Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3VdGDwwSvgVGE6L0KWewfaVoe_A.cer
File: 3VdGDwwSvgVGE6L0KWewfaVoe_A.cer (raw, json)
Hash identifier: VPPWyW+f4oPrYNQmYpeoVyyOrevzb1bUbWzbP0FkWmg=
Subject key identifier: DD:57:46:0F:0C:12:BE:05:46:13:A2:F4:29:67:B0:7D:A5:68:7B:F0
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5BE2
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91566DC/5A182C7C852311EF9B48FF41C4F9AE02/3VdGDwwSvgVGE6L0KWewfaVoe_A.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91566DC/5A182C7C852311EF9B48FF41C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 08 Oct 2024 03:14:00 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: IP: 160.187.192.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 15:41:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23522 (0x5be2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Oct 8 03:14:00 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A91566DC/serialNumber=DD57460F0C12BE054613A2F42967B07DA5687BF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:55:87:d7:35:b6:c3:2a:d8:2d:d4:93:a5:88:
cd:40:4e:a4:8b:3c:93:6b:f2:a8:94:a2:dc:66:43:
ba:37:57:ed:f7:39:1f:cb:94:69:2e:82:66:23:44:
2a:42:94:52:32:18:a3:df:53:af:3c:fb:3b:45:8a:
c2:55:03:5e:0b:96:34:26:07:82:c0:30:39:5c:7d:
d6:aa:fb:3a:6b:66:80:cf:f6:cd:da:06:bb:39:54:
95:31:63:85:ee:15:e4:e4:47:d5:92:70:e8:3b:8f:
1f:2c:50:4f:b9:d7:65:1d:b8:93:38:3e:d8:18:cd:
1b:32:0d:bc:66:6b:1f:3b:49:a8:f3:6b:eb:1b:ec:
23:54:60:58:ba:04:eb:a9:e2:36:1d:78:4a:95:5c:
0f:5b:40:4b:50:8d:ff:13:69:72:dc:33:bd:46:c0:
62:26:cd:b9:44:23:c7:7c:e4:e5:c5:62:7e:f1:95:
b1:b4:71:fa:ba:de:e1:32:39:28:38:b8:25:7e:4f:
b1:31:d1:21:42:7b:22:5c:a3:14:4b:8c:4e:ca:89:
2a:ba:36:2b:f4:10:f3:97:15:73:83:96:42:74:49:
bf:e6:cc:9d:b3:94:2c:9e:4c:11:2b:5d:e6:32:ea:
69:a5:60:74:d8:07:c0:e1:c6:df:2a:47:9d:55:07:
ab:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:57:46:0F:0C:12:BE:05:46:13:A2:F4:29:67:B0:7D:A5:68:7B:F0
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91566DC/5A182C7C852311EF9B48FF41C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91566DC/5A182C7C852311EF9B48FF41C4F9AE02/3VdGDwwSvgVGE6L0KWewfaVoe_A.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.187.192.0/23
Signature Algorithm: sha256WithRSAEncryption
87:f3:38:76:fe:ce:48:04:c9:06:b1:22:25:17:9a:43:64:b9:
71:0a:e6:99:aa:6b:29:7b:04:94:6a:92:31:22:a6:d2:eb:f1:
17:ee:34:c6:7e:69:55:d2:d3:35:80:a4:d3:35:42:d4:c3:5f:
23:9d:17:6e:fa:77:3a:e0:fc:cf:f5:8c:bb:b4:63:35:21:a3:
57:f6:2f:24:a3:d8:5c:df:34:21:94:25:8b:3b:3d:4e:6a:ce:
18:45:0d:bb:c6:3f:a1:80:66:70:00:a4:30:54:76:d4:bf:3d:
90:04:f2:bb:fe:c9:66:5f:83:5e:2e:44:a4:5b:6f:9f:5a:e3:
ba:34:31:7f:0b:7a:4a:eb:ea:09:14:4e:67:d5:db:81:65:12:
87:74:1f:94:80:ee:32:41:1a:2b:4a:28:70:85:47:04:47:7d:
d5:1b:17:85:77:e2:1b:c4:1a:d3:61:07:33:04:ce:04:07:b0:
ad:af:ef:e7:60:54:e8:22:75:17:b5:a4:e3:b6:89:4f:55:91:
41:73:3a:88:47:45:1a:fa:84:e0:ed:45:db:fb:c7:1c:6b:c4:
6c:13:b1:d4:f9:fa:93:4f:a3:2b:a5:2d:2a:0b:81:71:ae:9a:
b6:87:82:50:98:11:28:5f:a5:5f:18:0e:0f:14:7b:5a:4f:a4:
78:91:1c:ae
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICW+IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQxMDA4MDMxNDAwWhcNMjYwMTMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE1NjZEQzExMC8GA1UEBRMoREQ1NzQ2MEYwQzEyQkUwNTQ2MTNBMkY0
Mjk2N0IwN0RBNTY4N0JGMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKZVh9c1tsMq2C3Uk6WIzUBOpIs8k2vyqJSi3GZDujdX7fc5H8uUaS6CZiNEKkKU
UjIYo99Trzz7O0WKwlUDXguWNCYHgsAwOVx91qr7OmtmgM/2zdoGuzlUlTFjhe4V
5ORH1ZJw6DuPHyxQT7nXZR24kzg+2BjNGzINvGZrHztJqPNr6xvsI1RgWLoE66ni
Nh14SpVcD1tAS1CN/xNpctwzvUbAYibNuUQjx3zk5cVifvGVsbRx+rre4TI5KDi4
JX5PsTHRIUJ7IlyjFEuMTsqJKro2K/QQ85cVc4OWQnRJv+bMnbOULJ5MEStd5jLq
aaVgdNgHwOHG3ypHnVUHqwMCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTdV0YPDBK+
BUYTovQpZ7B9pWh78DAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTY2REMvNUExODJDN0M4NTIzMTFFRjlCNDhGRjQxQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTU2NkRDLzVBMTgyQzdDODUyMzExRUY5QjQ4RkY0MUM0RjlBRTAyLzNWZEdEd3dT
dmdWR0U2TDBLV2V3ZmFWb2VfQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaC7wDANBgkqhkiG9w0BAQsFAAOCAQEAh/M4dv7OSATJBrEiJRea
Q2S5cQrmmaprKXsElGqSMSKm0uvxF+40xn5pVdLTNYCk0zVC1MNfI50Xbvp3OuD8
z/WMu7RjNSGjV/YvJKPYXN80IZQlizs9TmrOGEUNu8Y/oYBmcACkMFR21L89kATy
u/7JZl+DXi5EpFtvn1rjujQxfwt6SuvqCRROZ9XbgWUSh3QflIDuMkEaK0oocIVH
BEd91RsXhXfiG8Qa02EHMwTOBAewra/v52BU6CJ1F7Wk47aJT1WRQXM6iEdFGvqE
4O1F2/vHHGvEbBOx1Pn6k0+jK6UtKguBca6atoeCUJgRKF+lXxgODxR7Wk+keJEc
rg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:50:39 2024 by rpki-client on console-ams.rpki-client.org