Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ls0KaXDWhbDM6jQk4JROhAUOt-w.cer
File: ls0KaXDWhbDM6jQk4JROhAUOt-w.cer (raw, json)
Hash identifier: 4eP4DTrAi/gQ5FOekDH2qxRUSd3ZAZDI8T2eiEGdPjw=
Subject key identifier: 96:CD:0A:69:70:D6:85:B0:CC:EA:34:24:E0:94:4E:84:05:0E:B7:EC
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01E990
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91B3C87/8B7C7E76575211E9808ECF1BC4F9AE02/ls0KaXDWhbDM6jQk4JROhAUOt-w.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91B3C87/8B7C7E76575211E9808ECF1BC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 04 Apr 2024 00:40:47 +0000
Certificate not after: Wed 28 May 2025 00:00:00 +0000
Subordinate resources: AS: 63968
IP: 103.52.28.0/22
IP: 2404:72c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125328 (0x1e990)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 4 00:40:47 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=A91B3C87/serialNumber=96CD0A6970D685B0CCEA3424E0944E84050EB7EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:de:29:64:09:88:b4:88:c0:25:30:a3:31:74:
cd:62:96:9b:42:5b:3c:84:71:8b:ef:75:ea:b1:ed:
97:a4:9e:69:6b:96:5e:8c:f3:ed:26:a6:42:a5:a8:
fd:0f:c9:3e:f4:af:a1:86:f9:1f:30:8f:9a:e0:87:
77:e3:27:f1:b0:a3:41:53:18:60:70:dd:dd:ac:12:
45:1c:8d:bc:89:43:74:73:b5:7c:a3:e0:71:ba:17:
88:f9:dc:f0:87:8c:5f:64:40:97:73:03:8f:e5:9a:
f4:6c:47:1f:a0:b8:2a:b6:69:b2:5a:75:3f:74:cc:
65:5f:59:b3:01:4c:41:06:47:74:25:20:de:09:50:
80:bf:c6:22:67:1e:d1:7d:3b:29:a5:9c:2c:ea:43:
e0:af:0d:30:0e:94:18:f3:48:dd:1d:5c:4d:27:b3:
9b:86:9d:70:c7:ef:f9:51:63:41:e0:81:8c:75:4b:
01:df:62:41:9b:c5:d0:cf:de:9f:f7:58:84:15:51:
bb:a0:b1:bd:c6:9e:ee:76:7b:2e:e9:0c:66:41:9b:
49:4e:fe:6b:48:98:88:a2:51:45:42:72:49:52:c0:
06:83:9b:97:e2:af:37:46:f5:6f:00:0d:04:12:e8:
90:6c:77:9a:ab:3f:a9:3d:1f:88:36:63:57:12:db:
ed:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:CD:0A:69:70:D6:85:B0:CC:EA:34:24:E0:94:4E:84:05:0E:B7:EC
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B3C87/8B7C7E76575211E9808ECF1BC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B3C87/8B7C7E76575211E9808ECF1BC4F9AE02/ls0KaXDWhbDM6jQk4JROhAUOt-w.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
63968
sbgp-ipAddrBlock: critical
IPv4:
103.52.28.0/22
IPv6:
2404:72c0::/32
Signature Algorithm: sha256WithRSAEncryption
47:2a:06:ee:20:ce:46:58:95:2a:2f:7d:e1:4e:1a:f9:64:bf:
d1:b9:15:bb:91:53:4e:ac:fd:f8:26:b2:cd:0c:ae:06:e0:54:
15:9c:1a:8a:9e:dd:fe:66:28:da:c3:41:b5:9a:e7:06:13:14:
b3:a8:62:fa:db:2d:d8:32:0e:06:56:71:54:a4:55:02:13:6d:
73:4a:eb:93:51:53:66:dd:50:f0:6c:70:b5:a8:33:56:07:9d:
ba:4c:87:f9:4f:09:5e:52:06:25:c9:36:00:e9:6a:1b:f0:f1:
49:91:b9:ed:d4:8c:12:91:e3:ce:fa:0b:5a:16:d9:d7:ca:b7:
40:d1:3f:56:b6:74:b3:4c:94:a5:0f:e7:61:74:c2:fb:a7:5b:
66:fe:7b:58:46:c9:1e:68:98:39:29:c6:54:01:4f:97:dc:71:
06:72:79:35:b7:46:32:7d:5c:44:8b:ee:bf:83:72:61:c3:94:
a7:5e:4a:19:4d:95:db:78:cf:1f:63:bb:dd:5f:88:05:ce:5a:
87:73:11:0c:e7:98:02:aa:c9:e4:f9:7c:10:9b:79:bf:54:ad:
93:60:a2:f6:fd:06:a2:23:ab:9c:d0:c0:4d:cb:dd:fb:b4:11:
d3:5b:f5:e1:17:74:55:84:f7:7d:b2:e9:c2:c3:a8:b3:b6:fa:
07:7c:2d:a0
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAemQMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQwNDAwNDA0N1oXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjNDODcxMTAvBgNVBAUTKDk2Q0QwQTY5NzBENjg1QjBDQ0VBMzQy
NEUwOTQ0RTg0MDUwRUI3RUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDx3ilkCYi0iMAlMKMxdM1ilptCWzyEcYvvdeqx7Zeknmlrll6M8+0mpkKlqP0P
yT70r6GG+R8wj5rgh3fjJ/Gwo0FTGGBw3d2sEkUcjbyJQ3RztXyj4HG6F4j53PCH
jF9kQJdzA4/lmvRsRx+guCq2abJadT90zGVfWbMBTEEGR3QlIN4JUIC/xiJnHtF9
OymlnCzqQ+CvDTAOlBjzSN0dXE0ns5uGnXDH7/lRY0HggYx1SwHfYkGbxdDP3p/3
WIQVUbugsb3Gnu52ey7pDGZBm0lO/mtImIiiUUVCcklSwAaDm5firzdG9W8ADQQS
6JBsd5qrP6k9H4g2Y1cS2+3DAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUls0KaXDW
hbDM6jQk4JROhAUOt+wwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUIzQzg3LzhCN0M3RTc2NTc1MjExRTk4MDhFQ0YxQkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCM0M4Ny84QjdDN0U3NjU3NTIxMUU5ODA4RUNGMUJDNEY5QUUwMi9sczBLYVhE
V2hiRE02alFrNEpST2hBVU90LXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAPngMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZzQcMA0EAgAC
MAcDBQAkBHLAMA0GCSqGSIb3DQEBCwUAA4IBAQBHKgbuIM5GWJUqL33hThr5ZL/R
uRW7kVNOrP34JrLNDK4G4FQVnBqKnt3+Zijaw0G1mucGExSzqGL62y3YMg4GVnFU
pFUCE21zSuuTUVNm3VDwbHC1qDNWB526TIf5TwleUgYlyTYA6Wob8PFJkbnt1IwS
kePO+gtaFtnXyrdA0T9WtnSzTJSlD+dhdML7p1tm/ntYRskeaJg5KcZUAU+X3HEG
cnk1t0YyfVxEi+6/g3Jhw5SnXkoZTZXbeM8fY7vdX4gFzlqHcxEM55gCqsnk+XwQ
m3m/VK2TYKL2/QaiI6uc0MBNy937tBHTW/XhF3RVhPd9sunCw6iztvoHfC2g
-----END CERTIFICATE-----
Generated at Thu May 9 10:10:56 2024 by rpki-client on console-ams.rpki-client.org