM0xsiD0kQ2Zv9y/gan4SwPdHVO4STNtZ
wEN+xL+RM0yaSSz/BeDl2kteBmHaIe+wrZFdYOfqmzRRvEpcQi3jVHWB0kFnZeGt
N9vbsSx9xCntyEa2OGyf1gYhUw44PRHwzIUMXiPymiT4RXEzKLYg5c9Z9itUiUoI
5GV67cmvzt23lqOdejaPyleIRM7yWKfemkaRMlvuF09sYsODgtlqZzzVNDQa3DHg
eGFLYgMOd202cnR9HL3d1vsCxokdfGOSPE8uhKpYoUwKn8gXXwg2Z9fX8R9MMwfC
41CyZ9oxFaUwNaqEjXYBske9AgMBAAGjggMuMIIDKjAdBgNVHQ4EFgQU1Ycen8b7
3n3HG36JXIoEw9ACHYUwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUY4QTQ5LzQ3RDA0NDY0NDdCNzExRUU4QTBBOUM0M0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGOEE0OS80N0QwNDQ2NDQ3QjcxMUVFOEEwQTlDNDNDNEY5QUUwMi8xWWNlbjhi
NzNuM0hHMzZKWElvRXc5QUNIWVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQgBAf8EDzAN
oAswCQICEwECAwIOfzA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAmf6AAME
AsoGeAMEAso6+DANBAIAAjAHAwUAJAbNADANBgkqhkiG9w0BAQsFAAOCAQEAduFs
hyfdAYMu4E5SzLER8JeREuYBN+MYpykxCNkji0yv5221QBIeVxD3bj8VKxArsvd0
B6DmvuffzNMMJ0D5X/jWIfo0SPZq6+AMA81W94kKe3/5QjtdRIRkoP6fJq9jSRxB
9lNaOrtYJPcYx5vaS9InFYPvD4YY3rGLVdn+wnEENxMGiaLdFa3meutNJeUgmP4h
3cib7HUY4GEDtgva4ktGXqjOz3e3F4wBTKHpcPnTHD1CZG6f82EYn55DWNvkP6i/
JrbNsjWRxGEis4RWf7kPD66cUy/i39jg2H7pSTvV1OTetffjiDPrPYvMIKuXITNa
RmuJfXH44mfRrPmS8g==
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:11:40 2025 by rpki-client