Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oMgM7gY8nMgs3LC8dFxP5G3QJlc.cer
File: oMgM7gY8nMgs3LC8dFxP5G3QJlc.cer (raw, json)
Hash identifier: Ptcezg8yGLHI0+f94a2qwLZqpRJbZfMEVdv65yVPnWs=
Subject key identifier: A0:C8:0C:EE:06:3C:9C:C8:2C:DC:B0:BC:74:5C:4F:E4:6D:D0:26:57
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023381
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 26 Feb 2025 23:38:15 +0000
Certificate not after: Fri 01 May 2026 00:00:00 +0000
Subordinate resources: IP: 103.83.40.0/22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144257 (0x23381)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Feb 26 23:38:15 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=A91FAA91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:54:5e:23:4f:16:3b:89:50:ea:e7:c4:95:bf:
48:1c:ec:35:7a:a3:d7:31:c1:57:09:2c:25:d3:b8:
8a:af:f4:2a:fd:0a:e8:80:bf:66:13:6d:48:d4:7a:
22:db:f5:e8:ea:94:32:c2:bf:80:14:ff:16:ea:c1:
e8:fd:4c:2f:a4:06:65:6b:4d:fa:d9:c7:a2:59:6e:
70:4e:cf:4c:12:ac:f0:eb:bb:07:d4:36:61:d7:d3:
82:eb:28:1b:d0:d6:7e:6c:af:47:c9:9f:2d:15:d6:
81:fe:02:ab:36:f2:4b:ad:50:55:f9:8a:d0:5e:6a:
36:bf:3f:0b:88:61:bd:55:49:c3:4f:44:00:67:0a:
d8:56:0a:d1:f8:0b:d6:82:b3:8a:ca:ea:78:7c:27:
e6:d1:8c:a6:2f:eb:b4:b3:2c:c0:75:5a:f8:5b:8b:
21:ee:d9:43:e1:d6:6c:5e:3f:50:45:f1:26:27:40:
25:f7:85:3f:5b:7b:ff:e0:e8:9f:e6:3a:88:20:b7:
79:34:d9:6b:3c:c1:4b:72:54:dd:44:33:6f:b0:92:
f7:36:64:90:bf:35:7a:d4:64:e3:c5:eb:e5:38:76:
e5:11:ce:34:41:0d:19:c6:1d:30:bf:78:90:49:db:
ec:cf:cb:9b:b9:6f:bb:c7:01:2b:5f:9d:ea:dd:73:
b8:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C8:0C:EE:06:3C:9C:C8:2C:DC:B0:BC:74:5C:4F:E4:6D:D0:26:57
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.83.40.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:ff:8e:99:21:1e:ab:0d:a9:07:7c:6d:4f:34:5e:50:7a:26:
78:f3:f4:bd:50:ba:33:a1:49:18:26:5f:cd:89:67:2e:d1:48:
b6:17:15:05:1b:b9:8e:b0:8f:5c:6c:5b:0f:5a:6f:aa:4c:5f:
25:47:58:74:40:cf:ff:53:28:92:60:19:a2:17:60:d7:c4:46:
0f:0f:0a:62:c5:ae:38:bf:a9:db:70:30:8a:3b:d2:6c:e5:9b:
75:4c:0c:a2:5e:c2:44:e5:b5:15:76:18:b6:fd:be:7b:25:bb:
e1:93:18:c3:63:ca:1e:d8:16:78:1b:c9:6e:90:90:60:e0:3c:
b4:47:f8:13:bc:1d:9e:16:86:ec:3b:39:3a:25:da:86:40:ad:
0e:61:b9:04:34:9d:a3:27:7c:61:e0:e7:71:8f:f5:6a:88:21:
a0:b9:2c:e7:d5:05:b2:1b:d9:e3:8a:1b:b4:7d:50:ed:22:df:
6e:aa:5b:72:6b:71:ac:b3:b7:91:9b:84:23:b7:c1:cd:d8:61:
72:c4:fa:b5:b8:7e:81:0d:52:2b:27:ee:bf:be:b3:b9:1f:27:
56:cf:61:f6:63:92:bb:8b:2d:56:f7:a2:46:a5:e6:c3:ee:00:
94:84:53:2a:71:1d:76:ca:51:fb:58:9b:ab:74:b5:2d:c3:8a:
60:57:78:31
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAjOBMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDIyNjIzMzgxNVoXDTI2MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRkFBOTExMTAvBgNVBAUTKEEwQzgwQ0VFMDYzQzlDQzgyQ0RDQjBC
Qzc0NUM0RkU0NkREMDI2NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC9VF4jTxY7iVDq58SVv0gc7DV6o9cxwVcJLCXTuIqv9Cr9CuiAv2YTbUjUeiLb
9ejqlDLCv4AU/xbqwej9TC+kBmVrTfrZx6JZbnBOz0wSrPDruwfUNmHX04LrKBvQ
1n5sr0fJny0V1oH+Aqs28kutUFX5itBeaja/PwuIYb1VScNPRABnCthWCtH4C9aC
s4rK6nh8J+bRjKYv67SzLMB1WvhbiyHu2UPh1mxeP1BF8SYnQCX3hT9be//g6J/m
Ooggt3k02Ws8wUtyVN1EM2+wkvc2ZJC/NXrUZOPF6+U4duURzjRBDRnGHTC/eJBJ
2+zPy5u5b7vHAStfnerdc7ipAgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQUoMgM7gY8
nMgs3LC8dFxP5G3QJlcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUZBQTkxLzk0MjBEMjEwMEE1QTExRUVBM0Y1QjQ0MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGQUE5MS85NDIwRDIxMDBBNUExMUVFQTNGNUI0NDFDNEY5QUUwMi9vTWdNN2dZ
OG5NZ3MzTEM4ZEZ4UDVHM1FKbGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBAJnUygwDQYJKoZIhvcNAQELBQADggEBAJz/jpkhHqsNqQd8bU80
XlB6Jnjz9L1QujOhSRgmX82JZy7RSLYXFQUbuY6wj1xsWw9ab6pMXyVHWHRAz/9T
KJJgGaIXYNfERg8PCmLFrji/qdtwMIo70mzlm3VMDKJewkTltRV2GLb9vnslu+GT
GMNjyh7YFngbyW6QkGDgPLRH+BO8HZ4Whuw7OTol2oZArQ5huQQ0naMnfGHg53GP
9WqIIaC5LOfVBbIb2eOKG7R9UO0i326qW3Jrcayzt5GbhCO3wc3YYXLE+rW4foEN
Uisn7r++s7kfJ1bPYfZjkruLLVb3okal5sPuAJSEUypxHXbKUftYm6t0tS3DimBX
eDE=
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:19:43 2025 by rpki-client