Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer
File: hIWjnta2ISjt9PmbLCqBH1wgFXA.cer (raw, json)
Hash identifier: JLINJYhz0O0/cTJGXI3no/8pPGFXZQ8NTto6k/9C+oM=
Subject key identifier: 84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01DD66
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.mft
caRepository: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 05 Feb 2024 10:09:36 +0000
Certificate not after: Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources: AS: 23892
AS: 38794
AS: 45197
AS: 45248
AS: 45764
AS: 45788
AS: 45796
AS: 55325
AS: 55927
AS: 56085
AS: 132062
AS: 132086
AS: 132821
AS: 132838
AS: 134402
AS: 135617
AS: 135670
AS: 137423
AS: 137489
AS: 137885
AS: 138691
AS: 138911
AS: 139191
AS: 140032
AS: 140662
AS: 141715
AS: 150119
AS: 150432
AS: 150703
AS: 152461
IP: 43.240.112.0/22
IP: 43.249.56.0 -- 43.249.71.255
IP: 43.249.104.0 -- 43.249.115.255
IP: 43.251.204.0/22
IP: 43.252.180.0/22
IP: 45.64.88.0/22
IP: 45.117.208.0/22
IP: 45.122.48.0/22
IP: 45.127.60.0/22
IP: 103.4.228.0/22
IP: 103.23.120.0/22
IP: 103.28.240.0/23
IP: 103.40.132.0 -- 103.40.151.255
IP: 103.40.180.0 -- 103.40.191.255
IP: 103.225.24.0/22
IP: 103.240.60.0/22
IP: 103.245.112.0/22
IP: 115.31.128.0/18
IP: 116.193.144.0/21
IP: 117.121.208.0/20
IP: 119.13.24.0/21
IP: 119.63.64.0/19
IP: 125.254.52.0/22
IP: 150.107.220.0/22
IP: 202.27.110.0/24
IP: 202.94.240.0/20
IP: 202.148.176.0/20
IP: 203.114.68.0/22
IP: 223.27.192.0/18
IP: 2001:df0:1e::/48
IP: 2400:3480::/32
IP: 2400:cd00::/32
IP: 2402:9b00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122214 (0x1dd66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Feb 5 10:09:36 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=A912442A/serialNumber=8485A39ED6B62128EDF4F99B2C2A811F5C201570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6f:10:13:ce:ca:0e:e7:5b:7b:e4:73:a6:b4:
07:b2:7d:d6:da:02:33:b6:95:bb:34:2e:cd:69:50:
bc:7a:10:23:53:12:dc:e4:59:f3:6d:d7:cf:95:f6:
3b:e9:8f:c2:12:60:a3:63:ea:34:c7:57:4e:2e:4b:
32:a5:5e:8f:f2:5d:00:44:ea:30:22:63:74:bc:ba:
9a:5f:5e:0d:04:55:f3:a8:9c:c1:f6:70:40:e1:77:
90:a9:c1:11:b7:28:2b:ba:5b:91:17:ab:87:a9:48:
0c:8c:8d:f1:17:fa:ad:ab:a0:66:8d:7c:4d:32:35:
ae:59:2b:ab:9a:7b:d2:b6:39:89:d9:9d:fb:a9:94:
c6:08:63:b5:00:95:ff:e3:db:93:1e:65:94:32:1a:
f9:35:9e:ce:f1:fd:df:2d:38:41:9a:16:de:2b:0b:
ae:66:a8:b0:32:af:37:78:bc:5b:bd:db:8b:7c:24:
14:07:f2:12:d8:29:a5:f4:6d:f9:44:84:13:1c:f2:
40:97:27:8f:67:16:4e:bb:d8:ca:5c:70:94:87:56:
d4:a4:61:16:e3:57:bd:43:95:6b:f4:4e:34:12:35:
be:61:7d:d2:d1:95:49:4b:51:86:29:aa:89:8f:64:
e3:69:62:34:3c:eb:05:14:3a:77:55:cc:0f:3e:38:
f1:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
23892
38794
45197
45248
45764
45788
45796
55325
55927
56085
132062
132086
132821
132838
134402
135617
135670
137423
137489
137885
138691
138911
139191
140032
140662
141715
150119
150432
150703
152461
sbgp-ipAddrBlock: critical
IPv4:
43.240.112.0/22
43.249.56.0-43.249.71.255
43.249.104.0-43.249.115.255
43.251.204.0/22
43.252.180.0/22
45.64.88.0/22
45.117.208.0/22
45.122.48.0/22
45.127.60.0/22
103.4.228.0/22
103.23.120.0/22
103.28.240.0/23
103.40.132.0-103.40.151.255
103.40.180.0-103.40.191.255
103.225.24.0/22
103.240.60.0/22
103.245.112.0/22
115.31.128.0/18
116.193.144.0/21
117.121.208.0/20
119.13.24.0/21
119.63.64.0/19
125.254.52.0/22
150.107.220.0/22
202.27.110.0/24
202.94.240.0/20
202.148.176.0/20
203.114.68.0/22
223.27.192.0/18
IPv6:
2001:df0:1e::/48
2400:3480::/32
2400:cd00::/32
2402:9b00::/32
Signature Algorithm: sha256WithRSAEncryption
4f:78:35:08:84:e6:98:f0:a4:ed:b5:c7:9e:15:ae:8f:30:c4:
26:ad:85:40:b4:ab:97:1b:22:60:81:f3:6b:85:8c:19:e2:09:
72:98:1c:73:bf:56:16:de:a0:68:94:9f:8f:ac:b1:54:c1:36:
b8:5e:56:e6:a9:ca:9c:fd:ce:aa:a9:14:99:ce:f1:88:60:37:
c3:0b:05:14:0f:83:72:72:0d:54:c0:fc:18:6b:43:87:95:73:
a3:cb:4d:bf:3a:87:a9:dd:a4:4a:2a:11:76:8b:5e:76:74:6a:
97:e9:34:35:0a:46:15:a3:bb:97:e1:ef:65:ed:e8:ac:7d:46:
23:a1:dd:00:5c:c7:66:bf:ac:23:1f:27:e3:c7:53:12:4d:a2:
2f:95:77:90:f2:7a:98:35:49:64:47:87:60:64:27:4f:c1:68:
e5:c8:ac:04:80:16:eb:9b:78:71:22:ee:c3:4a:6a:6d:5a:bc:
de:71:30:61:a6:11:84:65:9a:a5:c7:be:39:7d:86:68:54:ef:
7c:7d:a1:b0:62:8b:c8:95:4d:96:45:84:96:b5:dc:b3:8b:57:
6c:4a:c9:e5:75:9e:ea:87:84:d3:e6:58:a4:ad:63:a8:43:21:
47:d1:64:0a:24:b9:1b:c8:c4:d1:19:e9:9b:65:ba:c0:b5:eb:
a5:30:ad:9f
-----BEGIN CERTIFICATE-----
MIIHpDCCBoygAwIBAgIDAd1mMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIwNTEwMDkzNloXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjQ0MkExMTAvBgNVBAUTKDg0ODVBMzlFRDZCNjIxMjhFREY0Rjk5
QjJDMkE4MTFGNUMyMDE1NzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCvbxATzsoO51t75HOmtAeyfdbaAjO2lbs0Ls1pULx6ECNTEtzkWfNt18+V9jvp
j8ISYKNj6jTHV04uSzKlXo/yXQBE6jAiY3S8uppfXg0EVfOonMH2cEDhd5CpwRG3
KCu6W5EXq4epSAyMjfEX+q2roGaNfE0yNa5ZK6uae9K2OYnZnfuplMYIY7UAlf/j
25MeZZQyGvk1ns7x/d8tOEGaFt4rC65mqLAyrzd4vFu924t8JBQH8hLYKaX0bflE
hBMc8kCXJ49nFk672MpccJSHVtSkYRbjV71DlWv0TjQSNb5hfdLRlUlLUYYpqomP
ZONpYjQ86wUUOndVzA8+OPFTAgMBAAGjggSZMIIElTAdBgNVHQ4EFgQUhIWjnta2
ISjt9PmbLCqBH1wgFXAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTI0NDJBLzIwRjJDQjAwRUI5QzExRUNBNjgyMTIwQ0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyNDQyQS8yMEYyQ0IwMEVCOUMxMUVDQTY4MjEyMENDNEY5QUUwMi9oSVdqbnRh
MklTanQ5UG1iTENxQkgxd2dGWEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga4GCCsGAQUFBwEIAQH/BIGe
MIGboIGYMIGVAgJdVAIDAJeKAgMAsI0CAwCwwAIDALLEAgMAstwCAwCy5AIDANgd
AgMA2ncCAwDbFQIDAgPeAgMCA/YCAwIG1QIDAgbmAgMCDQICAwIRwQIDAhH2AgMC
GM8CAwIZEQIDAhqdAgMCHcMCAwIenwIDAh+3AgMCIwACAwIldgIDAimTAgMCSmcC
AwJLoAIDAkyvAgMCU40wggESBggrBgEFBQcBBwEB/wSCAQEwgf4wgdUEAgABMIHO
AwQCK/BwMAwDBAMr+TgDBAMr+UAwDAMEAyv5aAMEAiv5cAMEAiv7zAMEAiv8tAME
Ai1AWAMEAi110AMEAi16MAMEAi1/PAMEAmcE5AMEAmcXeAMEAWcc8DAMAwQCZyiE
AwQDZyiQMAwDBAJnKLQDBAZnKIADBAJn4RgDBAJn8DwDBAJn9XADBAZzH4ADBAN0
wZADBAR1edADBAN3DRgDBAV3P0ADBAJ9/jQDBAKWa9wDBADKG24DBATKXvADBATK
lLADBALLckQDBAbfG8AwJAQCAAIwHgMHACABDfAAHgMFACQANIADBQAkAM0AAwUA
JAKbADANBgkqhkiG9w0BAQsFAAOCAQEAT3g1CITmmPCk7bXHnhWujzDEJq2FQLSr
lxsiYIHza4WMGeIJcpgcc79WFt6gaJSfj6yxVME2uF5W5qnKnP3OqqkUmc7xiGA3
wwsFFA+DcnINVMD8GGtDh5Vzo8tNvzqHqd2kSioRdotednRql+k0NQpGFaO7l+Hv
Ze3orH1GI6HdAFzHZr+sIx8n48dTEk2iL5V3kPJ6mDVJZEeHYGQnT8Fo5cisBIAW
65t4cSLuw0pqbVq83nEwYaYRhGWapce+OX2GaFTvfH2hsGKLyJVNlkWElrXcs4tX
bErJ5XWe6oeE0+ZYpK1jqEMhR9FkCiS5G8jE0Rnpm2W6wLXrpTCtnw==
-----END CERTIFICATE-----
Generated at Thu May 9 15:21:25 2024 by rpki-client on console-fra.rpki-client.org