Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIO7bQqhd53qFp7bpKQCKN4hvXs.cer
File: zIO7bQqhd53qFp7bpKQCKN4hvXs.cer (raw, json)
Hash identifier: lPs2s9wHAa7A1VMQzaaVB6lQqTPxKbh/c3nLGGzo44c=
Subject key identifier: CC:83:BB:6D:0A:A1:77:9D:EA:16:9E:DB:A4:A4:02:28:DE:21:BD:7B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01EE68
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/zIO7bQqhd53qFp7bpKQCKN4hvXs.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 30 Apr 2024 07:04:50 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 149660
IP: 103.185.222.0/23
IP: 2001:df0:9b40::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126568 (0x1ee68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 30 07:04:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A91D493B/serialNumber=CC83BB6D0AA1779DEA169EDBA4A40228DE21BD7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:d7:14:8e:37:d5:e8:d6:86:e9:a7:15:a7:3e:
6d:2f:32:1f:25:38:61:cc:b9:fd:db:70:5b:ea:0d:
05:13:ad:bd:70:20:4a:c3:54:32:44:ec:3f:db:ed:
6a:69:d4:8f:d7:b6:9c:97:7e:03:0d:e6:4b:77:bb:
ff:96:32:d5:ab:75:87:41:61:b9:83:b6:80:70:f3:
ee:65:9a:49:b6:43:f8:5e:9c:75:4a:eb:19:a3:ed:
36:ac:a8:a6:17:bb:d8:4e:af:af:a6:25:63:52:f9:
e9:31:40:c6:b7:ae:69:81:17:b2:07:00:dc:8c:18:
19:f0:2a:2e:ae:43:a5:28:b0:a9:8c:46:a6:d6:d5:
14:70:fa:a5:76:26:9e:7c:39:d7:31:a1:44:43:33:
08:80:6a:6f:20:5d:4d:62:ac:0b:4e:59:72:07:1f:
7b:da:0b:36:d5:8c:e4:f6:e1:f8:bc:6a:cf:89:b5:
67:be:6a:e3:50:a7:2d:8c:b9:01:ba:52:7d:9e:dc:
00:11:42:9c:e1:f8:d7:5a:cd:66:e9:ce:fb:f2:ce:
2f:4b:29:3f:4e:94:c3:86:2a:fd:42:5b:97:28:c6:
46:b6:a9:5e:c2:d7:ae:30:b4:60:33:cd:4b:5d:3d:
99:33:06:60:55:45:b3:85:42:ec:e2:b9:65:17:ef:
d1:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:83:BB:6D:0A:A1:77:9D:EA:16:9E:DB:A4:A4:02:28:DE:21:BD:7B
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/zIO7bQqhd53qFp7bpKQCKN4hvXs.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
149660
sbgp-ipAddrBlock: critical
IPv4:
103.185.222.0/23
IPv6:
2001:df0:9b40::/48
Signature Algorithm: sha256WithRSAEncryption
42:e9:02:45:c8:03:75:18:cc:3f:51:51:85:9a:4f:53:8b:5a:
cb:f9:f1:74:11:ee:73:a3:23:1a:17:4c:d4:73:07:98:ab:98:
bb:61:77:11:cb:85:3c:98:70:4c:fb:cc:7d:bc:e3:6d:69:28:
29:1f:ab:4c:13:c5:b7:67:e0:29:d8:9c:6e:86:b7:c8:f7:01:
1d:f5:e7:9c:a8:1d:dc:5f:08:85:3d:88:c3:b6:f4:48:12:4d:
ba:6b:24:3e:1b:1a:e5:c8:7e:95:60:38:90:d2:d0:c9:74:82:
45:85:a4:9e:d7:83:c5:51:21:27:ea:92:60:36:be:a5:66:e4:
9b:55:df:5c:af:29:6f:a4:7d:a9:f5:d9:2d:ed:a6:7e:81:4f:
58:ce:96:93:66:aa:85:40:12:36:b1:98:0c:7c:21:8a:70:ec:
bc:2f:81:cd:fd:31:22:f7:41:75:16:6c:ee:e3:ab:a6:8d:e9:
96:1f:df:f6:7e:ac:c0:a5:7a:5b:8c:ba:d7:a1:95:7e:d6:b1:
fb:18:1d:8a:79:80:5a:02:a4:0b:00:3e:64:5f:c0:c7:9d:5e:
87:b9:e2:18:bf:bf:67:90:b3:1a:25:03:aa:0e:b5:68:f7:f0:
9e:ba:dc:1a:d8:b8:cb:e5:e3:c4:14:52:d7:a5:32:92:23:25:
a3:10:36:af
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAe5oMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQzMDA3MDQ1MFoXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDQ5M0IxMTAvBgNVBAUTKENDODNCQjZEMEFBMTc3OURFQTE2OUVE
QkE0QTQwMjI4REUyMUJEN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDz1xSON9Xo1obppxWnPm0vMh8lOGHMuf3bcFvqDQUTrb1wIErDVDJE7D/b7Wpp
1I/XtpyXfgMN5kt3u/+WMtWrdYdBYbmDtoBw8+5lmkm2Q/henHVK6xmj7TasqKYX
u9hOr6+mJWNS+ekxQMa3rmmBF7IHANyMGBnwKi6uQ6UosKmMRqbW1RRw+qV2Jp58
OdcxoURDMwiAam8gXU1irAtOWXIHH3vaCzbVjOT24fi8as+JtWe+auNQpy2MuQG6
Un2e3AARQpzh+NdazWbpzvvyzi9LKT9OlMOGKv1CW5coxka2qV7C164wtGAzzUtd
PZkzBmBVRbOFQuziuWUX79EHAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUzIO7bQqh
d53qFp7bpKQCKN4hvXswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQ0OTNCL0RCQUQzN0EwQ0FBRTExRUM4MjQxMjgwREM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFENDkzQi9EQkFEMzdBMENBQUUxMUVDODI0MTI4MERDNEY5QUUwMi96SU83YlFx
aGQ1M3FGcDdicEtRQ0tONGh2WHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkicMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ7neMA8EAgAC
MAkDBwAgAQ3wm0AwDQYJKoZIhvcNAQELBQADggEBAELpAkXIA3UYzD9RUYWaT1OL
Wsv58XQR7nOjIxoXTNRzB5irmLthdxHLhTyYcEz7zH28421pKCkfq0wTxbdn4CnY
nG6Gt8j3AR3155yoHdxfCIU9iMO29EgSTbprJD4bGuXIfpVgOJDS0Ml0gkWFpJ7X
g8VRISfqkmA2vqVm5JtV31yvKW+kfan12S3tpn6BT1jOlpNmqoVAEjaxmAx8IYpw
7Lwvgc39MSL3QXUWbO7jq6aN6ZYf3/Z+rMCleluMutehlX7WsfsYHYp5gFoCpAsA
PmRfwMedXoe54hi/v2eQsxolA6oOtWj38J663BrYuMvl48QUUtelMpIjJaMQNq8=
-----END CERTIFICATE-----
Generated at Thu May 9 15:21:41 2024 by rpki-client on console-fra.rpki-client.org