Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/7AffwfGIh38OvP3gtIHMAiw0NrI.cer
File: 7AffwfGIh38OvP3gtIHMAiw0NrI.cer (raw, json)
Hash identifier: xRLg0PtzoBrnimVU+/fkLDV73RUHr1tYQbi+QgZ+y7A=
Subject key identifier: EC:07:DF:C1:F1:88:87:7F:0E:BC:FD:E0:B4:81:CC:02:2C:34:36:B2
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6012
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91BEE1D/92782234C70E11EF8067C466C4F9AE02/7AffwfGIh38OvP3gtIHMAiw0NrI.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91BEE1D/92782234C70E11EF8067C466C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 31 Dec 2024 00:31:32 +0000
Certificate not after: Mon 02 Mar 2026 00:00:00 +0000
Subordinate resources: IP: 160.250.140.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 12 Feb 2025 14:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24594 (0x6012)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Dec 31 00:31:32 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=A91BEE1D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:65:d2:d6:54:fd:55:92:ef:ac:95:5e:2a:24:
ac:37:88:90:c9:4c:f2:8b:94:88:60:28:5a:f2:20:
0d:5b:95:8d:27:93:f1:07:b1:e1:40:bf:be:38:d8:
37:7a:19:be:42:92:c5:91:63:5e:e4:7e:42:ee:fc:
03:37:de:bf:ce:3a:b7:e7:d6:fb:5e:fd:ec:de:b4:
78:1a:d1:ab:cf:3d:43:fc:7a:d7:cb:8e:70:d4:ac:
e0:af:d4:1c:20:9a:b2:d3:ab:2b:f9:56:cd:29:e0:
2b:c5:2d:6c:cc:e9:c0:64:0b:3a:ca:4f:9e:f0:d6:
02:8f:a0:9d:3a:00:95:d9:65:48:2d:0d:af:2d:c5:
b5:78:fe:5e:dc:ac:fe:dc:8b:ae:57:3a:cc:43:5b:
e1:fa:d8:59:9b:cf:de:89:90:9f:6b:0f:79:7c:fe:
c3:28:e5:9a:3c:dc:dc:4c:88:87:b0:41:94:42:8e:
bb:3b:25:50:58:ad:47:48:42:ec:8b:27:e7:db:d5:
b3:5d:c6:3a:bd:73:07:c1:74:0d:61:3c:d6:1c:0b:
a0:a0:ee:68:4b:93:43:c0:b8:e9:10:6e:dc:d6:e6:
d4:d5:54:b4:71:5e:30:2e:44:df:e1:d4:d7:91:4e:
e0:92:23:3a:96:69:b8:21:4f:77:79:ac:84:b9:e2:
5c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:07:DF:C1:F1:88:87:7F:0E:BC:FD:E0:B4:81:CC:02:2C:34:36:B2
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91BEE1D/92782234C70E11EF8067C466C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91BEE1D/92782234C70E11EF8067C466C4F9AE02/7AffwfGIh38OvP3gtIHMAiw0NrI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.250.140.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:3e:f4:69:3e:ce:5a:07:27:20:42:70:41:1a:f4:97:1f:fc:
f8:05:a0:f8:d8:a6:98:cb:e6:87:2b:1b:85:d6:b0:b0:1d:36:
54:2a:aa:09:34:e6:ed:64:c6:18:d6:11:bc:17:f6:2e:5f:cd:
34:ff:d2:90:4a:94:23:19:93:c3:73:b2:4d:d6:06:d2:09:d3:
5d:31:4c:df:5a:58:02:2f:75:87:71:16:ba:a4:62:eb:c4:e7:
8f:dc:a1:2e:4c:7f:95:09:51:f6:f9:ab:c9:eb:30:47:30:30:
c7:7c:f7:d9:9d:01:b0:98:f7:1d:c6:0b:2e:18:15:3f:7d:7e:
eb:1e:2c:1d:37:68:de:15:93:95:c9:7e:ff:4b:a4:6f:84:5d:
8d:2c:a3:58:0b:bd:6e:ed:14:5c:1c:f1:cb:7e:c7:ea:a6:08:
82:c9:df:ae:a5:fd:4c:1a:96:43:e7:c0:15:56:42:6b:bb:90:
0d:ce:64:67:2f:f0:e9:2c:6d:ea:6b:4b:b7:db:42:da:8f:d1:
04:b7:86:6c:17:a1:b9:2a:a6:cf:12:fb:ea:2b:ef:05:b6:f9:
d6:20:5a:e6:58:a6:b0:5e:aa:29:09:cb:47:58:f5:82:4f:d2:
ea:03:d7:5d:bf:13:ad:be:af:d9:3a:c0:b5:ba:77:d5:57:1b:
94:58:67:a4
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICYBIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQxMjMxMDAzMTMyWhcNMjYwMzAyMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFCRUUxRDExMC8GA1UEBRMoRUMwN0RGQzFGMTg4ODc3RjBFQkNGREUw
QjQ4MUNDMDIyQzM0MzZCMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMhl0tZU/VWS76yVXiokrDeIkMlM8ouUiGAoWvIgDVuVjSeT8Qex4UC/vjjYN3oZ
vkKSxZFjXuR+Qu78Azfev846t+fW+1797N60eBrRq889Q/x618uOcNSs4K/UHCCa
stOrK/lWzSngK8UtbMzpwGQLOspPnvDWAo+gnToAldllSC0Nry3FtXj+Xtys/tyL
rlc6zENb4frYWZvP3omQn2sPeXz+wyjlmjzc3EyIh7BBlEKOuzslUFitR0hC7Isn
59vVs13GOr1zB8F0DWE81hwLoKDuaEuTQ8C46RBu3Nbm1NVUtHFeMC5E3+HU15FO
4JIjOpZpuCFPd3mshLniXAMCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTsB9/B8YiH
fw68/eC0gcwCLDQ2sjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkVFMUQvOTI3ODIyMzRDNzBFMTFFRjgwNjdDNDY2QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUJFRTFELzkyNzgyMjM0QzcwRTExRUY4MDY3QzQ2NkM0RjlBRTAyLzdBZmZ3ZkdJ
aDM4T3ZQM2d0SUhNQWl3ME5ySS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKD6jDANBgkqhkiG9w0BAQsFAAOCAQEAXT70aT7OWgcnIEJwQRr0
lx/8+AWg+NimmMvmhysbhdawsB02VCqqCTTm7WTGGNYRvBf2Ll/NNP/SkEqUIxmT
w3OyTdYG0gnTXTFM31pYAi91h3EWuqRi68Tnj9yhLkx/lQlR9vmryeswRzAwx3z3
2Z0BsJj3HcYLLhgVP31+6x4sHTdo3hWTlcl+/0ukb4RdjSyjWAu9bu0UXBzxy37H
6qYIgsnfrqX9TBqWQ+fAFVZCa7uQDc5kZy/w6Sxt6mtLt9tC2o/RBLeGbBehuSqm
zxL76ivvBbb51iBa5limsF6qKQnLR1j1gk/S6gPXXb8Trb6v2TrAtbp31VcblFhn
pA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 16:55:15 2025 by rpki-client