Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0kH1cc1jl5Yw3B8WrUiZ1b7VZuU.cer
File: 0kH1cc1jl5Yw3B8WrUiZ1b7VZuU.cer (raw, json)
Hash identifier: k3GI1ymCEhQS/LVRYMDa2Kjnj3rhQiyJhX6hI73c8C4=
Subject key identifier: D2:41:F5:71:CD:63:97:96:30:DC:1F:16:AD:48:99:D5:BE:D5:66:E5
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5B92
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A9CD5/71995F4E7FEF11EFA82DF639C4F9AE02/0kH1cc1jl5Yw3B8WrUiZ1b7VZuU.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A9CD5/71995F4E7FEF11EFA82DF639C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 01 Oct 2024 12:19:50 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: IP: 160.187.110.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 20:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23442 (0x5b92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Oct 1 12:19:50 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A91A9CD5/serialNumber=D241F571CD63979630DC1F16AD4899D5BED566E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:01:49:22:69:c8:13:9b:7c:8d:5a:9e:95:a7:
d7:14:78:b9:c0:06:51:d4:65:90:c6:a7:40:19:b5:
ec:ff:c5:ba:d2:52:1b:9e:45:cf:0d:28:20:d8:8f:
03:8f:4c:b2:d9:11:98:ef:5d:bb:57:c0:8b:e1:16:
ce:f8:57:eb:b6:90:08:c5:bd:40:26:7c:35:be:35:
e8:f4:42:a5:88:bd:8c:d4:b5:79:f5:ef:71:8c:1c:
eb:4a:06:38:97:a7:72:e3:a0:65:98:e3:c2:3d:84:
d2:7c:5f:18:ee:25:be:77:82:0f:2f:e8:61:62:eb:
cd:28:a8:76:e6:04:c0:51:f2:f0:ac:ab:b2:87:40:
8f:99:23:cb:50:7d:92:97:88:b7:b2:45:d7:e8:49:
de:93:29:4e:a1:b3:40:42:52:9c:ed:85:c1:09:27:
5d:a4:b7:c0:b9:22:58:0d:52:5e:12:fa:de:bc:ac:
22:86:ce:13:94:d2:88:b5:09:81:47:dc:ff:3c:44:
8e:bd:2d:41:e8:20:a7:6d:32:c6:fd:e0:c1:23:d4:
76:b1:f4:9a:f7:40:e1:78:ce:cb:ff:02:a8:5c:25:
3f:b2:b8:73:04:12:ef:f4:22:00:21:0f:58:7c:a8:
dd:f3:53:19:1d:03:6e:86:02:46:5c:2a:82:08:84:
df:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:41:F5:71:CD:63:97:96:30:DC:1F:16:AD:48:99:D5:BE:D5:66:E5
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A9CD5/71995F4E7FEF11EFA82DF639C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A9CD5/71995F4E7FEF11EFA82DF639C4F9AE02/0kH1cc1jl5Yw3B8WrUiZ1b7VZuU.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.187.110.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:e2:85:11:5f:40:c2:7d:cb:0c:c8:47:a6:1a:20:5a:2d:66:
d5:bd:bd:ff:41:16:f5:80:a2:e3:49:0d:7a:e5:a3:f1:c5:44:
3f:e8:ca:e8:3d:4b:35:02:20:e2:b1:ac:7b:db:1d:fe:ef:ba:
dc:1b:ed:43:00:71:b9:a2:95:cb:07:24:93:77:6d:67:eb:d2:
da:e7:ec:2c:8d:63:66:9c:12:09:bb:e7:a6:07:14:c7:47:60:
15:c9:92:75:a0:66:87:6d:bb:43:24:42:11:82:fb:1c:c9:45:
85:48:2d:e3:ca:5a:55:70:c6:f6:74:15:1d:11:02:2a:d0:c1:
86:25:c0:7a:eb:ce:08:c5:39:e9:47:9b:51:23:76:7f:d3:6d:
c9:ea:1a:67:36:8f:d4:27:83:44:20:9c:bb:fb:41:fc:fc:e7:
3e:6a:bf:39:25:76:de:67:7a:30:1c:c6:93:ca:68:b2:00:8c:
17:66:ee:2c:bd:e5:67:03:2d:73:d6:74:37:8e:20:fc:3f:30:
38:56:94:c5:c4:fa:9b:bb:7e:eb:1b:d8:3d:7f:74:0d:be:63:
cc:7b:fa:67:88:16:3c:07:60:8d:ad:03:bd:c6:56:c4:2e:62:
2c:96:35:73:e4:6f:c2:13:cd:ba:27:c7:0c:40:b5:e2:f8:ee:
39:88:5f:ad
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICW5IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQxMDAxMTIxOTUwWhcNMjUxMjMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFBOUNENTExMC8GA1UEBRMoRDI0MUY1NzFDRDYzOTc5NjMwREMxRjE2
QUQ0ODk5RDVCRUQ1NjZFNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AOYBSSJpyBObfI1anpWn1xR4ucAGUdRlkManQBm17P/FutJSG55Fzw0oINiPA49M
stkRmO9du1fAi+EWzvhX67aQCMW9QCZ8Nb416PRCpYi9jNS1efXvcYwc60oGOJen
cuOgZZjjwj2E0nxfGO4lvneCDy/oYWLrzSioduYEwFHy8KyrsodAj5kjy1B9kpeI
t7JF1+hJ3pMpTqGzQEJSnO2FwQknXaS3wLkiWA1SXhL63rysIobOE5TSiLUJgUfc
/zxEjr0tQeggp20yxv3gwSPUdrH0mvdA4XjOy/8CqFwlP7K4cwQS7/QiACEPWHyo
3fNTGR0DboYCRlwqggiE37kCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTSQfVxzWOX
ljDcHxatSJnVvtVm5TAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTlDRDUvNzE5OTVGNEU3RkVGMTFFRkE4MkRGNjM5QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE5Q0Q1LzcxOTk1RjRFN0ZFRjExRUZBODJERjYzOUM0RjlBRTAyLzBrSDFjYzFq
bDVZdzNCOFdyVWlaMWI3Vlp1VS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaC7bjANBgkqhkiG9w0BAQsFAAOCAQEAXuKFEV9Awn3LDMhHphog
Wi1m1b29/0EW9YCi40kNeuWj8cVEP+jK6D1LNQIg4rGse9sd/u+63BvtQwBxuaKV
ywckk3dtZ+vS2ufsLI1jZpwSCbvnpgcUx0dgFcmSdaBmh227QyRCEYL7HMlFhUgt
48paVXDG9nQVHRECKtDBhiXAeuvOCMU56UebUSN2f9NtyeoaZzaP1CeDRCCcu/tB
/PznPmq/OSV23md6MBzGk8posgCMF2buLL3lZwMtc9Z0N44g/D8wOFaUxcT6m7t+
6xvYPX90Db5jzHv6Z4gWPAdgja0DvcZWxC5iLJY1c+RvwhPNuifHDEC14vjuOYhf
rQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:29 2024 by rpki-client on console-fra.rpki-client.org