Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fHKLlwQp1HAJeXihbnZ7IdxuOx8.cer
File: fHKLlwQp1HAJeXihbnZ7IdxuOx8.cer (raw, json)
Hash identifier: 6RQ0X7fc6oqVt3cUn1WGGmv8x2DwhNqLBrb1sOowYTY=
Subject key identifier: 7C:72:8B:97:04:29:D4:70:09:79:78:A1:6E:76:7B:21:DC:6E:3B:1F
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01D711
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A914B610/4393EAE01DA711E2842FDCA008B02CD2/fHKLlwQp1HAJeXihbnZ7IdxuOx8.mft
caRepository: rsync://rpki.apnic.net/member_repository/A914B610/4393EAE01DA711E2842FDCA008B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sat 06 Jan 2024 14:29:09 +0000
Certificate not after: Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources: AS: 56033
IP: 121.100.56.0/21
IP: 2406:500::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120593 (0x1d711)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jan 6 14:29:09 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=A914B610/serialNumber=7C728B970429D470097978A16E767B21DC6E3B1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:5a:e6:e7:01:e8:dc:8c:4f:fd:2f:ef:e3:ca:
45:4a:8f:ed:7d:5d:49:ca:8a:de:50:e1:f4:2a:a4:
4a:16:85:87:5f:16:d2:dc:06:54:bc:88:69:05:97:
d5:b3:c0:e1:3c:02:51:42:f8:3d:7d:69:34:06:4d:
0b:d1:a0:41:a8:c3:c1:57:a2:ca:31:e3:c2:6a:98:
f6:ea:f8:87:70:0f:c1:06:5c:8d:45:9e:f0:85:a9:
70:0e:67:48:e8:98:f9:09:61:75:01:04:7d:03:d7:
44:e3:99:4f:f8:80:bb:2c:70:24:c5:95:1d:dd:ab:
b7:7c:70:c9:fb:81:8a:04:95:9a:26:f0:a8:f8:40:
2e:1a:ca:39:bc:f8:db:85:70:9a:99:d1:b0:9e:8a:
bd:71:69:6a:22:83:56:ac:35:ae:61:dc:54:3c:25:
b5:01:10:52:4d:9e:24:be:ba:c2:cb:04:39:94:ce:
f3:00:42:3e:27:27:83:b4:a6:44:6a:35:cb:ef:9a:
78:c0:57:a0:c2:80:8e:c8:0c:95:ee:2a:62:5c:ad:
80:35:1c:c9:90:1a:7b:60:a8:7d:22:f0:f2:33:42:
7b:af:17:29:a9:f8:e6:8b:04:ee:cf:6d:63:b7:1f:
41:ed:1f:1f:4e:2f:cb:12:5d:25:f5:6f:29:dc:92:
e8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:72:8B:97:04:29:D4:70:09:79:78:A1:6E:76:7B:21:DC:6E:3B:1F
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A914B610/4393EAE01DA711E2842FDCA008B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A914B610/4393EAE01DA711E2842FDCA008B02CD2/fHKLlwQp1HAJeXihbnZ7IdxuOx8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
56033
sbgp-ipAddrBlock: critical
IPv4:
121.100.56.0/21
IPv6:
2406:500::/32
Signature Algorithm: sha256WithRSAEncryption
a9:a4:95:72:6b:c3:73:26:96:15:22:2f:e6:59:1a:24:1f:d5:
84:3e:fa:1f:52:96:df:5e:62:4c:ca:dc:17:eb:c1:22:a9:04:
e3:5a:53:f0:17:56:29:6a:04:d8:b0:e5:41:22:f4:2f:03:f2:
23:ce:61:2d:2a:a3:bd:ed:16:63:8a:54:07:19:17:cd:cd:10:
f1:0f:df:13:5e:13:4c:76:56:82:78:1f:5b:30:a7:bf:e0:6e:
ad:3f:d9:ef:10:2b:2f:aa:3b:ec:ea:c7:94:f6:b0:7f:79:f6:
2e:f1:56:0e:dc:66:57:6f:0c:12:10:10:c4:e4:88:df:42:80:
87:ee:b1:c4:b9:48:26:77:3d:6d:de:d0:95:57:79:fd:42:c8:
ec:f4:1a:05:2d:ed:dd:24:53:48:7f:94:48:44:28:f1:70:e1:
cb:f1:7d:dc:bf:54:5c:00:62:9c:aa:da:24:32:15:7e:f6:e8:
37:90:79:b5:25:f7:58:f4:0e:b1:c9:15:b9:8f:60:30:ed:81:
28:4d:d7:2f:dc:db:d2:07:25:09:6e:80:59:c6:9f:30:da:62:
f5:a7:d9:e3:4f:12:6c:d2:f3:0c:d9:64:65:9f:43:6e:a3:ed:
fd:be:16:73:33:5d:ad:cd:dc:be:23:6e:4c:14:66:3a:9a:d1:
9c:97:50:92
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAdcRMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEwNjE0MjkwOVoXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNEI2MTAxMTAvBgNVBAUTKDdDNzI4Qjk3MDQyOUQ0NzAwOTc5NzhB
MTZFNzY3QjIxREM2RTNCMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDoWubnAejcjE/9L+/jykVKj+19XUnKit5Q4fQqpEoWhYdfFtLcBlS8iGkFl9Wz
wOE8AlFC+D19aTQGTQvRoEGow8FXosox48JqmPbq+IdwD8EGXI1FnvCFqXAOZ0jo
mPkJYXUBBH0D10TjmU/4gLsscCTFlR3dq7d8cMn7gYoElZom8Kj4QC4ayjm8+NuF
cJqZ0bCeir1xaWoig1asNa5h3FQ8JbUBEFJNniS+usLLBDmUzvMAQj4nJ4O0pkRq
NcvvmnjAV6DCgI7IDJXuKmJcrYA1HMmQGntgqH0i8PIzQnuvFymp+OaLBO7PbWO3
H0HtHx9OL8sSXSX1bynckuj9AgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUfHKLlwQp
1HAJeXihbnZ7IdxuOx8wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTRCNjEwLzQzOTNFQUUwMURBNzExRTI4NDJGRENBMDA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0QjYxMC80MzkzRUFFMDFEQTcxMUUyODQyRkRDQTAwOEIwMkNEMi9mSEtMbHdR
cDFIQUplWGloYm5aN0lkeHVPeDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDANrhMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDeWQ4MA0EAgAC
MAcDBQAkBgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCppJVya8NzJpYVIi/mWRokH9WE
PvofUpbfXmJMytwX68EiqQTjWlPwF1YpagTYsOVBIvQvA/IjzmEtKqO97RZjilQH
GRfNzRDxD98TXhNMdlaCeB9bMKe/4G6tP9nvECsvqjvs6seU9rB/efYu8VYO3GZX
bwwSEBDE5IjfQoCH7rHEuUgmdz1t3tCVV3n9Qsjs9BoFLe3dJFNIf5RIRCjxcOHL
8X3cv1RcAGKcqtokMhV+9ug3kHm1JfdY9A6xyRW5j2Aw7YEoTdcv3NvSByUJboBZ
xp8w2mL1p9njTxJs0vMM2WRln0Nuo+39vhZzM12tzdy+I25MFGY6mtGcl1CS
-----END CERTIFICATE-----
Generated at Thu May 9 10:24:30 2024 by rpki-client on console-fra.rpki-client.org