Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer
File: QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer (raw, json)
Hash identifier: UqXmY+0rJiecjXnxKFlxitFyufcdd0FuUOAwYRwgL7g=
Subject key identifier: 41:6D:6C:D6:03:90:FB:7C:96:ED:79:D7:8C:E7:6F:54:AF:CF:44:58
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial: 41D8
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 18 Jul 2023 14:21:42 +0000
Certificate not after: Mon 30 Sep 2024 00:00:00 +0000
Subordinate resources: IP: 2001:7fa:5::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 12 May 2024 20:58:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16856 (0x41d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Validity
Not Before: Jul 18 14:21:42 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=A91E5D61/serialNumber=416D6CD60390FB7C96ED79D78CE76F54AFCF4458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4c:42:ed:8e:b1:64:99:78:3f:87:26:96:bf:
1c:f7:54:6b:81:4b:ae:fa:a4:44:66:e8:52:56:e5:
e0:ea:22:ff:a1:43:76:7f:c1:1d:8d:ab:b9:18:13:
17:fe:ec:c4:28:a7:b2:30:14:10:d5:de:35:ca:b8:
84:c6:d0:d9:62:50:8a:c9:33:67:98:06:f8:44:7e:
01:40:f3:df:11:e2:e9:96:77:b2:40:94:41:c8:a3:
dc:9f:d0:2e:44:5e:05:ba:ed:64:53:82:70:63:b9:
00:02:9e:b6:b5:0d:63:5f:42:90:c8:8e:e2:2d:4c:
52:c9:67:d6:08:ba:42:53:bc:fc:fc:c6:85:01:5a:
c0:93:6e:7e:17:4d:64:ec:67:28:d0:9d:56:2a:1f:
f8:f8:bf:3f:16:43:1c:39:7e:c5:4e:bc:05:f2:91:
4d:9f:5c:8c:34:45:e2:15:01:11:88:78:1b:a1:4d:
b1:ed:18:8b:c4:50:e5:b4:93:0e:75:34:b0:32:44:
04:4f:ea:c1:0b:85:7a:05:67:24:60:72:c1:67:cc:
3c:9a:eb:07:93:f7:b5:4c:56:a7:a9:3c:a8:ee:aa:
10:36:ce:a7:22:3b:62:e0:f4:5a:8c:a4:c7:4e:5a:
68:40:9f:45:ed:94:8d:ea:7b:d6:81:f6:08:a9:34:
fa:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:6D:6C:D6:03:90:FB:7C:96:ED:79:D7:8C:E7:6F:54:AF:CF:44:58
X509v3 Authority Key Identifier:
keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:7fa:5::/48
Signature Algorithm: sha256WithRSAEncryption
69:1a:9a:44:8d:19:fb:a1:80:e5:89:b5:c7:fc:37:fc:1c:c2:
b5:87:bc:4a:ac:a1:ae:c0:87:19:de:f1:4b:e3:6a:23:ef:9a:
62:33:04:51:2f:46:29:a8:20:4c:dd:b1:12:76:dd:26:42:76:
e2:7e:66:53:77:7b:e5:1b:c3:30:7f:8d:3f:c8:82:54:85:7a:
38:e4:78:16:f2:d8:f4:77:f6:5e:dd:4b:23:28:cb:d5:8a:54:
13:70:49:e1:8b:2b:09:ce:6c:00:42:78:34:76:87:a8:b9:2f:
b3:b7:a8:9b:d2:b2:4a:af:12:d6:91:34:b5:de:1c:49:2e:ed:
1f:40:4b:80:7a:40:c0:2b:5b:9b:e8:5f:a9:e7:c5:34:76:28:
91:3c:92:f6:7c:51:cd:b6:fa:44:5d:b2:6b:f7:30:33:8c:53:
30:2b:ef:b1:c5:a9:98:1a:4f:34:12:90:4a:a1:d3:4a:78:9d:
7c:84:98:6a:20:41:92:c6:f8:7f:1a:f5:ee:4c:09:fd:91:40:
72:5c:20:19:ed:f2:cb:b4:ac:be:eb:39:f0:5a:af:ad:41:32:
ce:c1:e0:9f:20:55:ac:43:4c:d2:06:39:f5:52:3c:fe:2e:80:
eb:ef:6d:66:60:ab:04:f5:fa:85:ac:00:69:c2:4a:69:21:6b:
9c:8f:5f:19
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgICQdgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjMwNzE4MTQyMTQyWhcNMjQwOTMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFFNUQ2MTExMC8GA1UEBRMoNDE2RDZDRDYwMzkwRkI3Qzk2RUQ3OUQ3
OENFNzZGNTRBRkNGNDQ1ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANBMQu2OsWSZeD+HJpa/HPdUa4FLrvqkRGboUlbl4Ooi/6FDdn/BHY2ruRgTF/7s
xCinsjAUENXeNcq4hMbQ2WJQiskzZ5gG+ER+AUDz3xHi6ZZ3skCUQcij3J/QLkRe
BbrtZFOCcGO5AAKetrUNY19CkMiO4i1MUsln1gi6QlO8/PzGhQFawJNufhdNZOxn
KNCdViof+Pi/PxZDHDl+xU68BfKRTZ9cjDRF4hUBEYh4G6FNse0Yi8RQ5bSTDnU0
sDJEBE/qwQuFegVnJGBywWfMPJrrB5P3tUxWp6k8qO6qEDbOpyI7YuD0Woykx05a
aECfRe2Ujep71oH2CKk0+okCAwEAAaOCAvYwggLyMB0GA1UdDgQWBBRBbWzWA5D7
fJbtedeM529Ur89EWDAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTVENjEvMkE3QzdEOTgxRDc5MTFFMjg3OUUzOEM1MDhCMDJDRDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU1RDYxLzJBN0M3RDk4MUQ3OTExRTI4NzlFMzhDNTA4QjAyQ0QyL1FXMXMxZ09R
LTN5VzdYblhqT2R2VktfUFJGZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACABB/oABTANBgkqhkiG9w0BAQsFAAOCAQEAaRqaRI0Z+6GA5Ym1
x/w3/BzCtYe8SqyhrsCHGd7xS+NqI++aYjMEUS9GKaggTN2xEnbdJkJ24n5mU3d7
5RvDMH+NP8iCVIV6OOR4FvLY9Hf2Xt1LIyjL1YpUE3BJ4YsrCc5sAEJ4NHaHqLkv
s7eom9KySq8S1pE0td4cSS7tH0BLgHpAwCtbm+hfqefFNHYokTyS9nxRzbb6RF2y
a/cwM4xTMCvvscWpmBpPNBKQSqHTSnidfISYaiBBksb4fxr17kwJ/ZFAclwgGe3y
y7Ssvus58FqvrUEyzsHgnyBVrENM0gY59VI8/i6A6+9tZmCrBPX6hawAacJKaSFr
nI9fGQ==
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:14 2024 by rpki-client on console-ams.rpki-client.org