Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BzaM6A3FfPVrYRMARLT6frnNai4.cer
File: BzaM6A3FfPVrYRMARLT6frnNai4.cer (raw, json)
Hash identifier: g35Ky0dqG5XmQ/fWDnnp5Hbjiasyk61/NW/nMnh2fqg=
Subject key identifier: 07:36:8C:E8:0D:C5:7C:F5:6B:61:13:00:44:B4:FA:7E:B9:CD:6A:2E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01DC45
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A916C8EA/0E31D2E858CD11EC89FA3055C4F9AE02/BzaM6A3FfPVrYRMARLT6frnNai4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A916C8EA/0E31D2E858CD11EC89FA3055C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 01 Feb 2024 02:24:56 +0000
Certificate not after: Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources: AS: 7589
IP: 202.163.0.0/19
IP: 2407:1600::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121925 (0x1dc45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Feb 1 02:24:56 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=A916C8EA/serialNumber=07368CE80DC57CF56B61130044B4FA7EB9CD6A2E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a1:73:c3:d6:af:93:63:0e:68:94:8a:c7:75:
6b:cc:88:72:42:fe:91:b7:f0:7f:44:0d:97:80:28:
f3:43:22:52:a8:bd:fd:87:b9:93:a1:c2:2c:f0:2e:
dd:a9:ea:39:15:3d:09:96:eb:97:9c:bd:b1:bc:43:
ca:df:53:6c:45:c7:33:7d:30:97:bc:d8:99:4d:ca:
04:0d:0e:24:16:d6:b6:ba:2d:79:8e:19:18:bc:07:
d8:24:7d:89:e5:19:ad:0a:ab:92:7a:e1:17:cf:c3:
c9:00:fe:7f:a8:5e:16:be:80:01:49:90:89:0e:36:
b2:bf:fb:32:11:12:b1:e6:ae:c6:1a:15:f7:5c:fd:
49:1a:a0:35:dc:10:d9:bc:16:2a:b2:9c:23:f0:3e:
7c:45:cb:ae:06:2b:51:3e:f0:99:7f:0a:fb:ca:fb:
4e:50:2b:46:a2:a7:34:66:d3:f7:38:d2:59:50:23:
54:5c:54:ad:2f:8d:7e:18:45:09:7e:4b:d3:f0:67:
d0:a0:bc:da:58:11:06:79:79:1e:3c:a7:78:82:93:
26:b9:d7:bd:e4:5c:7a:c9:53:ad:a9:e0:a0:ea:22:
19:09:90:34:0c:01:2b:ff:ac:3c:58:3e:50:15:49:
da:a6:bd:79:0f:2a:23:56:cd:57:83:76:dd:61:f8:
f2:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:36:8C:E8:0D:C5:7C:F5:6B:61:13:00:44:B4:FA:7E:B9:CD:6A:2E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A916C8EA/0E31D2E858CD11EC89FA3055C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A916C8EA/0E31D2E858CD11EC89FA3055C4F9AE02/BzaM6A3FfPVrYRMARLT6frnNai4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
7589
sbgp-ipAddrBlock: critical
IPv4:
202.163.0.0/19
IPv6:
2407:1600::/32
Signature Algorithm: sha256WithRSAEncryption
78:88:20:37:f7:6e:36:c2:d5:fb:4c:ca:c1:00:75:a3:e3:8c:
93:c7:66:ef:d7:13:47:df:5d:42:0d:26:a8:85:51:0b:e1:99:
35:56:db:e3:ce:42:a5:90:1c:9e:c9:c0:e6:60:5e:b4:5b:a9:
c7:69:ca:d8:91:a4:2d:3d:4c:9d:17:cb:ef:ef:4e:47:3d:4d:
43:9a:9f:60:ad:d0:10:80:59:4d:f4:8a:3f:e6:37:26:65:e8:
1b:71:e5:ca:3d:b8:5d:8d:e3:70:f8:c7:1b:69:bd:e7:76:e1:
5f:8f:10:1f:25:c3:44:5e:70:a2:18:b5:b8:ec:c9:20:9b:5b:
bd:d9:0e:37:e8:76:88:e9:35:42:f1:11:a9:2b:41:d2:b7:76:
4f:9d:9b:5b:73:a1:35:d7:2c:1a:6c:31:a0:b3:f7:88:01:4b:
8d:6b:ee:e4:49:cd:b5:4e:dd:e5:0a:a8:a4:bb:4a:27:7c:8b:
78:7d:9f:98:f2:bb:b4:33:a6:f4:c1:1d:42:f2:1c:1e:b0:83:
c3:2b:79:4e:56:5a:8f:71:4f:98:5e:6d:53:44:86:b0:73:e1:
fd:e2:d7:35:1a:5b:42:02:7f:50:fe:d2:89:0e:09:d0:78:08:
61:3a:cf:09:9b:dd:5e:90:4f:51:a5:10:dc:02:70:ec:2f:f7:
97:a7:66:8b
-----BEGIN CERTIFICATE-----
MIIGKDCCBRCgAwIBAgIDAdxFMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIwMTAyMjQ1NloXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNkM4RUExMTAvBgNVBAUTKDA3MzY4Q0U4MERDNTdDRjU2QjYxMTMw
MDQ0QjRGQTdFQjlDRDZBMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6oXPD1q+TYw5olIrHdWvMiHJC/pG38H9EDZeAKPNDIlKovf2HuZOhwizwLt2p
6jkVPQmW65ecvbG8Q8rfU2xFxzN9MJe82JlNygQNDiQW1ra6LXmOGRi8B9gkfYnl
Ga0Kq5J64RfPw8kA/n+oXha+gAFJkIkONrK/+zIRErHmrsYaFfdc/UkaoDXcENm8
FiqynCPwPnxFy64GK1E+8Jl/CvvK+05QK0aipzRm0/c40llQI1RcVK0vjX4YRQl+
S9PwZ9CgvNpYEQZ5eR48p3iCkya5173kXHrJU62p4KDqIhkJkDQMASv/rDxYPlAV
SdqmvXkPKiNWzVeDdt1h+PIVAgMBAAGjggMdMIIDGTAdBgNVHQ4EFgQUBzaM6A3F
fPVrYRMARLT6frnNai4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTZDOEVBLzBFMzFEMkU4NThDRDExRUM4OUZBMzA1NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2QzhFQS8wRTMxRDJFODU4Q0QxMUVDODlGQTMwNTVDNEY5QUUwMi9CemFNNkEz
RmZQVnJZUk1BUkxUNmZybk5haTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICHaUwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAXKowAwDQQCAAIw
BwMFACQHFgAwDQYJKoZIhvcNAQELBQADggEBAHiIIDf3bjbC1ftMysEAdaPjjJPH
Zu/XE0ffXUINJqiFUQvhmTVW2+POQqWQHJ7JwOZgXrRbqcdpytiRpC09TJ0Xy+/v
Tkc9TUOan2Ct0BCAWU30ij/mNyZl6Btx5co9uF2N43D4xxtpved24V+PEB8lw0Re
cKIYtbjsySCbW73ZDjfodojpNULxEakrQdK3dk+dm1tzoTXXLBpsMaCz94gBS41r
7uRJzbVO3eUKqKS7Sid8i3h9n5jyu7QzpvTBHULyHB6wg8MreU5WWo9xT5hebVNE
hrBz4f3i1zUaW0ICf1D+0okOCdB4CGE6zwmb3V6QT1GlENwCcOwv95enZos=
-----END CERTIFICATE-----
Generated at Thu May 9 10:24:00 2024 by rpki-client on console-fra.rpki-client.org