Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dBZmaL52tzdXYxblXZ5kOeZxz0c.cer
File: dBZmaL52tzdXYxblXZ5kOeZxz0c.cer (raw, json)
Hash identifier: AP5gQ6HxUXi6mZGx63nrAw4Jwya+Fw5HByiDl0E1c6g=
Subject key identifier: 74:16:66:68:BE:76:B7:37:57:63:16:E5:5D:9E:64:39:E6:71:CF:47
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0232CE
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91CD281/FB4216E8F27011EF9BF8B535C4F9AE02/dBZmaL52tzdXYxblXZ5kOeZxz0c.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91CD281/FB4216E8F27011EF9BF8B535C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 24 Feb 2025 05:34:19 +0000
Certificate not after: Wed 30 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 203.29.94.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 05:08:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144078 (0x232ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Feb 24 05:34:19 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=A91CD281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:70:db:05:11:42:f0:6d:d2:93:2a:e6:8c:5f:
d7:18:1b:b8:75:67:2b:6b:82:55:28:d2:54:ad:0a:
af:21:78:0f:fc:d6:23:bd:9d:57:29:e7:db:e7:51:
a9:15:10:04:50:aa:4e:d6:df:fc:8e:b6:b9:55:7f:
9d:69:e4:8c:86:84:cb:9b:73:43:a0:65:c8:93:5b:
95:dd:f4:49:6e:1a:2e:a9:84:02:91:9b:d3:f8:e9:
f1:48:b2:ca:4c:bd:8c:7f:ae:65:9f:a7:38:fd:79:
ef:cc:c2:7b:42:f8:06:9e:2e:27:78:1e:f2:0b:d7:
13:2c:d2:76:86:f3:44:80:9e:f8:c0:8f:a2:01:0a:
d9:b3:f7:33:e1:6d:f0:6c:98:ef:70:49:48:bd:f0:
4e:f4:3c:24:bc:e9:fb:c7:ab:2d:70:b4:9e:da:49:
f0:b4:8f:8b:05:a9:11:c6:de:cd:74:9d:2c:b2:e9:
b1:1c:af:70:20:32:34:a3:fb:2f:90:0a:d6:62:37:
43:bd:53:db:1a:b5:6f:26:a2:10:43:f5:11:c1:39:
c9:55:d2:8c:d4:90:c7:b6:33:11:0b:ed:8b:2c:25:
07:bf:1d:d6:b8:03:19:ab:71:8a:a1:9b:72:41:9d:
c7:21:4d:24:f6:d7:70:8f:1a:72:3a:9a:5c:14:fd:
8d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:16:66:68:BE:76:B7:37:57:63:16:E5:5D:9E:64:39:E6:71:CF:47
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CD281/FB4216E8F27011EF9BF8B535C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CD281/FB4216E8F27011EF9BF8B535C4F9AE02/dBZmaL52tzdXYxblXZ5kOeZxz0c.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.29.94.0/24
Signature Algorithm: sha256WithRSAEncryption
82:dc:47:65:0b:08:72:7e:d5:92:8a:f3:02:2a:47:7a:4f:74:
0a:60:23:00:a7:36:a9:b9:e6:15:3c:61:07:04:c0:92:7e:7b:
b4:1b:5a:2e:1a:a6:8f:6f:37:e3:6f:08:e6:66:b8:f8:d0:70:
86:f5:dc:3e:dd:49:68:17:aa:aa:7b:57:98:05:55:7a:95:77:
59:6d:07:80:98:1a:9d:57:24:c6:ad:91:5e:55:09:58:ec:7c:
e2:42:df:24:a3:22:19:df:53:50:59:7f:a5:cd:92:5b:21:5e:
33:89:f3:b4:60:e5:f6:ff:19:e4:59:1c:5a:6a:f6:e4:12:2e:
6f:27:72:e9:8f:13:e5:09:29:68:06:e1:d8:d8:2e:05:91:66:
49:a0:90:ba:8d:f1:1a:e4:9d:da:67:4d:48:5f:17:f2:f6:c6:
4a:95:25:e8:3a:8f:b5:9f:4f:de:47:85:60:48:1b:fa:11:79:
cc:fe:11:ea:35:70:e2:3f:3a:0b:c3:aa:5e:6c:56:00:07:0f:
87:87:e1:a8:81:b6:cf:2c:70:1f:36:fe:5b:c7:b2:04:c4:ce:
e8:7d:37:21:a0:57:fa:a3:5e:fe:10:ca:5e:30:79:28:0e:c8:
00:5c:ce:f4:a3:1e:cb:44:dc:d3:55:68:5a:21:b9:25:77:6e:
e3:5b:b0:b5
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAjLOMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDIyNDA1MzQxOVoXDTI1MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQ0QyODExMTAvBgNVBAUTKDc0MTY2NjY4QkU3NkI3Mzc1NzYzMTZF
NTVEOUU2NDM5RTY3MUNGNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCZcNsFEULwbdKTKuaMX9cYG7h1ZytrglUo0lStCq8heA/81iO9nVcp59vnUakV
EARQqk7W3/yOtrlVf51p5IyGhMubc0OgZciTW5Xd9EluGi6phAKRm9P46fFIsspM
vYx/rmWfpzj9ee/MwntC+AaeLid4HvIL1xMs0naG80SAnvjAj6IBCtmz9zPhbfBs
mO9wSUi98E70PCS86fvHqy1wtJ7aSfC0j4sFqRHG3s10nSyy6bEcr3AgMjSj+y+Q
CtZiN0O9U9satW8mohBD9RHBOclV0ozUkMe2MxEL7YssJQe/Hda4AxmrcYqhm3JB
ncchTST213CPGnI6mlwU/Y1xAgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQUdBZmaL52
tzdXYxblXZ5kOeZxz0cwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNEMjgxL0ZCNDIxNkU4RjI3MDExRUY5QkY4QjUzNUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDRDI4MS9GQjQyMTZFOEYyNzAxMUVGOUJGOEI1MzVDNEY5QUUwMi9kQlptYUw1
MnR6ZFhZeGJsWFo1a09lWnh6MGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBADLHV4wDQYJKoZIhvcNAQELBQADggEBAILcR2ULCHJ+1ZKK8wIq
R3pPdApgIwCnNqm55hU8YQcEwJJ+e7QbWi4apo9vN+NvCOZmuPjQcIb13D7dSWgX
qqp7V5gFVXqVd1ltB4CYGp1XJMatkV5VCVjsfOJC3ySjIhnfU1BZf6XNklshXjOJ
87Rg5fb/GeRZHFpq9uQSLm8ncumPE+UJKWgG4djYLgWRZkmgkLqN8RrkndpnTUhf
F/L2xkqVJeg6j7WfT95HhWBIG/oRecz+Eeo1cOI/OgvDql5sVgAHD4eH4aiBts8s
cB82/lvHsgTEzuh9NyGgV/qjXv4Qyl4weSgOyABczvSjHstE3NNVaFohuSV3buNb
sLU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:37:19 2025 by rpki-client