Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/KO2nuV1ejUVip1l0xt19pkwqKoY.cer
File: KO2nuV1ejUVip1l0xt19pkwqKoY.cer (raw, json)
Hash identifier: 8Yakye62Jjx7C1YbAZf/YJZ9AueCdG5+x1DIyBt5UE8=
Subject key identifier: 28:ED:A7:B9:5D:5E:8D:45:62:A7:59:74:C6:DD:7D:A6:4C:2A:2A:86
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial: 49DE
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9142E1E/D409F82AD16911EFB76FB520C4F9AE02/KO2nuV1ejUVip1l0xt19pkwqKoY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9142E1E/D409F82AD16911EFB76FB520C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 13 Jan 2025 04:49:58 +0000
Certificate not after: Wed 28 May 2025 00:00:00 +0000
Subordinate resources: IP: 89.36.199.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 12 Feb 2025 14:50:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18910 (0x49de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 13 04:49:58 2025 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=A9142E1E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:23:58:72:f3:63:16:e3:94:b5:71:26:c9:5f:
67:9d:56:ab:85:31:f2:4f:55:05:52:18:a8:c1:e6:
21:fa:7e:91:1a:58:64:65:08:ea:de:c5:36:61:61:
e9:43:9c:27:65:40:2c:58:45:ea:c0:9c:48:53:81:
ce:4b:f3:d6:1a:e6:f2:37:1e:4c:c9:2e:43:f9:38:
3c:b3:c3:7b:48:6c:26:b3:a4:70:40:9b:0e:94:7e:
15:8c:0f:ce:95:8e:55:15:45:23:bb:ba:e4:23:ba:
47:5f:64:45:ad:da:3d:6e:9c:7b:bf:2c:85:18:4b:
0e:ae:ca:f3:a6:77:88:0d:37:17:aa:8b:8b:e3:6a:
cd:e0:54:59:72:58:61:39:83:e8:2d:d7:9e:81:c1:
67:96:ab:f1:29:82:66:06:ab:97:c6:60:6f:f3:26:
04:05:e9:bc:39:93:cc:62:9e:05:12:f6:e7:55:99:
b2:42:98:6e:3b:37:e9:f5:fe:a3:27:69:2b:ac:57:
7f:22:7a:f2:19:b3:ab:ad:75:d5:d9:9c:c0:f9:f4:
ec:a3:00:95:a6:a0:0e:9f:f9:b2:24:7b:6f:87:f2:
79:dd:f3:f5:a3:d4:e5:db:66:1e:a8:7d:b0:64:63:
22:a2:cc:fa:71:16:2a:c0:4c:26:ff:44:58:84:38:
b1:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:ED:A7:B9:5D:5E:8D:45:62:A7:59:74:C6:DD:7D:A6:4C:2A:2A:86
X509v3 Authority Key Identifier:
keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9142E1E/D409F82AD16911EFB76FB520C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9142E1E/D409F82AD16911EFB76FB520C4F9AE02/KO2nuV1ejUVip1l0xt19pkwqKoY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
89.36.199.0/24
Signature Algorithm: sha256WithRSAEncryption
be:55:88:81:ef:87:bd:0f:d2:b7:1d:e9:f8:9b:9a:62:b0:2b:
a4:e7:33:33:3b:66:74:89:3e:be:8f:3d:7a:a0:ff:15:d1:73:
0a:eb:b2:bd:96:e4:bb:3c:d8:e5:01:eb:f9:8b:df:82:bf:6e:
43:cd:c9:6d:f2:0b:68:fa:9a:c4:e8:48:1d:fc:bb:8f:43:fb:
60:71:36:f0:79:1b:1b:e2:36:5b:a6:ee:66:8b:3c:a9:78:41:
86:8b:49:e3:68:b0:ca:8a:ca:45:3b:7d:a4:93:5e:3e:8c:93:
32:f3:d1:99:cc:c1:be:b6:a0:f9:9f:ef:f1:91:d9:94:9b:12:
86:83:2b:f0:f1:f4:48:ab:d0:24:8f:02:f0:f8:6f:76:af:f8:
30:9b:e8:bc:83:c0:16:92:69:04:26:47:ba:da:d7:f8:49:69:
55:f2:a1:a8:93:1c:91:76:a8:fe:80:b2:6e:42:54:5a:7b:78:
5b:f6:d9:0d:07:1d:48:59:34:ab:08:86:38:68:45:da:0f:c7:
9c:2e:34:d5:3f:73:21:3e:4b:68:96:7c:13:9a:c8:20:ad:92:
b9:07:cb:05:36:95:53:bd:02:c9:54:8e:55:84:e5:33:56:79:
97:09:64:64:c8:fb:56:25:97:e8:1c:82:f7:1e:01:54:67:9c:
69:0e:42:b8
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICSd4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjUwMTEzMDQ0OTU4WhcNMjUwNTI4MDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE0MkUxRTExMC8GA1UEBRMoMjhFREE3Qjk1RDVFOEQ0NTYyQTc1OTc0
QzZERDdEQTY0QzJBMkE4NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
APYjWHLzYxbjlLVxJslfZ51Wq4Ux8k9VBVIYqMHmIfp+kRpYZGUI6t7FNmFh6UOc
J2VALFhF6sCcSFOBzkvz1hrm8jceTMkuQ/k4PLPDe0hsJrOkcECbDpR+FYwPzpWO
VRVFI7u65CO6R19kRa3aPW6ce78shRhLDq7K86Z3iA03F6qLi+NqzeBUWXJYYTmD
6C3XnoHBZ5ar8SmCZgarl8Zgb/MmBAXpvDmTzGKeBRL251WZskKYbjs36fX+oydp
K6xXfyJ68hmzq6111dmcwPn07KMAlaagDp/5siR7b4fyed3z9aPU5dtmHqh9sGRj
IqLM+nEWKsBMJv9EWIQ4sV8CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQo7ae5XV6N
RWKnWXTG3X2mTCoqhjAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDJFMUUvRDQwOUY4MkFEMTY5MTFFRkI3NkZCNTIwQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTQyRTFFL0Q0MDlGODJBRDE2OTExRUZCNzZGQjUyMEM0RjlBRTAyL0tPMm51VjFl
alVWaXAxbDB4dDE5cGt3cUtvWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAFkkxzANBgkqhkiG9w0BAQsFAAOCAQEAvlWIge+HvQ/Stx3p+Jua
YrArpOczMztmdIk+vo89eqD/FdFzCuuyvZbkuzzY5QHr+Yvfgr9uQ83JbfILaPqa
xOhIHfy7j0P7YHE28HkbG+I2W6buZos8qXhBhotJ42iwyorKRTt9pJNePoyTMvPR
mczBvrag+Z/v8ZHZlJsShoMr8PH0SKvQJI8C8Phvdq/4MJvovIPAFpJpBCZHutrX
+ElpVfKhqJMckXao/oCybkJUWnt4W/bZDQcdSFk0qwiGOGhF2g/HnC401T9zIT5L
aJZ8E5rIIK2SuQfLBTaVU70CyVSOVYTlM1Z5lwlkZMj7ViWX6ByC9x4BVGecaQ5C
uA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 19:13:01 2025 by rpki-client