Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AQgOJC5FBGBlb__55qpDLh1A4lw.cer
File: AQgOJC5FBGBlb__55qpDLh1A4lw.cer (raw, json)
Hash identifier: FuCmojSncNJm4k+QYvIQCSKgeEFW5zoOfrmDSvNL1VM=
Subject key identifier: 01:08:0E:24:2E:45:04:60:65:6F:FF:F9:E6:AA:43:2E:1D:40:E2:5C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01EA54
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A45C3/8A33D720F4F911EB912C2B20C4F9AE02/AQgOJC5FBGBlb__55qpDLh1A4lw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A45C3/8A33D720F4F911EB912C2B20C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 07 Apr 2024 17:58:17 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 135158
IP: 103.211.92.0/22
IP: 160.202.56.0/22
IP: 2404:8380::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125524 (0x1ea54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 7 17:58:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A91A45C3/serialNumber=01080E242E450460656FFFF9E6AA432E1D40E25C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:37:be:87:a3:62:8a:e6:e2:3e:a0:54:97:06:
47:cf:01:6d:00:d2:b8:ea:d8:6e:e4:6a:1d:ba:32:
bc:5d:3c:18:5d:61:91:52:dc:14:f0:1f:75:3e:be:
77:fd:d0:db:9b:b8:c6:7c:10:6d:18:ea:e3:23:82:
fb:dd:34:5f:7a:c1:81:58:6f:73:42:34:f8:53:fd:
8e:2e:35:ff:a7:27:ad:16:59:6a:0f:88:0d:71:bf:
19:8f:4d:cc:23:18:aa:b4:b9:13:8d:c0:ab:ab:05:
80:01:5a:58:82:75:5a:4d:69:b5:ab:d1:fa:ec:c1:
98:bf:30:cc:1e:c9:ef:b4:cf:fc:6a:92:49:94:59:
a4:09:01:99:3b:3f:ed:62:4f:8b:18:66:38:93:bf:
67:6e:6d:e6:d4:75:e1:d3:13:e8:7c:38:72:3a:aa:
eb:c3:2f:0e:8a:9c:19:13:d0:e9:cc:f9:e5:f5:13:
80:71:23:3a:8f:99:11:92:85:e6:40:6b:d7:e8:76:
1e:1f:93:a3:4a:5a:40:f9:e5:82:6e:7d:15:49:2f:
1f:3b:34:ec:a4:83:fc:3e:cf:e5:c7:21:9a:21:39:
51:a7:6b:22:f7:6b:f9:e5:f4:e0:d2:26:e3:76:3c:
1a:e2:f0:eb:19:9c:32:d1:5c:12:ef:fd:2a:6e:a2:
6a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:08:0E:24:2E:45:04:60:65:6F:FF:F9:E6:AA:43:2E:1D:40:E2:5C
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A45C3/8A33D720F4F911EB912C2B20C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A45C3/8A33D720F4F911EB912C2B20C4F9AE02/AQgOJC5FBGBlb__55qpDLh1A4lw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
135158
sbgp-ipAddrBlock: critical
IPv4:
103.211.92.0/22
160.202.56.0/22
IPv6:
2404:8380::/32
Signature Algorithm: sha256WithRSAEncryption
b2:62:16:c9:26:6c:b8:0c:06:12:3c:f8:b3:be:6f:a7:c8:03:
28:48:7f:3b:92:02:8f:06:8f:ca:e2:a3:ea:b1:98:ae:0a:6d:
dd:d4:e2:18:b6:09:8a:fe:15:85:22:93:f4:cb:e8:7e:20:f4:
cd:6b:dc:0e:0a:2e:ee:e7:13:c7:b3:c0:0f:e2:1c:18:f1:b5:
4d:54:6f:18:40:4c:2e:6b:e4:8f:09:ec:68:75:4b:7d:1c:41:
c2:ea:f0:69:7d:f2:bf:aa:85:1c:4e:d2:26:08:c9:9e:a1:55:
12:ea:c4:57:7a:21:ce:0b:a6:c2:27:45:a6:96:88:0d:4e:69:
c7:d0:8f:f3:5f:f5:ee:c0:d3:8e:6c:67:4b:c0:d6:a3:e5:35:
a9:cd:40:bc:7b:40:3b:2b:4a:39:c6:1f:2b:da:46:2a:4d:00:
f2:93:b5:98:ea:f5:60:4e:94:04:7b:8c:28:02:19:b8:64:4f:
d6:08:df:e8:bc:4d:8c:86:1f:fd:c2:3b:0a:21:a5:a5:a9:e2:
aa:bb:53:c4:c5:97:0e:6b:23:5f:42:86:a4:69:1f:f4:1f:9b:
dd:ca:46:8f:59:9c:8d:3f:84:28:ec:59:96:88:90:d0:c3:9c:
e2:63:e4:0d:2a:40:d6:cc:4d:fa:42:29:21:b4:b3:82:1f:ad:
0b:f4:9b:07
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAepUMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQwNzE3NTgxN1oXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTQ1QzMxMTAvBgNVBAUTKDAxMDgwRTI0MkU0NTA0NjA2NTZGRkZG
OUU2QUE0MzJFMUQ0MEUyNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCwN76Ho2KK5uI+oFSXBkfPAW0A0rjq2G7kah26MrxdPBhdYZFS3BTwH3U+vnf9
0NubuMZ8EG0Y6uMjgvvdNF96wYFYb3NCNPhT/Y4uNf+nJ60WWWoPiA1xvxmPTcwj
GKq0uRONwKurBYABWliCdVpNabWr0frswZi/MMweye+0z/xqkkmUWaQJAZk7P+1i
T4sYZjiTv2dubebUdeHTE+h8OHI6quvDLw6KnBkT0OnM+eX1E4BxIzqPmRGSheZA
a9fodh4fk6NKWkD55YJufRVJLx87NOykg/w+z+XHIZohOVGnayL3a/nl9ODSJuN2
PBri8OsZnDLRXBLv/SpuompxAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUAQgOJC5F
BGBlb//55qpDLh1A4lwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE0NUMzLzhBMzNENzIwRjRGOTExRUI5MTJDMkIyMEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBNDVDMy84QTMzRDcyMEY0RjkxMUVCOTEyQzJCMjBDNEY5QUUwMi9BUWdPSkM1
RkJHQmxiX181NXFwRExoMUE0bHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg/2MDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ9NcAwQCoMo4
MA0EAgACMAcDBQAkBIOAMA0GCSqGSIb3DQEBCwUAA4IBAQCyYhbJJmy4DAYSPPiz
vm+nyAMoSH87kgKPBo/K4qPqsZiuCm3d1OIYtgmK/hWFIpP0y+h+IPTNa9wOCi7u
5xPHs8AP4hwY8bVNVG8YQEwua+SPCexodUt9HEHC6vBpffK/qoUcTtImCMmeoVUS
6sRXeiHOC6bCJ0WmlogNTmnH0I/zX/XuwNOObGdLwNaj5TWpzUC8e0A7K0o5xh8r
2kYqTQDyk7WY6vVgTpQEe4woAhm4ZE/WCN/ovE2Mhh/9wjsKIaWlqeKqu1PExZcO
ayNfQoakaR/0H5vdykaPWZyNP4Qo7FmWiJDQw5ziY+QNKkDWzE36QikhtLOCH60L
9JsH
-----END CERTIFICATE-----
Generated at Thu May 9 07:42:43 2024 by rpki-client on console-fra.rpki-client.org