Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LlvLxmGv8f7Viw_0tYPc9ewaN0o.cer
File: LlvLxmGv8f7Viw_0tYPc9ewaN0o.cer (raw, json)
Hash identifier: iG+u6necPMZUjZ1CvToiGOfCDUkE0V2TKtKS/GjeiR8=
Subject key identifier: 2E:5B:CB:C6:61:AF:F1:FE:D5:8B:0F:F4:B5:83:DC:F5:EC:1A:37:4A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01DCD0
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A918919A/0490909A431B11EAB019772CC4F9AE02/LlvLxmGv8f7Viw_0tYPc9ewaN0o.mft
caRepository: rsync://rpki.apnic.net/member_repository/A918919A/0490909A431B11EAB019772CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 01 Feb 2024 23:25:01 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: AS: 9878
AS: 17669
AS: 17732
AS: 17918
AS: 24032
AS: 56307
AS: 132214
IP: 103.227.20.0/22
IP: 117.53.160.0/20
IP: 119.77.0.0/18
IP: 139.5.172.0/22
IP: 202.44.98.0/23
IP: 202.93.248.0/22
IP: 202.129.128.0/19
IP: 203.22.104.0/23
IP: 2001:df1:3a00::/48
IP: 2404:8600::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 27 Apr 2024 02:50:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122064 (0x1dcd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Feb 1 23:25:01 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=A918919A/serialNumber=2E5BCBC661AFF1FED58B0FF4B583DCF5EC1A374A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:45:af:87:b2:79:a2:a0:e5:c7:da:65:56:63:
69:a1:30:5f:56:ef:0e:7a:9c:26:5e:0e:9f:34:f4:
8c:f7:ea:d4:9a:ad:30:8c:0b:3e:b1:92:a5:a4:02:
44:e5:e8:a5:42:82:e4:9a:c2:e1:f4:da:62:d5:2e:
6e:ff:bc:79:c8:23:eb:8a:b8:17:b7:58:3f:29:e4:
46:05:30:1a:9f:d4:bb:80:e6:6a:0b:ee:9e:90:21:
ff:72:fa:ce:3b:00:aa:39:f5:7b:5b:6c:4b:18:b8:
eb:77:03:47:ee:40:9d:c8:ab:e7:14:03:ae:e0:c0:
55:f3:4d:1c:1a:5b:84:85:8c:26:ba:75:41:d1:b5:
b2:78:af:fc:6f:94:5f:8a:9d:d1:fd:d8:34:78:46:
cd:53:00:17:e6:66:77:90:b8:07:21:b6:6b:28:4d:
46:e0:a6:79:a0:2d:bf:0f:1c:ce:ed:97:5b:ad:cb:
b2:14:c6:1b:22:3f:9e:3d:18:9b:97:a2:ac:a7:f0:
f0:f2:9e:a5:47:82:98:db:ac:42:5b:fb:ab:ee:16:
13:db:6d:6c:56:36:59:b1:e3:4c:53:9b:4f:a6:c3:
b6:48:35:73:f7:8c:cd:6c:fc:c4:ae:5d:3b:b4:f9:
c1:53:7e:d3:cc:66:50:cf:45:e2:3e:ef:46:8f:6f:
1c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:5B:CB:C6:61:AF:F1:FE:D5:8B:0F:F4:B5:83:DC:F5:EC:1A:37:4A
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918919A/0490909A431B11EAB019772CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918919A/0490909A431B11EAB019772CC4F9AE02/LlvLxmGv8f7Viw_0tYPc9ewaN0o.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9878
17669
17732
17918
24032
56307
132214
sbgp-ipAddrBlock: critical
IPv4:
103.227.20.0/22
117.53.160.0/20
119.77.0.0/18
139.5.172.0/22
202.44.98.0/23
202.93.248.0/22
202.129.128.0/19
203.22.104.0/23
IPv6:
2001:df1:3a00::/48
2404:8600::/32
Signature Algorithm: sha256WithRSAEncryption
c1:52:bb:ec:6f:5a:4b:79:47:82:b0:7d:9d:5c:97:e0:02:11:
4a:53:8a:10:ef:da:bf:11:03:53:aa:71:35:29:17:11:df:39:
55:c9:0c:6a:02:91:24:3b:d4:88:26:f9:7d:5b:57:20:14:61:
86:d9:05:65:ea:e4:6e:0f:21:43:92:13:db:17:d5:e5:59:30:
11:b8:93:5e:47:b7:4b:d6:ce:07:2f:92:77:8c:b8:43:f4:f2:
44:4b:42:46:3c:de:f3:b4:2f:33:38:c7:9c:63:55:2d:ef:cc:
bb:ff:27:b1:04:78:de:63:49:3d:f3:99:b4:0b:11:c8:a4:2d:
82:b7:07:85:f6:01:cb:a9:be:8e:0e:9c:98:7e:d7:dd:6d:6f:
0e:b8:7c:cb:64:15:f3:d6:57:36:4a:65:7e:13:65:c1:52:42:
79:87:27:d0:35:b7:1e:c5:78:7e:eb:17:ad:17:8d:33:e0:95:
43:dc:ad:d4:35:72:b4:d6:f2:67:f3:b4:5e:7a:37:ef:e4:e0:
f0:b0:30:ad:ff:c0:51:46:10:f2:e3:a6:04:d4:12:43:14:17:
28:a0:fc:80:c3:83:3f:58:04:97:8b:ec:b7:63:46:2b:ab:57:
1e:be:b4:f6:12:37:bf:d6:87:10:6e:9b:97:69:5c:c0:72:9b:
81:1e:90:a5
-----BEGIN CERTIFICATE-----
MIIGdTCCBV2gAwIBAgIDAdzQMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIwMTIzMjUwMVoXDTI0MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxODkxOUExMTAvBgNVBAUTKDJFNUJDQkM2NjFBRkYxRkVENThCMEZG
NEI1ODNEQ0Y1RUMxQTM3NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIRa+HsnmioOXH2mVWY2mhMF9W7w56nCZeDp809Iz36tSarTCMCz6xkqWkAkTl
6KVCguSawuH02mLVLm7/vHnII+uKuBe3WD8p5EYFMBqf1LuA5moL7p6QIf9y+s47
AKo59XtbbEsYuOt3A0fuQJ3Iq+cUA67gwFXzTRwaW4SFjCa6dUHRtbJ4r/xvlF+K
ndH92DR4Rs1TABfmZneQuAchtmsoTUbgpnmgLb8PHM7tl1uty7IUxhsiP549GJuX
oqyn8PDynqVHgpjbrEJb+6vuFhPbbWxWNlmx40xTm0+mw7ZINXP3jM1s/MSuXTu0
+cFTftPMZlDPReI+70aPbxzzAgMBAAGjggNqMIIDZjAdBgNVHQ4EFgQULlvLxmGv
8f7Viw/0tYPc9ewaN0owHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTg5MTlBLzA0OTA5MDlBNDMxQjExRUFCMDE5NzcyQ0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4OTE5QS8wNDkwOTA5QTQzMUIxMUVBQjAxOTc3MkNDNEY5QUUwMi9MbHZMeG1H
djhmN1Zpd18wdFlQYzlld2FOMG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQgBAf8EJDAi
oCAwHgICJpYCAkUFAgJFRAICRf4CAl3gAgMA2/MCAwIEdjBhBggrBgEFBQcBBwEB
/wRSMFAwNgQCAAEwMAMEAmfjFAMEBHU1oAMEBndNAAMEAosFrAMEAcosYgMEAspd
+AMEBcqBgAMEAcsWaDAWBAIAAjAQAwcAIAEN8ToAAwUAJASGADANBgkqhkiG9w0B
AQsFAAOCAQEAwVK77G9aS3lHgrB9nVyX4AIRSlOKEO/avxEDU6pxNSkXEd85VckM
agKRJDvUiCb5fVtXIBRhhtkFZerkbg8hQ5IT2xfV5VkwEbiTXke3S9bOBy+Sd4y4
Q/TyREtCRjze87QvMzjHnGNVLe/Mu/8nsQR43mNJPfOZtAsRyKQtgrcHhfYBy6m+
jg6cmH7X3W1vDrh8y2QV89ZXNkplfhNlwVJCeYcn0DW3HsV4fusXrReNM+CVQ9yt
1DVytNbyZ/O0Xno37+Tg8LAwrf/AUUYQ8uOmBNQSQxQXKKD8gMODP1gEl4vst2NG
K6tXHr609hI3v9aHEG6bl2lcwHKbgR6QpQ==
-----END CERTIFICATE-----
Generated at Sat Apr 20 03:57:49 2024 by rpki-client on console-fra.rpki-client.org