Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer
File: XXB7DTVpYiQytL3L_TIPmott3Hs.cer (raw, json)
Hash identifier: x9UpSjh15AXsk6WQPBCgK/I0SLejR/2HFOP3JDK2geY=
Subject key identifier: 5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 022336
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.mft
caRepository: rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/
Notify URL: https://rrdp.sub.apnic.net/notification.xml
Certificate not before: Wed 18 Dec 2024 06:06:38 +0000
Certificate not after: Mon 01 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 4829
IP: 43.252.20.0/22
IP: 2402:9180::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Apr 2025 23:51:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140086 (0x22336)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Dec 18 06:06:38 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=A91DD5100000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:15:e3:51:cb:90:ba:66:2b:bb:44:0a:95:8a:
3d:31:47:e7:f3:f3:c8:a3:98:25:99:78:21:70:85:
69:ec:c6:2f:7b:3c:0d:3d:fa:4f:72:71:e5:b0:bc:
66:a2:8a:b6:05:31:ae:22:57:e8:0d:be:d6:7c:75:
d6:ff:36:2f:26:6f:66:58:b0:64:2b:79:8b:d7:65:
54:b0:ed:9c:a9:e5:25:56:65:7a:24:d9:e0:a7:27:
c9:46:54:fd:86:48:53:39:70:77:8c:d9:9d:0c:ab:
e1:d4:31:54:c0:1d:08:45:25:6f:90:f2:b1:ac:ef:
b3:91:52:cf:39:3d:42:92:b4:e6:1b:5f:ab:5d:2e:
99:35:4e:a9:0b:c1:20:48:24:2a:0c:af:2d:31:ee:
0b:35:10:2a:d5:a5:28:8f:62:89:bf:b1:5f:9e:5a:
a1:a4:71:14:c3:2e:83:9e:d9:e0:aa:1c:cd:5a:1a:
45:c1:7b:8c:c3:21:91:e1:3b:8b:e4:bc:f3:33:1b:
78:24:0e:54:3a:c7:8f:fe:f7:68:4d:24:60:c9:97:
c7:87:2d:aa:5b:d0:f3:58:03:f5:eb:5b:3f:fc:02:
ba:e2:07:97:8b:fd:19:c7:09:c7:4c:7e:b2:5f:18:
69:03:4f:85:d2:92:d5:40:6c:90:32:b6:2b:9e:f9:
38:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/
RPKI Manifest - URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.mft
RPKI Notify - URI:https://rrdp.sub.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
4829
sbgp-ipAddrBlock: critical
IPv4:
43.252.20.0/22
IPv6:
2402:9180::/32
Signature Algorithm: sha256WithRSAEncryption
3e:54:6f:4b:54:a6:f9:12:9b:fb:f8:ae:36:23:c4:5d:cc:b4:
32:d0:46:b2:a3:ee:26:cf:67:26:c7:a7:4d:85:4f:b5:18:6a:
e0:ce:5f:47:0b:81:ca:16:ba:c9:2e:cf:06:ff:3d:c9:13:e3:
97:4e:ef:9b:9b:38:d7:f0:1f:6b:c7:f7:28:b3:78:66:21:3a:
9e:56:d3:68:a3:d9:fe:93:a4:c4:f4:2c:18:ff:6d:6d:5b:4c:
1e:b0:79:ee:97:5e:53:9c:cc:70:b6:86:91:78:70:8b:58:c5:
ba:5b:05:e4:75:96:71:cc:d7:69:95:e8:d4:92:79:a9:92:e0:
48:68:d8:d2:f4:6b:c7:4f:f5:e3:a0:95:a4:6a:79:bd:f7:17:
f0:25:81:92:90:54:bb:ab:8a:db:9d:5a:09:8c:af:aa:cc:52:
4d:e2:7e:86:90:cf:99:87:ef:69:7c:10:cd:09:ec:00:cb:6d:
53:58:ed:c2:e9:e2:9f:9a:2a:e0:32:91:6f:97:e2:11:3f:46:
a1:bf:fa:95:d8:0f:5c:bf:5f:bf:49:1b:5f:16:02:e2:fc:a7:
55:e6:06:42:cb:d1:6d:a1:80:23:05:a2:0e:9f:1a:4c:a1:85:
56:8f:67:19:ec:6b:39:83:bf:00:8e:61:a9:06:ba:80:8d:ab:
92:6b:77:1a
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAiM2MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTIxODA2MDYzOFoXDTI1MTIwMTAwMDAwMFowSjEVMBMG
A1UEAxMMQTkxREQ1MTAwMDAwMTEwLwYDVQQFEyg1RDcwN0IwRDM1Njk2MjI0MzJC
NEJEQ0JGRDMyMEY5QThCNkREQzdCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8xXjUcuQumYru0QKlYo9MUfn8/PIo5glmXghcIVp7MYvezwNPfpPcnHl
sLxmooq2BTGuIlfoDb7WfHXW/zYvJm9mWLBkK3mL12VUsO2cqeUlVmV6JNngpyfJ
RlT9hkhTOXB3jNmdDKvh1DFUwB0IRSVvkPKxrO+zkVLPOT1CkrTmG1+rXS6ZNU6p
C8EgSCQqDK8tMe4LNRAq1aUoj2KJv7FfnlqhpHEUwy6DntngqhzNWhpFwXuMwyGR
4TuL5LzzMxt4JA5UOseP/vdoTSRgyZfHhy2qW9DzWAP161s//AK64geXi/0ZxwnH
TH6yXxhpA0+F0pLVQGyQMrYrnvk4/QIDAQABo4IC7zCCAuswHQYDVR0OBBYEFF1w
ew01aWIkMrS9y/0yD5qLbdx7MB8GA1UdIwQYMBaAFA5lpPX9NrW9aOs8kjQIl4yQ
eqefMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1
ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9EbVdrOWYwMnRiMW82enlTTkFpWGpK
QjZwNTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3RTExRTdBOTZBMzk1
MjFBNEY0RkI0L0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1OC5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMIH7BggrBgEFBQcBCwSB7jCB6zBBBggrBgEF
BQcwBYY1cnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTFE
RDUxMDAwMDAvMC8wbQYIKwYBBQUHMAqGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMu
bmV0L3JlcG9zaXRvcnkvQTkxREQ1MTAwMDAwLzAvNUQ3MDdCMEQzNTY5NjIyNDMy
QjRCRENCRkQzMjBGOUE4QjZEREM3Qi5tZnQwNwYIKwYBBQUHMA2GK2h0dHBzOi8v
cnJkcC5zdWIuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgB
Af8ECjAIoAYwBAICEt0wLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAIr/BQw
DQQCAAIwBwMFACQCkYAwDQYJKoZIhvcNAQELBQADggEBAD5Ub0tUpvkSm/v4rjYj
xF3MtDLQRrKj7ibPZybHp02FT7UYauDOX0cLgcoWuskuzwb/PckT45dO75ubONfw
H2vH9yizeGYhOp5W02ij2f6TpMT0LBj/bW1bTB6wee6XXlOczHC2hpF4cItYxbpb
BeR1lnHM12mV6NSSeamS4Eho2NL0a8dP9eOglaRqeb33F/AlgZKQVLuritudWgmM
r6rMUk3ifoaQz5mH72l8EM0J7ADLbVNY7cLp4p+aKuAykW+X4hE/RqG/+pXYD1y/
X79JG18WAuL8p1XmBkLL0W2hgCMFog6fGkyhhVaPZxnsazmDvwCOYakGuoCNq5Jr
dxo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:08:01 2025 by rpki-client