Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XlEJvjS4HAy74OQ1mneBpGJLn80.cer
File: XlEJvjS4HAy74OQ1mneBpGJLn80.cer (raw, json)
Hash identifier: rfIOhStq660uYCd+8IWkyNAQ8yOMQxaBE8g6TAHSp/0=
Subject key identifier: 5E:51:09:BE:34:B8:1C:0C:BB:E0:E4:35:9A:77:81:A4:62:4B:9F:CD
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0224F4
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E5D61/0C6A0C9E1D7911E2879E38C508B02CD2/XlEJvjS4HAy74OQ1mneBpGJLn80.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E5D61/0C6A0C9E1D7911E2879E38C508B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 27 Dec 2024 01:46:17 +0000
Certificate not after: Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources: AS: 3717
AS: 4538
AS: 4789
AS: 4839 -- 4840
AS: 4843
AS: 9401 -- 9407
AS: 9425
AS: 17735
AS: 18011
AS: 23910 -- 23912
AS: 24301 -- 24302
AS: 24310
AS: 24348 -- 24372
AS: 24489 -- 24490
AS: 24575
AS: 38027
AS: 38255
AS: 38272
AS: 38585
AS: 38587
AS: 45567
AS: 45576
AS: 45587
AS: 55826
AS: 59201
AS: 132551 -- 132553
AS: 132886
AS: 134169
AS: 135570
AS: 138182
AS: 138369 -- 138371
AS: 138373 -- 138378
AS: 138381
AS: 138393
AS: 138438
AS: 138440 -- 138442
AS: 139738
AS: 139774
AS: 141005
AS: 141168
AS: 142067 -- 142106
AS: 142650 -- 146745
AS: 151423 -- 151462
IP: 1.51.0.0/16
IP: 1.184.0.0/15
IP: 42.244.0.0/14
IP: 49.52.0.0/14
IP: 49.120.0.0/14
IP: 49.140.0.0/15
IP: 49.208.0.0/15
IP: 58.154.0.0/15
IP: 58.192.0.0/12
IP: 59.64.0.0/12
IP: 101.4.0.0/14
IP: 101.76.0.0/15
IP: 103.137.60.0/24
IP: 103.165.110.0/23
IP: 110.64.0.0/15
IP: 111.114.0.0 -- 111.117.255.255
IP: 111.186.0.0/15
IP: 113.54.0.0/15
IP: 114.212.0.0 -- 114.214.255.255
IP: 115.24.0.0/14
IP: 115.154.0.0 -- 115.158.255.255
IP: 116.13.0.0/16
IP: 116.56.0.0/15
IP: 118.202.0.0/15
IP: 118.228.0.0 -- 118.230.255.255
IP: 120.94.0.0/15
IP: 121.48.0.0/15
IP: 121.52.160.0/19
IP: 121.192.0.0/14
IP: 121.248.0.0/14
IP: 122.204.0.0/14
IP: 125.216.0.0/13
IP: 175.185.0.0 -- 175.187.255.255
IP: 180.84.0.0/15
IP: 180.201.0.0/16
IP: 180.208.0.0/15
IP: 183.168.0.0 -- 183.170.255.255
IP: 183.172.0.0/14
IP: 202.4.128.0/19
IP: 202.38.2.0/23
IP: 202.38.64.0/18
IP: 202.38.135.0/24
IP: 202.38.140.0/23
IP: 202.38.146.0/23
IP: 202.38.184.0 -- 202.38.255.255
IP: 202.112.0.0 -- 202.121.255.255
IP: 202.127.216.0 -- 202.127.255.255
IP: 202.179.240.0/20
IP: 202.192.0.0/12
IP: 203.91.120.0/21
IP: 210.25.0.0 -- 210.47.255.255
IP: 211.64.0.0/13
IP: 211.80.0.0/13
IP: 218.192.0.0/13
IP: 219.216.0.0 -- 219.231.255.255
IP: 219.242.0.0 -- 219.247.255.255
IP: 222.16.0.0/12
IP: 222.192.0.0/12
IP: 223.2.0.0/15
IP: 223.128.0.0/15
IP: 2001:250:: -- 2001:256:ffff:ffff:ffff:ffff:ffff:ffff
IP: 2001:da8:: -- 2001:daa:ffff:ffff:ffff:ffff:ffff:ffff
IP: 2001:dd9::/48
IP: 2400:6000::/32
IP: 2401:34a0::/31
IP: 2401:9b20::/31
IP: 2401:cc00::/32
IP: 2401:ec00::/32
IP: 2402:2000::/32
IP: 2402:4b80::/32
IP: 2402:e480::/32
IP: 2402:f000::/32
IP: 2403:3140::/32
IP: 2403:8c00::/32
IP: 2403:ac00::/32
IP: 2403:d400::/32
IP: 2406:280::/32
IP: 240a:a000::/20
IP: 240b:e000::/26
IP: 240c:c000::/20
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Apr 2025 23:51:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140532 (0x224f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Dec 27 01:46:17 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=A91E5D61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:63:06:ad:0e:cc:75:06:b2:a1:6e:44:76:6b:
9a:57:2b:61:ea:55:4c:cf:3b:eb:b5:2a:c7:3a:08:
da:f2:4d:70:c6:9d:73:6e:ed:03:69:99:07:f2:4a:
8d:44:0a:35:c0:30:60:54:4b:4e:1a:fa:eb:99:a1:
46:0a:dc:8d:ba:ed:9a:cb:91:e2:05:e0:af:a8:9e:
d0:b7:63:0c:d6:18:cd:26:47:c6:fa:4e:1e:f7:fe:
8f:dd:30:fa:aa:32:00:ae:50:0e:3f:38:fe:c9:cb:
5d:b9:93:27:fb:fa:ec:35:79:28:86:82:1b:50:30:
a4:bb:e2:23:13:fb:d7:8a:69:aa:f0:1a:0d:d4:73:
ca:fe:0e:aa:f8:62:c3:75:34:d8:b7:39:5c:4b:8a:
c2:72:4a:c4:f1:a2:60:38:7d:66:e6:cd:ac:12:2a:
f5:9b:07:ff:41:c4:ba:c6:a8:56:34:4e:49:59:f5:
c4:2f:eb:c4:b6:4c:6c:3b:0d:74:df:9f:6f:18:0f:
f6:a2:34:12:d1:27:5e:ec:0a:b8:9a:a5:b7:69:d9:
b8:dc:73:16:65:d1:9a:ca:4d:89:36:5b:aa:74:26:
89:29:42:a2:a9:b5:00:17:b0:7d:c1:05:50:66:fc:
74:8a:73:ac:f9:86:9d:86:9b:ce:71:48:7c:ed:7f:
94:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:51:09:BE:34:B8:1C:0C:BB:E0:E4:35:9A:77:81:A4:62:4B:9F:CD
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E5D61/0C6A0C9E1D7911E2879E38C508B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E5D61/0C6A0C9E1D7911E2879E38C508B02CD2/XlEJvjS4HAy74OQ1mneBpGJLn80.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
3717
4538
4789
4839-4840
4843
9401-9407
9425
17735
18011
23910-23912
24301-24302
24310
24348-24372
24489-24490
24575
38027
38255
38272
38585
38587
45567
45576
45587
55826
59201
132551-132553
132886
134169
135570
138182
138369-138371
138373-138378
138381
138393
138438
138440-138442
139738
139774
141005
141168
142067-142106
142650-146745
151423-151462
sbgp-ipAddrBlock: critical
IPv4:
1.51.0.0/16
1.184.0.0/15
42.244.0.0/14
49.52.0.0/14
49.120.0.0/14
49.140.0.0/15
49.208.0.0/15
58.154.0.0/15
58.192.0.0/12
59.64.0.0/12
101.4.0.0/14
101.76.0.0/15
103.137.60.0/24
103.165.110.0/23
110.64.0.0/15
111.114.0.0-111.117.255.255
111.186.0.0/15
113.54.0.0/15
114.212.0.0-114.214.255.255
115.24.0.0/14
115.154.0.0-115.158.255.255
116.13.0.0/16
116.56.0.0/15
118.202.0.0/15
118.228.0.0-118.230.255.255
120.94.0.0/15
121.48.0.0/15
121.52.160.0/19
121.192.0.0/14
121.248.0.0/14
122.204.0.0/14
125.216.0.0/13
175.185.0.0-175.187.255.255
180.84.0.0/15
180.201.0.0/16
180.208.0.0/15
183.168.0.0-183.170.255.255
183.172.0.0/14
202.4.128.0/19
202.38.2.0/23
202.38.64.0/18
202.38.135.0/24
202.38.140.0/23
202.38.146.0/23
202.38.184.0-202.38.255.255
202.112.0.0-202.121.255.255
202.127.216.0-202.127.255.255
202.179.240.0/20
202.192.0.0/12
203.91.120.0/21
210.25.0.0-210.47.255.255
211.64.0.0/13
211.80.0.0/13
218.192.0.0/13
219.216.0.0-219.231.255.255
219.242.0.0-219.247.255.255
222.16.0.0/12
222.192.0.0/12
223.2.0.0/15
223.128.0.0/15
IPv6:
2001:250::-2001:256:ffff:ffff:ffff:ffff:ffff:ffff
2001:da8::-2001:daa:ffff:ffff:ffff:ffff:ffff:ffff
2001:dd9::/48
2400:6000::/32
2401:34a0::/31
2401:9b20::/31
2401:cc00::/32
2401:ec00::/32
2402:2000::/32
2402:4b80::/32
2402:e480::/32
2402:f000::/32
2403:3140::/32
2403:8c00::/32
2403:ac00::/32
2403:d400::/32
2406:280::/32
240a:a000::/20
240b:e000::/26
240c:c000::/20
Signature Algorithm: sha256WithRSAEncryption
09:08:a9:4a:ab:2a:2f:0c:b6:70:c9:c3:f0:de:c4:cc:79:ac:
8f:07:e6:33:39:71:06:a5:be:89:4f:24:f5:af:95:e6:b2:9c:
26:e1:1c:a4:9a:a2:b8:f0:dd:84:6b:4f:a7:fd:cf:1c:f1:79:
e1:a3:9d:8b:5e:94:92:f2:c8:69:b1:e9:d9:17:d9:d9:88:39:
82:c2:5a:24:50:1d:1c:2d:a0:79:01:ad:d2:be:16:fe:07:9c:
32:67:29:44:b2:a8:aa:ea:b8:e4:ba:01:3b:93:5f:2f:d7:9c:
1d:a6:ad:fa:d4:7d:be:d9:18:38:e7:2d:d5:98:4f:06:1b:e1:
bc:3d:26:c0:92:84:64:f1:5a:97:89:d1:5b:01:7f:ac:0a:c7:
39:30:80:26:ec:ed:f0:04:a2:57:64:8b:25:70:aa:97:d8:a1:
b0:c0:56:d9:5a:89:ec:38:e3:04:81:5c:54:60:51:bd:51:51:
fb:c0:c7:2d:40:af:e3:b4:67:5a:da:f1:4f:e6:63:82:39:78:
a2:fb:81:ed:85:df:9d:47:b4:16:e8:85:90:d3:04:54:2f:35:
89:55:a1:53:31:0e:06:03:9c:ca:5b:c3:c6:09:39:cb:01:2b:
b6:dd:32:5d:11:fa:e3:6e:07:a4:bb:40:3a:d1:1d:6b:98:fe:
54:49:0b:7a
-----BEGIN CERTIFICATE-----
MIIJdTCCCF2gAwIBAgIDAiT0MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTIyNzAxNDYxN1oXDTI1MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTVENjExMTAvBgNVBAUTKDVFNTEwOUJFMzRCODFDMENCQkUwRTQz
NTlBNzc4MUE0NjI0QjlGQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8YwatDsx1BrKhbkR2a5pXK2HqVUzPO+u1Ksc6CNryTXDGnXNu7QNpmQfySo1E
CjXAMGBUS04a+uuZoUYK3I267ZrLkeIF4K+ontC3YwzWGM0mR8b6Th73/o/dMPqq
MgCuUA4/OP7Jy125kyf7+uw1eSiGghtQMKS74iMT+9eKaarwGg3Uc8r+Dqr4YsN1
NNi3OVxLisJySsTxomA4fWbmzawSKvWbB/9BxLrGqFY0TklZ9cQv68S2TGw7DXTf
n28YD/aiNBLRJ17sCriapbdp2bjccxZl0ZrKTYk2W6p0JokpQqKptQAXsH3BBVBm
/HSKc6z5hp2Gm85xSHztf5Q1AgMBAAGjggZqMIIGZjAdBgNVHQ4EFgQUXlEJvjS4
HAy74OQ1mneBpGJLn80wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU1RDYxLzBDNkEwQzlFMUQ3OTExRTI4NzlFMzhDNTA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFNUQ2MS8wQzZBMEM5RTFENzkxMUUyODc5RTM4QzUwOEIwMkNEMi9YbEVKdmpT
NEhBeTc0T1ExbW5lQnBHSkxuODAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggE6BggrBgEFBQcBCAEB/wSC
ASkwggEloIIBITCCAR0CAg6FAgIRugICErUwCAICEucCAhLoAgIS6zAIAgIkuQIC
JL8CAiTRAgJFRwICRlswCAICXWYCAl1oMAgCAl7tAgJe7gICXvYwCAICXxwCAl80
MAgCAl+pAgJfqgICX/8CAwCUiwIDAJVvAgMAlYACAwCWuQIDAJa7AgMAsf8CAwCy
CAIDALITAgMA2hICAwDnQTAKAgMCBccCAwIFyQIDAgcWAgMCDBkCAwIRkgIDAhvG
MAoCAwIcgQIDAhyDMAoCAwIchQIDAhyKAgMCHI0CAwIcmQIDAhzGMAoCAwIcyAID
AhzKAgMCIdoCAwIh/gIDAibNAgMCJ3AwCgIDAirzAgMCKxowCgIDAi06AgMCPTkw
CgIDAk9/AgMCT6YwggJWBggrBgEFBQcBBwEB/wSCAkUwggJBMIIBlQQCAAEwggGN
AwMAATMDAwEBuAMDAir0AwMCMTQDAwIxeAMDATGMAwMBMdADAwE6mgMDBDrAAwME
O0ADAwJlBAMDAWVMAwQAZ4k8AwQBZ6VuAwMBbkAwCgMDAW9yAwMBb3QDAwFvugMD
AXE2MAoDAwJy1AMDAHLWAwMCcxgwCgMDAXOaAwMAc54DAwB0DQMDAXQ4AwMBdsow
CgMDAnbkAwMAduYDAwF4XgMDAXkwAwQFeTSgAwMCecADAwJ5+AMDAnrMAwMDfdgw
CgMDAK+5AwMCr7gDAwG0VAMDALTJAwMBtNAwCgMDA7eoAwMAt6oDAwK3rAMEBcoE
gAMEAcomAgMEBsomQAMEAMomhwMEAcomjAMEAcomkjALAwQDyia4AwMAyiYwCgMD
BMpwAwMByngwCwMEA8p/2AMDB8oAAwQEyrPwAwMEysADBAPLW3gwCgMDANIZAwME
0iADAwPTQAMDA9NQAwMD2sAwCgMDA9vYAwMD2+AwCgMDAdvyAwMD2/ADAwTeEAMD
BN7AAwMB3wIDAwHfgDCBpQQCAAIwgZ4wDgMFBCABAlADBQAgAQJWMA4DBQMgAQ2o
AwUAIAENqgMHACABDdkAAAMFACQAYAADBQEkATSgAwUBJAGbIAMFACQBzAADBQAk
AewAAwUAJAIgAAMFACQCS4ADBQAkAuSAAwUAJALwAAMFACQDMUADBQAkA4wAAwUA
JAOsAAMFACQD1AADBQAkBgKAAwQEJAqgAwUGJAvgAAMEBCQMwDANBgkqhkiG9w0B
AQsFAAOCAQEACQipSqsqLwy2cMnD8N7EzHmsjwfmMzlxBqW+iU8k9a+V5rKcJuEc
pJqiuPDdhGtPp/3PHPF54aOdi16UkvLIabHp2RfZ2Yg5gsJaJFAdHC2geQGt0r4W
/gecMmcpRLKoquq45LoBO5NfL9ecHaat+tR9vtkYOOct1ZhPBhvhvD0mwJKEZPFa
l4nRWwF/rArHOTCAJuzt8ASiV2SLJXCql9ihsMBW2VqJ7DjjBIFcVGBRvVFR+8DH
LUCv47RnWtrxT+Zjgjl4ovuB7YXfnUe0FuiFkNMEVC81iVWhUzEOBgOcylvDxgk5
ywErtt0yXRH6424HpLtAOtEda5j+VEkLeg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:16:43 2025 by rpki-client