Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vIYHvM59W9TtuRjN4bc0W4HmrR0.cer
File: vIYHvM59W9TtuRjN4bc0W4HmrR0.cer (raw, json)
Hash identifier: RdFcnDw+yasxmoe+kAyTAWUWLn3WDRInlnd69TCItJE=
Subject key identifier: BC:86:07:BC:CE:7D:5B:D4:ED:B9:18:CD:E1:B7:34:5B:81:E6:AD:1D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 022221
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A913B489/0B3879CAFF9C11E9B035A673C4F9AE02/vIYHvM59W9TtuRjN4bc0W4HmrR0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A913B489/0B3879CAFF9C11E9B035A673C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 11 Dec 2024 13:22:45 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: AS: 135654
IP: 103.78.52.0/22
IP: 175.41.44.0/22
IP: 2407:a680::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 07:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139809 (0x22221)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Dec 11 13:22:45 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A913B489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fb:82:7f:3d:b7:4c:3e:92:ca:9a:f8:67:5c:
ca:ca:d5:e2:76:37:46:52:f6:59:9b:ad:d9:28:8c:
40:34:c5:24:1e:fd:59:a2:cf:d7:89:e9:ea:7b:36:
55:39:5b:7e:13:95:b5:f0:6d:62:19:cf:9d:82:75:
b6:1e:ba:9c:4b:fa:9a:0c:d0:87:8a:e5:82:38:a3:
29:78:13:57:24:37:3a:0d:0f:be:fb:40:ac:27:fd:
21:af:8e:10:ae:71:8f:3d:4c:d4:af:42:10:11:79:
f2:b9:38:8b:59:2e:dc:e3:05:0c:99:2f:c0:2d:72:
00:3b:d7:8a:67:96:7d:7d:6e:1f:41:39:7a:69:ce:
c2:91:31:ca:69:cd:e1:68:19:7b:de:37:f8:69:62:
08:09:bc:76:99:d5:37:e1:80:d4:56:6e:9f:8e:d5:
f0:c2:1b:52:92:3c:73:f0:53:ca:9c:f3:42:98:56:
e4:77:83:9b:81:ac:d4:a5:b7:6a:2a:cf:ac:90:68:
3e:53:4d:36:ac:c7:8d:ec:23:63:6b:21:95:c0:96:
85:e3:c4:06:d0:be:aa:5e:a2:c1:c6:c4:77:7a:3d:
36:89:9b:ff:9b:5a:0f:f4:1e:c8:27:ea:f4:c2:00:
db:0b:c8:81:47:9e:03:c7:67:71:ea:55:e3:30:28:
45:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:86:07:BC:CE:7D:5B:D4:ED:B9:18:CD:E1:B7:34:5B:81:E6:AD:1D
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913B489/0B3879CAFF9C11E9B035A673C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913B489/0B3879CAFF9C11E9B035A673C4F9AE02/vIYHvM59W9TtuRjN4bc0W4HmrR0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
135654
sbgp-ipAddrBlock: critical
IPv4:
103.78.52.0/22
175.41.44.0/22
IPv6:
2407:a680::/32
Signature Algorithm: sha256WithRSAEncryption
6b:8b:5e:94:d5:ea:2a:2a:49:a1:bc:af:07:28:3c:d5:cf:55:
aa:9d:6a:21:f5:23:73:98:d1:e3:00:3a:59:8b:b3:56:cd:50:
3a:ad:65:fa:99:de:12:fd:37:ae:a4:ff:5b:39:8e:99:8a:7e:
6d:98:97:25:9b:8e:b1:f6:ef:8b:09:55:d5:8b:24:3b:5c:47:
80:25:e2:88:2a:b9:20:09:ce:92:e2:60:56:ef:b1:42:8b:a8:
c5:c8:cd:26:8b:56:c1:d6:07:a0:3a:5f:5f:27:36:48:d4:54:
22:ae:da:63:b8:8d:20:85:8a:ad:b7:03:b0:5f:e7:6a:0d:3e:
d8:bd:6d:6d:22:92:ce:4a:4c:04:d7:ec:21:7c:b8:9b:21:07:
f4:e6:31:ae:ab:ba:39:21:74:50:e8:d5:11:10:dd:f8:9c:4c:
fc:3f:3d:e9:81:e2:bc:b2:fa:c3:df:2b:21:9f:3f:6d:12:11:
7a:e4:d9:14:ab:3a:ff:3b:1f:f5:a2:f2:27:e8:a2:62:7c:60:
85:d4:96:29:70:6b:8b:f7:a7:4c:df:da:24:26:a3:70:5c:ec:
dd:e9:83:9e:d9:f6:d5:10:0c:ae:a4:b5:2e:a5:99:98:e7:09:
4f:be:11:dc:a7:55:fe:19:dd:14:84:3d:2d:7c:11:c0:e7:c4:
85:38:18:33
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAiIhMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTIxMTEzMjI0NVoXDTI2MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0I0ODkxMTAvBgNVBAUTKEJDODYwN0JDQ0U3RDVCRDRFREI5MThD
REUxQjczNDVCODFFNkFEMUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3+4J/PbdMPpLKmvhnXMrK1eJ2N0ZS9lmbrdkojEA0xSQe/Vmiz9eJ6ep7NlU5
W34TlbXwbWIZz52CdbYeupxL+poM0IeK5YI4oyl4E1ckNzoND777QKwn/SGvjhCu
cY89TNSvQhARefK5OItZLtzjBQyZL8AtcgA714pnln19bh9BOXppzsKRMcppzeFo
GXveN/hpYggJvHaZ1TfhgNRWbp+O1fDCG1KSPHPwU8qc80KYVuR3g5uBrNSlt2oq
z6yQaD5TTTasx43sI2NrIZXAloXjxAbQvqpeosHGxHd6PTaJm/+bWg/0Hsgn6vTC
ANsLyIFHngPHZ3HqVeMwKEUVAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUvIYHvM59
W9TtuRjN4bc0W4HmrR0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNCNDg5LzBCMzg3OUNBRkY5QzExRTlCMDM1QTY3M0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzQjQ4OS8wQjM4NzlDQUZGOUMxMUU5QjAzNUE2NzNDNEY5QUUwMi92SVlIdk01
OVc5VHR1UmpONGJjMFc0SG1yUjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhHmMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ040AwQCryks
MA0EAgACMAcDBQAkB6aAMA0GCSqGSIb3DQEBCwUAA4IBAQBri16U1eoqKkmhvK8H
KDzVz1WqnWoh9SNzmNHjADpZi7NWzVA6rWX6md4S/TeupP9bOY6Zin5tmJclm46x
9u+LCVXViyQ7XEeAJeKIKrkgCc6S4mBW77FCi6jFyM0mi1bB1gegOl9fJzZI1FQi
rtpjuI0ghYqttwOwX+dqDT7YvW1tIpLOSkwE1+whfLibIQf05jGuq7o5IXRQ6NUR
EN34nEz8Pz3pgeK8svrD3yshnz9tEhF65NkUqzr/Ox/1ovIn6KJifGCF1JYpcGuL
96dM39okJqNwXOzd6YOe2fbVEAyupLUupZmY5wlPvhHcp1X+Gd0UhD0tfBHA58SF
OBgz
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:28:17 2025 by rpki-client