Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3IDIXlEBCJqyQl0_yRd5haASXG4.cer
File: 3IDIXlEBCJqyQl0_yRd5haASXG4.cer (raw, json)
Hash identifier: wPHy6uewL5kGQvHqXff7nBY2PgA+FXnAvfAbhu4Zx7k=
Subject key identifier: DC:80:C8:5E:51:01:08:9A:B2:42:5D:3F:C9:17:79:85:A0:12:5C:6E
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 61D8
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/3IDIXlEBCJqyQl0_yRd5haASXG4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 04 Feb 2025 22:40:28 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: IP: 64.120.88.0/22
IP: 64.120.112.0 -- 64.120.121.255
IP: 172.241.216.0/21
IP: 209.58.184.0/21
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 12 Feb 2025 14:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25048 (0x61d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Feb 4 22:40:28 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=A91D74A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7f:45:ba:1d:e5:ea:dc:32:5d:47:a9:b9:40:
c6:43:f1:6d:d3:94:b0:15:fa:32:4b:21:18:71:b0:
ce:56:13:18:ce:9d:c6:95:c0:a4:00:39:2e:2b:eb:
5c:9b:2d:8f:f0:44:38:7b:b0:0a:c7:b0:9b:da:95:
e8:af:82:9f:c5:0c:68:5a:86:89:4c:14:87:49:19:
3f:e7:48:fe:c0:df:7e:8c:03:d8:87:60:82:14:f8:
86:63:f5:92:4c:ea:ac:fa:85:33:c3:b4:3e:47:36:
2b:56:26:54:5d:f9:3e:e0:a1:48:9a:fa:f6:c9:d9:
53:03:75:e2:92:9e:d0:7b:62:c2:0d:07:03:e3:64:
4c:72:6e:d4:62:21:da:2f:a7:a1:ec:60:fc:d0:fc:
86:0b:85:7c:7f:c2:fa:38:97:7a:d2:b7:5a:d3:12:
aa:d6:1e:eb:85:96:8c:37:37:aa:8a:fc:3b:bc:cf:
41:68:9e:b1:60:bd:e7:be:12:70:b5:85:f5:79:16:
d2:05:63:f6:e7:6c:05:30:d7:27:e9:3c:05:a5:66:
f4:7e:ba:c9:34:14:38:77:48:a6:ed:28:e9:2c:2e:
c4:6e:06:86:d6:f8:40:f7:42:f2:6c:ec:7c:c7:c9:
19:d0:5e:d3:51:4d:d1:94:36:d0:6c:59:59:d6:18:
4e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:80:C8:5E:51:01:08:9A:B2:42:5D:3F:C9:17:79:85:A0:12:5C:6E
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/3IDIXlEBCJqyQl0_yRd5haASXG4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
64.120.88.0/22
64.120.112.0-64.120.121.255
172.241.216.0/21
209.58.184.0/21
Signature Algorithm: sha256WithRSAEncryption
65:8d:e2:28:36:b7:0a:51:50:6c:36:9f:ba:9d:14:e6:90:3c:
4b:1e:88:d3:a6:0e:8b:c6:96:1d:ab:91:4e:88:5f:59:87:83:
f6:6e:e4:4e:5f:16:e6:20:9c:95:87:e3:86:50:67:09:1c:7d:
34:cf:e5:90:65:c3:51:b5:0a:ba:21:27:44:24:f5:88:9e:a0:
a3:09:e5:73:7f:25:0a:39:8e:da:6b:f0:95:38:0b:53:85:91:
8f:d5:3f:fd:71:10:79:86:cd:ba:2a:a4:da:31:bf:04:84:30:
05:48:9e:e8:fa:5b:54:6a:37:5c:fb:05:62:28:55:eb:65:11:
99:af:f4:32:b4:cf:97:e1:6b:74:c4:52:d6:99:48:5c:d2:21:
eb:c4:95:d9:36:45:9d:3d:db:64:bc:62:9c:0e:1e:9d:e8:67:
11:18:f2:23:b9:8b:cc:a5:0d:63:20:ee:9d:7c:e4:f3:16:90:
73:0b:99:35:ef:f7:0a:34:a4:8b:dd:04:7d:1d:fa:1a:2a:b0:
8a:0f:3d:f3:9f:6c:cf:d4:4b:93:a0:30:5e:53:d0:0e:7e:11:
81:76:ab:48:ea:7c:b5:01:8e:6b:f3:00:ce:20:b5:18:18:d8:
a6:a9:4a:e0:a1:4d:0e:99:bf:f2:19:f4:64:62:eb:fc:d8:aa:
71:b1:70:31
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgICYdgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwMjA0MjI0MDI4WhcNMjYwMzMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFENzRBNjExMC8GA1UEBRMoREM4MEM4NUU1MTAxMDg5QUIyNDI1RDNG
QzkxNzc5ODVBMDEyNUM2RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMZ/Rbod5ercMl1HqblAxkPxbdOUsBX6MkshGHGwzlYTGM6dxpXApAA5LivrXJst
j/BEOHuwCsewm9qV6K+Cn8UMaFqGiUwUh0kZP+dI/sDffowD2IdgghT4hmP1kkzq
rPqFM8O0Pkc2K1YmVF35PuChSJr69snZUwN14pKe0Htiwg0HA+NkTHJu1GIh2i+n
oexg/ND8hguFfH/C+jiXetK3WtMSqtYe64WWjDc3qor8O7zPQWiesWC9574ScLWF
9XkW0gVj9udsBTDXJ+k8BaVm9H66yTQUOHdIpu0o6SwuxG4Ghtb4QPdC8mzsfMfJ
GdBe01FN0ZQ20GxZWdYYTgsCAwEAAaOCAw0wggMJMB0GA1UdDgQWBBTcgMheUQEI
mrJCXT/JF3mFoBJcbjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDc0QTYvNzE3MUJCRjJEMTlDMTFFRjgzQ0VBRDNDQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQ3NEE2LzcxNzFCQkYyRDE5QzExRUY4M0NFQUQzQ0M0RjlBRTAyLzNJRElYbEVC
Q0pxeVFsMF95UmQ1aGFBU1hHNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA5BggrBgEFBQcBBwEB/wQqMCgw
JgQCAAEwIAMEAkB4WDAMAwQEQHhwAwQBQHh4AwQDrPHYAwQD0Tq4MA0GCSqGSIb3
DQEBCwUAA4IBAQBljeIoNrcKUVBsNp+6nRTmkDxLHojTpg6LxpYdq5FOiF9Zh4P2
buROXxbmIJyVh+OGUGcJHH00z+WQZcNRtQq6ISdEJPWInqCjCeVzfyUKOY7aa/CV
OAtThZGP1T/9cRB5hs26KqTaMb8EhDAFSJ7o+ltUajdc+wViKFXrZRGZr/QytM+X
4Wt0xFLWmUhc0iHrxJXZNkWdPdtkvGKcDh6d6GcRGPIjuYvMpQ1jIO6dfOTzFpBz
C5k17/cKNKSL3QR9HfoaKrCKDz3zn2zP1EuToDBeU9AOfhGBdqtI6ny1AY5r8wDO
ILUYGNimqUrgoU0Omb/yGfRkYuv82KpxsXAx
-----END CERTIFICATE-----
Generated at Wed Feb 5 17:07:04 2025 by rpki-client