Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BzaM6A3FfPVrYRMARLT6frnNai4.cer
File: BzaM6A3FfPVrYRMARLT6frnNai4.cer (raw, json)
Hash identifier: Th3PiJOdYtDLtyCicNcf1JQjsDs2pBzY9Xu5NaJTrI4=
Subject key identifier: 07:36:8C:E8:0D:C5:7C:F5:6B:61:13:00:44:B4:FA:7E:B9:CD:6A:2E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 022CD2
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A916C8EA/0E31D2E858CD11EC89FA3055C4F9AE02/BzaM6A3FfPVrYRMARLT6frnNai4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A916C8EA/0E31D2E858CD11EC89FA3055C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 30 Jan 2025 19:47:16 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: AS: 7589
IP: 202.163.0.0/19
IP: 2407:1600::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 05:08:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142546 (0x22cd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 30 19:47:16 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=A916C8EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a1:73:c3:d6:af:93:63:0e:68:94:8a:c7:75:
6b:cc:88:72:42:fe:91:b7:f0:7f:44:0d:97:80:28:
f3:43:22:52:a8:bd:fd:87:b9:93:a1:c2:2c:f0:2e:
dd:a9:ea:39:15:3d:09:96:eb:97:9c:bd:b1:bc:43:
ca:df:53:6c:45:c7:33:7d:30:97:bc:d8:99:4d:ca:
04:0d:0e:24:16:d6:b6:ba:2d:79:8e:19:18:bc:07:
d8:24:7d:89:e5:19:ad:0a:ab:92:7a:e1:17:cf:c3:
c9:00:fe:7f:a8:5e:16:be:80:01:49:90:89:0e:36:
b2:bf:fb:32:11:12:b1:e6:ae:c6:1a:15:f7:5c:fd:
49:1a:a0:35:dc:10:d9:bc:16:2a:b2:9c:23:f0:3e:
7c:45:cb:ae:06:2b:51:3e:f0:99:7f:0a:fb:ca:fb:
4e:50:2b:46:a2:a7:34:66:d3:f7:38:d2:59:50:23:
54:5c:54:ad:2f:8d:7e:18:45:09:7e:4b:d3:f0:67:
d0:a0:bc:da:58:11:06:79:79:1e:3c:a7:78:82:93:
26:b9:d7:bd:e4:5c:7a:c9:53:ad:a9:e0:a0:ea:22:
19:09:90:34:0c:01:2b:ff:ac:3c:58:3e:50:15:49:
da:a6:bd:79:0f:2a:23:56:cd:57:83:76:dd:61:f8:
f2:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:36:8C:E8:0D:C5:7C:F5:6B:61:13:00:44:B4:FA:7E:B9:CD:6A:2E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A916C8EA/0E31D2E858CD11EC89FA3055C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A916C8EA/0E31D2E858CD11EC89FA3055C4F9AE02/BzaM6A3FfPVrYRMARLT6frnNai4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
7589
sbgp-ipAddrBlock: critical
IPv4:
202.163.0.0/19
IPv6:
2407:1600::/32
Signature Algorithm: sha256WithRSAEncryption
c4:a8:ab:a1:97:6e:c2:4d:93:35:38:a4:02:b4:07:c0:72:fc:
58:ce:3f:ff:9f:1c:1f:41:2d:be:98:c6:09:e7:2a:68:23:52:
58:71:16:aa:23:ff:1e:07:1d:96:76:69:fa:a7:78:74:1a:66:
69:a9:b2:69:df:b7:a8:c9:3e:7a:29:f9:d4:b9:0f:f9:bc:3e:
90:b9:52:52:fa:ad:62:ec:63:84:0e:e6:da:3e:d1:07:66:e6:
68:0e:fb:5d:9d:bb:f1:6e:20:d2:bf:43:95:14:1a:93:06:ea:
a1:f4:9c:2d:5f:59:c3:49:c9:be:85:f0:e7:68:fa:16:29:7b:
72:bf:d5:0d:0f:48:33:cd:70:30:18:1b:ae:77:b4:04:0b:f5:
19:65:b7:b6:a8:5b:b5:02:c8:03:d8:49:f7:31:11:ac:de:a1:
cf:f5:b0:a5:6c:14:5b:b2:3d:04:b5:0c:e5:e0:f3:55:03:23:
6c:78:4b:f4:06:ac:41:9b:c2:c6:7c:89:d5:b9:1f:f6:49:23:
49:14:bb:2f:d4:3c:6c:80:5a:3f:ab:61:b2:aa:75:3c:ef:e4:
e8:ff:fd:7c:35:bf:e7:5d:65:e2:fc:c3:0f:ac:3a:49:60:a4:
09:d4:96:8d:9b:11:e2:95:ba:6f:74:59:6c:61:fb:5d:2c:2d:
f2:d3:a0:3a
-----BEGIN CERTIFICATE-----
MIIGKDCCBRCgAwIBAgIDAizSMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDEzMDE5NDcxNloXDTI2MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNkM4RUExMTAvBgNVBAUTKDA3MzY4Q0U4MERDNTdDRjU2QjYxMTMw
MDQ0QjRGQTdFQjlDRDZBMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6oXPD1q+TYw5olIrHdWvMiHJC/pG38H9EDZeAKPNDIlKovf2HuZOhwizwLt2p
6jkVPQmW65ecvbG8Q8rfU2xFxzN9MJe82JlNygQNDiQW1ra6LXmOGRi8B9gkfYnl
Ga0Kq5J64RfPw8kA/n+oXha+gAFJkIkONrK/+zIRErHmrsYaFfdc/UkaoDXcENm8
FiqynCPwPnxFy64GK1E+8Jl/CvvK+05QK0aipzRm0/c40llQI1RcVK0vjX4YRQl+
S9PwZ9CgvNpYEQZ5eR48p3iCkya5173kXHrJU62p4KDqIhkJkDQMASv/rDxYPlAV
SdqmvXkPKiNWzVeDdt1h+PIVAgMBAAGjggMdMIIDGTAdBgNVHQ4EFgQUBzaM6A3F
fPVrYRMARLT6frnNai4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTZDOEVBLzBFMzFEMkU4NThDRDExRUM4OUZBMzA1NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2QzhFQS8wRTMxRDJFODU4Q0QxMUVDODlGQTMwNTVDNEY5QUUwMi9CemFNNkEz
RmZQVnJZUk1BUkxUNmZybk5haTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICHaUwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAXKowAwDQQCAAIw
BwMFACQHFgAwDQYJKoZIhvcNAQELBQADggEBAMSoq6GXbsJNkzU4pAK0B8By/FjO
P/+fHB9BLb6YxgnnKmgjUlhxFqoj/x4HHZZ2afqneHQaZmmpsmnft6jJPnop+dS5
D/m8PpC5UlL6rWLsY4QO5to+0Qdm5mgO+12du/FuINK/Q5UUGpMG6qH0nC1fWcNJ
yb6F8Odo+hYpe3K/1Q0PSDPNcDAYG653tAQL9Rllt7aoW7UCyAPYSfcxEazeoc/1
sKVsFFuyPQS1DOXg81UDI2x4S/QGrEGbwsZ8idW5H/ZJI0kUuy/UPGyAWj+rYbKq
dTzv5Oj//Xw1v+ddZeL8ww+sOklgpAnUlo2bEeKVum90WWxh+10sLfLToDo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:10:11 2025 by rpki-client