Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
File: tBFqjm2pkf3PcWJue-oR_2nLqEY.cer (raw, json)
Hash identifier: v31u90HUynXgefik9QWo1JPSJdpNb5Cv3mms7o+C4A8=
Subject key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023495
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 02 Mar 2025 16:47:29 +0000
Certificate not after: Thu 28 May 2026 00:00:00 +0000
Subordinate resources: AS: 142622
IP: 43.230.52.0/22
IP: 43.231.188.0/22
IP: 43.246.128.0/22
IP: 43.246.196.0/22
IP: 43.249.240.0/22
IP: 43.250.88.0/22
IP: 43.251.184.0/22
IP: 45.115.32.0/22
IP: 45.124.60.0/22
IP: 103.7.116.0/22
IP: 103.7.208.0/22
IP: 103.8.84.0/22
IP: 103.12.52.0/22
IP: 103.13.16.0/22
IP: 103.15.32.0/22
IP: 103.15.76.0/22
IP: 103.21.104.0/22
IP: 103.24.160.0/22
IP: 103.26.164.0/22
IP: 103.197.208.0/22
IP: 103.225.192.0/22
IP: 103.240.20.0/22
IP: 103.244.208.0/22
IP: 103.248.148.0/22
IP: 160.20.44.0/22
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 05:08:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144533 (0x23495)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Mar 2 16:47:29 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=A91A4402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:15:79:92:97:ec:ea:61:4f:9e:f1:f3:5b:30:
60:07:bc:52:6d:8c:0f:27:20:fc:90:20:40:89:f2:
4d:9c:56:2f:39:46:26:c6:14:29:cc:ce:93:43:99:
e7:99:b4:ec:0e:69:05:f5:ef:f5:83:21:34:c8:07:
15:18:d8:29:b8:17:38:fb:f1:35:ec:12:4e:3b:1f:
dd:a9:03:4a:0d:62:8b:cf:9b:72:66:42:40:0d:eb:
5a:8b:7c:29:05:f2:84:62:21:ab:ac:c1:4c:eb:19:
5c:6b:02:0f:f0:5e:fe:7b:eb:aa:af:96:d2:c7:82:
81:9c:95:08:78:d4:57:2f:ba:ff:52:30:77:a3:5e:
5b:6f:fe:01:53:5a:3e:1e:40:06:d7:d6:64:93:39:
4e:69:71:7c:5e:c9:69:e2:09:22:cc:0c:55:cf:79:
2c:60:14:4f:19:e0:0a:5b:22:b9:04:62:ec:b6:d7:
6c:d4:48:c7:6e:24:bf:e8:c3:9f:4a:7d:df:48:4e:
a0:bf:23:a0:96:22:de:d0:5f:17:f6:a0:bd:2c:9e:
4d:0e:b0:50:a7:e7:90:03:2b:bb:bd:50:aa:ad:ef:
0b:1b:d2:91:4a:de:ca:e5:ae:cf:2e:e6:b6:e4:27:
25:42:be:83:41:1f:70:21:c3:10:0d:b1:fa:c1:db:
df:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
142622
sbgp-ipAddrBlock: critical
IPv4:
43.230.52.0/22
43.231.188.0/22
43.246.128.0/22
43.246.196.0/22
43.249.240.0/22
43.250.88.0/22
43.251.184.0/22
45.115.32.0/22
45.124.60.0/22
103.7.116.0/22
103.7.208.0/22
103.8.84.0/22
103.12.52.0/22
103.13.16.0/22
103.15.32.0/22
103.15.76.0/22
103.21.104.0/22
103.24.160.0/22
103.26.164.0/22
103.197.208.0/22
103.225.192.0/22
103.240.20.0/22
103.244.208.0/22
103.248.148.0/22
160.20.44.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:e9:c8:8f:37:16:4f:6e:c6:92:84:a7:a5:90:27:1e:b8:12:
1e:fd:cb:2c:31:a2:32:87:55:5d:f7:8b:6b:ef:f3:31:9c:17:
ac:fc:41:6b:53:d9:5a:4a:a9:19:04:32:18:ab:53:f3:af:c0:
46:08:39:74:63:5f:2b:96:5d:a5:4a:d5:fb:c2:d0:ea:c2:39:
66:49:cc:06:ed:f4:45:2b:ad:ae:23:25:76:b9:50:b3:73:1c:
2c:1b:d1:28:be:78:e2:0b:01:3a:4c:6d:8c:59:11:d9:43:b7:
ff:65:5b:43:c9:29:f8:ca:9a:bb:d7:47:fc:86:e7:10:cd:11:
fc:a3:3b:bd:60:2e:db:65:46:de:ab:8e:61:cc:0a:f7:37:26:
27:b5:2f:fb:36:be:25:41:92:9c:ab:82:8c:45:a5:a8:78:88:
3b:18:c7:ca:23:22:1b:d4:a3:49:b1:dd:be:ab:08:eb:44:64:
a9:83:14:2e:e5:5f:62:1c:8e:c5:30:db:ea:91:4e:4d:1d:21:
f4:06:e4:a7:24:c9:c6:9a:f2:cf:64:30:62:a1:be:07:ed:1b:
d5:c8:99:09:41:91:e8:c2:b7:f3:6c:7c:60:0b:7c:80:6f:7e:
42:82:6a:55:16:cd:b6:35:7b:db:ad:b9:fd:1a:e9:6b:da:1d:
ec:12:1d:bb
-----BEGIN CERTIFICATE-----
MIIGrzCCBZegAwIBAgIDAjSVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDMwMjE2NDcyOVoXDTI2MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2
RTdCRUExMUZGNjlDQkE4NDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDlFXmSl+zqYU+e8fNbMGAHvFJtjA8nIPyQIECJ8k2cVi85RibGFCnMzpNDmeeZ
tOwOaQX17/WDITTIBxUY2Cm4Fzj78TXsEk47H92pA0oNYovPm3JmQkAN61qLfCkF
8oRiIauswUzrGVxrAg/wXv5766qvltLHgoGclQh41Fcvuv9SMHejXltv/gFTWj4e
QAbX1mSTOU5pcXxeyWniCSLMDFXPeSxgFE8Z4ApbIrkEYuy212zUSMduJL/ow59K
fd9ITqC/I6CWIt7QXxf2oL0snk0OsFCn55ADK7u9UKqt7wsb0pFK3srlrs8u5rbk
JyVCvoNBH3AhwxANsfrB299zAgMBAAGjggOkMIIDoDAdBgNVHQ4EFgQUtBFqjm2p
kf3PcWJue+oR/2nLqEYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE0NDAyL0ZEQkZEMDIwM0Q5NjExRUE4RUEwNzAyRkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBNDQwMi9GREJGRDAyMDNEOTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0y
cGtmM1BjV0p1ZS1vUl8ybkxxRVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAi0eMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAIr5jQD
BAIr57wDBAIr9oADBAIr9sQDBAIr+fADBAIr+lgDBAIr+7gDBAItcyADBAItfDwD
BAJnB3QDBAJnB9ADBAJnCFQDBAJnDDQDBAJnDRADBAJnDyADBAJnD0wDBAJnFWgD
BAJnGKADBAJnGqQDBAJnxdADBAJn4cADBAJn8BQDBAJn9NADBAJn+JQDBAKgFCww
DQYJKoZIhvcNAQELBQADggEBALDpyI83Fk9uxpKEp6WQJx64Eh79yywxojKHVV33
i2vv8zGcF6z8QWtT2VpKqRkEMhirU/OvwEYIOXRjXyuWXaVK1fvC0OrCOWZJzAbt
9EUrra4jJXa5ULNzHCwb0Si+eOILATpMbYxZEdlDt/9lW0PJKfjKmrvXR/yG5xDN
EfyjO71gLttlRt6rjmHMCvc3Jie1L/s2viVBkpyrgoxFpah4iDsYx8ojIhvUo0mx
3b6rCOtEZKmDFC7lX2IcjsUw2+qRTk0dIfQG5Kckycaa8s9kMGKhvgftG9XImQlB
kejCt/NsfGALfIBvfkKCalUWzbY1e9utuf0a6WvaHewSHbs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:04:41 2025 by rpki-client