Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer
File: d9okgAToxYcr33K6wSIsfMtujjc.cer (raw, json)
Hash identifier: SnIOgYftbsARoMFkRmcpxl/VvwaicXYHGt/kfcYLWyE=
Subject key identifier: 77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0238A8
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 20 Mar 2025 14:38:48 +0000
Certificate not after: Fri 01 May 2026 00:00:00 +0000
Subordinate resources: AS: 136253
IP: 43.245.220.0/22
IP: 103.23.44.0/24
IP: 103.209.100.0/22
IP: 2001:df0:be00::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Apr 2025 23:51:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145576 (0x238a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Mar 20 14:38:48 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=A9156342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a2:85:af:ed:6b:d9:a5:41:67:aa:f1:64:d1:
92:a2:fe:43:9d:31:8c:e6:5f:da:2b:27:65:01:18:
18:87:56:84:61:4d:a9:15:34:f2:1e:14:32:0e:12:
05:c6:fd:d7:5d:e6:94:f5:60:65:08:95:ad:99:72:
f2:73:9c:2f:3c:cd:d1:f7:5c:1a:cb:37:e7:9c:23:
ff:c8:4a:a6:48:8c:9a:05:9a:9e:ce:3f:3a:65:58:
c1:9b:48:dd:f9:8f:d9:01:b0:e2:0c:2c:7e:e9:9e:
97:e7:41:dc:22:9d:3c:12:ef:0a:f0:de:29:52:7c:
d5:be:03:ff:d3:52:b0:a2:12:cb:8a:8d:d2:f1:0b:
78:9c:74:e2:5f:be:7f:17:e1:6b:83:59:50:0c:5c:
0b:bd:e0:ed:c2:e7:83:29:62:b2:d6:3b:a4:94:6c:
bd:0b:1e:a5:6a:55:34:fd:50:b8:34:18:28:26:a4:
db:fe:b5:9f:8e:c7:db:07:ad:1e:57:c1:19:b0:6d:
7d:eb:30:85:65:b6:be:86:25:c3:c0:c1:12:ea:a9:
01:e0:25:09:d0:8a:6d:69:bc:10:fe:8c:e9:f4:47:
57:08:33:53:15:9e:98:0e:74:f7:25:89:64:8f:ee:
20:a0:7e:ca:f1:7d:50:63:f0:40:11:ed:c7:22:68:
41:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
136253
sbgp-ipAddrBlock: critical
IPv4:
43.245.220.0/22
103.23.44.0/24
103.209.100.0/22
IPv6:
2001:df0:be00::/48
Signature Algorithm: sha256WithRSAEncryption
8f:54:e0:b1:e8:80:d1:5f:46:22:f6:21:f7:4e:00:f7:c4:e8:
09:07:67:28:07:e9:1d:a0:be:90:4d:d5:96:6e:19:0a:35:c7:
cc:b7:8f:cf:f6:df:16:3f:1a:2c:50:cb:96:7c:9e:d3:de:4e:
29:97:95:de:21:32:d0:b4:ab:fc:97:b1:4f:eb:b1:e7:2b:6a:
2d:dd:9c:36:ea:5c:0b:91:fa:72:82:3c:83:8b:f2:f2:03:01:
74:88:98:7a:43:2a:7a:74:44:9d:f8:23:4d:08:85:f8:bb:d5:
07:f4:f2:84:43:d9:5a:8f:9a:51:67:13:0a:c6:09:8b:69:a8:
6f:fe:3d:5b:7c:24:e0:00:90:5c:8d:99:b9:97:79:fb:18:c5:
d3:86:01:ff:b7:02:50:06:ae:7f:b3:60:82:a0:ab:04:93:75:
72:45:d8:2e:79:85:67:c6:4c:35:d9:13:ce:61:ac:b6:37:b2:
61:fb:7c:e9:af:22:27:a8:cb:21:ff:95:ae:97:04:8f:0a:90:
32:2b:3d:36:74:8b:6e:36:7a:ee:34:c1:e3:0b:df:c7:4f:2d:
45:46:73:ca:d9:8e:9c:98:f2:c2:08:04:a1:3c:a5:65:9b:da:
bc:0c:7e:c5:10:45:b2:96:b2:ae:1a:66:17:55:a8:b3:37:df:
08:29:5d:8e
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgIDAjioMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDMyMDE0Mzg0OFoXDTI2MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTYzNDIxMTAvBgNVBAUTKDc3REEyNDgwMDRFOEM1ODcyQkRGNzJC
QUMxMjIyQzdDQ0I2RThFMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCnooWv7WvZpUFnqvFk0ZKi/kOdMYzmX9orJ2UBGBiHVoRhTakVNPIeFDIOEgXG
/ddd5pT1YGUIla2ZcvJznC88zdH3XBrLN+ecI//ISqZIjJoFmp7OPzplWMGbSN35
j9kBsOIMLH7pnpfnQdwinTwS7wrw3ilSfNW+A//TUrCiEsuKjdLxC3icdOJfvn8X
4WuDWVAMXAu94O3C54MpYrLWO6SUbL0LHqVqVTT9ULg0GCgmpNv+tZ+Ox9sHrR5X
wRmwbX3rMIVltr6GJcPAwRLqqQHgJQnQim1pvBD+jOn0R1cIM1MVnpgOdPcliWSP
7iCgfsrxfVBj8EAR7cciaEFPAgMBAAGjggMsMIIDKDAdBgNVHQ4EFgQUd9okgATo
xYcr33K6wSIsfMtujjcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTU2MzQyL0JERjg5MDgwOTlFNDExRUE4OUE0QzI0MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1NjM0Mi9CREY4OTA4MDk5RTQxMUVBODlBNEMyNDBDNEY5QUUwMi9kOW9rZ0FU
b3hZY3IzM0s2d1NJc2ZNdHVqamMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhQ9MDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCK/XcAwQAZxcs
AwQCZ9FkMA8EAgACMAkDBwAgAQ3wvgAwDQYJKoZIhvcNAQELBQADggEBAI9U4LHo
gNFfRiL2IfdOAPfE6AkHZygH6R2gvpBN1ZZuGQo1x8y3j8/23xY/GixQy5Z8ntPe
TimXld4hMtC0q/yXsU/rsecrai3dnDbqXAuR+nKCPIOL8vIDAXSImHpDKnp0RJ34
I00Ihfi71Qf08oRD2VqPmlFnEwrGCYtpqG/+PVt8JOAAkFyNmbmXefsYxdOGAf+3
AlAGrn+zYIKgqwSTdXJF2C55hWfGTDXZE85hrLY3smH7fOmvIieoyyH/la6XBI8K
kDIrPTZ0i242eu40weML38dPLUVGc8rZjpyY8sIIBKE8pWWb2rwMfsUQRbKWsq4a
ZhdVqLM33wgpXY4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:04:41 2025 by rpki-client