Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tw3qbHe56OzOWDkTKBnvkTc_xSc.cer
File: tw3qbHe56OzOWDkTKBnvkTc_xSc.cer (raw, json)
Hash identifier: sQt0l7RwDIyuAqVPjszQ50Sa+qmE7O1yHBfoCqolFtE=
Subject key identifier: B7:0D:EA:6C:77:B9:E8:EC:CE:58:39:13:28:19:EF:91:37:3F:C5:27
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0223C9
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A914E2B2/2B46EA580DE311EF803F6F0EC4F9AE02/tw3qbHe56OzOWDkTKBnvkTc_xSc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A914E2B2/2B46EA580DE311EF803F6F0EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 20 Dec 2024 14:32:00 +0000
Certificate not after: Mon 02 Mar 2026 00:00:00 +0000
Subordinate resources: AS: 131268
IP: 103.35.92.0/22
IP: 202.4.188.0/24
IP: 2001:df3:6f00::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 21:11:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140233 (0x223c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Dec 20 14:32:00 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=A914E2B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:74:c3:53:61:92:4e:7f:2a:52:76:10:c6:3a:
9c:78:e8:96:2b:e7:45:99:94:98:4e:2d:cf:1d:02:
d6:92:46:45:5d:28:b7:7e:bc:b6:73:b8:71:a0:6a:
54:86:46:d9:4f:e7:6f:2c:00:3e:6d:e8:e0:69:1c:
22:e9:2a:a9:6d:82:36:40:b6:9d:66:ff:dd:28:4e:
b4:52:3e:fb:49:de:6d:b9:3b:0d:80:7b:3e:55:bc:
76:3f:73:a8:2a:92:45:7e:bf:45:4c:95:48:c8:d9:
0b:de:4f:57:73:1c:10:ef:0e:54:03:d8:47:db:ce:
02:85:4f:0d:1b:fc:bf:0f:18:e9:31:cb:35:de:74:
45:7a:17:f4:f9:15:48:b0:0f:74:f3:3a:cd:9a:e7:
8e:9c:67:d6:1b:11:a8:21:5b:8f:81:f3:4d:e0:da:
40:49:61:7a:9c:1d:9e:1b:09:5d:38:21:7e:24:e2:
7f:24:b3:b3:19:1a:bd:e1:eb:65:5f:bc:75:0a:57:
31:ea:27:f8:1c:a0:85:c6:79:d3:63:76:83:aa:ca:
ec:a7:de:53:f0:eb:61:e2:9c:f2:62:e0:9e:c4:58:
40:dd:64:db:c0:b6:94:9a:b0:08:a3:22:4b:8f:40:
c7:e6:b3:4d:3b:85:5b:95:44:8a:ea:c7:50:91:61:
56:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:0D:EA:6C:77:B9:E8:EC:CE:58:39:13:28:19:EF:91:37:3F:C5:27
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A914E2B2/2B46EA580DE311EF803F6F0EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A914E2B2/2B46EA580DE311EF803F6F0EC4F9AE02/tw3qbHe56OzOWDkTKBnvkTc_xSc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
131268
sbgp-ipAddrBlock: critical
IPv4:
103.35.92.0/22
202.4.188.0/24
IPv6:
2001:df3:6f00::/48
Signature Algorithm: sha256WithRSAEncryption
74:a4:dd:fc:49:cd:3b:a8:b2:5b:94:06:18:ca:fa:02:f2:3c:
86:f8:0c:d9:00:65:a4:9b:5e:06:21:9f:b3:9f:70:26:cf:a3:
08:0e:10:4e:78:0d:5f:f7:4d:57:b1:c3:a3:f1:d0:66:65:d2:
ae:ad:7d:f0:df:44:bf:18:cf:00:94:6d:04:34:15:e2:63:70:
ff:f9:de:88:49:7b:4b:4b:98:73:b0:24:66:10:e3:c0:66:15:
ab:4f:0c:0c:ef:61:f8:d1:1d:f7:93:2d:6e:a9:ea:73:c2:b9:
56:7b:ab:4d:d1:17:15:74:a5:ae:ab:b8:92:8b:68:56:f2:12:
ee:60:0b:b9:cf:97:14:ae:64:39:e9:57:62:59:97:b4:ba:80:
ee:13:31:a3:0c:25:c0:cd:b3:08:c3:59:9d:ca:fd:07:5f:d5:
b9:af:f5:bd:5e:23:d6:36:e3:d5:5e:31:e6:9e:46:39:cb:38:
75:e4:18:81:b7:3d:2b:db:72:41:a8:70:01:03:50:3f:ce:2d:
e3:5d:cc:be:3b:30:fb:c2:39:b1:93:2c:ae:d4:78:fd:2c:ba:
6d:22:d4:ab:ee:44:a8:0d:c5:8a:e6:40:77:9a:de:1c:4c:a4:
53:ce:08:f8:d9:90:26:ef:de:a6:06:2e:55:24:b4:78:00:00:
83:fd:65:9d
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIDAiPJMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTIyMDE0MzIwMFoXDTI2MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNEUyQjIxMTAvBgNVBAUTKEI3MERFQTZDNzdCOUU4RUNDRTU4Mzkx
MzI4MTlFRjkxMzczRkM1MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC9dMNTYZJOfypSdhDGOpx46JYr50WZlJhOLc8dAtaSRkVdKLd+vLZzuHGgalSG
RtlP528sAD5t6OBpHCLpKqltgjZAtp1m/90oTrRSPvtJ3m25Ow2Aez5VvHY/c6gq
kkV+v0VMlUjI2QveT1dzHBDvDlQD2EfbzgKFTw0b/L8PGOkxyzXedEV6F/T5FUiw
D3TzOs2a546cZ9YbEaghW4+B803g2kBJYXqcHZ4bCV04IX4k4n8ks7MZGr3h62Vf
vHUKVzHqJ/gcoIXGedNjdoOqyuyn3lPw62HinPJi4J7EWEDdZNvAtpSasAijIkuP
QMfms007hVuVRIrqx1CRYVarAgMBAAGjggMmMIIDIjAdBgNVHQ4EFgQUtw3qbHe5
6OzOWDkTKBnvkTc/xScwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTRFMkIyLzJCNDZFQTU4MERFMzExRUY4MDNGNkYwRUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0RTJCMi8yQjQ2RUE1ODBERTMxMUVGODAzRjZGMEVDNEY5QUUwMi90dzNxYkhl
NTZPek9XRGtUS0JudmtUY194U2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgDEMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCZyNcAwQAygS8
MA8EAgACMAkDBwAgAQ3zbwAwDQYJKoZIhvcNAQELBQADggEBAHSk3fxJzTuosluU
BhjK+gLyPIb4DNkAZaSbXgYhn7OfcCbPowgOEE54DV/3TVexw6Px0GZl0q6tffDf
RL8YzwCUbQQ0FeJjcP/53ohJe0tLmHOwJGYQ48BmFatPDAzvYfjRHfeTLW6p6nPC
uVZ7q03RFxV0pa6ruJKLaFbyEu5gC7nPlxSuZDnpV2JZl7S6gO4TMaMMJcDNswjD
WZ3K/Qdf1bmv9b1eI9Y249VeMeaeRjnLOHXkGIG3PSvbckGocAEDUD/OLeNdzL47
MPvCObGTLK7UeP0sum0i1KvuRKgNxYrmQHea3hxMpFPOCPjZkCbv3qYGLlUktHgA
AIP9ZZ0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:01:23 2025 by rpki-client