Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/keZ5ch7R4JJ-u35GHIBYDSOTWSo.cer
File: keZ5ch7R4JJ-u35GHIBYDSOTWSo.cer (raw, json)
Hash identifier: DZQOy68N5/iAruHTEXAEkwwaSnFtVv7gQApfygc9RfU=
Subject key identifier: 91:E6:79:72:1E:D1:E0:92:7E:BB:7E:46:1C:80:58:0D:23:93:59:2A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021FD3
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911ACAC/B3BDA56431D311EC8D3BBF30C4F9AE02/keZ5ch7R4JJ-u35GHIBYDSOTWSo.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911ACAC/B3BDA56431D311EC8D3BBF30C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 02 Dec 2024 23:54:29 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: AS: 147307
IP: 103.174.188.0/23
IP: 2001:df7:d180::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Apr 2025 23:51:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139219 (0x21fd3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Dec 2 23:54:29 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A911ACAC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a5:c2:e7:59:59:a1:72:20:ec:26:01:c2:69:
d6:27:03:05:3d:d6:ea:bd:28:e9:bb:c1:26:c2:99:
68:ed:d2:1c:be:fa:b0:94:6d:8a:52:79:16:80:78:
d7:ca:a8:21:dd:e7:c3:9e:05:d8:c1:ba:d6:09:29:
fc:15:06:b9:e3:bf:21:5b:7f:4a:03:b6:71:bc:42:
0a:1c:46:89:08:54:91:ad:2a:3b:72:89:65:f4:10:
30:50:29:46:72:b0:62:00:c3:06:14:26:f7:7b:cf:
06:c4:bb:31:b0:52:58:72:81:2a:f2:f3:8a:b7:0d:
73:70:b9:69:db:94:4e:68:37:99:54:bf:95:7c:2f:
9b:ee:60:f4:1f:d5:32:81:29:6c:8d:39:b4:7b:53:
e7:3b:04:99:d5:b7:de:67:66:46:fa:3e:4c:39:53:
88:4a:a8:60:5a:8d:8b:d0:1c:a9:c6:e9:da:bb:62:
51:b5:8d:83:25:74:3f:51:66:d7:5d:54:f0:aa:c3:
77:d5:ed:14:b8:08:95:60:1b:8e:a8:fb:fa:88:12:
25:29:39:30:39:5a:95:c7:64:34:73:4c:c7:dd:b9:
58:79:99:bf:9b:5b:f2:ac:2b:fa:cc:7c:24:29:4e:
27:5e:08:8c:c5:1a:17:18:4a:65:2e:71:1f:cf:67:
fa:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E6:79:72:1E:D1:E0:92:7E:BB:7E:46:1C:80:58:0D:23:93:59:2A
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911ACAC/B3BDA56431D311EC8D3BBF30C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911ACAC/B3BDA56431D311EC8D3BBF30C4F9AE02/keZ5ch7R4JJ-u35GHIBYDSOTWSo.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
147307
sbgp-ipAddrBlock: critical
IPv4:
103.174.188.0/23
IPv6:
2001:df7:d180::/48
Signature Algorithm: sha256WithRSAEncryption
22:e2:41:b7:33:6b:2c:54:0c:de:02:17:68:dd:95:cf:1a:3b:
76:60:f3:10:3e:82:8e:92:e7:8e:fb:2f:2f:f2:ec:8a:8b:11:
c8:b3:2a:ee:67:ca:db:13:56:d1:cd:9c:32:c7:7f:4a:25:e6:
21:61:d5:9c:46:49:cf:d5:94:ad:dc:38:09:58:ce:44:42:16:
e1:32:ee:03:94:04:f8:72:c6:78:60:6a:d5:35:61:7c:96:5c:
1f:e1:22:6a:87:00:4f:2c:dd:88:2e:e5:bb:ed:2f:33:6b:dd:
3a:04:7d:1c:7b:84:95:47:a6:e5:5c:3c:67:b8:e2:4a:48:09:
e2:cd:84:56:32:26:64:63:06:bf:63:3b:53:e0:e4:bf:63:f4:
80:ea:0a:d6:09:bc:fa:20:66:0c:2a:9d:85:23:5f:53:5e:f0:
9e:af:7d:37:81:13:df:7d:84:13:2d:6b:39:37:02:99:0a:61:
eb:57:18:ea:64:21:54:37:29:fe:a3:01:90:cb:a5:0b:66:b4:
45:3e:4b:da:71:e4:5e:f2:d5:37:62:ce:21:16:66:fe:88:84:
8a:f8:41:81:ab:57:5f:7e:8f:9b:b6:0a:c4:6c:eb:3b:c3:a6:
c8:a4:7d:a2:ed:23:70:ee:9c:17:de:7b:70:1c:b7:cd:9c:c9:
45:b3:80:d9
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAh/TMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTIwMjIzNTQyOVoXDTI2MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMUFDQUMxMTAvBgNVBAUTKDkxRTY3OTcyMUVEMUUwOTI3RUJCN0U0
NjFDODA1ODBEMjM5MzU5MkEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC1pcLnWVmhciDsJgHCadYnAwU91uq9KOm7wSbCmWjt0hy++rCUbYpSeRaAeNfK
qCHd58OeBdjButYJKfwVBrnjvyFbf0oDtnG8QgocRokIVJGtKjtyiWX0EDBQKUZy
sGIAwwYUJvd7zwbEuzGwUlhygSry84q3DXNwuWnblE5oN5lUv5V8L5vuYPQf1TKB
KWyNObR7U+c7BJnVt95nZkb6Pkw5U4hKqGBajYvQHKnG6dq7YlG1jYMldD9RZtdd
VPCqw3fV7RS4CJVgG46o+/qIEiUpOTA5WpXHZDRzTMfduVh5mb+bW/KsK/rMfCQp
TideCIzFGhcYSmUucR/PZ/oTAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUkeZ5ch7R
4JJ+u35GHIBYDSOTWSowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTFBQ0FDL0IzQkRBNTY0MzFEMzExRUM4RDNCQkYzMEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExQUNBQy9CM0JEQTU2NDMxRDMxMUVDOEQzQkJGMzBDNEY5QUUwMi9rZVo1Y2g3
UjRKSi11MzVHSElCWURTT1RXU28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAj9rMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ668MA8EAgAC
MAkDBwAgAQ330YAwDQYJKoZIhvcNAQELBQADggEBACLiQbczayxUDN4CF2jdlc8a
O3Zg8xA+go6S5477Ly/y7IqLEcizKu5nytsTVtHNnDLHf0ol5iFh1ZxGSc/VlK3c
OAlYzkRCFuEy7gOUBPhyxnhgatU1YXyWXB/hImqHAE8s3Ygu5bvtLzNr3ToEfRx7
hJVHpuVcPGe44kpICeLNhFYyJmRjBr9jO1Pg5L9j9IDqCtYJvPogZgwqnYUjX1Ne
8J6vfTeBE999hBMtazk3ApkKYetXGOpkIVQ3Kf6jAZDLpQtmtEU+S9px5F7y1Tdi
ziEWZv6IhIr4QYGrV19+j5u2CsRs6zvDpsikfaLtI3DunBfee3Act82cyUWzgNk=
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:05:21 2025 by rpki-client