Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-S21ujUS5Gp82_tLNRS9b_hcjz0.cer
File: -S21ujUS5Gp82_tLNRS9b_hcjz0.cer (raw, json)
Hash identifier: iH4WhHPfmh5GYMibl93JPev4LaYleynI2LLN3wBNoMM=
Subject key identifier: F9:2D:B5:BA:35:12:E4:6A:7C:DB:FB:4B:35:14:BD:6F:F8:5C:8F:3D
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5227
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9131A30/4B7A186ACAF211EEACDB2E1EC4F9AE02/-S21ujUS5Gp82_tLNRS9b_hcjz0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9131A30/4B7A186ACAF211EEACDB2E1EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 14 Feb 2024 04:34:15 +0000
Certificate not after: Wed 28 May 2025 00:00:00 +0000
Subordinate resources: IP: 157.15.242.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 10 May 2024 13:10:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21031 (0x5227)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Feb 14 04:34:15 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=A9131A30/serialNumber=F92DB5BA3512E46A7CDBFB4B3514BD6FF85C8F3D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:02:38:3f:be:c7:35:ea:00:fe:90:25:56:11:
38:6a:db:dc:14:ef:67:05:42:a2:df:c7:9c:cc:fe:
7f:8d:31:6a:3b:12:3d:41:08:8f:6d:b3:07:f0:e1:
18:ae:26:66:22:d3:b1:20:17:9a:4a:2f:47:72:85:
a9:95:47:d1:a0:86:bb:21:e0:98:c1:b1:fe:c5:52:
12:02:65:46:dd:88:6e:fe:56:6e:8c:f6:7b:80:44:
03:39:fb:52:88:fd:c7:45:37:c5:a4:35:4e:a1:28:
15:1a:fd:55:28:c3:04:8e:25:42:fa:33:42:21:0a:
69:af:9b:79:82:b9:e6:89:1b:6b:1e:89:76:3b:bd:
7a:3c:94:65:78:b8:6d:3b:a3:29:0c:a2:3a:08:3d:
18:0f:5e:64:e7:bf:87:c6:da:b6:55:b3:90:6d:45:
f3:92:ad:7a:19:8f:2a:5a:7d:71:73:8b:d0:47:ce:
cc:f0:9b:6c:9f:39:b5:8f:72:c1:ad:b3:37:fa:6e:
1b:76:b5:73:af:3f:eb:fb:b8:b4:c7:c8:5d:df:e9:
24:81:b4:33:74:cf:04:b1:e1:a0:09:08:0b:f2:99:
04:1b:c0:b5:80:5a:73:98:6c:35:65:d0:ad:94:64:
d0:1a:0b:4d:62:94:c2:0c:05:db:64:6e:b0:ee:b9:
75:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:2D:B5:BA:35:12:E4:6A:7C:DB:FB:4B:35:14:BD:6F:F8:5C:8F:3D
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9131A30/4B7A186ACAF211EEACDB2E1EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9131A30/4B7A186ACAF211EEACDB2E1EC4F9AE02/-S21ujUS5Gp82_tLNRS9b_hcjz0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.242.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:28:f0:35:b4:fd:60:63:59:63:b0:3c:99:a3:21:fd:c7:ad:
85:84:64:25:33:c4:aa:85:83:a2:e2:4a:ac:55:4c:cc:51:7e:
4e:50:b4:ef:62:08:82:42:fc:e3:51:10:19:27:f6:25:2e:6e:
e1:cd:dc:3b:40:21:7f:45:43:94:fe:2e:b8:34:61:e7:e1:a6:
93:c4:07:13:04:5d:2b:91:e5:a7:58:d3:04:5c:f7:67:f5:3a:
94:2e:7c:2d:b6:6a:9b:42:24:53:85:76:e3:fc:32:01:29:3b:
dc:97:8b:97:b3:02:86:cd:7c:fb:4b:91:a5:a3:a6:f8:16:a3:
1c:48:bf:7a:cd:c7:eb:28:b0:e9:f2:f8:4a:ee:9a:d8:b1:11:
a2:05:f0:f7:36:13:86:ae:93:c2:aa:30:f4:6d:a5:0d:8b:c5:
23:2c:82:80:40:fe:34:aa:8d:bf:fb:a0:18:3b:bb:9d:63:61:
c8:49:e1:55:53:34:84:af:9c:e3:5d:a5:40:20:86:42:6c:b8:
73:24:cc:4a:97:d7:23:32:12:6d:a8:a6:a0:a3:d3:95:d0:0f:
2d:2a:24:33:33:30:2a:6d:e1:d5:88:95:3c:37:ec:33:e4:93:
e6:f4:48:23:a3:21:dd:f7:8c:39:ae:cf:e9:29:85:1c:d1:d3:
5f:93:f7:a1
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICUicwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwMjE0MDQzNDE1WhcNMjUwNTI4MDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEzMUEzMDExMC8GA1UEBRMoRjkyREI1QkEzNTEyRTQ2QTdDREJGQjRC
MzUxNEJENkZGODVDOEYzRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALkCOD++xzXqAP6QJVYROGrb3BTvZwVCot/HnMz+f40xajsSPUEIj22zB/DhGK4m
ZiLTsSAXmkovR3KFqZVH0aCGuyHgmMGx/sVSEgJlRt2Ibv5Wboz2e4BEAzn7Uoj9
x0U3xaQ1TqEoFRr9VSjDBI4lQvozQiEKaa+beYK55okbax6Jdju9ejyUZXi4bTuj
KQyiOgg9GA9eZOe/h8batlWzkG1F85KtehmPKlp9cXOL0EfOzPCbbJ85tY9ywa2z
N/puG3a1c68/6/u4tMfIXd/pJIG0M3TPBLHhoAkIC/KZBBvAtYBac5hsNWXQrZRk
0BoLTWKUwgwF22RusO65dV8CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBT5LbW6NRLk
anzb+0s1FL1v+FyPPTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzFBMzAvNEI3QTE4NkFDQUYyMTFFRUFDREIyRTFFQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTMxQTMwLzRCN0ExODZBQ0FGMjExRUVBQ0RCMkUxRUM0RjlBRTAyLy1TMjF1alVT
NUdwODJfdExOUlM5Yl9oY2p6MC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0P8jANBgkqhkiG9w0BAQsFAAOCAQEAPijwNbT9YGNZY7A8maMh
/cethYRkJTPEqoWDouJKrFVMzFF+TlC072IIgkL841EQGSf2JS5u4c3cO0Ahf0VD
lP4uuDRh5+Gmk8QHEwRdK5Hlp1jTBFz3Z/U6lC58LbZqm0IkU4V24/wyASk73JeL
l7MChs18+0uRpaOm+BajHEi/es3H6yiw6fL4Su6a2LERogXw9zYThq6Twqow9G2l
DYvFIyyCgED+NKqNv/ugGDu7nWNhyEnhVVM0hK+c412lQCCGQmy4cyTMSpfXIzIS
baimoKPTldAPLSokMzMwKm3h1YiVPDfsM+ST5vRII6Mh3feMOa7P6SmFHNHTX5P3
oQ==
-----END CERTIFICATE-----
Generated at Fri May 3 15:17:02 2024 by rpki-client on console-ams.rpki-client.org