Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hlMc0IL1P2sKL9jO7OvjNcg0LE.cer
File: 4hlMc0IL1P2sKL9jO7OvjNcg0LE.cer (raw, json)
Hash identifier: vWOI3SGMHQ24/6Iw5pXlq/S4zy+pq+UO4wpPMo69PV8=
Subject key identifier: E2:19:4C:73:42:0B:D4:FD:AC:28:BF:63:3B:B3:AF:8C:D7:20:D0:B1
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02287C
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/4hlMc0IL1P2sKL9jO7OvjNcg0LE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 10 Jan 2025 04:56:01 +0000
Certificate not after: Thu 01 May 2025 00:00:00 +0000
Subordinate resources: AS: 24322
AS: 24381
AS: 134409
AS: 135610
AS: 136017
AS: 136489
AS: 136754
AS: 138510
AS: 140884
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 05:08:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141436 (0x2287c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 10 04:56:01 2025 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=A91536B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:00:a0:a9:5f:b6:b3:9e:1b:ed:52:bc:70:78:
d6:5e:c2:46:25:62:1f:f2:96:16:8b:b7:e4:8a:7d:
7f:a6:a1:aa:53:47:e2:02:a9:93:88:2c:2b:30:50:
29:cf:39:d8:f3:5a:f7:ae:6a:58:ce:f5:95:02:29:
1a:21:8f:03:70:3c:b4:c8:e3:e6:5a:8d:0b:37:dd:
54:cf:11:cc:19:36:7d:37:8c:d9:b7:01:1a:83:ee:
ae:b8:c3:50:0b:c3:7a:ea:ca:3f:37:47:ca:d7:ad:
c7:81:5d:00:a3:0d:89:47:d5:52:9d:df:5c:fc:9b:
a7:43:fb:23:c0:cf:60:94:62:98:b3:28:69:3d:7e:
11:c0:b9:78:ec:93:db:68:1e:4d:8c:0c:f0:00:b1:
4d:46:ad:54:a3:2e:31:1f:7b:8c:13:f8:82:61:c7:
00:e1:99:81:fe:83:55:3f:90:88:1d:1b:70:5a:54:
4c:fd:47:08:72:f4:cd:48:2d:cb:23:7f:71:3a:6e:
56:c4:1b:34:e9:c6:74:e0:3f:da:1e:92:67:4c:46:
d9:2a:98:49:4d:0b:e4:fa:62:da:c3:12:3b:d1:07:
01:d2:c5:e2:9c:18:e5:68:cd:38:44:03:25:f8:9e:
63:e8:46:03:2f:d2:15:95:52:d9:ec:65:6e:7b:1e:
16:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:19:4C:73:42:0B:D4:FD:AC:28:BF:63:3B:B3:AF:8C:D7:20:D0:B1
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91536B7/F1CD27B473AD11E7ACBD025EC4F9AE02/4hlMc0IL1P2sKL9jO7OvjNcg0LE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24322
24381
134409
135610
136017
136489
136754
138510
140884
Signature Algorithm: sha256WithRSAEncryption
64:f5:91:97:d9:64:67:eb:35:fa:3f:0f:ac:fe:39:35:89:7b:
92:96:e6:32:0f:2c:d0:b6:d3:78:c2:25:23:29:a5:d7:85:95:
1c:73:29:7b:e2:c4:63:dc:f8:3b:53:a0:e5:3e:17:66:c3:90:
ef:99:39:e6:e1:45:2a:1a:21:ae:98:74:fc:37:8c:e0:51:2a:
3d:36:1e:d9:aa:93:3c:4e:bd:80:8e:7a:74:21:ac:fa:7f:04:
07:b7:80:68:80:a2:ab:3f:78:d0:f5:3e:21:b8:60:3f:b5:ed:
fd:d6:fa:ab:82:1d:3d:cd:29:00:fc:da:f6:a0:68:2e:81:97:
a5:66:ed:0d:70:72:1d:fe:1f:2c:43:bc:0e:cb:66:a9:0a:c7:
82:98:7b:30:2a:50:27:48:0d:98:47:dd:97:91:db:a5:3d:fc:
58:c3:11:2a:04:9e:e6:74:7a:04:19:ed:bf:39:33:5c:8e:3f:
73:00:d5:3a:0b:99:34:94:40:76:ea:48:fd:69:7c:f5:ff:c3:
5c:d2:13:49:d1:b6:15:b0:ba:9e:c4:8d:6e:ea:95:0f:14:db:
5a:c5:db:73:fa:4d:96:72:75:82:4e:5c:1a:9a:5f:ed:ce:89:
b9:65:a8:48:af:9d:95:1f:e7:85:a0:f5:aa:c9:01:3f:33:00:
36:53:4b:16
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgIDAih8MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDExMDA0NTYwMVoXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTM2QjcxMTAvBgNVBAUTKEUyMTk0QzczNDIwQkQ0RkRBQzI4QkY2
MzNCQjNBRjhDRDcyMEQwQjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDbAKCpX7aznhvtUrxweNZewkYlYh/ylhaLt+SKfX+moapTR+ICqZOILCswUCnP
OdjzWveualjO9ZUCKRohjwNwPLTI4+ZajQs33VTPEcwZNn03jNm3ARqD7q64w1AL
w3rqyj83R8rXrceBXQCjDYlH1VKd31z8m6dD+yPAz2CUYpizKGk9fhHAuXjsk9to
Hk2MDPAAsU1GrVSjLjEfe4wT+IJhxwDhmYH+g1U/kIgdG3BaVEz9Rwhy9M1ILcsj
f3E6blbEGzTpxnTgP9oekmdMRtkqmElNC+T6YtrDEjvRBwHSxeKcGOVozThEAyX4
nmPoRgMv0hWVUtnsZW57HhYrAgMBAAGjggMUMIIDEDAdBgNVHQ4EFgQU4hlMc0IL
1P2sKL9jO7OvjNcg0LEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTUzNkI3L0YxQ0QyN0I0NzNBRDExRTdBQ0JEMDI1RUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1MzZCNy9GMUNEMjdCNDczQUQxMUU3QUNCRDAyNUVDNEY5QUUwMi80aGxNYzBJ
TDFQMnNLTDlqTzdPdmpOY2cwTEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQgBAf8EMTAv
oC0wKwICXwICAl89AgMCDQkCAwIRugIDAhNRAgMCFSkCAwIWMgIDAh0OAgMCJlQw
DQYJKoZIhvcNAQELBQADggEBAGT1kZfZZGfrNfo/D6z+OTWJe5KW5jIPLNC203jC
JSMppdeFlRxzKXvixGPc+DtToOU+F2bDkO+ZOebhRSoaIa6YdPw3jOBRKj02Htmq
kzxOvYCOenQhrPp/BAe3gGiAoqs/eND1PiG4YD+17f3W+quCHT3NKQD82vagaC6B
l6Vm7Q1wch3+HyxDvA7LZqkKx4KYezAqUCdIDZhH3ZeR26U9/FjDESoEnuZ0egQZ
7b85M1yOP3MA1ToLmTSUQHbqSP1pfPX/w1zSE0nRthWwup7EjW7qlQ8U21rF23P6
TZZydYJOXBqaX+3OibllqEivnZUf54Wg9arJAT8zADZTSxY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:28:57 2025 by rpki-client