Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
File: Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer (raw, json)
Hash identifier: I49vDV9gbMTYg/DmnKbDkHKinX1siraoUM6QbAHVJwc=
Subject key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023926
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 24 Mar 2025 04:43:30 +0000
Certificate not after: Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources: AS: 7470
AS: 17468
AS: 17552
AS: 17556
AS: 18197
AS: 23717
AS: 23891
AS: 24042
AS: 24067
AS: 24128
AS: 37977
AS: 38002
AS: 38081 -- 38082
AS: 38543
AS: 38554
AS: 38599
AS: 45199 -- 45200
AS: 45805 -- 45807
AS: 55476
AS: 55498
AS: 55538
AS: 55549
AS: 55554
AS: 55646
AS: 55790
AS: 55844
AS: 55867 -- 55868
AS: 58544
AS: 58692
AS: 58806
AS: 131162
AS: 132009
AS: 132013
AS: 132063
AS: 132545
AS: 132605
AS: 133063
AS: 133167
AS: 133376
AS: 133529
AS: 133761
AS: 133791
AS: 133907
AS: 133956
AS: 134095
AS: 134438
AS: 134682
AS: 136182
AS: 136579
AS: 139295
AS: 140689
AS: 151337
AS: 151808
AS: 151825
AS: 152130
AS: 153659
AS: 153730
IP: 27.123.16.0/22
IP: 27.145.0.0/16
IP: 58.8.0.0/14
IP: 58.97.0.0/17
IP: 61.90.0.0/15
IP: 103.3.176.0/22
IP: 110.168.0.0/14
IP: 113.21.240.0/21
IP: 114.109.0.0/16
IP: 115.87.0.0/16
IP: 116.206.112.0/22
IP: 119.46.0.0/16
IP: 119.76.0.0/16
IP: 122.144.24.0/21
IP: 124.120.0.0 -- 124.122.255.255
IP: 171.96.0.0/13
IP: 182.17.0.0/16
IP: 202.71.112.0/20
IP: 202.93.48.0/20
IP: 202.133.128.0/18
IP: 202.176.64.0 -- 202.176.191.255
IP: 203.118.64.0/18
IP: 203.144.128.0/17
IP: 203.153.128.0/20
IP: 210.86.128.0 -- 210.86.223.255
IP: 210.213.0.0/18
IP: 2001:fb0::/31
IP: 2405:4000::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 05:08:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145702 (0x23926)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Mar 24 04:43:30 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=A9137ABC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f9:05:65:b8:0b:29:02:55:db:25:62:a8:4a:
3f:18:a7:cc:c7:59:7b:bc:c7:13:20:f5:43:fe:7c:
dc:70:5c:e8:ef:22:ef:46:e1:80:24:af:b7:c5:a3:
fd:b6:40:d9:40:e1:3a:02:da:d6:06:e8:2d:d4:01:
1b:eb:9a:27:c3:1e:a2:bf:b8:66:4e:c3:43:29:93:
61:ab:62:b4:6d:f5:07:fe:66:97:4c:9d:f8:1c:a0:
6a:d2:a9:f6:2c:56:75:0c:62:ea:3e:61:48:24:27:
07:ed:73:0d:89:6e:1a:41:c6:fd:02:b5:eb:4c:ec:
9f:53:9f:5d:03:9b:de:59:81:aa:07:6b:69:b4:d1:
bf:48:d4:64:ef:bc:e1:a3:fc:1b:0a:75:12:b6:d5:
55:14:c5:f9:4c:bd:59:21:43:9f:ab:c7:ec:aa:bb:
3b:60:6f:b5:8f:20:5b:4e:c0:aa:de:62:f1:4e:ec:
43:f4:f5:d1:a6:81:6b:11:5c:88:26:94:10:98:df:
63:7c:30:6b:04:52:f7:13:cd:4e:f7:7c:b7:7e:8e:
c8:c9:32:9e:09:ef:f4:54:99:5e:2d:73:74:d1:31:
35:0c:17:8b:72:a0:5a:b1:a4:02:49:cb:28:04:00:
4e:8c:cd:40:59:c2:af:c3:fb:19:92:9f:ca:20:55:
4f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
7470
17468
17552
17556
18197
23717
23891
24042
24067
24128
37977
38002
38081-38082
38543
38554
38599
45199-45200
45805-45807
55476
55498
55538
55549
55554
55646
55790
55844
55867-55868
58544
58692
58806
131162
132009
132013
132063
132545
132605
133063
133167
133376
133529
133761
133791
133907
133956
134095
134438
134682
136182
136579
139295
140689
151337
151808
151825
152130
153659
153730
sbgp-ipAddrBlock: critical
IPv4:
27.123.16.0/22
27.145.0.0/16
58.8.0.0/14
58.97.0.0/17
61.90.0.0/15
103.3.176.0/22
110.168.0.0/14
113.21.240.0/21
114.109.0.0/16
115.87.0.0/16
116.206.112.0/22
119.46.0.0/16
119.76.0.0/16
122.144.24.0/21
124.120.0.0-124.122.255.255
171.96.0.0/13
182.17.0.0/16
202.71.112.0/20
202.93.48.0/20
202.133.128.0/18
202.176.64.0-202.176.191.255
203.118.64.0/18
203.144.128.0/17
203.153.128.0/20
210.86.128.0-210.86.223.255
210.213.0.0/18
IPv6:
2001:fb0::/31
2405:4000::/32
Signature Algorithm: sha256WithRSAEncryption
98:ab:c6:4c:71:6f:13:00:9a:84:9c:a4:b5:f9:f7:9b:d5:b4:
c2:7b:11:38:97:ec:9a:3b:c3:2f:ba:30:8c:67:f8:40:99:2a:
34:a9:62:b7:be:b6:b5:00:11:aa:c5:68:08:ff:6a:93:88:64:
93:d1:4c:0f:a1:23:95:3f:17:ec:91:30:4a:67:e0:fc:76:a3:
c0:31:e5:89:3a:88:91:f4:44:62:97:48:5e:c5:fe:a0:1e:0b:
b9:5e:8b:90:ca:16:d7:3f:b7:9d:9e:0f:d1:e0:33:72:60:5a:
0d:c7:f3:32:94:de:f8:97:4b:b8:5f:65:c0:e8:5d:46:1d:5d:
d0:3c:7b:7a:7f:cf:9c:b1:92:95:c0:73:3a:3b:48:8c:30:96:
22:55:24:c4:26:0d:28:c5:7c:87:e2:93:76:9d:52:48:5e:e6:
b2:a1:e2:6a:2a:6d:58:31:0d:c6:4e:b2:3f:f4:b2:5a:f0:7c:
ba:e5:fa:8c:b1:3e:ec:c9:58:4c:9e:a3:49:ed:74:6b:31:66:
27:6f:34:38:4f:e8:df:9b:0d:1c:81:8f:bb:8f:57:f6:7f:a9:
91:ff:94:c4:f5:47:f3:30:28:13:a1:74:ff:b9:49:c5:bd:04:
46:68:12:f0:98:5a:4e:87:ca:1f:93:66:3a:e6:93:ad:80:32:
35:68:29:7e
-----BEGIN CERTIFICATE-----
MIIICzCCBvOgAwIBAgIDAjkmMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDMyNDA0NDMzMFoXDTI1MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4
MEFBRkYyMjJBNDM3QUYwMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC4+QVluAspAlXbJWKoSj8Yp8zHWXu8xxMg9UP+fNxwXOjvIu9G4YAkr7fFo/22
QNlA4ToC2tYG6C3UARvrmifDHqK/uGZOw0Mpk2GrYrRt9Qf+ZpdMnfgcoGrSqfYs
VnUMYuo+YUgkJwftcw2JbhpBxv0CtetM7J9Tn10Dm95ZgaoHa2m00b9I1GTvvOGj
/BsKdRK21VUUxflMvVkhQ5+rx+yquztgb7WPIFtOwKreYvFO7EP09dGmgWsRXIgm
lBCY32N8MGsEUvcTzU73fLd+jsjJMp4J7/RUmV4tc3TRMTUMF4tyoFqxpAJJyygE
AE6MzUBZwq/D+xmSn8ogVU8RAgMBAAGjggUAMIIE/DAdBgNVHQ4EFgQUYb8+1MO/
vAkW75SAqv8iKkN68CwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM3QUJDLzcxM0Q5RkIwMUQ3ODExRTI4Mjg2OERDNDA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzN0FCQy83MTNEOUZCMDFENzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1P
X3ZBa1c3NVNBcXY4aUtrTjY4Q3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFMBggrBgEFBQcBCAEB/wSC
ATswggE3oIIBMzCCAS8CAh0uAgJEPAICRJACAkSUAgJHFQICXKUCAl1TAgJd6gIC
XgMCAl5AAgMAlFkCAwCUcjAKAgMAlMECAwCUwgIDAJaPAgMAlpoCAwCWxzAKAgMA
sI8CAwCwkDAKAgMAsu0CAwCy7wIDANi0AgMA2MoCAwDY8gIDANj9AgMA2QICAwDZ
XgIDANnuAgMA2iQwCgIDANo7AgMA2jwCAwDksAIDAOVEAgMA5bYCAwIAWgIDAgOp
AgMCA60CAwID3wIDAgXBAgMCBf0CAwIHxwIDAggvAgMCCQACAwIJmQIDAgqBAgMC
Cp8CAwILEwIDAgtEAgMCC88CAwINJgIDAg4aAgMCE/YCAwIVgwIDAiAfAgMCJZEC
AwJPKQIDAlEAAgMCURECAwJSQgIDAlg7AgMCWIIwgdsGCCsGAQUFBwEHAQH/BIHL
MIHIMIGvBAIAATCBqAMEAht7EAMDABuRAwMCOggDBAc6YQADAwE9WgMEAmcDsAMD
Am6oAwQDcRXwAwMAcm0DAwBzVwMEAnTOcAMDAHcuAwMAd0wDBAN6kBgwCgMDA3x4
AwMAfHoDAwOrYAMDALYRAwQEykdwAwQEyl0wAwQGyoWAMAwDBAbKsEADBAbKsIAD
BAbLdkADBAfLkIADBATLmYAwDAMEB9JWgAMEBdJWwAMEBtLVADAUBAIAAjAOAwUB
IAEPsAMFACQFQAAwDQYJKoZIhvcNAQELBQADggEBAJirxkxxbxMAmoScpLX595vV
tMJ7ETiX7Jo7wy+6MIxn+ECZKjSpYre+trUAEarFaAj/apOIZJPRTA+hI5U/F+yR
MEpn4Px2o8Ax5Yk6iJH0RGKXSF7F/qAeC7lei5DKFtc/t52eD9HgM3JgWg3H8zKU
3viXS7hfZcDoXUYdXdA8e3p/z5yxkpXAczo7SIwwliJVJMQmDSjFfIfik3adUkhe
5rKh4moqbVgxDcZOsj/0slrwfLrl+oyxPuzJWEyeo0ntdGsxZidvNDhP6N+bDRyB
j7uPV/Z/qZH/lMT1R/MwKBOhdP+5ScW9BEZoEvCYWk6Hyh+TZjrmk62AMjVoKX4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:22:47 2025 by rpki-client