Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hseUaUaypXsFbwKyeTQNMMLOSbQ.cer
File: hseUaUaypXsFbwKyeTQNMMLOSbQ.cer (raw, json)
Hash identifier: ZM8j5FhiiSzVzPYhmNynhnDuV1zAXDiG/yDfHeaqfUw=
Subject key identifier: 86:C7:94:69:46:B2:A5:7B:05:6F:02:B2:79:34:0D:30:C2:CE:49:B4
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 022C65
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/hseUaUaypXsFbwKyeTQNMMLOSbQ.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 30 Jan 2025 12:40:21 +0000
Certificate not after: Wed 30 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 7540
AS: 9586
AS: 9828
AS: 10232
IP: 117.18.96.0/24
IP: 117.18.98.0/24
IP: 117.18.105.0/24
IP: 117.18.116.0/24
IP: 202.181.136.0 -- 202.181.138.255
IP: 202.181.140.0 -- 202.181.142.255
IP: 202.181.146.0/23
IP: 202.181.149.0 -- 202.181.150.255
IP: 202.181.152.0/24
IP: 202.181.154.0/23
IP: 202.181.160.0 -- 202.181.176.255
IP: 202.181.178.0/23
IP: 202.181.189.0/24
IP: 202.181.192.0 -- 202.181.203.255
IP: 202.181.205.0 -- 202.181.218.255
IP: 202.181.220.0 -- 202.181.247.255
IP: 2405:5d00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 05:08:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142437 (0x22c65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 30 12:40:21 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=A9120B99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:de:90:3c:29:01:3e:22:86:ac:7d:86:d3:85:
a4:0a:fd:64:ad:52:1b:63:52:22:93:2b:84:0d:ee:
fb:5e:ee:9a:4a:44:6d:7f:69:0b:61:b1:66:48:bd:
88:69:56:2c:4d:61:4a:1c:1a:81:bc:61:0c:b6:f4:
c3:10:e9:e5:de:40:f3:bb:3d:66:37:34:2e:86:a3:
10:06:b6:a4:95:69:99:72:ab:69:76:62:ee:90:08:
10:e9:60:d7:c7:1c:51:8f:52:7c:f1:b6:76:b3:78:
f9:2b:12:3d:8a:d8:d6:2d:e1:3c:97:ed:07:7b:ca:
a4:59:6f:1a:85:ab:4d:21:90:9b:1a:05:e7:e1:82:
75:54:3f:d6:2d:11:9e:01:1b:73:b0:3b:87:90:8f:
6b:ce:28:f6:71:f1:ac:77:c1:05:b9:40:80:a6:de:
72:8b:fa:1f:15:13:10:50:40:72:3b:f0:cf:06:fe:
67:11:ed:db:e1:bf:9a:4b:c5:43:dc:05:ae:5a:27:
01:d0:c4:50:45:90:57:6e:be:7d:e9:1a:0d:9e:0b:
7c:ed:28:22:d1:ed:dc:5d:49:a7:6f:3b:c8:f1:63:
6e:6e:a9:54:73:6a:98:3b:7d:18:a8:54:41:c9:26:
b9:51:de:b0:14:f1:cc:33:bc:50:b3:bf:7f:f7:1e:
11:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C7:94:69:46:B2:A5:7B:05:6F:02:B2:79:34:0D:30:C2:CE:49:B4
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/hseUaUaypXsFbwKyeTQNMMLOSbQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
7540
9586
9828
10232
sbgp-ipAddrBlock: critical
IPv4:
117.18.96.0/24
117.18.98.0/24
117.18.105.0/24
117.18.116.0/24
202.181.136.0-202.181.138.255
202.181.140.0-202.181.142.255
202.181.146.0/23
202.181.149.0-202.181.150.255
202.181.152.0/24
202.181.154.0/23
202.181.160.0-202.181.176.255
202.181.178.0/23
202.181.189.0/24
202.181.192.0-202.181.203.255
202.181.205.0-202.181.218.255
202.181.220.0-202.181.247.255
IPv6:
2405:5d00::/32
Signature Algorithm: sha256WithRSAEncryption
cf:47:2b:0b:3a:3c:1a:40:0e:29:f8:91:05:0b:0e:a4:f7:bb:
c4:81:39:f3:fe:28:ef:da:42:96:18:c1:40:e4:b3:22:fc:be:
aa:bd:21:ca:f7:90:07:c0:dc:8e:5a:c7:30:10:5d:f2:2b:84:
a9:c6:5f:93:b2:12:87:b1:aa:39:4b:fd:3c:0e:9a:c1:20:d2:
14:1a:59:01:9b:31:04:84:31:29:61:9a:a9:ba:43:5c:6e:a0:
d6:db:de:78:02:5f:3b:61:f1:8e:71:6c:d2:e3:ae:fe:65:25:
bd:3d:f5:bd:bf:68:cd:de:f0:a9:0c:d5:ec:16:d3:5f:4d:aa:
a9:b0:d1:ca:ca:3e:2d:fa:44:6e:9e:42:3b:fd:85:c1:ce:03:
9c:88:75:96:63:5b:ed:6b:6e:e0:cb:99:26:89:9c:0c:a4:8a:
2e:f3:25:04:41:a3:00:a7:ae:7f:02:36:6d:3a:d7:9a:c3:c7:
39:8e:aa:93:3e:44:a1:b4:de:7e:66:91:b1:58:7e:5a:08:f2:
54:5b:d1:dd:6c:d5:a1:26:40:df:ba:68:5e:18:0b:7e:0c:30:
9c:ac:81:e0:91:7b:73:a3:17:5f:cb:6e:18:04:9c:64:80:00:
bc:3b:6d:ea:e6:ba:4f:8c:31:e2:20:2c:cb:9c:53:1c:94:d6:
d0:47:3a:f6
-----BEGIN CERTIFICATE-----
MIIGyzCCBbOgAwIBAgIDAixlMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDEzMDEyNDAyMVoXDTI1MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjBCOTkxMTAvBgNVBAUTKDg2Qzc5NDY5NDZCMkE1N0IwNTZGMDJC
Mjc5MzQwRDMwQzJDRTQ5QjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCq3pA8KQE+IoasfYbThaQK/WStUhtjUiKTK4QN7vte7ppKRG1/aQthsWZIvYhp
VixNYUocGoG8YQy29MMQ6eXeQPO7PWY3NC6GoxAGtqSVaZlyq2l2Yu6QCBDpYNfH
HFGPUnzxtnazePkrEj2K2NYt4TyX7Qd7yqRZbxqFq00hkJsaBefhgnVUP9YtEZ4B
G3OwO4eQj2vOKPZx8ax3wQW5QICm3nKL+h8VExBQQHI78M8G/mcR7dvhv5pLxUPc
Ba5aJwHQxFBFkFduvn3pGg2eC3ztKCLR7dxdSadvO8jxY25uqVRzapg7fRioVEHJ
JrlR3rAU8cwzvFCzv3/3HhF3AgMBAAGjggPAMIIDvDAdBgNVHQ4EFgQUhseUaUay
pXsFbwKyeTQNMMLOSbQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTIwQjk5L0QzRjkwNTFDMUQ4MzExRTJCNEVENUNEOTA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyMEI5OS9EM0Y5MDUxQzFEODMxMUUyQjRFRDVDRDkwOEIwMkNEMi9oc2VVYVVh
eXBYc0Zid0t5ZVRRTk1NTE9TYlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQgBAf8EFjAU
oBIwEAICHXQCAiVyAgImZAICJ/gwgcQGCCsGAQUFBwEHAQH/BIG0MIGxMIGfBAIA
ATCBmAMEAHUSYAMEAHUSYgMEAHUSaQMEAHUSdDAMAwQDyrWIAwQAyrWKMAwDBALK
tYwDBADKtY4DBAHKtZIwDAMEAMq1lQMEAMq1lgMEAMq1mAMEAcq1mjAMAwQFyrWg
AwQAyrWwAwQByrWyAwQAyrW9MAwDBAbKtcADBALKtcgwDAMEAMq1zQMEAMq12jAM
AwQCyrXcAwQDyrXwMA0EAgACMAcDBQAkBV0AMA0GCSqGSIb3DQEBCwUAA4IBAQDP
RysLOjwaQA4p+JEFCw6k97vEgTnz/ijv2kKWGMFA5LMi/L6qvSHK95AHwNyOWscw
EF3yK4Spxl+TshKHsao5S/08DprBINIUGlkBmzEEhDEpYZqpukNcbqDW2954Al87
YfGOcWzS467+ZSW9PfW9v2jN3vCpDNXsFtNfTaqpsNHKyj4t+kRunkI7/YXBzgOc
iHWWY1vta27gy5kmiZwMpIou8yUEQaMAp65/AjZtOteaw8c5jqqTPkShtN5+ZpGx
WH5aCPJUW9HdbNWhJkDfumheGAt+DDCcrIHgkXtzoxdfy24YBJxkgAC8O23q5rpP
jDHiICzLnFMclNbQRzr2
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:07:09 2025 by rpki-client