Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer
File: 2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer (raw, json)
Hash identifier: IVh8u/udtSeoqTmaYb/Cq0qY+/eVCJSjH/X7sXOfWiA=
Subject key identifier: DA:4B:5C:21:23:BA:9D:0F:80:23:78:DA:DD:D4:80:1B:56:70:A3:ED
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 592C
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sat 03 Aug 2024 00:15:13 +0000
Certificate not after: Fri 31 Oct 2025 00:00:00 +0000
Subordinate resources: IP: 130.248.108.0 -- 130.248.127.255
IP: 192.150.16.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 20:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22828 (0x592c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Aug 3 00:15:13 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=A91EA9BD/serialNumber=DA4B5C2123BA9D0F802378DADDD4801B5670A3ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:07:35:81:8e:60:70:d0:92:73:b5:51:66:3e:
ab:a5:a7:14:d5:61:e3:d9:1b:3b:99:3d:80:ed:8c:
40:ec:37:60:e7:03:e9:2b:21:f0:be:c5:7b:75:93:
4f:69:ac:eb:64:c3:4d:12:32:06:a7:a8:2c:0a:b2:
6c:4b:14:2f:17:71:b7:db:40:24:1f:2b:00:58:e3:
92:3e:88:f3:3b:4c:31:49:27:52:56:02:99:e3:f2:
24:47:fc:a5:4a:2e:69:65:58:ec:7f:73:02:76:c4:
fd:cf:06:f9:12:bf:f9:b2:5f:39:66:6f:43:4f:bb:
9d:fa:89:7b:c0:12:97:23:d9:25:a9:a2:92:ab:ec:
c6:d0:91:80:e2:88:11:5f:79:14:51:87:69:88:1d:
af:34:99:fe:f9:25:28:0b:48:13:ee:40:c2:38:1c:
80:32:40:ec:d1:75:cb:c9:73:d7:02:48:10:68:16:
db:e3:27:9d:ce:5f:57:da:c8:8b:d8:78:37:4a:b6:
9b:87:aa:72:b6:a0:63:1f:45:9c:df:9f:5d:6f:96:
f4:53:7d:8c:8c:17:b0:ca:04:34:1c:a6:aa:be:2c:
0b:22:fd:9a:59:92:bc:bc:30:12:bc:36:0d:4e:cf:
44:ab:9e:5d:d5:d1:e6:43:46:b2:8e:43:53:2f:94:
d1:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:4B:5C:21:23:BA:9D:0F:80:23:78:DA:DD:D4:80:1B:56:70:A3:ED
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
130.248.108.0-130.248.127.255
192.150.16.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:91:32:d2:76:18:35:fa:85:04:9e:38:a7:24:ca:10:19:46:
da:8f:2d:c9:a1:e1:64:a9:f7:68:83:26:b7:07:53:a2:d2:f5:
be:93:9a:6b:57:b8:f7:b9:7a:25:f6:ff:52:b6:09:f4:c4:f4:
22:69:41:aa:0f:28:de:6f:47:9b:f1:1e:df:e9:82:4e:f2:b9:
53:f0:31:cb:10:f0:da:1e:33:ad:96:7b:d4:86:26:90:00:03:
12:83:fe:2e:ab:7e:a0:55:cb:d1:37:ea:ec:e2:f3:55:83:89:
07:1a:b6:86:6d:99:b1:f1:eb:59:46:d3:24:54:b9:98:10:2c:
e0:46:c5:b0:5a:32:24:70:1a:55:c9:4d:5d:17:c4:5e:a4:e3:
15:88:26:7a:d6:97:d6:3c:4e:c2:04:c2:b8:65:76:dc:87:a4:
fd:cb:8e:3c:39:ce:58:de:76:ae:ce:40:22:d6:c8:1a:b3:05:
26:b0:1e:fd:aa:0d:92:0f:f7:3d:77:13:79:13:73:40:2d:b3:
e2:6b:30:4d:4c:fa:0b:75:9f:ac:a0:87:f5:90:d0:70:fb:31:
d8:38:a3:ed:e8:5a:0a:b1:63:e0:22:47:d4:1a:c7:2e:e2:3e:
1d:39:02:1e:4c:84:18:d5:7e:94:95:75:d1:8f:79:3b:e5:ba:
61:1d:60:9d
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgICWSwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwODAzMDAxNTEzWhcNMjUxMDMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFFQTlCRDExMC8GA1UEBRMoREE0QjVDMjEyM0JBOUQwRjgwMjM3OERB
RERENDgwMUI1NjcwQTNFRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKoHNYGOYHDQknO1UWY+q6WnFNVh49kbO5k9gO2MQOw3YOcD6Ssh8L7Fe3WTT2ms
62TDTRIyBqeoLAqybEsULxdxt9tAJB8rAFjjkj6I8ztMMUknUlYCmePyJEf8pUou
aWVY7H9zAnbE/c8G+RK/+bJfOWZvQ0+7nfqJe8ASlyPZJamikqvsxtCRgOKIEV95
FFGHaYgdrzSZ/vklKAtIE+5AwjgcgDJA7NF1y8lz1wJIEGgW2+Mnnc5fV9rIi9h4
N0q2m4eqcragYx9FnN+fXW+W9FN9jIwXsMoENBymqr4sCyL9mlmSvLwwErw2DU7P
RKueXdXR5kNGso5DUy+U0QMCAwEAAaOCAwEwggL9MB0GA1UdDgQWBBTaS1whI7qd
D4AjeNrd1IAbVnCj7TAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE5QkQvMDc0OTU4OTA5MTgyMTFFODkxQzRFQzEwQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUVBOUJELzA3NDk1ODkwOTE4MjExRTg5MUM0RUMxMEM0RjlBRTAyLzJrdGNJU082
blEtQUkzamEzZFNBRzFad28tMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAtBggrBgEFBQcBBwEB/wQeMBww
GgQCAAEwFDAMAwQCgvhsAwQHgvgAAwQAwJYQMA0GCSqGSIb3DQEBCwUAA4IBAQAc
kTLSdhg1+oUEnjinJMoQGUbajy3JoeFkqfdogya3B1Oi0vW+k5prV7j3uXol9v9S
tgn0xPQiaUGqDyjeb0eb8R7f6YJO8rlT8DHLEPDaHjOtlnvUhiaQAAMSg/4uq36g
VcvRN+rs4vNVg4kHGraGbZmx8etZRtMkVLmYECzgRsWwWjIkcBpVyU1dF8RepOMV
iCZ61pfWPE7CBMK4ZXbch6T9y448Oc5Y3nauzkAi1sgaswUmsB79qg2SD/c9dxN5
E3NALbPiazBNTPoLdZ+soIf1kNBw+zHYOKPt6FoKsWPgIkfUGscu4j4dOQIeTIQY
1X6UlXXRj3k75bphHWCd
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:41:38 2024 by rpki-client on console-ams.rpki-client.org