Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ny8cd2Gx3cgyjFC60O7tzZny5PI.cer
File: Ny8cd2Gx3cgyjFC60O7tzZny5PI.cer (raw, json)
Hash identifier: cihgcd/9W8ERTmbLEzajJXKUF4i/tjmyQHGobKIIUPM=
Subject key identifier: 37:2F:1C:77:61:B1:DD:C8:32:8C:50:BA:D0:EE:ED:CD:99:F2:E4:F2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02215B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91142EA/F5332D7E84C311E6B9821A81C4F9AE02/Ny8cd2Gx3cgyjFC60O7tzZny5PI.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91142EA/F5332D7E84C311E6B9821A81C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 08 Dec 2024 12:25:00 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 133866
IP: 103.76.44.0/22
IP: 116.206.88.0/22
IP: 2407:6280::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 06:50:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139611 (0x2215b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Dec 8 12:25:00 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A91142EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:fb:4c:7d:1e:7a:3a:12:cc:bd:05:ae:a2:36:
31:45:4a:1d:d0:02:79:01:61:2a:44:ba:80:84:d2:
9e:01:9f:37:f5:7a:05:45:1a:56:0b:65:2c:44:53:
cb:fa:df:b5:97:c3:24:1a:7b:af:fd:04:f5:f2:63:
a4:b6:2f:1e:18:4f:35:4a:f4:b6:49:f3:96:36:4c:
88:68:bd:b5:ff:6d:5b:fb:6b:fe:c0:19:3a:b2:b1:
f8:70:4f:6b:2f:3d:f1:ce:c8:95:9e:3f:41:26:d2:
06:ac:84:98:33:03:3e:ec:bc:28:1f:c6:c0:fb:22:
b4:93:af:6d:9d:06:f7:ae:2b:bb:86:4a:f2:6f:1a:
ef:b0:21:20:ae:f1:77:af:7b:68:14:e7:69:20:8b:
15:85:df:cb:2e:6d:5a:06:28:f7:f4:10:11:d5:c1:
1b:22:76:0a:64:82:69:10:55:c6:60:dc:50:b1:6d:
ef:52:c1:9c:82:64:fb:69:2e:44:5d:bb:80:61:84:
01:bd:b0:5e:f3:d3:1c:d2:49:1c:35:a1:41:9d:81:
ee:2b:41:fd:bf:66:f6:7d:e5:2a:fa:90:a1:e6:5c:
05:8c:b7:d9:59:75:f0:bb:a3:ba:ee:df:bc:23:e8:
4e:0d:29:95:6b:3d:64:e9:a5:30:38:b9:9a:e2:ee:
c7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:2F:1C:77:61:B1:DD:C8:32:8C:50:BA:D0:EE:ED:CD:99:F2:E4:F2
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91142EA/F5332D7E84C311E6B9821A81C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91142EA/F5332D7E84C311E6B9821A81C4F9AE02/Ny8cd2Gx3cgyjFC60O7tzZny5PI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
133866
sbgp-ipAddrBlock: critical
IPv4:
103.76.44.0/22
116.206.88.0/22
IPv6:
2407:6280::/32
Signature Algorithm: sha256WithRSAEncryption
41:3b:2d:8d:ea:b4:52:92:a8:d3:70:0e:6e:5a:da:a1:87:e9:
95:35:3e:6c:7d:54:35:89:50:53:d8:cd:0b:ee:9c:94:bc:3a:
50:d2:d1:ea:05:41:5a:29:e6:5f:a8:a4:84:c5:0f:fb:24:41:
50:18:fd:6f:7a:70:76:48:7a:4b:0f:52:49:b1:09:8d:fc:b2:
6f:b4:8e:3d:b2:b2:fd:63:7b:77:b0:cf:51:f6:f5:3d:22:95:
a2:3b:d9:8b:aa:e9:d7:31:25:cc:5d:86:85:57:51:c9:4b:c0:
b1:ae:32:9a:6f:f2:77:73:06:b6:7d:39:7a:a9:77:cc:01:73:
16:d7:3d:13:84:4b:1a:9e:f5:15:be:d7:8a:13:39:27:46:20:
23:40:03:f7:4a:5b:f4:9c:6b:4a:9e:7d:c6:17:7e:8d:3c:3d:
84:f9:2d:16:96:f4:10:cd:61:d6:ea:9f:73:fa:8b:38:cb:fe:
81:74:39:33:dc:04:c6:57:c5:63:2a:3f:c7:f4:3f:eb:91:c3:
69:e7:e7:c0:73:bc:7f:e6:46:74:6e:d3:84:6f:90:58:93:fa:
93:18:28:a3:a5:3f:f5:92:75:29:cd:d7:19:bd:c9:ec:d1:23:
fa:8a:a8:04:02:45:a8:91:c8:2a:02:2a:0c:77:75:9f:e1:96:
5c:3e:87:1e
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAiFbMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTIwODEyMjUwMFoXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTQyRUExMTAvBgNVBAUTKDM3MkYxQzc3NjFCMUREQzgzMjhDNTBC
QUQwRUVFRENEOTlGMkU0RjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDm+0x9Hno6Esy9Ba6iNjFFSh3QAnkBYSpEuoCE0p4Bnzf1egVFGlYLZSxEU8v6
37WXwyQae6/9BPXyY6S2Lx4YTzVK9LZJ85Y2TIhovbX/bVv7a/7AGTqysfhwT2sv
PfHOyJWeP0Em0gashJgzAz7svCgfxsD7IrSTr22dBveuK7uGSvJvGu+wISCu8Xev
e2gU52kgixWF38subVoGKPf0EBHVwRsidgpkgmkQVcZg3FCxbe9SwZyCZPtpLkRd
u4BhhAG9sF7z0xzSSRw1oUGdge4rQf2/ZvZ95Sr6kKHmXAWMt9lZdfC7o7ru37wj
6E4NKZVrPWTppTA4uZri7sd/AgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUNy8cd2Gx
3cgyjFC60O7tzZny5PIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTE0MkVBL0Y1MzMyRDdFODRDMzExRTZCOTgyMUE4MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExNDJFQS9GNTMzMkQ3RTg0QzMxMUU2Qjk4MjFBODFDNEY5QUUwMi9OeThjZDJH
eDNjZ3lqRkM2ME83dHpabnk1UEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgrqMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ0wsAwQCdM5Y
MA0EAgACMAcDBQAkB2KAMA0GCSqGSIb3DQEBCwUAA4IBAQBBOy2N6rRSkqjTcA5u
Wtqhh+mVNT5sfVQ1iVBT2M0L7pyUvDpQ0tHqBUFaKeZfqKSExQ/7JEFQGP1venB2
SHpLD1JJsQmN/LJvtI49srL9Y3t3sM9R9vU9IpWiO9mLqunXMSXMXYaFV1HJS8Cx
rjKab/J3cwa2fTl6qXfMAXMW1z0ThEsanvUVvteKEzknRiAjQAP3Slv0nGtKnn3G
F36NPD2E+S0WlvQQzWHW6p9z+os4y/6BdDkz3ATGV8VjKj/H9D/rkcNp5+fAc7x/
5kZ0btOEb5BYk/qTGCijpT/1knUpzdcZvcns0SP6iqgEAkWokcgqAioMd3Wf4ZZc
Poce
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:25:03 2025 by rpki-client