Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Kkd1N_Mj77WdvY2-s6-rHxWC9UY.cer
File: Kkd1N_Mj77WdvY2-s6-rHxWC9UY.cer (raw, json)
Hash identifier: UGQe33IcDY3JQ4/ZpT/1bMsoAC0/8MKCNFINNc/SKrI=
Subject key identifier: 2A:47:75:37:F3:23:EF:B5:9D:BD:8D:BE:B3:AF:AB:1F:15:82:F5:46
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021E98
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A916DDB4/A6008316B93211EBB95D063CC4F9AE02/Kkd1N_Mj77WdvY2-s6-rHxWC9UY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A916DDB4/A6008316B93211EBB95D063CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 29 Nov 2024 15:34:41 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: IP: 203.28.167.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 07:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138904 (0x21e98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Nov 29 15:34:41 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A916DDB4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:18:ef:10:f0:0b:db:16:94:21:61:9b:2b:9c:
e3:7d:8a:f5:a2:fd:bc:6c:74:9c:9d:b3:92:3c:ec:
ad:a3:85:54:0c:92:4d:b3:c6:5d:b3:c7:52:9b:6b:
04:ef:46:bf:08:4e:dc:00:3b:f5:9d:96:02:29:92:
08:44:03:9d:df:51:ee:00:8a:20:67:e6:11:e9:d0:
82:7c:a8:3a:4a:79:5a:eb:74:8b:78:d7:91:62:7c:
92:a6:12:4b:99:aa:dc:13:1e:41:a3:8c:82:e8:19:
fa:08:29:d9:97:05:cd:8c:52:1f:4a:86:2a:0b:84:
61:7a:30:d3:6a:fa:e9:b6:3c:27:eb:34:f7:1b:1e:
21:49:f0:f1:21:ab:d0:33:9a:22:50:69:ff:2e:56:
47:6d:6c:4b:29:c7:1d:89:8e:4d:dc:f1:7b:24:36:
14:ce:7b:3d:12:fd:fd:03:ef:70:6e:81:b5:7f:43:
90:4f:7d:38:d1:9b:1d:78:53:44:e8:73:31:3f:e2:
d1:2d:79:8c:90:38:ea:82:a3:26:81:b8:46:64:1a:
23:2b:08:e9:ba:5b:dd:0a:3d:89:a8:89:4e:43:a8:
a1:39:13:ba:b9:12:b3:a8:e7:5f:be:df:a0:38:49:
81:aa:70:7c:b8:80:59:97:1e:94:9a:01:ab:59:7a:
48:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:47:75:37:F3:23:EF:B5:9D:BD:8D:BE:B3:AF:AB:1F:15:82:F5:46
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A916DDB4/A6008316B93211EBB95D063CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A916DDB4/A6008316B93211EBB95D063CC4F9AE02/Kkd1N_Mj77WdvY2-s6-rHxWC9UY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.28.167.0/24
Signature Algorithm: sha256WithRSAEncryption
68:11:7c:60:16:c4:07:dd:ca:c2:69:1a:0d:51:19:e5:b0:7b:
b0:b7:dc:43:bc:6f:92:dd:ce:eb:a3:d8:4e:76:33:df:f5:96:
6e:16:03:93:01:b9:d5:72:15:56:6e:4c:6d:2d:90:c8:ee:13:
25:4c:76:e8:6e:75:79:05:44:c5:a9:88:da:f6:f4:c3:ca:9d:
a8:74:95:78:b6:db:ab:26:ae:c8:2c:38:f6:2c:6c:83:2a:6a:
00:08:3d:cf:40:43:96:a3:8e:6b:87:55:2d:e6:7e:77:93:3e:
f8:ad:3c:5b:2f:2e:c3:2f:a8:00:0a:dc:0d:63:64:9b:c8:7b:
7f:0c:94:1f:67:e6:7c:f3:f5:81:49:7f:29:f5:b5:47:50:19:
94:25:e6:65:95:28:ec:ac:d5:c7:22:fb:03:11:75:92:2e:b1:
0b:8e:73:c9:2b:91:eb:40:13:c5:0f:09:bd:d0:af:8c:bb:3a:
51:e5:49:f0:50:c9:86:2f:53:5a:0c:0b:e7:aa:e9:33:a3:63:
9d:5a:f1:f7:ed:5b:20:8a:f2:12:a2:09:85:67:29:24:b5:03:
bf:69:3a:f2:c3:47:f9:27:b8:1b:b1:bb:ca:0c:7c:fd:77:7a:
5e:dd:9f:3c:d1:c0:a0:5a:11:76:12:4c:28:d5:85:48:aa:b0:
c6:af:27:2d
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAh6YMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTEyOTE1MzQ0MVoXDTI2MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNkREQjQxMTAvBgNVBAUTKDJBNDc3NTM3RjMyM0VGQjU5REJEOERC
RUIzQUZBQjFGMTU4MkY1NDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBGO8Q8AvbFpQhYZsrnON9ivWi/bxsdJyds5I87K2jhVQMkk2zxl2zx1KbawTv
Rr8ITtwAO/WdlgIpkghEA53fUe4AiiBn5hHp0IJ8qDpKeVrrdIt415FifJKmEkuZ
qtwTHkGjjILoGfoIKdmXBc2MUh9KhioLhGF6MNNq+um2PCfrNPcbHiFJ8PEhq9Az
miJQaf8uVkdtbEspxx2Jjk3c8XskNhTOez0S/f0D73BugbV/Q5BPfTjRmx14U0To
czE/4tEteYyQOOqCoyaBuEZkGiMrCOm6W90KPYmoiU5DqKE5E7q5ErOo51++36A4
SYGqcHy4gFmXHpSaAatZekh/AgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQUKkd1N/Mj
77WdvY2+s6+rHxWC9UYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTZEREI0L0E2MDA4MzE2QjkzMjExRUJCOTVEMDYzQ0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2RERCNC9BNjAwODMxNkI5MzIxMUVCQjk1RDA2M0NDNEY5QUUwMi9La2QxTl9N
ajc3V2R2WTItczYtckh4V0M5VVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBADLHKcwDQYJKoZIhvcNAQELBQADggEBAGgRfGAWxAfdysJpGg1R
GeWwe7C33EO8b5Ldzuuj2E52M9/1lm4WA5MBudVyFVZuTG0tkMjuEyVMduhudXkF
RMWpiNr29MPKnah0lXi226smrsgsOPYsbIMqagAIPc9AQ5ajjmuHVS3mfneTPvit
PFsvLsMvqAAK3A1jZJvIe38MlB9n5nzz9YFJfyn1tUdQGZQl5mWVKOys1cci+wMR
dZIusQuOc8krketAE8UPCb3Qr4y7OlHlSfBQyYYvU1oMC+eq6TOjY51a8fftWyCK
8hKiCYVnKSS1A79pOvLDR/knuBuxu8oMfP13el7dnzzRwKBaEXYSTCjVhUiqsMav
Jy0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:01:33 2025 by rpki-client