Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aK0NBHD2rG8Zxk7vQJTuC7WHHto.cer
File: aK0NBHD2rG8Zxk7vQJTuC7WHHto.cer (raw, json)
Hash identifier: 1LLBv5AKTIAg+IYD3p34yyeJSxlMMu8KuvoFbdoV0jw=
Subject key identifier: 68:AD:0D:04:70:F6:AC:6F:19:C6:4E:EF:40:94:EE:0B:B5:87:1E:DA
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 022FB6
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A5208/9E28557EE4EE11EFB1ED760EC4F9AE02/aK0NBHD2rG8Zxk7vQJTuC7WHHto.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A5208/9E28557EE4EE11EFB1ED760EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 07 Feb 2025 00:58:22 +0000
Certificate not after: Sun 31 Aug 2025 00:00:00 +0000
Subordinate resources: AS: 132835
IP: 103.250.60.0/23
IP: 2001:df7:a000::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 05:08:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143286 (0x22fb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Feb 7 00:58:22 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=A91A5208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:34:c6:43:df:eb:62:70:6d:f7:96:7d:19:e9:
19:1c:5d:32:82:b3:97:45:f8:d7:96:b2:eb:69:de:
b7:af:43:74:77:58:2d:55:b6:94:af:c1:6d:01:1a:
c1:95:16:5d:93:41:58:03:66:05:08:fb:c8:96:90:
24:43:fe:fc:47:56:67:7d:3a:c5:b3:f6:13:8f:09:
0e:c4:91:2d:f8:15:4d:6c:68:61:15:80:65:5e:60:
d2:54:a6:41:5d:9e:4f:b3:ce:b3:7a:7d:7b:37:df:
a1:2b:28:48:98:68:c5:84:b2:4a:4c:ed:94:d1:6d:
b7:18:c1:57:9a:3e:52:56:50:49:f8:32:d1:c9:bd:
28:93:8e:92:f1:55:37:7c:0c:76:38:09:74:83:56:
49:26:cd:c7:b9:bb:9c:46:9c:30:0a:aa:69:ff:8d:
f6:f6:a9:1b:2e:b3:59:47:f5:5d:2d:0e:56:49:a6:
6f:e6:0f:5d:a0:b4:cf:84:8a:30:ef:05:8c:1a:ba:
66:c1:c2:4c:85:c9:ba:0e:a6:77:9f:f1:07:a6:cd:
d9:a2:48:19:e4:23:41:5f:af:98:27:b1:67:46:51:
72:a8:56:33:49:c8:ef:79:78:04:a2:2a:bd:df:c4:
c2:24:ef:a1:85:97:7e:9d:76:38:a6:9c:b1:fe:83:
f9:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:AD:0D:04:70:F6:AC:6F:19:C6:4E:EF:40:94:EE:0B:B5:87:1E:DA
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A5208/9E28557EE4EE11EFB1ED760EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A5208/9E28557EE4EE11EFB1ED760EC4F9AE02/aK0NBHD2rG8Zxk7vQJTuC7WHHto.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
132835
sbgp-ipAddrBlock: critical
IPv4:
103.250.60.0/23
IPv6:
2001:df7:a000::/48
Signature Algorithm: sha256WithRSAEncryption
66:28:93:f0:f4:5d:17:18:ff:81:5f:0f:f9:a7:3a:59:2b:23:
b1:7a:66:5a:a7:9d:5e:cc:a2:00:41:5b:cc:a6:49:9b:88:66:
a4:2a:79:85:c8:b2:80:3c:2a:8a:eb:98:08:fc:de:ed:77:89:
bd:3b:8d:f2:e1:54:96:26:65:c2:fe:bc:0d:79:f8:ff:bb:f1:
37:98:4a:ef:f0:08:87:dd:65:b6:3a:c2:4f:27:1c:16:e4:a2:
4f:e7:83:c7:55:ce:cd:19:c2:b1:5e:bd:86:59:90:9b:12:c4:
8e:38:fe:eb:e9:5a:c2:19:87:56:fd:de:69:46:21:04:89:cf:
b1:4b:09:95:e7:02:b2:6b:12:89:25:77:0c:2a:d8:fe:97:67:
b6:ad:f5:88:4e:e1:42:74:dd:6a:fb:12:9d:b3:ea:df:72:06:
43:04:fd:01:aa:89:b9:72:d8:96:49:b9:bd:56:ce:bf:79:95:
43:f7:61:c9:fb:73:30:69:5d:2b:87:ac:9c:2d:46:8d:10:7c:
01:fe:29:db:0b:9e:c0:4d:56:65:f6:a9:10:d9:7b:21:dc:b5:
58:ce:da:89:66:aa:18:56:84:6b:32:d9:0e:52:e1:b6:7c:ee:
a0:3c:23:e8:c4:d3:83:9a:d5:ae:2c:05:94:59:16:0d:d0:32:
21:ef:4e:f5
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAi+2MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDIwNzAwNTgyMloXDTI1MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTUyMDgxMTAvBgNVBAUTKDY4QUQwRDA0NzBGNkFDNkYxOUM2NEVF
RjQwOTRFRTBCQjU4NzFFREEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDeNMZD3+ticG33ln0Z6RkcXTKCs5dF+NeWsutp3revQ3R3WC1VtpSvwW0BGsGV
Fl2TQVgDZgUI+8iWkCRD/vxHVmd9OsWz9hOPCQ7EkS34FU1saGEVgGVeYNJUpkFd
nk+zzrN6fXs336ErKEiYaMWEskpM7ZTRbbcYwVeaPlJWUEn4MtHJvSiTjpLxVTd8
DHY4CXSDVkkmzce5u5xGnDAKqmn/jfb2qRsus1lH9V0tDlZJpm/mD12gtM+EijDv
BYwaumbBwkyFyboOpnef8QemzdmiSBnkI0Ffr5gnsWdGUXKoVjNJyO95eASiKr3f
xMIk76GFl36ddjimnLH+g/llAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUaK0NBHD2
rG8Zxk7vQJTuC7WHHtowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE1MjA4LzlFMjg1NTdFRTRFRTExRUZCMUVENzYwRUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBNTIwOC85RTI4NTU3RUU0RUUxMUVGQjFFRDc2MEVDNEY5QUUwMi9hSzBOQkhE
MnJHOFp4azd2UUpUdUM3V0hIdG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgbjMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ/o8MA8EAgAC
MAkDBwAgAQ33oAAwDQYJKoZIhvcNAQELBQADggEBAGYok/D0XRcY/4FfD/mnOlkr
I7F6ZlqnnV7MogBBW8ymSZuIZqQqeYXIsoA8KorrmAj83u13ib07jfLhVJYmZcL+
vA15+P+78TeYSu/wCIfdZbY6wk8nHBbkok/ng8dVzs0ZwrFevYZZkJsSxI44/uvp
WsIZh1b93mlGIQSJz7FLCZXnArJrEokldwwq2P6XZ7at9YhO4UJ03Wr7Ep2z6t9y
BkME/QGqibly2JZJub1Wzr95lUP3Ycn7czBpXSuHrJwtRo0QfAH+KdsLnsBNVmX2
qRDZeyHctVjO2olmqhhWhGsy2Q5S4bZ87qA8I+jE04Oa1a4sBZRZFg3QMiHvTvU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:07:11 2025 by rpki-client