Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q59amkDhmWeae8Cb4gf9H2CgSFc.cer
File: Q59amkDhmWeae8Cb4gf9H2CgSFc.cer (raw, json)
Hash identifier: ktn9qfBN5k1UXgCuy9ksD5S/Vdcc6d2hjyCs5SQUJ5o=
Subject key identifier: 43:9F:5A:9A:40:E1:99:67:9A:7B:C0:9B:E2:07:FD:1F:60:A0:48:57
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02210B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9126C60/BF6323E6894B11E387C49E675911EA32/Q59amkDhmWeae8Cb4gf9H2CgSFc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9126C60/BF6323E6894B11E387C49E675911EA32/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 06 Dec 2024 13:08:06 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: AS: 45950
IP: 103.8.80.0/22
IP: 202.134.48.0/24
IP: 2406:1d00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 05:08:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139531 (0x2210b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Dec 6 13:08:06 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A9126C60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ac:09:54:d6:56:40:18:6a:27:35:5d:74:31:
1c:48:18:8d:cb:47:56:ad:33:7e:e3:db:35:69:6c:
9b:0d:73:8a:e1:3b:62:a6:3c:49:9d:20:22:d4:32:
0b:a8:48:b5:d4:dc:45:b3:6c:02:8f:be:d6:9a:9e:
aa:94:ea:58:1f:1a:8c:cd:41:d1:50:f7:97:5b:c3:
fe:3f:72:3b:b2:51:8d:47:54:c3:89:86:b7:da:88:
c0:ad:a2:c7:45:09:a6:5d:eb:a2:33:39:dd:73:28:
e1:73:db:7b:ed:48:8b:62:45:10:0e:c9:af:ee:fd:
df:6f:c1:9c:af:3a:73:57:35:48:ac:01:e1:72:40:
7d:d3:e9:48:58:2b:1c:94:88:77:45:cd:35:08:aa:
8c:75:c1:69:38:5f:48:eb:17:ce:c4:83:0a:3f:10:
52:9c:bb:0c:46:cc:dd:ac:60:8d:ad:c3:0d:75:1f:
9c:08:22:a1:d8:7b:6f:ea:b7:a9:46:af:dc:47:f3:
cc:6b:00:f1:dd:a9:b0:69:5c:8d:dd:7c:14:76:1f:
28:7b:d5:bb:0f:5f:7d:f8:b9:0c:28:c9:47:35:0d:
12:1c:f6:a2:8f:f8:ae:b6:71:2d:9c:c5:6b:2b:96:
fb:9e:f7:41:29:73:cb:78:23:0a:39:13:31:9e:f1:
70:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:9F:5A:9A:40:E1:99:67:9A:7B:C0:9B:E2:07:FD:1F:60:A0:48:57
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9126C60/BF6323E6894B11E387C49E675911EA32/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9126C60/BF6323E6894B11E387C49E675911EA32/Q59amkDhmWeae8Cb4gf9H2CgSFc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
45950
sbgp-ipAddrBlock: critical
IPv4:
103.8.80.0/22
202.134.48.0/24
IPv6:
2406:1d00::/32
Signature Algorithm: sha256WithRSAEncryption
31:f8:eb:90:d2:6e:a6:e7:91:c2:d8:02:f7:75:85:5a:72:dc:
fb:6f:2c:dd:75:7a:29:43:39:c9:ff:b3:a5:90:fa:ad:d6:3f:
90:45:99:88:b9:f5:1c:d7:89:de:71:93:f8:aa:e3:df:4c:15:
cf:f9:17:51:c6:82:2e:ea:dd:f3:99:37:bc:95:9b:77:42:1e:
34:35:3c:41:84:a4:e1:84:6a:17:e2:6d:b3:87:bc:40:15:4d:
c9:c1:3f:d4:1a:be:98:22:6b:9b:c7:99:8c:82:05:a3:18:f4:
f9:ea:c9:5c:8c:68:2f:07:f9:f4:e7:b5:80:9a:27:79:21:96:
60:21:3e:44:3d:71:07:1e:38:28:20:e4:ba:e6:f5:80:0e:5e:
92:1b:8b:d3:a4:b7:53:f3:84:e5:4b:4f:c1:c1:1a:04:a3:89:
b7:29:bf:f1:3b:d9:9e:a4:13:09:46:64:a3:b3:f1:42:2f:7f:
c6:67:42:f0:e7:37:e7:de:92:f0:7d:18:9d:df:16:7d:77:38:
6c:46:13:98:83:c6:d9:4d:bd:b6:d3:3e:7c:18:85:6e:88:d7:
ee:d6:aa:10:f5:56:95:88:4d:46:34:a9:4c:89:bc:f8:c5:8c:
69:c7:3e:5c:47:39:1c:86:9c:2d:55:5b:4d:71:96:76:cc:3f:
c7:14:0e:20
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAiELMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTIwNjEzMDgwNloXDTI2MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjZDNjAxMTAvBgNVBAUTKDQzOUY1QTlBNDBFMTk5Njc5QTdCQzA5
QkUyMDdGRDFGNjBBMDQ4NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCqrAlU1lZAGGonNV10MRxIGI3LR1atM37j2zVpbJsNc4rhO2KmPEmdICLUMguo
SLXU3EWzbAKPvtaanqqU6lgfGozNQdFQ95dbw/4/cjuyUY1HVMOJhrfaiMCtosdF
CaZd66IzOd1zKOFz23vtSItiRRAOya/u/d9vwZyvOnNXNUisAeFyQH3T6UhYKxyU
iHdFzTUIqox1wWk4X0jrF87Egwo/EFKcuwxGzN2sYI2tww11H5wIIqHYe2/qt6lG
r9xH88xrAPHdqbBpXI3dfBR2Hyh71bsPX334uQwoyUc1DRIc9qKP+K62cS2cxWsr
lvue90Epc8t4Iwo5EzGe8XA7AgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUQ59amkDh
mWeae8Cb4gf9H2CgSFcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTI2QzYwL0JGNjMyM0U2ODk0QjExRTM4N0M0OUU2NzU5MTFFQTMyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyNkM2MC9CRjYzMjNFNjg5NEIxMUUzODdDNDlFNjc1OTExRUEzMi9RNTlhbWtE
aG1XZWFlOENiNGdmOUgyQ2dTRmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDALN+MDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZwhQAwQAyoYw
MA0EAgACMAcDBQAkBh0AMA0GCSqGSIb3DQEBCwUAA4IBAQAx+OuQ0m6m55HC2AL3
dYVactz7byzddXopQznJ/7OlkPqt1j+QRZmIufUc14necZP4quPfTBXP+RdRxoIu
6t3zmTe8lZt3Qh40NTxBhKThhGoX4m2zh7xAFU3JwT/UGr6YImubx5mMggWjGPT5
6slcjGgvB/n057WAmid5IZZgIT5EPXEHHjgoIOS65vWADl6SG4vTpLdT84TlS0/B
wRoEo4m3Kb/xO9mepBMJRmSjs/FCL3/GZ0Lw5zfn3pLwfRid3xZ9dzhsRhOYg8bZ
Tb220z58GIVuiNfu1qoQ9VaViE1GNKlMibz4xYxpxz5cRzkchpwtVVtNcZZ2zD/H
FA4g
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:08:01 2025 by rpki-client