Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GAo1IuIFDF8eCHNTmxLW0jEqIBo.cer
File: GAo1IuIFDF8eCHNTmxLW0jEqIBo.cer (raw, json)
Hash identifier: CmQIz7xvR0qIUKmn5vnZNHzK1rLwDfRPAChclKVHyco=
Subject key identifier: 18:0A:35:22:E2:05:0C:5F:1E:08:73:53:9B:12:D6:D2:31:2A:20:1A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 022D22
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91F8357/1DA5CC56DF8A11EF87472B74C4F9AE02/GAo1IuIFDF8eCHNTmxLW0jEqIBo.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91F8357/1DA5CC56DF8A11EF87472B74C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 31 Jan 2025 04:16:21 +0000
Certificate not after: Mon 02 Mar 2026 00:00:00 +0000
Subordinate resources: IP: 203.2.212.0/23
IP: 203.3.78.0/24
IP: 203.3.160.0/22
IP: 203.5.193.0/24
IP: 2405:d300::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 07:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142626 (0x22d22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 31 04:16:21 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=A91F8357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e6:d0:6c:bb:77:d3:02:47:8d:79:70:5f:a8:
a1:5e:45:6b:02:b1:fc:07:f1:f5:c8:ed:0f:57:c5:
1b:6a:b5:39:55:bb:f2:e8:ea:7b:dc:37:9f:c0:20:
5c:6d:eb:89:8e:57:ec:2c:9b:8b:da:f2:3d:5b:1f:
9f:33:e7:23:55:3d:f9:06:4d:f0:b6:2e:fa:39:1f:
9e:66:fe:66:f0:42:cd:d7:2a:33:b7:3b:28:60:e8:
32:48:79:cd:9b:61:ac:db:c9:cd:e8:3a:34:52:0d:
f9:de:29:26:c3:7f:ef:c2:f7:64:02:9a:23:3e:1c:
39:76:6c:48:bb:21:07:0f:99:e4:f1:ad:46:2b:de:
10:16:8d:19:cc:96:81:3d:92:6f:a3:73:91:46:96:
07:af:b8:83:e1:85:a8:0a:81:cf:c9:d1:b6:bc:6e:
c9:f5:ff:80:a8:2b:62:0d:36:e6:b7:41:d4:4d:c1:
f3:9f:32:e8:a1:0f:13:51:83:31:2f:17:c5:d4:3f:
e3:e1:ea:64:c3:03:4a:83:70:a9:ee:33:80:9d:cb:
a4:ab:93:ba:c6:04:c6:ff:1c:41:38:7f:63:4c:c9:
4a:a1:74:f1:23:e3:72:4b:f8:ee:b7:6b:75:b1:0f:
8d:29:4e:2f:30:ee:77:46:8e:97:0c:ae:18:8d:d9:
42:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:0A:35:22:E2:05:0C:5F:1E:08:73:53:9B:12:D6:D2:31:2A:20:1A
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F8357/1DA5CC56DF8A11EF87472B74C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F8357/1DA5CC56DF8A11EF87472B74C4F9AE02/GAo1IuIFDF8eCHNTmxLW0jEqIBo.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.2.212.0/23
203.3.78.0/24
203.3.160.0/22
203.5.193.0/24
IPv6:
2405:d300::/32
Signature Algorithm: sha256WithRSAEncryption
9f:6f:72:b0:6c:dd:e0:3c:be:11:5c:52:d9:fc:e4:65:73:f3:
05:b6:3c:fd:ec:61:be:14:81:50:58:fb:1e:db:1b:88:b6:a4:
00:ba:89:50:16:b1:11:01:fd:e5:bc:1a:d8:f9:28:b9:87:61:
90:56:4b:1b:1e:1a:58:54:23:d6:e3:a5:c9:67:87:c3:9f:18:
de:c8:72:82:b3:91:27:02:fc:47:7c:f9:41:d9:38:28:27:20:
01:9d:69:c9:9e:56:c2:4d:ff:9b:9e:3f:e1:61:8d:aa:f7:e9:
dd:9f:3f:1f:23:da:61:12:21:a4:57:fe:43:cc:f0:cf:09:95:
55:0c:ee:3d:78:b8:bb:5c:b3:4c:64:80:65:78:6b:0e:a4:72:
0b:2a:6c:48:ea:fe:50:32:f6:86:ee:3a:cf:02:cd:92:af:3a:
59:73:5d:0f:06:af:14:94:c1:bc:9e:73:f0:9d:e9:c2:bf:c2:
87:be:96:96:21:50:fe:d9:2e:63:15:10:98:a1:f4:6a:f5:37:
f5:26:85:2a:0e:b6:22:d1:07:9c:2f:3e:7a:b9:df:a8:75:cd:
15:97:17:ae:bb:3d:68:5d:ca:ec:d6:96:17:ae:e0:84:0a:2d:
67:f7:36:53:be:5f:c1:93:6d:ac:c7:c9:76:90:2e:48:c7:29:
6b:6e:53:63
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgIDAi0iMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDEzMTA0MTYyMVoXDTI2MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRjgzNTcxMTAvBgNVBAUTKDE4MEEzNTIyRTIwNTBDNUYxRTA4NzM1
MzlCMTJENkQyMzEyQTIwMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDa5tBsu3fTAkeNeXBfqKFeRWsCsfwH8fXI7Q9XxRtqtTlVu/Lo6nvcN5/AIFxt
64mOV+wsm4va8j1bH58z5yNVPfkGTfC2Lvo5H55m/mbwQs3XKjO3Oyhg6DJIec2b
Yazbyc3oOjRSDfneKSbDf+/C92QCmiM+HDl2bEi7IQcPmeTxrUYr3hAWjRnMloE9
km+jc5FGlgevuIPhhagKgc/J0ba8bsn1/4CoK2INNua3QdRNwfOfMuihDxNRgzEv
F8XUP+Ph6mTDA0qDcKnuM4Cdy6Srk7rGBMb/HEE4f2NMyUqhdPEj43JL+O63a3Wx
D40pTi8w7ndGjpcMrhiN2ULnAgMBAAGjggMUMIIDEDAdBgNVHQ4EFgQUGAo1IuIF
DF8eCHNTmxLW0jEqIBowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUY4MzU3LzFEQTVDQzU2REY4QTExRUY4NzQ3MkI3NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGODM1Ny8xREE1Q0M1NkRGOEExMUVGODc0NzJCNzRDNEY5QUUwMi9HQW8xSXVJ
RkRGOGVDSE5UbXhMVzBqRXFJQm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8EMTAv
MB4EAgABMBgDBAHLAtQDBADLA04DBALLA6ADBADLBcEwDQQCAAIwBwMFACQF0wAw
DQYJKoZIhvcNAQELBQADggEBAJ9vcrBs3eA8vhFcUtn85GVz8wW2PP3sYb4UgVBY
+x7bG4i2pAC6iVAWsREB/eW8Gtj5KLmHYZBWSxseGlhUI9bjpclnh8OfGN7IcoKz
kScC/Ed8+UHZOCgnIAGdacmeVsJN/5ueP+Fhjar36d2fPx8j2mESIaRX/kPM8M8J
lVUM7j14uLtcs0xkgGV4aw6kcgsqbEjq/lAy9obuOs8CzZKvOllzXQ8GrxSUwbye
c/Cd6cK/woe+lpYhUP7ZLmMVEJih9Gr1N/UmhSoOtiLRB5wvPnq536h1zRWXF667
PWhdyuzWlheu4IQKLWf3NlO+X8GTbazHyXaQLkjHKWtuU2M=
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:04:40 2025 by rpki-client