Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ips7kjmTluj8a4YwntVzMMlOEX0.cer
File: ips7kjmTluj8a4YwntVzMMlOEX0.cer (raw, json)
Hash identifier: Id39287uv/FLpSrVIvFs9Lovz+NrMt8lbAp969/NVok=
Subject key identifier: 8A:9B:3B:92:39:93:96:E8:FC:6B:86:30:9E:D5:73:30:C9:4E:11:7D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 022C42
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A919A3CA/57D238028FA211EA8EC06E1CC4F9AE02/ips7kjmTluj8a4YwntVzMMlOEX0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A919A3CA/57D238028FA211EA8EC06E1CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 29 Jan 2025 18:21:37 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: IP: 103.36.108.0/22
IP: 103.146.214.0/24
IP: 2001:df2:7080::/48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142402 (0x22c42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 29 18:21:37 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=A919A3CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6a:a3:bb:ab:24:da:60:69:36:14:7a:91:5a:
67:5f:55:17:5f:25:20:ed:6a:8a:3a:57:9a:5e:f4:
9c:91:a4:13:7e:4e:04:13:34:96:a0:7f:f2:4f:d2:
c1:03:7f:e0:47:51:ec:d5:f8:83:29:48:99:0d:d8:
93:ef:20:0e:01:16:4b:cc:99:f9:73:b3:cd:39:e7:
3e:a0:63:6c:fd:66:0d:b1:5e:63:85:a9:4a:ae:e7:
00:27:f9:ef:74:f1:01:ef:88:5d:e5:31:47:a8:d2:
54:f5:e3:d3:db:fa:09:a2:1c:f4:91:a9:21:6c:d0:
12:b2:d7:11:fd:07:13:b0:9e:bd:60:a1:0c:b5:d3:
ec:d5:46:94:e6:8e:66:11:65:66:44:b6:4b:fd:67:
5c:b2:11:52:db:8b:96:a1:4b:e8:05:62:e0:b7:1b:
c5:8e:b2:2e:e0:f8:10:cb:50:48:6e:48:00:dd:ea:
51:e6:9b:85:d2:c0:0c:81:94:de:de:82:31:5f:68:
e1:b9:ed:e4:3f:46:bc:4b:71:1c:18:4a:48:3b:bd:
c3:f6:6f:5f:51:14:db:77:e2:04:6b:ea:a9:e0:d4:
78:d3:26:04:85:17:52:85:76:8d:6a:fb:6b:65:de:
4d:da:eb:5b:18:c3:d3:0c:98:68:7b:fb:c3:da:4f:
d4:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:9B:3B:92:39:93:96:E8:FC:6B:86:30:9E:D5:73:30:C9:4E:11:7D
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919A3CA/57D238028FA211EA8EC06E1CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919A3CA/57D238028FA211EA8EC06E1CC4F9AE02/ips7kjmTluj8a4YwntVzMMlOEX0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.36.108.0/22
103.146.214.0/24
IPv6:
2001:df2:7080::/48
Signature Algorithm: sha256WithRSAEncryption
7f:61:9d:52:ae:a7:99:0b:28:f6:b3:a2:60:e4:ad:8d:99:ec:
bb:8c:88:fa:fe:36:24:7b:46:b8:11:01:79:c1:c6:a6:6c:13:
0e:a7:f7:56:5e:80:14:e1:0d:1b:b7:39:bf:66:52:fd:63:fd:
5c:dc:d5:c5:cb:69:a4:70:8f:21:e9:f3:17:0a:ff:13:76:32:
74:c6:8e:f7:eb:6a:d0:de:a6:98:a4:f5:c9:83:35:ef:d2:0d:
8d:65:dc:cc:56:2f:92:22:53:b0:4e:cc:32:77:d5:3d:c8:29:
7a:e0:24:d9:61:9b:12:0c:43:55:0b:e1:08:28:09:72:cb:aa:
11:8d:c8:cc:eb:a7:ed:2f:b8:c4:66:60:81:a5:28:fc:32:fd:
a8:bf:05:d1:9b:60:b6:ac:fe:55:7a:46:7b:eb:2c:37:87:7d:
35:b4:5a:3b:c6:dc:b7:1b:51:e4:b4:a3:2a:d7:c2:c8:bf:54:
6d:7b:ed:4c:42:3f:8a:5c:84:2a:02:c8:a1:28:6d:01:1c:22:
b0:69:28:ce:1b:ea:69:db:23:f6:cc:e4:71:16:21:c8:0d:53:
b2:4a:68:a4:47:af:74:a1:70:60:f0:bf:b0:03:ce:59:ef:a5:
49:09:61:e2:04:9e:47:24:c3:49:20:1a:0c:9c:4a:72:07:43:
11:d2:dd:f8
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgIDAixCMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDEyOTE4MjEzN1oXDTI2MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOUEzQ0ExMTAvBgNVBAUTKDhBOUIzQjkyMzk5Mzk2RThGQzZCODYz
MDlFRDU3MzMwQzk0RTExN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFaqO7qyTaYGk2FHqRWmdfVRdfJSDtaoo6V5pe9JyRpBN+TgQTNJagf/JP0sED
f+BHUezV+IMpSJkN2JPvIA4BFkvMmflzs8055z6gY2z9Zg2xXmOFqUqu5wAn+e90
8QHviF3lMUeo0lT149Pb+gmiHPSRqSFs0BKy1xH9BxOwnr1goQy10+zVRpTmjmYR
ZWZEtkv9Z1yyEVLbi5ahS+gFYuC3G8WOsi7g+BDLUEhuSADd6lHmm4XSwAyBlN7e
gjFfaOG57eQ/RrxLcRwYSkg7vcP2b19RFNt34gRr6qng1HjTJgSFF1KFdo1q+2tl
3k3a61sYw9MMmGh7+8PaT9Q7AgMBAAGjggMKMIIDBjAdBgNVHQ4EFgQUips7kjmT
luj8a4YwntVzMMlOEX0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTlBM0NBLzU3RDIzODAyOEZBMjExRUE4RUMwNkUxQ0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5QTNDQS81N0QyMzgwMjhGQTIxMUVBOEVDMDZFMUNDNEY5QUUwMi9pcHM3a2pt
VGx1ajhhNFl3bnRWek1NbE9FWDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8EJzAl
MBIEAgABMAwDBAJnJGwDBABnktYwDwQCAAIwCQMHACABDfJwgDANBgkqhkiG9w0B
AQsFAAOCAQEAf2GdUq6nmQso9rOiYOStjZnsu4yI+v42JHtGuBEBecHGpmwTDqf3
Vl6AFOENG7c5v2ZS/WP9XNzVxctppHCPIenzFwr/E3YydMaO9+tq0N6mmKT1yYM1
79INjWXczFYvkiJTsE7MMnfVPcgpeuAk2WGbEgxDVQvhCCgJcsuqEY3IzOun7S+4
xGZggaUo/DL9qL8F0Ztgtqz+VXpGe+ssN4d9NbRaO8bctxtR5LSjKtfCyL9UbXvt
TEI/ilyEKgLIoShtARwisGkozhvqadsj9szkcRYhyA1TskpopEevdKFwYPC/sAPO
We+lSQlh4gSeRyTDSSAaDJxKcgdDEdLd+A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:27:23 2025 by rpki-client