Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/uKIid-zGsQo9ICqjkMyn-7kqRuA.cer
File: uKIid-zGsQo9ICqjkMyn-7kqRuA.cer (raw, json)
Hash identifier: vevRfY8nTF2iJESkSmU5aGFsJZMxckGaVUdSKemS1t4=
Subject key identifier: B8:A2:22:77:EC:C6:B1:0A:3D:20:2A:A3:90:CC:A7:FB:B9:2A:46:E0
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer: /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial: 4A1F
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91975CC/13E7D72EAFE311ECA2CB066DC4F9AE02/uKIid-zGsQo9ICqjkMyn-7kqRuA.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91975CC/13E7D72EAFE311ECA2CB066DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 29 Jan 2025 18:17:35 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: IP: 87.121.72.0/22
IP: 87.121.92.0/22
IP: 87.121.248.0/22
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 02:50:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18975 (0x4a1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 29 18:17:35 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=A91975CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e9:9e:6b:ab:a8:58:78:f1:a8:19:16:8b:7a:
6e:ec:1b:a4:39:13:cf:c0:b7:96:55:19:e0:1a:45:
80:9d:db:4f:04:25:41:18:f0:92:ea:79:06:de:c3:
59:21:c0:39:b7:c1:f9:75:97:16:d7:ef:9a:08:4c:
9b:8c:ed:0b:9d:fe:6f:ff:a6:9b:b2:66:12:07:be:
58:a3:79:1c:29:92:a3:66:2a:c8:2d:2e:b9:61:4e:
ec:59:68:58:2a:3f:9a:2f:8c:a7:ec:2a:6f:4c:1f:
b4:b1:62:94:a6:73:8c:cf:00:e6:9c:ab:d3:26:8d:
86:54:43:37:ec:36:1c:18:fc:5a:be:b6:0c:03:dd:
56:2b:4b:87:11:cf:3d:e5:0a:6a:0d:0d:00:c9:90:
da:3d:f6:6e:3f:7d:01:b5:59:20:d9:6d:27:5d:42:
69:2b:86:0c:f4:9e:c6:e2:25:cf:d6:8e:43:c7:7d:
ac:c1:13:74:cc:1a:25:77:f3:19:62:b8:d7:b1:19:
23:3b:77:5c:25:ff:77:58:b1:18:ed:f4:97:75:a7:
15:76:74:75:6c:24:ed:15:f1:ce:9d:f7:f6:09:b7:
96:1a:8e:8b:a0:d6:57:49:e8:1c:9a:a4:4b:e9:e2:
1c:62:09:40:06:85:f7:04:b7:d6:07:92:37:ab:11:
b9:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A2:22:77:EC:C6:B1:0A:3D:20:2A:A3:90:CC:A7:FB:B9:2A:46:E0
X509v3 Authority Key Identifier:
keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91975CC/13E7D72EAFE311ECA2CB066DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91975CC/13E7D72EAFE311ECA2CB066DC4F9AE02/uKIid-zGsQo9ICqjkMyn-7kqRuA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
87.121.72.0/22
87.121.92.0/22
87.121.248.0/22
Signature Algorithm: sha256WithRSAEncryption
c9:53:71:2a:33:34:c6:30:dd:39:10:ee:54:da:6b:64:fd:59:
29:6e:7b:63:28:d7:01:5e:6a:60:c0:6f:a4:91:cd:70:4e:34:
3b:30:33:99:8b:73:76:a3:4b:a0:06:cb:a8:b7:f3:c5:9d:06:
c7:56:89:59:e6:ae:b6:7d:a0:fa:15:00:d4:c1:73:00:94:cc:
e6:15:46:a2:b3:0c:64:fb:f8:14:3f:a0:90:20:9f:94:cf:73:
26:eb:1a:4f:4a:df:f1:ef:9c:6d:64:62:02:0f:b2:9c:2f:b8:
f1:48:b2:06:57:f8:b1:cc:31:3a:c5:ab:1e:e2:73:48:d5:f0:
76:17:ca:ed:c3:d3:12:e0:98:b7:d7:43:70:b0:28:4d:98:71:
cd:b7:d1:39:05:fa:4a:01:fa:4d:4e:ff:0c:20:02:f2:e0:a2:
fb:c3:e4:53:e8:b2:35:ed:1d:d3:96:56:d6:03:50:d6:4e:a2:
31:0c:36:40:da:b3:3d:46:ba:cd:87:f8:7a:6e:08:90:4c:b6:
ba:f2:4e:66:d9:42:09:8c:c4:30:00:06:d4:f9:d2:68:92:ad:
8a:50:24:9c:99:0f:c9:d7:19:a7:67:8e:49:82:04:72:e4:0b:
26:1d:f5:22:34:3e:68:ed:c8:a3:5b:6e:75:29:77:ed:4f:33:
5d:91:9f:94
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgICSh8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjUwMTI5MTgxNzM1WhcNMjYwMzMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE5NzVDQzExMC8GA1UEBRMoQjhBMjIyNzdFQ0M2QjEwQTNEMjAyQUEz
OTBDQ0E3RkJCOTJBNDZFMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM3pnmurqFh48agZFot6buwbpDkTz8C3llUZ4BpFgJ3bTwQlQRjwkup5Bt7DWSHA
ObfB+XWXFtfvmghMm4ztC53+b/+mm7JmEge+WKN5HCmSo2YqyC0uuWFO7FloWCo/
mi+Mp+wqb0wftLFilKZzjM8A5pyr0yaNhlRDN+w2HBj8Wr62DAPdVitLhxHPPeUK
ag0NAMmQ2j32bj99AbVZINltJ11CaSuGDPSexuIlz9aOQ8d9rMETdMwaJXfzGWK4
17EZIzt3XCX/d1ixGO30l3WnFXZ0dWwk7RXxzp339gm3lhqOi6DWV0noHJqkS+ni
HGIJQAaF9wS31geSN6sRuQ8CAwEAAaOCAv8wggL7MB0GA1UdDgQWBBS4oiJ37Max
Cj0gKqOQzKf7uSpG4DAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTc1Q0MvMTNFN0Q3MkVBRkUzMTFFQ0EyQ0IwNjZEQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTk3NUNDLzEzRTdENzJFQUZFMzExRUNBMkNCMDY2REM0RjlBRTAyL3VLSWlkLXpH
c1FvOUlDcWprTXluLTdrcVJ1QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQcMBow
GAQCAAEwEgMEAld5SAMEAld5XAMEAld5+DANBgkqhkiG9w0BAQsFAAOCAQEAyVNx
KjM0xjDdORDuVNprZP1ZKW57YyjXAV5qYMBvpJHNcE40OzAzmYtzdqNLoAbLqLfz
xZ0Gx1aJWeautn2g+hUA1MFzAJTM5hVGorMMZPv4FD+gkCCflM9zJusaT0rf8e+c
bWRiAg+ynC+48UiyBlf4scwxOsWrHuJzSNXwdhfK7cPTEuCYt9dDcLAoTZhxzbfR
OQX6SgH6TU7/DCAC8uCi+8PkU+iyNe0d05ZW1gNQ1k6iMQw2QNqzPUa6zYf4em4I
kEy2uvJOZtlCCYzEMAAG1PnSaJKtilAknJkPydcZp2eOSYIEcuQLJh31IjQ+aO3I
o1tudSl37U8zXZGflA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:58:21 2025 by rpki-client