Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GDqYZ_Ljs3MWK--muG6BvYyGiHc.cer
File: GDqYZ_Ljs3MWK--muG6BvYyGiHc.cer (raw, json)
Hash identifier: nVnKh/+TrT98DlVG3q/Ihvmdk44L5eFn2W62fMu1B+g=
Subject key identifier: 18:3A:98:67:F2:E3:B3:73:16:2B:EF:A6:B8:6E:81:BD:8C:86:88:77
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023342
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A912A5D4/6E0F2EA0F3CE11EF914EF644C4F9AE02/GDqYZ_Ljs3MWK--muG6BvYyGiHc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A912A5D4/6E0F2EA0F3CE11EF914EF644C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 25 Feb 2025 23:15:46 +0000
Certificate not after: Mon 01 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 38474
IP: 2404:d700::/32
IP: 2405:7100::/32
IP: 2407:ee00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 05:08:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144194 (0x23342)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Feb 25 23:15:46 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=A912A5D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:45:c3:6b:b2:b5:b0:ec:58:99:1d:cc:6e:9c:
c5:76:88:a3:94:82:82:84:ef:e5:7d:52:71:70:1e:
54:28:58:94:c7:a1:a0:24:17:8e:9e:f2:7d:cb:78:
3a:55:5b:c8:d8:65:4e:99:ec:7c:c3:36:57:78:92:
3a:5d:27:11:7f:f6:0a:b1:95:68:58:f1:46:58:71:
58:18:38:8e:f3:f0:ea:81:68:25:17:e0:84:38:a4:
8f:fe:9a:13:2e:26:30:e9:3c:05:5a:9a:8e:97:fc:
06:85:10:a4:64:e9:13:d8:e9:37:ce:8b:99:41:9f:
92:d6:99:41:f6:53:0b:2e:9e:7a:e5:4a:cb:50:81:
66:67:0f:ff:d9:b4:ff:61:b1:47:b0:91:c6:12:d3:
86:71:c9:39:82:c1:87:86:ae:f3:63:fc:ef:9a:5f:
5c:d4:77:75:7c:a1:b0:4a:c2:11:2c:95:be:02:1a:
8e:17:44:e1:3a:df:6d:11:0c:8c:57:74:f9:c4:60:
f9:18:9e:06:0f:16:db:25:03:23:28:d6:98:1c:f6:
b1:9e:97:ff:ad:15:8f:57:cf:df:6a:20:23:9b:68:
b6:ca:c4:90:10:bb:2f:0b:94:09:f4:53:43:a7:a5:
87:87:c1:69:99:76:45:cd:79:fa:cf:70:5f:09:d2:
ee:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:3A:98:67:F2:E3:B3:73:16:2B:EF:A6:B8:6E:81:BD:8C:86:88:77
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912A5D4/6E0F2EA0F3CE11EF914EF644C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912A5D4/6E0F2EA0F3CE11EF914EF644C4F9AE02/GDqYZ_Ljs3MWK--muG6BvYyGiHc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
38474
sbgp-ipAddrBlock: critical
IPv6:
2404:d700::/32
2405:7100::/32
2407:ee00::/32
Signature Algorithm: sha256WithRSAEncryption
4c:db:24:d4:51:85:68:90:e9:08:0a:0a:59:c9:b3:bf:33:99:
d9:ee:65:3e:a1:25:cb:e7:4a:1a:8f:b9:66:33:b4:75:4e:dd:
27:cf:59:ef:3d:01:9c:54:f3:91:cd:8e:b0:64:80:cb:dc:be:
8a:6d:34:34:c9:1a:26:2a:83:63:0a:90:39:0a:33:be:f1:91:
a9:37:66:c3:fe:18:d5:9c:bf:5a:ee:81:fb:08:ab:6b:2a:1b:
36:88:36:b0:c1:01:05:01:f9:c0:02:78:16:dc:d7:74:15:47:
24:39:85:ea:a5:25:d2:d9:64:d6:44:0f:b8:41:4a:fd:ed:7e:
98:8c:65:bb:97:27:49:ab:7f:71:dd:cb:d4:74:01:fb:e4:23:
94:3b:c1:3f:79:01:66:36:62:11:e5:53:6d:d1:44:b3:2d:b5:
ab:89:64:84:03:e5:a9:6a:19:0a:b7:fb:ce:b4:41:2c:56:73:
54:a4:6e:d0:1a:0b:00:da:9a:72:d5:86:c4:95:35:a7:ab:a8:
8f:31:b6:ae:0a:e2:10:25:77:53:1f:f9:a5:d7:36:03:09:75:
a7:2b:4f:66:b8:c6:23:29:56:39:4b:d4:ce:7a:df:39:89:4c:
e4:95:8d:c9:76:c1:33:04:f5:d9:1f:fc:2a:cf:bb:64:44:38:
99:09:95:de
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAjNCMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDIyNTIzMTU0NloXDTI1MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMkE1RDQxMTAvBgNVBAUTKDE4M0E5ODY3RjJFM0IzNzMxNjJCRUZB
NkI4NkU4MUJEOEM4Njg4NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCWRcNrsrWw7FiZHcxunMV2iKOUgoKE7+V9UnFwHlQoWJTHoaAkF46e8n3LeDpV
W8jYZU6Z7HzDNld4kjpdJxF/9gqxlWhY8UZYcVgYOI7z8OqBaCUX4IQ4pI/+mhMu
JjDpPAVamo6X/AaFEKRk6RPY6TfOi5lBn5LWmUH2UwsunnrlSstQgWZnD//ZtP9h
sUewkcYS04ZxyTmCwYeGrvNj/O+aX1zUd3V8obBKwhEslb4CGo4XROE6320RDIxX
dPnEYPkYngYPFtslAyMo1pgc9rGel/+tFY9Xz99qICObaLbKxJAQuy8LlAn0U0On
pYeHwWmZdkXNefrPcF8J0u41AgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUGDqYZ/Lj
s3MWK++muG6BvYyGiHcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTJBNUQ0LzZFMEYyRUEwRjNDRTExRUY5MTRFRjY0NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyQTVENC82RTBGMkVBMEYzQ0UxMUVGOTE0RUY2NDRDNEY5QUUwMi9HRHFZWl9M
anMzTVdLLS1tdUc2QnZZeUdpSGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAJZKMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAJATXAAMFACQF
cQADBQAkB+4AMA0GCSqGSIb3DQEBCwUAA4IBAQBM2yTUUYVokOkICgpZybO/M5nZ
7mU+oSXL50oaj7lmM7R1Tt0nz1nvPQGcVPORzY6wZIDL3L6KbTQ0yRomKoNjCpA5
CjO+8ZGpN2bD/hjVnL9a7oH7CKtrKhs2iDawwQEFAfnAAngW3Nd0FUckOYXqpSXS
2WTWRA+4QUr97X6YjGW7lydJq39x3cvUdAH75COUO8E/eQFmNmIR5VNt0USzLbWr
iWSEA+WpahkKt/vOtEEsVnNUpG7QGgsA2ppy1YbElTWnq6iPMbauCuIQJXdTH/ml
1zYDCXWnK09muMYjKVY5S9TOet85iUzklY3JdsEzBPXZH/wqz7tkRDiZCZXe
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:04:34 2025 by rpki-client