Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/3ASvGYyX8lgvFa3e7nxoJhHK2lE.cer
File: 3ASvGYyX8lgvFa3e7nxoJhHK2lE.cer (raw, json)
Hash identifier: GHcr1jT479WI3kVDDxIPhxiOWZNBLqZPnjvcjtV7Mps=
Subject key identifier: DC:04:AF:19:8C:97:F2:58:2F:15:AD:DE:EE:7C:68:26:11:CA:DA:51
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial: 478A
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D1691/50C692929D2411E7861A226BC4F9AE02/3ASvGYyX8lgvFa3e7nxoJhHK2lE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D1691/50C692929D2411E7861A226BC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 02 Aug 2024 16:06:37 +0000
Certificate not after: Fri 31 Oct 2025 00:00:00 +0000
Subordinate resources: IP: 212.8.230.0/23
IP: 212.8.254.0/23
IP: 212.92.102.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 02:50:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18314 (0x478a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Validity
Not Before: Aug 2 16:06:37 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=A91D1691/serialNumber=DC04AF198C97F2582F15ADDEEE7C682611CADA51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2c:47:a6:cf:6d:91:69:c6:55:c8:0f:fd:9d:
85:81:6e:4b:5d:5a:81:be:80:08:35:05:26:92:08:
e3:5b:b0:eb:9b:45:20:f4:fe:63:89:5a:71:c9:d8:
45:c5:8f:58:c4:ef:1c:bc:a3:d2:08:14:f9:b7:36:
cc:90:93:61:f9:86:0f:f1:96:fd:0d:d6:5b:40:37:
9e:20:42:75:70:df:92:ba:76:0d:7b:d2:4c:04:89:
e7:ec:2d:55:bf:80:13:be:02:e0:ca:f7:52:23:0e:
5e:12:6b:7b:5a:d1:77:92:ea:ee:8e:be:4c:42:9b:
56:49:94:ae:64:e5:6e:cc:f6:56:cd:85:e3:ff:ed:
e6:c0:ab:5a:30:15:3f:d0:f9:8d:40:46:1f:63:08:
9d:b9:5e:04:fd:41:c1:ff:a4:23:10:f5:e8:e2:9f:
b5:16:ff:bc:62:f3:93:55:21:2e:c6:ea:db:61:86:
13:4b:d9:da:19:c9:3f:70:9b:c9:79:0d:74:b0:6b:
68:4a:f3:bf:20:a7:a9:81:7b:ff:20:34:24:bd:0a:
59:10:f0:af:b6:bd:cb:7e:ec:f0:ed:f1:3b:18:40:
fd:d2:fc:84:b6:57:96:5c:c9:9a:8c:6f:c4:79:aa:
f0:3f:b9:0a:31:ef:db:f1:26:1f:c3:83:1a:6d:9a:
03:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:04:AF:19:8C:97:F2:58:2F:15:AD:DE:EE:7C:68:26:11:CA:DA:51
X509v3 Authority Key Identifier:
keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D1691/50C692929D2411E7861A226BC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D1691/50C692929D2411E7861A226BC4F9AE02/3ASvGYyX8lgvFa3e7nxoJhHK2lE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
212.8.230.0/23
212.8.254.0/23
212.92.102.0/23
Signature Algorithm: sha256WithRSAEncryption
64:32:7a:76:20:f8:28:37:31:69:e8:fe:2e:9e:49:fe:d9:c2:
bb:64:66:76:7e:96:ff:f3:f4:5a:80:d0:ed:38:01:2f:72:15:
e2:39:e1:7d:ad:c6:a7:08:cd:95:20:8f:9b:a2:74:8d:ae:47:
55:df:40:25:d4:b2:54:c7:9b:43:e5:45:f8:a6:6e:cf:8b:ef:
b8:88:28:ef:e5:a1:5b:d3:5e:ee:2d:de:a7:e2:80:d3:d4:18:
74:71:f2:54:d5:b6:9d:60:92:60:1b:d4:d9:a1:18:bb:92:af:
32:78:e9:a6:66:f4:66:6a:fe:93:f4:92:63:b7:6d:4f:a1:5b:
d1:f8:64:8e:87:c5:cd:91:74:02:d3:c6:72:69:df:84:d3:6c:
ff:90:e4:bf:91:26:54:2c:0e:88:05:5e:70:9a:09:75:68:b1:
20:6f:56:1b:7b:c1:6c:4a:62:8d:66:6f:59:ba:3e:e2:58:f8:
b1:7d:b4:1a:16:4d:1d:0e:c3:85:ea:dd:14:7d:93:b8:02:b0:
0f:0e:c4:7c:4e:be:d6:92:e8:4b:ba:19:50:15:ee:05:d8:fa:
4d:99:50:22:20:ec:56:29:39:d1:d1:f2:a9:4b:83:1b:f2:c0:
e5:4e:c0:d9:7d:88:45:d0:ee:67:9f:ec:ab:78:20:73:cb:86:
3f:a5:7d:7f
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgICR4owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjQwODAyMTYwNjM3WhcNMjUxMDMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFEMTY5MTExMC8GA1UEBRMoREMwNEFGMTk4Qzk3RjI1ODJGMTVBRERF
RUU3QzY4MjYxMUNBREE1MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMksR6bPbZFpxlXID/2dhYFuS11agb6ACDUFJpII41uw65tFIPT+Y4laccnYRcWP
WMTvHLyj0ggU+bc2zJCTYfmGD/GW/Q3WW0A3niBCdXDfkrp2DXvSTASJ5+wtVb+A
E74C4Mr3UiMOXhJre1rRd5Lq7o6+TEKbVkmUrmTlbsz2Vs2F4//t5sCrWjAVP9D5
jUBGH2MInbleBP1Bwf+kIxD16OKftRb/vGLzk1UhLsbq22GGE0vZ2hnJP3CbyXkN
dLBraErzvyCnqYF7/yA0JL0KWRDwr7a9y37s8O3xOxhA/dL8hLZXllzJmoxvxHmq
8D+5CjHv2/EmH8ODGm2aAzcCAwEAAaOCAv8wggL7MB0GA1UdDgQWBBTcBK8ZjJfy
WC8Vrd7ufGgmEcraUTAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE2OTEvNTBDNjkyOTI5RDI0MTFFNzg2MUEyMjZCQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQxNjkxLzUwQzY5MjkyOUQyNDExRTc4NjFBMjI2QkM0RjlBRTAyLzNBU3ZHWXlY
OGxndkZhM2U3bnhvSmhISzJsRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQcMBow
GAQCAAEwEgMEAdQI5gMEAdQI/gMEAdRcZjANBgkqhkiG9w0BAQsFAAOCAQEAZDJ6
diD4KDcxaej+Lp5J/tnCu2Rmdn6W//P0WoDQ7TgBL3IV4jnhfa3GpwjNlSCPm6J0
ja5HVd9AJdSyVMebQ+VF+KZuz4vvuIgo7+WhW9Ne7i3ep+KA09QYdHHyVNW2nWCS
YBvU2aEYu5KvMnjppmb0Zmr+k/SSY7dtT6Fb0fhkjofFzZF0AtPGcmnfhNNs/5Dk
v5EmVCwOiAVecJoJdWixIG9WG3vBbEpijWZvWbo+4lj4sX20GhZNHQ7DherdFH2T
uAKwDw7EfE6+1pLoS7oZUBXuBdj6TZlQIiDsVik50dHyqUuDG/LA5U7A2X2IRdDu
Z5/sq3ggc8uGP6V9fw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:41 2024 by rpki-client on console-ams.rpki-client.org