Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XBevLgqvSQzqqE4qqnFIPQOV8eQ.cer
File: XBevLgqvSQzqqE4qqnFIPQOV8eQ.cer (raw, json)
Hash identifier: tn9nqaafe9JETOy27otIjqXzME95SLJv6syDcX7G+p4=
Subject key identifier: 5C:17:AF:2E:0A:AF:49:0C:EA:A8:4E:2A:AA:71:48:3D:03:95:F1:E4
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01ED65
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91923A9/A6387684FAA511EDB2B2957FC4F9AE02/XBevLgqvSQzqqE4qqnFIPQOV8eQ.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91923A9/A6387684FAA511EDB2B2957FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 25 Apr 2024 06:28:21 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 103.91.156.0/22
IP: 123.253.44.0/22
IP: 2406:1ec0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126309 (0x1ed65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 25 06:28:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A91923A9/serialNumber=5C17AF2E0AAF490CEAA84E2AAA71483D0395F1E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:32:da:01:c2:9b:69:37:54:71:98:70:e1:e9:
09:db:c6:15:d8:4f:f8:fe:b8:22:4f:65:dc:8c:28:
94:f7:9f:23:9d:12:dd:d3:55:19:0f:1a:b0:63:23:
3d:33:84:08:22:38:03:cd:d0:59:38:92:d2:34:5c:
39:fd:03:a1:f8:3b:16:b9:f9:a9:b3:32:24:e0:cc:
22:29:84:35:8f:88:b5:d6:17:32:63:b2:8c:e4:92:
4f:9f:70:dd:19:28:24:c0:29:9b:ad:30:23:0d:cc:
fb:b0:cb:5b:7c:6a:49:f8:a5:2f:47:da:93:da:08:
d0:27:8f:c9:ff:58:9a:28:ba:38:dd:a8:e2:82:0b:
1f:07:e0:99:1b:36:52:97:89:7e:83:65:5d:16:0b:
63:c2:f0:38:61:d6:4b:6c:33:f8:74:fa:47:b4:d1:
1a:dd:45:d3:8b:5a:c0:0c:0b:a0:65:94:5e:ee:36:
28:02:f0:9c:b3:52:d8:11:c7:9b:06:67:ef:19:2d:
c6:f9:d4:c4:ac:93:93:21:c8:cb:e8:53:b6:ac:24:
eb:40:ce:7b:54:fb:18:09:ab:a9:c9:6d:dd:73:70:
be:ea:29:79:7e:e8:0c:2d:eb:55:96:9d:ee:17:0a:
d2:e5:cd:4f:9c:c4:92:d5:ab:7a:62:69:fe:62:15:
ec:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:17:AF:2E:0A:AF:49:0C:EA:A8:4E:2A:AA:71:48:3D:03:95:F1:E4
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91923A9/A6387684FAA511EDB2B2957FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91923A9/A6387684FAA511EDB2B2957FC4F9AE02/XBevLgqvSQzqqE4qqnFIPQOV8eQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.91.156.0/22
123.253.44.0/22
IPv6:
2406:1ec0::/32
Signature Algorithm: sha256WithRSAEncryption
b6:0e:21:5c:cf:92:79:78:3b:83:39:45:7c:3c:db:aa:36:38:
80:67:2f:c9:1c:50:1a:6a:f5:94:fb:45:89:60:4c:de:a3:60:
5f:ce:9e:ca:e4:29:2d:00:af:8d:3a:d9:2f:bc:4a:c7:ea:9b:
53:86:a8:c7:8f:4e:9d:60:34:d9:3d:4b:24:b9:a1:51:27:cd:
bb:f0:4c:83:a4:c9:74:57:ba:77:d5:00:f2:b9:c6:d4:be:c1:
95:2a:9f:dd:48:bb:66:dc:4e:8b:d0:85:0e:94:6e:f6:a2:0d:
ac:f7:bf:b0:8b:16:a9:f3:41:4b:e3:07:75:5a:c2:38:48:53:
f7:f1:e3:6c:e8:e2:a9:2a:98:45:4c:7d:85:39:e4:e9:f4:8d:
63:47:1d:d1:78:3d:7f:c1:0f:15:59:21:a0:81:93:b3:d3:03:
57:f9:3c:ed:44:49:b8:22:5b:af:a4:41:08:17:46:0b:d6:45:
9a:53:78:f6:26:5e:71:df:6c:4a:7d:53:9c:cb:44:6c:1b:a5:
14:b7:83:1b:79:f2:4c:79:4c:09:12:c7:31:19:36:53:25:57:
e7:89:60:17:df:f0:8b:09:fd:8b:f4:33:d7:0c:1e:4c:61:ea:
33:f1:e8:f1:8e:96:38:04:4a:d8:82:8a:a0:c1:ff:56:d3:5c:
48:f3:19:6e
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgIDAe1lMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQyNTA2MjgyMVoXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTIzQTkxMTAvBgNVBAUTKDVDMTdBRjJFMEFBRjQ5MENFQUE4NEUy
QUFBNzE0ODNEMDM5NUYxRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBMtoBwptpN1RxmHDh6QnbxhXYT/j+uCJPZdyMKJT3nyOdEt3TVRkPGrBjIz0z
hAgiOAPN0Fk4ktI0XDn9A6H4Oxa5+amzMiTgzCIphDWPiLXWFzJjsozkkk+fcN0Z
KCTAKZutMCMNzPuwy1t8akn4pS9H2pPaCNAnj8n/WJooujjdqOKCCx8H4JkbNlKX
iX6DZV0WC2PC8Dhh1ktsM/h0+ke00RrdRdOLWsAMC6BllF7uNigC8JyzUtgRx5sG
Z+8ZLcb51MSsk5MhyMvoU7asJOtAzntU+xgJq6nJbd1zcL7qKXl+6Awt61WWne4X
CtLlzU+cxJLVq3piaf5iFeztAgMBAAGjggMIMIIDBDAdBgNVHQ4EFgQUXBevLgqv
SQzqqE4qqnFIPQOV8eQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTkyM0E5L0E2Mzg3Njg0RkFBNTExRURCMkIyOTU3RkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5MjNBOS9BNjM4NzY4NEZBQTUxMUVEQjJCMjk1N0ZDNEY5QUUwMi9YQmV2TGdx
dlNRenFxRTRxcW5GSVBRT1Y4ZVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8EJTAj
MBIEAgABMAwDBAJnW5wDBAJ7/SwwDQQCAAIwBwMFACQGHsAwDQYJKoZIhvcNAQEL
BQADggEBALYOIVzPknl4O4M5RXw826o2OIBnL8kcUBpq9ZT7RYlgTN6jYF/Onsrk
KS0Ar4062S+8Ssfqm1OGqMePTp1gNNk9SyS5oVEnzbvwTIOkyXRXunfVAPK5xtS+
wZUqn91Iu2bcTovQhQ6UbvaiDaz3v7CLFqnzQUvjB3VawjhIU/fx42zo4qkqmEVM
fYU55On0jWNHHdF4PX/BDxVZIaCBk7PTA1f5PO1ESbgiW6+kQQgXRgvWRZpTePYm
XnHfbEp9U5zLRGwbpRS3gxt58kx5TAkSxzEZNlMlV+eJYBff8IsJ/Yv0M9cMHkxh
6jPx6PGOljgEStiCiqDB/1bTXEjzGW4=
-----END CERTIFICATE-----
Generated at Thu May 9 15:21:16 2024 by rpki-client on console-fra.rpki-client.org