Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wJBqGafeNJv6KzKzw-tMLRd2DOE.cer
File: wJBqGafeNJv6KzKzw-tMLRd2DOE.cer (raw, json)
Hash identifier: vY91Ug6BSyFyVDrQ17MIs96CvtAMUNb84frG+PzSGAc=
Subject key identifier: C0:90:6A:19:A7:DE:34:9B:FA:2B:32:B3:C3:EB:4C:2D:17:76:0C:E1
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0238F6
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1.mft
caRepository: rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/
Notify URL: https://rpki.rand.apnic.net/rrdp/notification.xml
Certificate not before: Fri 21 Mar 2025 15:57:03 +0000
Certificate not after: Mon 31 Mar 2031 00:00:00 +0000
Subordinate resources: AS: 9838
AS: 24021
AS: 38610
AS: 131072
AS: 131074
IP: 1.0.0.0/24
IP: 1.1.1.0/24
IP: 103.0.0.0/16
IP: 103.10.232.0/24
IP: 203.10.60.0/22
IP: 203.133.248.0/22
IP: 203.147.108.0/23
IP: 2401:2000::/31
IP: 2408:2000::/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 17:46:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145654 (0x238f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Mar 21 15:57:03 2025 GMT
Not After : Mar 31 00:00:00 2031 GMT
Subject: CN=A91872ED0001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a8:0d:68:03:96:79:f3:b9:3d:1a:1f:ae:db:
98:08:e3:22:41:ed:d3:be:7f:d7:16:e8:ff:fc:33:
e1:36:b8:56:90:60:28:d2:10:bb:0c:6a:a0:6d:e9:
a5:f2:6d:3b:e7:f7:0c:b3:eb:e4:fd:0d:19:02:25:
bc:ad:76:98:01:9c:5c:92:62:70:a2:b6:2b:7e:1a:
c6:90:35:2d:f9:94:b5:53:20:12:8b:de:23:7d:6c:
33:0c:ed:58:26:68:9e:7d:8c:b5:e9:7b:a4:98:2c:
48:03:d4:23:6e:e5:99:fa:33:2f:b0:de:34:32:b5:
94:b8:61:25:18:e0:dd:08:11:70:ff:dd:d1:86:20:
b3:6c:b3:9a:ce:23:42:18:32:37:af:bc:fd:69:a6:
30:7e:21:99:c7:3d:48:95:b7:4e:a9:e6:83:20:52:
2a:d8:16:8d:26:31:ec:d1:25:33:18:c4:33:74:62:
6d:1d:1c:a4:9b:04:05:d8:ab:a9:ae:1a:f8:23:e7:
03:1f:25:57:e5:8f:a0:ed:31:98:4e:1a:b7:f2:0d:
62:d2:74:3c:1f:d0:b9:9f:a1:dd:43:62:a0:bf:bd:
85:b0:db:4d:d1:79:81:a8:34:81:3c:7c:74:4b:f6:
13:63:4a:a0:5c:1c:b7:42:3a:ac:42:06:3e:a3:06:
ef:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:90:6A:19:A7:DE:34:9B:FA:2B:32:B3:C3:EB:4C:2D:17:76:0C:E1
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.rand.apnic.net/repo/A91872ED0001/0
RPKI Manifest - URI:rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1.mft
RPKI Notify - URI:https://rpki.rand.apnic.net/rrdp/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9838
24021
38610
131072
131074
sbgp-ipAddrBlock: critical
IPv4:
1.0.0.0/24
1.1.1.0/24
103.0.0.0/16
103.10.232.0/24
203.10.60.0/22
203.133.248.0/22
203.147.108.0/23
IPv6:
2401:2000::/31
2408:2000::/24
Signature Algorithm: sha256WithRSAEncryption
33:20:d7:2f:47:28:ea:95:58:d4:fa:f7:7f:0f:d9:b4:25:33:
27:2c:b9:06:ce:91:6e:11:78:e7:6f:c4:f2:7f:d3:6c:00:ee:
ff:d4:c0:89:d9:63:71:9c:18:f3:54:ae:73:75:7e:bf:36:6c:
fa:4d:9b:4f:a5:10:43:18:0d:87:6b:5f:7b:0c:26:4d:48:ec:
7f:57:90:cc:6e:eb:a9:57:8f:3d:47:3a:78:f4:cf:e3:1a:79:
af:43:e2:12:47:a5:ec:38:dd:5c:da:b2:ba:0b:a0:b1:5f:e1:
0e:ab:66:0c:d4:e5:3b:4d:d0:2e:a3:03:1a:9d:df:21:77:c9:
4f:c1:45:b8:c7:dc:44:d7:40:4d:95:72:1a:ca:32:23:03:12:
58:63:32:d0:1c:40:01:3c:ff:9a:68:e1:9d:02:bb:33:e3:a7:
22:24:bd:15:55:a8:80:e8:50:e6:94:8a:3d:f6:5d:a8:cb:8e:
ad:c8:23:18:ed:9f:e3:2d:49:0e:4e:2d:17:95:78:e8:aa:ac:
97:dd:06:ca:6f:c4:fb:66:b8:bd:4a:c1:f7:65:f4:e7:cc:02:
6c:01:2a:8d:ec:d8:26:e8:39:5e:61:33:85:89:29:56:75:a0:
c3:1e:51:7f:4e:94:32:62:64:8e:8f:a5:24:00:af:de:de:ef:
0a:b5:10:82
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgIDAjj2MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDMyMTE1NTcwM1oXDTMxMDMzMTAwMDAwMFowSjEVMBMG
A1UEAxMMQTkxODcyRUQwMDAxMTEwLwYDVQQFEyhDMDkwNkExOUE3REUzNDlCRkEy
QjMyQjNDM0VCNEMyRDE3NzYwQ0UxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxqgNaAOWefO5PRofrtuYCOMiQe3Tvn/XFuj//DPhNrhWkGAo0hC7DGqg
beml8m075/cMs+vk/Q0ZAiW8rXaYAZxckmJworYrfhrGkDUt+ZS1UyASi94jfWwz
DO1YJmiefYy16XukmCxIA9QjbuWZ+jMvsN40MrWUuGElGODdCBFw/93RhiCzbLOa
ziNCGDI3r7z9aaYwfiGZxz1IlbdOqeaDIFIq2BaNJjHs0SUzGMQzdGJtHRykmwQF
2Kuprhr4I+cDHyVX5Y+g7TGYThq38g1i0nQ8H9C5n6HdQ2Kgv72FsNtN0XmBqDSB
PHx0S/YTY0qgXBy3QjqsQgY+owbvowIDAQABo4IDJjCCAyIwHQYDVR0OBBYEFMCQ
ahmn3jSb+isys8PrTC0XdgzhMB8GA1UdIwQYMBaAFA5lpPX9NrW9aOs8kjQIl4yQ
eqefMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1
ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9EbVdrOWYwMnRiMW82enlTTkFpWGpK
QjZwNTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3RTExRTdBOTZBMzk1
MjFBNEY0RkI0L0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1OC5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMIH2BggrBgEFBQcBCwSB6TCB5jA7BggrBgEF
BQcwBYYvcnN5bmM6Ly9ycGtpLnJhbmQuYXBuaWMubmV0L3JlcG8vQTkxODcyRUQw
MDAxLzAwaAYIKwYBBQUHMAqGXHJzeW5jOi8vcnBraS5yYW5kLmFwbmljLm5ldC9y
ZXBvL0E5MTg3MkVEMDAwMS8wL0MwOTA2QTE5QTdERTM0OUJGQTJCMzJCM0MzRUI0
QzJEMTc3NjBDRTEubWZ0MD0GCCsGAQUFBzANhjFodHRwczovL3Jwa2kucmFuZC5h
cG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMCwGCCsGAQUFBwEIAQH/BB0w
G6AZMBcCAiZuAgJd1QIDAJbSAgMCAAACAwIAAjBXBggrBgEFBQcBBwEB/wRIMEYw
LwQCAAEwKQMEAAEAAAMEAAEBAQMDAGcAAwQAZwroAwQCywo8AwQCy4X4AwQBy5Ns
MBMEAgACMA0DBQEkASAAAwQAJAggMA0GCSqGSIb3DQEBCwUAA4IBAQAzINcvRyjq
lVjU+vd/D9m0JTMnLLkGzpFuEXjnb8Tyf9NsAO7/1MCJ2WNxnBjzVK5zdX6/Nmz6
TZtPpRBDGA2Ha197DCZNSOx/V5DMbuupV489Rzp49M/jGnmvQ+ISR6XsON1c2rK6
C6CxX+EOq2YM1OU7TdAuowMand8hd8lPwUW4x9xE10BNlXIayjIjAxJYYzLQHEAB
PP+aaOGdArsz46ciJL0VVaiA6FDmlIo99l2oy46tyCMY7Z/jLUkOTi0XlXjoqqyX
3QbKb8T7Zri9SsH3ZfTnzAJsASqN7Ngm6DleYTOFiSlWdaDDHlF/TpQyYmSOj6Uk
AK/e3u8KtRCC
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:24:50 2025 by rpki-client