Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4RQ3jak0hhRp9JXZdZjg8AKJwzA.cer
File: 4RQ3jak0hhRp9JXZdZjg8AKJwzA.cer (raw, json)
Hash identifier: dRyrHv+MXfsPhbJzCsGtvZADyQ1Pu4oIr3UsixrwZc8=
Subject key identifier: E1:14:37:8D:A9:34:86:14:69:F4:95:D9:75:98:E0:F0:02:89:C3:30
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02279A
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft
caRepository: rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 06 Jan 2025 16:56:35 +0000
Certificate not after: Fri 31 Oct 2025 00:00:00 +0000
Subordinate resources: AS: 142587
IP: 103.170.76.0/23
IP: 2001:df7:1580::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Apr 2025 23:51:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141210 (0x2279a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 6 16:56:35 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=A917F0AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:87:5f:88:b1:f9:05:a9:04:91:71:f6:c7:7c:
23:bf:9f:42:d4:3b:c2:82:00:3f:05:27:60:74:c1:
71:9c:83:e6:97:e8:c9:48:49:89:7a:72:5f:69:a8:
dd:e4:71:08:1e:9e:56:e0:b2:9b:20:6a:93:c8:c5:
9c:3e:54:ae:d3:c8:f0:06:cc:0f:b7:3c:bc:0d:e0:
17:cf:bd:c7:cb:b9:48:b3:17:5d:bb:cb:36:48:3b:
5a:78:a1:5e:d9:95:64:2c:97:ff:ac:12:59:8b:71:
30:b2:98:b2:4a:97:d4:cf:6c:00:09:39:23:e3:24:
fe:38:fe:0d:2c:96:38:1b:29:fd:06:73:b5:18:be:
ff:df:f9:63:33:5e:6a:97:f0:8e:df:36:0c:6c:14:
88:80:dd:3a:1a:ff:a0:b9:c7:26:78:97:48:50:a4:
cd:4e:b1:74:0d:e4:8f:6d:ca:a2:8a:70:14:e6:c5:
39:80:ce:1b:6b:0f:1d:3a:d0:c4:07:fe:6a:d3:2c:
21:1f:70:72:b8:f1:50:f5:94:29:7f:c6:a0:28:92:
02:b4:2f:e9:0f:c9:00:68:7b:ed:c0:b9:e2:85:0b:
6a:c6:8d:38:cc:b1:49:f3:4e:54:87:a3:e1:14:21:
fc:d6:1c:38:5d:5a:3b:58:2f:26:e0:00:93:06:98:
7e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:14:37:8D:A9:34:86:14:69:F4:95:D9:75:98:E0:F0:02:89:C3:30
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917F0AF/2D7A7E0ECC4F11EFA89A8F14C4F9AE02/4RQ3jak0hhRp9JXZdZjg8AKJwzA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
142587
sbgp-ipAddrBlock: critical
IPv4:
103.170.76.0/23
IPv6:
2001:df7:1580::/48
Signature Algorithm: sha256WithRSAEncryption
d4:13:a6:ed:8d:45:9c:81:f9:c0:43:1c:f6:7a:9e:1b:8f:ca:
ab:f2:d7:1d:71:ae:1e:54:55:48:c6:36:ae:4b:0a:1b:8f:d2:
ca:90:20:80:16:28:5e:f8:4f:7a:11:a2:68:aa:85:03:09:83:
67:42:de:5b:ab:1f:14:a0:85:12:dc:be:ab:5e:1b:11:97:18:
2a:9d:70:7a:38:60:57:68:79:d1:b1:02:98:2b:08:5c:bf:76:
8b:8b:67:25:e1:38:9a:c9:df:04:30:9c:24:ba:12:f3:db:b3:
c0:eb:4f:4b:6e:62:48:16:b3:4d:81:6f:97:36:78:6e:66:34:
9e:4f:de:7c:a0:5d:59:55:52:fa:5b:34:d9:ee:64:07:48:00:
56:fc:53:f6:b0:e3:f9:51:8d:d2:a9:24:8f:fd:a8:3c:e9:ce:
ac:84:67:96:c6:0d:d6:37:4f:85:e4:aa:4c:52:4a:13:23:ce:
26:23:8f:7d:1e:13:fa:40:fa:60:fe:22:21:74:5b:8e:b8:3a:
1a:a2:34:3c:ee:58:2b:7d:0f:fd:d3:67:87:0c:dc:44:3f:ab:
d2:f8:bc:8b:3a:7c:50:0e:fc:ad:0d:ac:86:13:af:70:90:c6:
b4:2c:ee:7f:63:a4:c8:dd:87:34:19:85:81:cc:b2:b1:d3:b0:
09:a6:d0:88
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAieaMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDEwNjE2NTYzNVoXDTI1MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxN0YwQUYxMTAvBgNVBAUTKEUxMTQzNzhEQTkzNDg2MTQ2OUY0OTVE
OTc1OThFMEYwMDI4OUMzMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDdh1+IsfkFqQSRcfbHfCO/n0LUO8KCAD8FJ2B0wXGcg+aX6MlISYl6cl9pqN3k
cQgenlbgspsgapPIxZw+VK7TyPAGzA+3PLwN4BfPvcfLuUizF127yzZIO1p4oV7Z
lWQsl/+sElmLcTCymLJKl9TPbAAJOSPjJP44/g0sljgbKf0Gc7UYvv/f+WMzXmqX
8I7fNgxsFIiA3Toa/6C5xyZ4l0hQpM1OsXQN5I9tyqKKcBTmxTmAzhtrDx060MQH
/mrTLCEfcHK48VD1lCl/xqAokgK0L+kPyQBoe+3AueKFC2rGjTjMsUnzTlSHo+EU
IfzWHDhdWjtYLybgAJMGmH6hAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQU4RQ3jak0
hhRp9JXZdZjg8AKJwzAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTdGMEFGLzJEN0E3RTBFQ0M0RjExRUZBODlBOEYxNEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3RjBBRi8yRDdBN0UwRUNDNEYxMUVGQTg5QThGMTRDNEY5QUUwMi80UlEzamFr
MGhoUnA5SlhaZFpqZzhBS0p3ekEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiz7MDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ6pMMA8EAgAC
MAkDBwAgAQ33FYAwDQYJKoZIhvcNAQELBQADggEBANQTpu2NRZyB+cBDHPZ6nhuP
yqvy1x1xrh5UVUjGNq5LChuP0sqQIIAWKF74T3oRomiqhQMJg2dC3lurHxSghRLc
vqteGxGXGCqdcHo4YFdoedGxApgrCFy/douLZyXhOJrJ3wQwnCS6EvPbs8DrT0tu
YkgWs02Bb5c2eG5mNJ5P3nygXVlVUvpbNNnuZAdIAFb8U/aw4/lRjdKpJI/9qDzp
zqyEZ5bGDdY3T4XkqkxSShMjziYjj30eE/pA+mD+IiF0W464OhqiNDzuWCt9D/3T
Z4cM3EQ/q9L4vIs6fFAO/K0NrIYTr3CQxrQs7n9jpMjdhzQZhYHMsrHTsAmm0Ig=
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:15:43 2025 by rpki-client