Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5CHll4Srb9cADNFZcQHsNg3ZQGY.cer
File: 5CHll4Srb9cADNFZcQHsNg3ZQGY.cer (raw, json)
Hash identifier: 1FBvhMGjidLrJqJIQhB4LxZE2dssGZ09NhYfccepXgw=
Subject key identifier: E4:21:E5:97:84:AB:6F:D7:00:0C:D1:59:71:01:EC:36:0D:D9:40:66
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5CE3
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/5CHll4Srb9cADNFZcQHsNg3ZQGY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 24 Oct 2024 12:04:44 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: IP: 160.187.188.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 15:41:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23779 (0x5ce3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Oct 24 12:04:44 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A91A1E1C/serialNumber=E421E59784AB6FD7000CD1597101EC360DD94066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b5:2e:cd:92:d8:0a:4c:73:c9:3f:f1:59:68:
da:d4:ca:68:95:47:ce:e2:ff:a3:32:f2:41:59:5b:
f1:f6:d2:c1:ff:05:0b:f9:fe:0c:3a:0f:68:14:b0:
77:5c:84:b3:db:c9:f8:78:d5:33:1c:a8:56:c3:b2:
7e:f5:25:89:de:7a:40:0a:35:d7:46:65:7e:93:6b:
e6:63:79:a2:59:55:41:85:ca:9a:fe:27:4b:c5:02:
f0:07:fa:b1:20:82:33:04:37:94:b1:10:78:da:62:
4d:68:09:9e:f7:80:3b:34:83:79:56:1e:2e:6e:44:
11:c5:82:e2:e4:31:e9:b4:e6:e9:62:b0:73:52:30:
5a:e9:d2:f6:1d:d3:2d:37:0d:9c:35:a9:c1:7c:70:
fa:c6:6e:20:39:66:67:92:a6:a9:55:b3:a9:42:03:
88:e4:f5:46:76:4c:f1:48:6f:29:ae:01:4a:cf:d5:
0b:1c:7b:f3:d8:72:af:7c:d4:3e:d8:6d:4b:1d:f9:
f0:00:9c:45:4f:da:c5:d9:ba:f0:05:3e:12:bc:f8:
1e:e7:a6:7f:17:38:53:a3:8e:42:35:f3:e5:0e:13:
16:d6:ff:f6:37:66:bc:2c:6e:53:28:0a:5e:65:a4:
6b:21:9c:80:02:e4:89:2b:f6:23:79:fc:0d:d4:4b:
19:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:21:E5:97:84:AB:6F:D7:00:0C:D1:59:71:01:EC:36:0D:D9:40:66
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/5CHll4Srb9cADNFZcQHsNg3ZQGY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.187.188.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:ac:f1:6f:19:c1:12:ab:6c:91:1b:67:0a:5e:72:6f:41:7c:
14:ba:6a:f4:9a:f8:b1:62:d0:c2:58:f5:51:37:02:bd:2d:63:
50:78:84:fc:5e:23:eb:aa:f0:3f:fe:10:b6:8e:44:91:93:8f:
c4:e4:fd:e4:77:4d:0a:aa:7c:eb:38:1a:dd:17:25:a6:0e:58:
37:ea:ee:6d:0e:48:bc:03:ed:de:32:6c:58:4d:62:9c:22:7e:
03:cc:db:1f:45:cb:ee:38:e6:9a:6a:9f:fa:48:16:db:8f:40:
89:98:d8:7c:4c:49:da:8f:a5:24:ef:13:6c:7b:c7:23:8f:f2:
48:79:72:9c:99:74:61:b2:8b:3d:26:93:98:68:36:b8:23:da:
a9:6a:df:0c:69:40:cf:3b:e5:af:35:34:c2:10:19:a5:83:c4:
ea:d4:3f:45:3b:ae:d4:15:43:cc:c4:76:66:5f:0e:62:d6:bb:
48:12:53:1e:dd:68:68:f7:8f:76:2a:4d:b3:9b:c1:68:47:1f:
2e:9a:d4:36:94:b3:f5:8d:8a:af:76:30:6e:81:02:42:c1:89:
4c:be:d3:31:53:1d:08:2a:9d:1f:40:26:e3:57:2c:2b:73:6f:
48:8d:dc:fe:75:57:05:fa:03:ea:fd:f2:b6:17:8a:fa:30:17:
f7:9d:10:0d
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICXOMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQxMDI0MTIwNDQ0WhcNMjUxMjMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFBMUUxQzExMC8GA1UEBRMoRTQyMUU1OTc4NEFCNkZENzAwMENEMTU5
NzEwMUVDMzYwREQ5NDA2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALq1Ls2S2ApMc8k/8Vlo2tTKaJVHzuL/ozLyQVlb8fbSwf8FC/n+DDoPaBSwd1yE
s9vJ+HjVMxyoVsOyfvUlid56QAo110ZlfpNr5mN5ollVQYXKmv4nS8UC8Af6sSCC
MwQ3lLEQeNpiTWgJnveAOzSDeVYeLm5EEcWC4uQx6bTm6WKwc1IwWunS9h3TLTcN
nDWpwXxw+sZuIDlmZ5KmqVWzqUIDiOT1RnZM8UhvKa4BSs/VCxx789hyr3zUPtht
Sx358ACcRU/axdm68AU+Erz4Huemfxc4U6OOQjXz5Q4TFtb/9jdmvCxuUygKXmWk
ayGcgALkiSv2I3n8DdRLGc8CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTkIeWXhKtv
1wAM0VlxAew2DdlAZjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTFFMUMvMjUyMjJEODA5MjAwMTFFRjlFMEMzRDZCQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUExRTFDLzI1MjIyRDgwOTIwMDExRUY5RTBDM0Q2QkM0RjlBRTAyLzVDSGxsNFNy
YjljQURORlpjUUhzTmczWlFHWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaC7vDANBgkqhkiG9w0BAQsFAAOCAQEAoKzxbxnBEqtskRtnCl5y
b0F8FLpq9Jr4sWLQwlj1UTcCvS1jUHiE/F4j66rwP/4Qto5EkZOPxOT95HdNCqp8
6zga3Rclpg5YN+rubQ5IvAPt3jJsWE1inCJ+A8zbH0XL7jjmmmqf+kgW249AiZjY
fExJ2o+lJO8TbHvHI4/ySHlynJl0YbKLPSaTmGg2uCPaqWrfDGlAzzvlrzU0whAZ
pYPE6tQ/RTuu1BVDzMR2Zl8OYta7SBJTHt1oaPePdipNs5vBaEcfLprUNpSz9Y2K
r3YwboECQsGJTL7TMVMdCCqdH0Am41csK3NvSI3c/nVXBfoD6v3ytheK+jAX950Q
DQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:50:39 2024 by rpki-client on console-ams.rpki-client.org