Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer
File: He4XpqM4DuSI7ztuISW4eOZAckg.cer (raw, json)
Hash identifier: eYcu1JMwCXFRHjM8AU0F16UccU63MD9U3Vz0UifQP18=
Subject key identifier: 1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0235C8
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 06 Mar 2025 01:04:05 +0000
Certificate not after: Thu 28 May 2026 00:00:00 +0000
Subordinate resources: AS: 133053
IP: 103.120.219.0/24
IP: 103.251.171.0/24
IP: 203.24.26.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 17:46:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144840 (0x235c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Mar 6 01:04:05 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=A91E8D22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cf:f2:42:d8:fe:08:99:2d:2d:09:87:70:20:
7e:7a:ba:a3:94:00:68:21:3a:2f:c7:3d:c7:49:74:
52:09:73:8b:a5:3d:79:2b:78:0f:54:54:e3:18:e6:
a2:b1:b3:b0:3e:0f:a3:b2:28:0b:4a:15:c9:7f:9d:
50:12:90:1e:e3:7e:fa:85:ea:97:78:e0:ac:fc:1c:
64:59:a4:72:56:43:f6:92:b7:5e:78:7b:67:90:3c:
1f:76:57:99:09:8e:87:95:2e:6c:fa:61:86:4e:91:
d8:b0:fd:a8:cf:f2:1b:b3:22:95:cf:84:30:03:07:
75:b6:5e:89:5e:d2:08:91:bb:55:c6:22:bd:23:4c:
c3:ee:0f:6b:ee:80:47:1b:d1:f0:76:01:6c:69:78:
31:a6:ee:99:ce:13:dc:02:d9:6f:3f:17:08:2a:f0:
1c:41:6d:c9:2a:32:23:aa:4d:06:0e:9a:b7:ec:59:
e1:cf:97:a2:5d:36:06:43:8c:00:c2:8d:0f:d3:c5:
73:b5:36:66:f8:59:1b:0e:e3:f4:4d:c6:01:2c:b6:
a7:67:c3:20:30:e0:a2:eb:98:45:36:8b:37:70:d7:
20:f7:d6:4c:09:82:21:c3:1e:2f:03:a1:00:b0:a3:
bc:6c:f9:b9:19:e2:bd:55:59:41:71:87:ce:39:72:
54:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
133053
sbgp-ipAddrBlock: critical
IPv4:
103.120.219.0/24
103.251.171.0/24
203.24.26.0/24
Signature Algorithm: sha256WithRSAEncryption
02:cc:c6:84:f4:1e:5e:e6:c3:3d:35:69:a2:4d:a9:b1:8a:14:
5d:b2:6d:f9:8c:a8:a1:07:53:22:e4:d4:11:65:34:4a:6e:3b:
4c:d2:46:e9:f2:01:31:1b:4b:e2:5b:3f:55:d2:cc:ce:55:16:
91:03:cd:6c:d0:71:a8:ca:08:57:bd:f3:aa:3e:31:40:7e:56:
df:d6:d9:38:d9:49:4b:84:d3:af:ea:a1:7b:68:2a:c9:eb:b3:
ba:ce:cd:16:f5:1b:be:f7:1f:b5:1a:df:19:27:b2:b8:6a:71:
a0:c6:85:07:b6:1e:28:a2:da:63:c7:33:f8:ce:55:a8:ab:cf:
57:37:7f:00:90:a4:e1:25:1e:f5:7b:57:2a:35:82:04:81:f1:
29:4a:8c:62:a3:29:85:13:ee:f0:48:b5:92:03:e2:11:17:06:
55:df:2a:12:e9:94:58:74:d3:29:17:21:9d:bd:ae:53:3b:f3:
0b:18:52:2b:b8:f9:74:ed:93:79:e5:34:33:09:fd:bf:49:ff:
3c:b3:9e:ab:e8:49:fc:32:a0:10:3e:11:49:4f:b0:bf:49:21:
83:58:8d:13:d4:c6:68:a2:40:6a:6c:22:5f:e5:00:25:aa:86:
e3:9c:f0:04:50:43:14:78:bc:b1:e3:5b:49:be:db:44:89:b9:
62:cc:d2:1e
-----BEGIN CERTIFICATE-----
MIIGJjCCBQ6gAwIBAgIDAjXIMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDMwNjAxMDQwNVoXDTI2MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRThEMjIxMTAvBgNVBAUTKDFERUUxN0E2QTMzODBFRTQ4OEVGM0I2
RTIxMjVCODc4RTY0MDcyNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC1z/JC2P4ImS0tCYdwIH56uqOUAGghOi/HPcdJdFIJc4ulPXkreA9UVOMY5qKx
s7A+D6OyKAtKFcl/nVASkB7jfvqF6pd44Kz8HGRZpHJWQ/aSt154e2eQPB92V5kJ
joeVLmz6YYZOkdiw/ajP8huzIpXPhDADB3W2Xole0giRu1XGIr0jTMPuD2vugEcb
0fB2AWxpeDGm7pnOE9wC2W8/Fwgq8BxBbckqMiOqTQYOmrfsWeHPl6JdNgZDjADC
jQ/TxXO1Nmb4WRsO4/RNxgEstqdnwyAw4KLrmEU2izdw1yD31kwJgiHDHi8DoQCw
o7xs+bkZ4r1VWUFxh845clRtAgMBAAGjggMbMIIDFzAdBgNVHQ4EFgQUHe4XpqM4
DuSI7ztuISW4eOZAckgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU4RDIyLzNGN0Q2OEE4RkRFNTExRUQ4Nzg0MTc3MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFOEQyMi8zRjdENjhBOEZERTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFN
NER1U0k3enR1SVNXNGVPWkFja2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAge9MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAZ3jbAwQAZ/ur
AwQAyxgaMA0GCSqGSIb3DQEBCwUAA4IBAQACzMaE9B5e5sM9NWmiTamxihRdsm35
jKihB1Mi5NQRZTRKbjtM0kbp8gExG0viWz9V0szOVRaRA81s0HGoyghXvfOqPjFA
flbf1tk42UlLhNOv6qF7aCrJ67O6zs0W9Ru+9x+1Gt8ZJ7K4anGgxoUHth4ootpj
xzP4zlWoq89XN38AkKThJR71e1cqNYIEgfEpSoxioymFE+7wSLWSA+IRFwZV3yoS
6ZRYdNMpFyGdva5TO/MLGFIruPl07ZN55TQzCf2/Sf88s56r6En8MqAQPhFJT7C/
SSGDWI0T1MZookBqbCJf5QAlqobjnPAEUEMUeLyx41tJvttEiblizNIe
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:24:56 2025 by rpki-client