Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pGM3j5KTiRbgseQTrw8MinPCH08.cer
File: pGM3j5KTiRbgseQTrw8MinPCH08.cer (raw, json)
Hash identifier: iASvzDgWRQHwKJL1lHd2MB5sia2CNk8pPvrWO5wg7Pc=
Subject key identifier: A4:63:37:8F:92:93:89:16:E0:B1:E4:13:AF:0F:0C:8A:73:C2:1F:4F
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01D616
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A917C3A7/E41FF0A6532811EC8352D245C4F9AE02/pGM3j5KTiRbgseQTrw8MinPCH08.mft
caRepository: rsync://rpki.apnic.net/member_repository/A917C3A7/E41FF0A6532811EC8352D245C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 02 Jan 2024 17:30:57 +0000
Certificate not after: Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources: IP: 203.24.129.0 -- 203.24.130.255
IP: 203.31.23.0/24
IP: 2001:df1:ca40::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120342 (0x1d616)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jan 2 17:30:57 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=A917C3A7/serialNumber=A463378F92938916E0B1E413AF0F0C8A73C21F4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:09:01:4c:be:6d:f1:eb:44:5c:3f:b2:06:74:
5b:e4:34:9b:77:13:5e:a5:8c:f4:2d:70:7a:fc:28:
4d:10:f0:cd:6e:b2:49:de:05:16:6d:2b:70:12:84:
81:5c:fe:54:70:3b:83:8f:87:73:72:14:45:4c:dc:
65:57:a2:90:1b:68:ab:f1:77:a7:cc:e2:28:4f:40:
99:37:e9:3b:e3:d9:88:b4:98:1b:e1:bb:ac:85:95:
c4:67:71:c8:77:86:7c:65:ad:9c:ce:47:a4:9f:c8:
65:3b:87:08:71:b4:bd:13:8a:b4:9f:24:6d:7e:78:
65:d3:8a:1e:d7:ce:f1:45:b7:5d:7e:df:20:71:b0:
69:75:3d:5f:15:f1:74:69:d7:88:7f:55:af:e1:ee:
15:bf:66:32:9c:16:d9:e9:c4:f2:34:32:12:0d:46:
bb:d3:03:e9:91:69:a0:53:68:06:48:7c:e8:18:5c:
3c:50:9a:16:c5:1a:2a:7d:89:ec:f4:e5:63:bc:a9:
50:b9:b8:1d:4e:a4:21:00:0b:d2:73:ae:0b:65:0e:
43:af:8f:bd:28:3a:8d:98:fd:71:a9:dc:c0:be:91:
ea:66:29:5e:cc:b4:62:1d:05:77:69:28:9a:11:c5:
4b:f0:27:8d:d4:3b:9e:a8:10:38:6e:70:db:57:1e:
05:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:63:37:8F:92:93:89:16:E0:B1:E4:13:AF:0F:0C:8A:73:C2:1F:4F
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917C3A7/E41FF0A6532811EC8352D245C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917C3A7/E41FF0A6532811EC8352D245C4F9AE02/pGM3j5KTiRbgseQTrw8MinPCH08.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.24.129.0-203.24.130.255
203.31.23.0/24
IPv6:
2001:df1:ca40::/48
Signature Algorithm: sha256WithRSAEncryption
7d:b4:57:f4:d6:21:aa:f0:3e:73:35:bc:f0:27:79:e0:7e:bd:
b4:e2:8f:81:a7:7d:42:3b:a0:a0:5d:ac:f2:5c:57:cc:cb:56:
32:c5:6a:32:ad:bf:ac:c5:03:d5:75:b3:0d:f1:c3:ed:39:0c:
b2:60:4a:72:dc:a7:a3:63:85:a8:0d:68:88:25:32:63:c9:72:
7f:91:9b:88:a0:72:30:71:04:12:3b:23:cf:84:42:d5:a2:84:
1c:af:b3:e7:2d:f8:b2:c8:52:16:23:d5:a4:15:e5:01:fa:43:
f4:58:45:81:6a:36:e0:59:1c:ec:49:42:e5:75:c6:f3:41:52:
ec:d4:70:d1:d0:56:4e:79:1a:0c:09:9e:ad:2e:1b:43:f7:d5:
34:9d:11:26:d3:4c:48:22:e7:14:4c:f8:9b:58:db:17:b9:8c:
7e:a6:01:10:19:52:9e:0c:b4:3f:93:90:8b:4b:05:c2:f1:5e:
6f:50:d1:8b:4b:c9:be:0b:b8:00:07:62:c0:4d:cb:70:be:cb:
2d:7f:ac:c8:4f:fa:16:d7:dd:94:3b:73:01:9f:91:dc:93:43:
29:5d:37:e1:ca:74:e0:a2:76:9a:df:cb:14:49:52:47:ca:0f:
2e:cc:36:96:3b:35:03:15:f7:e3:0b:2d:07:4b:e9:02:79:79:
f5:26:58:e9
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgIDAdYWMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEwMjE3MzA1N1oXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxN0MzQTcxMTAvBgNVBAUTKEE0NjMzNzhGOTI5Mzg5MTZFMEIxRTQx
M0FGMEYwQzhBNzNDMjFGNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCrCQFMvm3x60RcP7IGdFvkNJt3E16ljPQtcHr8KE0Q8M1uskneBRZtK3AShIFc
/lRwO4OPh3NyFEVM3GVXopAbaKvxd6fM4ihPQJk36Tvj2Yi0mBvhu6yFlcRncch3
hnxlrZzOR6SfyGU7hwhxtL0TirSfJG1+eGXTih7XzvFFt11+3yBxsGl1PV8V8XRp
14h/Va/h7hW/ZjKcFtnpxPI0MhINRrvTA+mRaaBTaAZIfOgYXDxQmhbFGip9iez0
5WO8qVC5uB1OpCEAC9JzrgtlDkOvj70oOo2Y/XGp3MC+kepmKV7MtGIdBXdpKJoR
xUvwJ43UO56oEDhucNtXHgUrAgMBAAGjggMSMIIDDjAdBgNVHQ4EFgQUpGM3j5KT
iRbgseQTrw8MinPCH08wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTdDM0E3L0U0MUZGMEE2NTMyODExRUM4MzUyRDI0NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3QzNBNy9FNDFGRjBBNjUzMjgxMUVDODM1MkQyNDVDNEY5QUUwMi9wR00zajVL
VGlSYmdzZVFUcnc4TWluUENIMDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPgYIKwYBBQUHAQcBAf8ELzAt
MBoEAgABMBQwDAMEAMsYgQMEAMsYggMEAMsfFzAPBAIAAjAJAwcAIAEN8cpAMA0G
CSqGSIb3DQEBCwUAA4IBAQB9tFf01iGq8D5zNbzwJ3ngfr204o+Bp31CO6CgXazy
XFfMy1YyxWoyrb+sxQPVdbMN8cPtOQyyYEpy3KejY4WoDWiIJTJjyXJ/kZuIoHIw
cQQSOyPPhELVooQcr7PnLfiyyFIWI9WkFeUB+kP0WEWBajbgWRzsSULldcbzQVLs
1HDR0FZOeRoMCZ6tLhtD99U0nREm00xIIucUTPibWNsXuYx+pgEQGVKeDLQ/k5CL
SwXC8V5vUNGLS8m+C7gAB2LATctwvsstf6zIT/oW192UO3MBn5Hck0MpXTfhynTg
onaa38sUSVJHyg8uzDaWOzUDFffjCy0HS+kCeXn1Jljp
-----END CERTIFICATE-----
Generated at Wed May 8 21:04:56 2024 by rpki-client on console-fra.rpki-client.org