Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/feYHxGFdegH73UqGrVRZQBp1mSE.cer
File: feYHxGFdegH73UqGrVRZQBp1mSE.cer (raw, json)
Hash identifier: TBGO1GBUHtXyK67GztKr9WEjBUjIrhLiTXTfdETF3Oc=
Subject key identifier: 7D:E6:07:C4:61:5D:7A:01:FB:DD:4A:86:AD:54:59:40:1A:75:99:21
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial: 4A12
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest: rsync://rpki.apnic.net/member_repository/A912442A/E7C4F9DEF62511EE8DAD8E35C4F9AE02/feYHxGFdegH73UqGrVRZQBp1mSE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A912442A/E7C4F9DEF62511EE8DAD8E35C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 27 Jan 2025 12:45:22 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: IP: 85.204.26.0/24
IP: 85.204.243.0 -- 85.204.244.255
IP: 85.204.247.0/24
IP: 85.204.250.0/24
IP: 85.204.253.0/24
IP: 86.107.53.0/24
IP: 89.38.134.0/24
IP: 89.39.91.0/24
IP: 89.47.94.0/24
IP: 92.114.109.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 02:50:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18962 (0x4a12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 27 12:45:22 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A912442A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:25:e7:5e:5e:b1:04:dd:e1:3a:5b:84:0d:76:
3f:67:d8:96:02:6c:2f:e4:b5:b2:9e:b2:eb:84:cf:
42:ed:02:b8:7c:13:09:61:ed:89:d6:f5:3d:1f:d6:
4f:03:a9:c1:4f:fc:44:cd:11:57:9a:f4:4a:f7:55:
61:df:e1:5a:c3:66:4c:c8:a7:46:4c:57:64:8a:88:
c1:1a:83:cc:1a:45:2b:c3:c9:ff:18:e2:5e:12:58:
13:04:01:40:4a:80:1d:2c:90:d1:8d:36:02:69:c9:
9d:f9:6c:f8:72:93:0d:26:30:68:40:57:0e:32:e5:
4c:13:0c:d8:da:3d:2e:3f:e9:f2:ca:28:f5:83:a1:
b4:de:f2:05:32:d5:c5:24:bd:4b:b0:1a:a6:87:37:
44:92:75:9f:f8:e9:35:53:86:b3:ad:54:85:ee:4f:
5c:d4:98:1c:4d:c6:f9:4c:7d:8b:d9:2c:c5:93:d0:
81:cd:be:f4:f4:5f:a7:7c:1d:fc:bb:76:a5:ab:de:
1e:55:22:56:00:30:06:c9:24:d7:bc:64:d2:7b:52:
6f:ef:1d:d8:28:87:4f:bc:b4:74:75:f6:39:d1:ad:
0f:4f:da:da:42:e2:13:ea:41:9f:c7:de:97:d5:1a:
55:bc:b2:5e:71:04:22:13:37:da:12:cc:51:a2:f2:
75:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:E6:07:C4:61:5D:7A:01:FB:DD:4A:86:AD:54:59:40:1A:75:99:21
X509v3 Authority Key Identifier:
keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912442A/E7C4F9DEF62511EE8DAD8E35C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912442A/E7C4F9DEF62511EE8DAD8E35C4F9AE02/feYHxGFdegH73UqGrVRZQBp1mSE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
85.204.26.0/24
85.204.243.0-85.204.244.255
85.204.247.0/24
85.204.250.0/24
85.204.253.0/24
86.107.53.0/24
89.38.134.0/24
89.39.91.0/24
89.47.94.0/24
92.114.109.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:aa:40:69:47:c0:22:8a:28:ef:ed:cd:06:c4:97:43:f5:c8:
e4:11:d7:37:e6:03:93:fe:83:2e:54:b3:1c:d9:6b:2b:6f:aa:
da:ae:a9:b9:58:8c:18:67:14:50:19:14:7f:76:20:1d:ec:4b:
23:a4:76:cf:5b:be:1b:b7:a4:cf:1c:c4:85:ce:66:f6:82:47:
7e:c8:c6:31:14:94:ed:b1:e1:9d:95:24:8a:84:92:d0:50:f4:
1d:c2:50:2e:c1:02:d5:95:25:3a:2d:f5:70:67:05:ab:ad:61:
d4:d1:b0:11:9e:56:2a:dd:f1:63:c9:e9:b7:ba:4a:d7:45:3b:
d8:31:17:f7:b3:85:ee:c8:ca:a1:15:1c:a2:c4:67:35:71:da:
87:05:31:b6:30:46:b3:33:f9:1c:e6:56:56:56:3b:a0:43:40:
a3:ce:15:8a:2d:99:6b:c5:ce:93:c7:90:88:c5:0b:69:5e:63:
ea:f7:dd:f4:90:9f:9b:89:83:e1:ea:2d:a7:b6:dc:e7:90:95:
6c:ef:9e:a1:e8:df:f9:f2:1e:d4:a5:3e:c2:d8:f4:67:d1:07:
8a:78:be:08:84:bd:ca:21:67:3a:c7:44:12:b7:db:a4:1d:f9:
dc:ee:b2:06:91:25:d0:9c:07:11:0a:1d:2a:6d:8c:82:40:bc:
0a:a6:ff:d3
-----BEGIN CERTIFICATE-----
MIIGOzCCBSOgAwIBAgICShIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjUwMTI3MTI0NTIyWhcNMjYwMTMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEyNDQyQTExMC8GA1UEBRMoN0RFNjA3QzQ2MTVEN0EwMUZCREQ0QTg2
QUQ1NDU5NDAxQTc1OTkyMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALol515esQTd4TpbhA12P2fYlgJsL+S1sp6y64TPQu0CuHwTCWHtidb1PR/WTwOp
wU/8RM0RV5r0SvdVYd/hWsNmTMinRkxXZIqIwRqDzBpFK8PJ/xjiXhJYEwQBQEqA
HSyQ0Y02AmnJnfls+HKTDSYwaEBXDjLlTBMM2No9Lj/p8soo9YOhtN7yBTLVxSS9
S7Aapoc3RJJ1n/jpNVOGs61Uhe5PXNSYHE3G+Ux9i9ksxZPQgc2+9PRfp3wd/Lt2
paveHlUiVgAwBskk17xk0ntSb+8d2CiHT7y0dHX2OdGtD0/a2kLiE+pBn8fel9Ua
VbyyXnEEIhM32hLMUaLydbMCAwEAAaOCAzEwggMtMB0GA1UdDgQWBBR95gfEYV16
AfvdSoatVFlAGnWZITAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQ0MkEvRTdDNEY5REVGNjI1MTFFRThEQUQ4RTM1QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTI0NDJBL0U3QzRGOURFRjYyNTExRUU4REFEOEUzNUM0RjlBRTAyL2ZlWUh4R0Zk
ZWdINzNVcUdyVlJaUUJwMW1TRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBdBggrBgEFBQcBBwEB/wROMEww
SgQCAAEwRAMEAFXMGjAMAwQAVczzAwQAVcz0AwQAVcz3AwQAVcz6AwQAVcz9AwQA
Vms1AwQAWSaGAwQAWSdbAwQAWS9eAwQAXHJtMA0GCSqGSIb3DQEBCwUAA4IBAQBt
qkBpR8Aiiijv7c0GxJdD9cjkEdc35gOT/oMuVLMc2Wsrb6rarqm5WIwYZxRQGRR/
diAd7EsjpHbPW74bt6TPHMSFzmb2gkd+yMYxFJTtseGdlSSKhJLQUPQdwlAuwQLV
lSU6LfVwZwWrrWHU0bARnlYq3fFjyem3ukrXRTvYMRf3s4XuyMqhFRyixGc1cdqH
BTG2MEazM/kc5lZWVjugQ0CjzhWKLZlrxc6Tx5CIxQtpXmPq9930kJ+biYPh6i2n
ttznkJVs756h6N/58h7UpT7C2PRn0QeKeL4IhL3KIWc6x0QSt9ukHfnc7rIGkSXQ
nAcRCh0qbYyCQLwKpv/T
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:20:41 2025 by rpki-client