Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ty_T8AtY8TSpqOPn3ajY0grANSc.cer
File: Ty_T8AtY8TSpqOPn3ajY0grANSc.cer (raw, json)
Hash identifier: RpV1m7Gx6SNKTQEkd7/8Gtpl/wEHEr3IxFNqZP6VFT4=
Subject key identifier: 4F:2F:D3:F0:0B:58:F1:34:A9:A8:E3:E7:DD:A8:D8:D2:0A:C0:35:27
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 022C30
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9174880/69F04BA81D6A11E2BB7014A808B02CD2/Ty_T8AtY8TSpqOPn3ajY0grANSc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9174880/69F04BA81D6A11E2BB7014A808B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 29 Jan 2025 15:52:40 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: AS: 9236
AS: 9281
AS: 9439
AS: 9537
AS: 9560
AS: 23754 -- 23755
AS: 23904
AS: 23977
AS: 24318
AS: 24384 -- 24388
AS: 38178
AS: 38189
AS: 38329
AS: 45279
AS: 45585
AS: 45633
AS: 131110
AS: 132001
AS: 132040
AS: 134954 -- 134961
IP: 103.23.16.0/22
IP: 110.173.160.0/20
IP: 202.7.0.0/23
IP: 202.7.4.0/22
IP: 202.8.44.0/22
IP: 218.100.21.0/24
IP: 218.100.23.0 -- 218.100.26.255
IP: 218.100.56.0/24
IP: 218.100.65.0/24
IP: 2001:4410::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Apr 2025 23:51:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142384 (0x22c30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 29 15:52:40 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=A9174880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ed:57:15:de:21:a8:31:b9:a9:5c:1b:ab:f3:
e9:32:42:d3:f2:cc:06:2f:34:d5:0a:60:50:c0:ce:
79:f5:df:36:f0:f4:6c:46:a3:4c:8f:59:06:91:9a:
9c:2e:2d:b8:f2:36:69:6e:dc:2d:6b:64:6b:ce:4a:
73:8f:24:fa:a1:42:df:65:41:5e:34:ae:4b:58:6a:
4e:f5:db:e7:89:a9:49:8c:03:46:a4:64:be:1e:39:
80:f0:bf:54:fa:83:e8:1d:b6:ca:83:ac:ce:59:38:
b1:95:cc:cf:b5:60:b2:f5:c3:93:3d:4a:1e:04:d4:
60:65:9b:d5:c5:af:46:e1:e6:06:09:df:c3:76:1a:
ba:92:26:18:7b:0c:23:7d:ec:a8:f6:18:fa:6f:1c:
21:44:95:7d:ec:16:82:24:d7:c4:c3:95:e3:e7:d0:
f5:35:ed:24:50:ea:20:62:5d:b7:3f:2d:92:14:d5:
dd:42:af:0e:21:51:5b:88:f8:68:05:1b:37:b9:82:
a1:47:64:d8:ea:66:f6:8c:ab:b4:d0:b5:e2:85:9e:
65:cc:40:0f:83:fd:fe:ef:3d:5e:89:3e:34:4d:3e:
86:57:75:52:6c:9a:b4:21:51:3c:e7:32:e7:65:e3:
75:c2:4a:96:f7:68:87:86:7e:dc:9b:62:c1:6a:69:
d0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:2F:D3:F0:0B:58:F1:34:A9:A8:E3:E7:DD:A8:D8:D2:0A:C0:35:27
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9174880/69F04BA81D6A11E2BB7014A808B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9174880/69F04BA81D6A11E2BB7014A808B02CD2/Ty_T8AtY8TSpqOPn3ajY0grANSc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9236
9281
9439
9537
9560
23754-23755
23904
23977
24318
24384-24388
38178
38189
38329
45279
45585
45633
131110
132001
132040
134954-134961
sbgp-ipAddrBlock: critical
IPv4:
103.23.16.0/22
110.173.160.0/20
202.7.0.0/23
202.7.4.0/22
202.8.44.0/22
218.100.21.0/24
218.100.23.0-218.100.26.255
218.100.56.0/24
218.100.65.0/24
IPv6:
2001:4410::/32
Signature Algorithm: sha256WithRSAEncryption
66:96:45:7a:81:50:7b:68:7e:73:ec:d0:66:6b:df:72:40:fd:
5c:49:d6:2c:a5:77:e1:b7:64:69:26:a2:33:36:20:ce:3d:cc:
13:cb:08:3e:28:64:3f:39:1b:f3:7d:84:aa:35:a4:87:3d:4d:
17:38:c8:49:b7:1d:30:32:aa:21:1f:57:e6:a6:7e:c2:24:38:
d6:95:f8:6a:d8:0a:41:14:f3:42:cd:58:cf:7e:87:7f:d5:25:
c0:fc:c2:c3:2d:aa:e3:75:34:bb:18:93:91:35:b9:3c:b8:c3:
62:47:d8:f9:2c:40:4a:9b:48:28:34:1d:d4:23:f8:0e:70:c6:
bb:4e:df:a4:ec:4d:df:61:d8:13:ad:9c:c2:05:99:58:67:d1:
86:70:c1:3c:32:9a:40:0a:64:ed:97:54:4f:d2:5e:aa:05:18:
b1:75:14:de:a1:7a:dc:43:3a:8b:b5:ca:28:e7:b2:ce:e9:31:
ec:7e:98:e6:62:53:89:79:c1:12:c6:13:9b:22:32:dc:c8:41:
ec:7f:77:67:17:04:88:eb:f3:f3:f8:17:86:88:97:e1:e3:ea:
3f:44:06:8b:6c:45:0e:e2:2f:93:c1:66:04:54:0c:34:bf:b8:
6f:3f:cc:a3:20:5d:e7:7b:de:ab:43:aa:df:8a:f1:bb:2f:12:
eb:66:6a:86
-----BEGIN CERTIFICATE-----
MIIGyjCCBbKgAwIBAgIDAiwwMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDEyOTE1NTI0MFoXDTI2MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNzQ4ODAxMTAvBgNVBAUTKDRGMkZEM0YwMEI1OEYxMzRBOUE4RTNF
N0REQThEOEQyMEFDMDM1MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCx7VcV3iGoMbmpXBur8+kyQtPyzAYvNNUKYFDAznn13zbw9GxGo0yPWQaRmpwu
LbjyNmlu3C1rZGvOSnOPJPqhQt9lQV40rktYak712+eJqUmMA0akZL4eOYDwv1T6
g+gdtsqDrM5ZOLGVzM+1YLL1w5M9Sh4E1GBlm9XFr0bh5gYJ38N2GrqSJhh7DCN9
7Kj2GPpvHCFElX3sFoIk18TDlePn0PU17SRQ6iBiXbc/LZIU1d1Crw4hUVuI+GgF
Gze5gqFHZNjqZvaMq7TQteKFnmXMQA+D/f7vPV6JPjRNPoZXdVJsmrQhUTznMudl
43XCSpb3aIeGftybYsFqadANAgMBAAGjggO/MIIDuzAdBgNVHQ4EFgQUTy/T8AtY
8TSpqOPn3ajY0grANScwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTc0ODgwLzY5RjA0QkE4MUQ2QTExRTJCQjcwMTRBODA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3NDg4MC82OUYwNEJBODFENkExMUUyQkI3MDE0QTgwOEIwMkNEMi9UeV9UOEF0
WThUU3BxT1BuM2FqWTBnckFOU2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYIGCCsGAQUFBwEIAQH/BHMw
caBvMG0CAiQUAgIkQQICJN8CAiVBAgIlWDAIAgJcygICXMsCAl1gAgJdqQICXv4w
CAICX0ACAl9EAgMAlSICAwCVLQIDAJW5AgMAsN8CAwCyEQIDALJBAgMCACYCAwID
oQIDAgPIMAoCAwIPKgIDAg8xMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQC
ZxcQAwQEbq2gAwQBygcAAwQCygcEAwQCyggsAwQA2mQVMAwDBADaZBcDBADaZBoD
BADaZDgDBADaZEEwDQQCAAIwBwMFACABRBAwDQYJKoZIhvcNAQELBQADggEBAGaW
RXqBUHtofnPs0GZr33JA/VxJ1iyld+G3ZGkmojM2IM49zBPLCD4oZD85G/N9hKo1
pIc9TRc4yEm3HTAyqiEfV+amfsIkONaV+GrYCkEU80LNWM9+h3/VJcD8wsMtquN1
NLsYk5E1uTy4w2JH2PksQEqbSCg0HdQj+A5wxrtO36TsTd9h2BOtnMIFmVhn0YZw
wTwymkAKZO2XVE/SXqoFGLF1FN6hetxDOou1yijnss7pMex+mOZiU4l5wRLGE5si
MtzIQex/d2cXBIjr8/P4F4aIl+Hj6j9EBotsRQ7iL5PBZgRUDDS/uG8/zKMgXed7
3qtDqt+K8bsvEutmaoY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:11:40 2025 by rpki-client