Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fHKLlwQp1HAJeXihbnZ7IdxuOx8.cer
File: fHKLlwQp1HAJeXihbnZ7IdxuOx8.cer (raw, json)
Hash identifier: 6n0prU7qu+k0rvtB+4x8OZqzI5HSmg/lshj/c7+vu0U=
Subject key identifier: 7C:72:8B:97:04:29:D4:70:09:79:78:A1:6E:76:7B:21:DC:6E:3B:1F
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02277E
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A914B610/4393EAE01DA711E2842FDCA008B02CD2/fHKLlwQp1HAJeXihbnZ7IdxuOx8.mft
caRepository: rsync://rpki.apnic.net/member_repository/A914B610/4393EAE01DA711E2842FDCA008B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 06 Jan 2025 14:30:13 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: AS: 56033
IP: 121.100.56.0/21
IP: 2406:500::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 05:08:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141182 (0x2277e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 6 14:30:13 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=A914B610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:5a:e6:e7:01:e8:dc:8c:4f:fd:2f:ef:e3:ca:
45:4a:8f:ed:7d:5d:49:ca:8a:de:50:e1:f4:2a:a4:
4a:16:85:87:5f:16:d2:dc:06:54:bc:88:69:05:97:
d5:b3:c0:e1:3c:02:51:42:f8:3d:7d:69:34:06:4d:
0b:d1:a0:41:a8:c3:c1:57:a2:ca:31:e3:c2:6a:98:
f6:ea:f8:87:70:0f:c1:06:5c:8d:45:9e:f0:85:a9:
70:0e:67:48:e8:98:f9:09:61:75:01:04:7d:03:d7:
44:e3:99:4f:f8:80:bb:2c:70:24:c5:95:1d:dd:ab:
b7:7c:70:c9:fb:81:8a:04:95:9a:26:f0:a8:f8:40:
2e:1a:ca:39:bc:f8:db:85:70:9a:99:d1:b0:9e:8a:
bd:71:69:6a:22:83:56:ac:35:ae:61:dc:54:3c:25:
b5:01:10:52:4d:9e:24:be:ba:c2:cb:04:39:94:ce:
f3:00:42:3e:27:27:83:b4:a6:44:6a:35:cb:ef:9a:
78:c0:57:a0:c2:80:8e:c8:0c:95:ee:2a:62:5c:ad:
80:35:1c:c9:90:1a:7b:60:a8:7d:22:f0:f2:33:42:
7b:af:17:29:a9:f8:e6:8b:04:ee:cf:6d:63:b7:1f:
41:ed:1f:1f:4e:2f:cb:12:5d:25:f5:6f:29:dc:92:
e8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:72:8B:97:04:29:D4:70:09:79:78:A1:6E:76:7B:21:DC:6E:3B:1F
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A914B610/4393EAE01DA711E2842FDCA008B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A914B610/4393EAE01DA711E2842FDCA008B02CD2/fHKLlwQp1HAJeXihbnZ7IdxuOx8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
56033
sbgp-ipAddrBlock: critical
IPv4:
121.100.56.0/21
IPv6:
2406:500::/32
Signature Algorithm: sha256WithRSAEncryption
11:51:c9:fd:78:b7:e7:2b:f4:16:e9:d1:41:51:db:1a:42:07:
3f:47:82:e8:1d:2f:a3:dc:29:7e:1d:94:a9:bc:78:23:f2:68:
33:26:31:80:7f:a5:6c:46:56:b9:c0:5c:0a:91:33:76:c9:29:
6e:7f:16:64:25:cf:21:e5:86:8f:f1:29:7c:1e:c3:f2:ef:b7:
6b:5f:2e:54:28:47:50:af:cb:36:b1:1c:95:f2:d5:a8:d8:bb:
0a:57:ec:aa:84:65:e0:5c:de:c9:e7:56:a3:0d:47:15:41:4f:
45:6d:04:83:d6:e6:07:b7:ae:48:da:20:a7:5c:f6:c3:f1:d9:
4f:38:35:49:ee:a1:98:0a:1d:09:45:8b:27:f5:47:a7:96:36:
91:36:81:7d:87:73:ac:4e:6b:ce:97:14:85:42:ce:e1:63:a6:
ff:b1:a0:af:e2:2d:48:1d:f6:71:6c:4d:42:c0:a2:74:d1:f9:
ba:e3:10:bb:11:38:5c:91:e8:d7:c5:b8:b3:73:ed:6d:64:a4:
88:f2:4f:12:03:ec:71:fc:c0:3f:b2:90:e5:af:d2:2b:54:b2:
12:3a:83:eb:88:83:7a:87:54:03:6b:c3:99:eb:69:78:07:4b:
dd:8f:ff:83:aa:89:68:25:f3:93:26:9c:a1:2a:d9:cb:60:27:
88:d2:1a:57
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAid+MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDEwNjE0MzAxM1oXDTI2MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNEI2MTAxMTAvBgNVBAUTKDdDNzI4Qjk3MDQyOUQ0NzAwOTc5NzhB
MTZFNzY3QjIxREM2RTNCMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDoWubnAejcjE/9L+/jykVKj+19XUnKit5Q4fQqpEoWhYdfFtLcBlS8iGkFl9Wz
wOE8AlFC+D19aTQGTQvRoEGow8FXosox48JqmPbq+IdwD8EGXI1FnvCFqXAOZ0jo
mPkJYXUBBH0D10TjmU/4gLsscCTFlR3dq7d8cMn7gYoElZom8Kj4QC4ayjm8+NuF
cJqZ0bCeir1xaWoig1asNa5h3FQ8JbUBEFJNniS+usLLBDmUzvMAQj4nJ4O0pkRq
NcvvmnjAV6DCgI7IDJXuKmJcrYA1HMmQGntgqH0i8PIzQnuvFymp+OaLBO7PbWO3
H0HtHx9OL8sSXSX1bynckuj9AgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUfHKLlwQp
1HAJeXihbnZ7IdxuOx8wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTRCNjEwLzQzOTNFQUUwMURBNzExRTI4NDJGRENBMDA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0QjYxMC80MzkzRUFFMDFEQTcxMUUyODQyRkRDQTAwOEIwMkNEMi9mSEtMbHdR
cDFIQUplWGloYm5aN0lkeHVPeDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDANrhMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDeWQ4MA0EAgAC
MAcDBQAkBgUAMA0GCSqGSIb3DQEBCwUAA4IBAQARUcn9eLfnK/QW6dFBUdsaQgc/
R4LoHS+j3Cl+HZSpvHgj8mgzJjGAf6VsRla5wFwKkTN2ySlufxZkJc8h5YaP8Sl8
HsPy77drXy5UKEdQr8s2sRyV8tWo2LsKV+yqhGXgXN7J51ajDUcVQU9FbQSD1uYH
t65I2iCnXPbD8dlPODVJ7qGYCh0JRYsn9UenljaRNoF9h3OsTmvOlxSFQs7hY6b/
saCv4i1IHfZxbE1CwKJ00fm64xC7EThckejXxbizc+1tZKSI8k8SA+xx/MA/spDl
r9IrVLISOoPriIN6h1QDa8OZ62l4B0vdj/+DqoloJfOTJpyhKtnLYCeI0hpX
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:07:16 2025 by rpki-client