Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer
File: xOTw2gEK9YY3zFlihHHpmLckPFI.cer (raw, json)
Hash identifier: HYBxri+uTyNbR+LgIf3sQlzsVhda2T9v8JrAAeG6QUc=
Subject key identifier: C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01E897
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 02 Apr 2024 04:58:44 +0000
Certificate not after: Wed 28 May 2025 00:00:00 +0000
Subordinate resources: AS: 133882
IP: 43.255.152.0/22
IP: 103.1.172.0/22
IP: 103.35.91.0/24
IP: 103.44.220.0/24
IP: 103.87.189.0 -- 103.87.191.255
IP: 118.139.160.0/19
IP: 182.50.128.0/19
IP: 202.3.13.0/24
IP: 203.124.96.0/19
IP: 2001:df1:9c00::/48
IP: 2403:bc80::/32
IP: 2407:1c00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125079 (0x1e897)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 2 04:58:44 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=A91D83D0/serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2b:d2:ef:73:ca:0c:40:cd:a1:fa:21:fc:cd:
47:2f:e3:67:3c:ac:f4:f7:c9:f2:62:10:d8:bc:24:
bc:07:84:e5:1a:3b:cd:b7:80:67:78:20:96:59:11:
a2:ae:1e:8f:8a:d9:ba:7f:e1:81:d6:e4:ab:c5:ce:
dd:b5:bf:09:64:d2:6b:0d:22:d1:74:66:59:2f:30:
46:70:f5:ab:91:76:4f:9c:e0:49:21:58:3c:55:aa:
3e:28:1a:9b:60:93:2f:79:8a:cf:44:ad:e9:b8:95:
41:22:1f:d6:bb:00:59:ae:d3:d5:72:0c:a9:0c:e0:
0c:3b:fc:72:9e:07:8f:31:41:a6:20:d2:f6:01:64:
07:5c:a9:be:0e:e9:30:d5:9d:20:2a:03:60:89:3b:
6c:55:5c:b1:49:61:c1:a3:b6:9d:b5:90:a7:9e:03:
dc:d7:1d:77:24:4c:72:15:b9:59:bc:6d:56:2a:80:
5a:b6:4d:7a:c6:13:78:65:5d:a5:a1:fa:53:c4:b4:
39:16:bd:20:2b:f8:1a:f3:40:f8:1e:f2:b5:ef:8c:
00:12:a5:ad:bc:0f:69:18:45:58:ba:97:27:ff:ef:
82:9e:5f:e1:4b:e7:50:70:71:d4:c4:b8:bd:0b:5f:
5a:f1:08:20:86:8c:9d:ae:5f:fd:d3:e0:7c:61:39:
83:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
133882
sbgp-ipAddrBlock: critical
IPv4:
43.255.152.0/22
103.1.172.0/22
103.35.91.0/24
103.44.220.0/24
103.87.189.0-103.87.191.255
118.139.160.0/19
182.50.128.0/19
202.3.13.0/24
203.124.96.0/19
IPv6:
2001:df1:9c00::/48
2403:bc80::/32
2407:1c00::/32
Signature Algorithm: sha256WithRSAEncryption
76:e4:7b:ae:b8:f6:e2:de:0c:69:5b:7f:f5:ae:b9:b5:a7:58:
61:5b:00:00:08:b7:95:3d:a2:73:d1:43:7f:68:de:4b:88:b0:
b9:28:bf:4c:61:c7:50:9d:e0:ac:94:3a:11:96:1d:4c:f7:45:
c6:16:59:5d:74:94:eb:03:b6:0f:34:c2:9a:15:c3:f5:b8:a9:
08:9b:97:1d:db:8d:a3:8d:1d:81:42:8e:39:61:93:a4:98:7e:
8d:a5:90:dd:d6:07:5c:d5:44:98:80:83:66:0d:ba:e6:53:c4:
7e:39:bf:7b:ea:5d:50:59:17:3a:7c:22:e2:e9:45:1f:88:ed:
36:b4:31:fe:51:76:ee:d7:1c:b8:c3:51:40:ad:c0:b6:c5:43:
cf:68:39:d7:77:fa:bc:c3:40:bd:e1:63:41:78:e7:e8:ec:d9:
45:ee:c5:f2:ff:3e:51:52:7d:0f:f2:c3:67:b4:46:64:48:2d:
80:43:b5:73:a9:94:c6:dd:3d:97:7b:c0:df:70:b1:ee:09:77:
d2:1f:e1:37:3d:da:d1:95:cb:3a:d3:cd:26:1f:09:8e:7d:ff:
d8:5a:c7:82:90:ba:42:f0:5a:65:a4:f1:65:27:b3:7e:ab:e1:
6a:35:d7:15:d0:a8:61:b6:f3:cc:f7:b9:65:57:28:01:6c:76:
24:79:e3:c0
-----BEGIN CERTIFICATE-----
MIIGcTCCBVmgAwIBAgIDAeiXMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQwMjA0NTg0NFoXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDgzRDAxMTAvBgNVBAUTKEM0RTRGMERBMDEwQUY1ODYzN0NDNTk2
Mjg0NzFFOTk4QjcyNDNDNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCK9Lvc8oMQM2h+iH8zUcv42c8rPT3yfJiENi8JLwHhOUaO823gGd4IJZZEaKu
Ho+K2bp/4YHW5KvFzt21vwlk0msNItF0ZlkvMEZw9auRdk+c4EkhWDxVqj4oGptg
ky95is9Erem4lUEiH9a7AFmu09VyDKkM4Aw7/HKeB48xQaYg0vYBZAdcqb4O6TDV
nSAqA2CJO2xVXLFJYcGjtp21kKeeA9zXHXckTHIVuVm8bVYqgFq2TXrGE3hlXaWh
+lPEtDkWvSAr+BrzQPge8rXvjAASpa28D2kYRVi6lyf/74KeX+FL51BwcdTEuL0L
X1rxCCCGjJ2uX/3T4HxhOYOpAgMBAAGjggNmMIIDYjAdBgNVHQ4EFgQUxOTw2gEK
9YY3zFlihHHpmLckPFIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQ4M0QwLzBBMTYyMDhBQUZCQzExRUFBOTYxQ0I4NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEODNEMC8wQTE2MjA4QUFGQkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdF
SzlZWTN6RmxpaEhIcG1MY2tQRkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgr6MHYGCCsGAQUFBwEHAQH/BGcwZTBEBAIAATA+AwQCK/+YAwQCZwGs
AwQAZyNbAwQAZyzcMAwDBABnV70DBAZnV4ADBAV2i6ADBAW2MoADBADKAw0DBAXL
fGAwHQQCAAIwFwMHACABDfGcAAMFACQDvIADBQAkBxwAMA0GCSqGSIb3DQEBCwUA
A4IBAQB25HuuuPbi3gxpW3/1rrm1p1hhWwAACLeVPaJz0UN/aN5LiLC5KL9MYcdQ
neCslDoRlh1M90XGFllddJTrA7YPNMKaFcP1uKkIm5cd242jjR2BQo45YZOkmH6N
pZDd1gdc1USYgINmDbrmU8R+Ob976l1QWRc6fCLi6UUfiO02tDH+UXbu1xy4w1FA
rcC2xUPPaDnXd/q8w0C94WNBeOfo7NlF7sXy/z5RUn0P8sNntEZkSC2AQ7VzqZTG
3T2Xe8DfcLHuCXfSH+E3PdrRlcs6080mHwmOff/YWseCkLpC8FplpPFlJ7N+q+Fq
NdcV0KhhtvPM97llVygBbHYkeePA
-----END CERTIFICATE-----
Generated at Thu May 9 10:24:46 2024 by rpki-client on console-fra.rpki-client.org