Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer
File: BUM8OuqKSXAsmoLuyV0WtVA86mA.cer (raw, json)
Hash identifier: Q5/3AxEC6Eehxxfx4RzuLYI2N+C71OMBiqMJLqzFnf4=
Subject key identifier: 05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 4FA0
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 27 Dec 2023 21:32:20 +0000
Certificate not after: Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources: IP: 134.159.0.0/16
IP: 192.154.16.0/24
IP: 192.154.24.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 20:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20384 (0x4fa0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Dec 27 21:32:20 2023 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=A91CFFA0/serialNumber=05433C3AEA8A49702C9A82EEC95D16B5503CEA60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ca:96:3b:3a:77:1c:1b:d5:41:4a:99:fe:7a:
28:a5:ab:dd:5e:ba:20:4a:6a:59:a5:53:01:1b:9c:
ad:a3:41:05:d4:74:77:57:d0:db:77:a5:45:17:12:
a4:b7:2c:7d:97:85:59:80:1f:7a:ce:3d:52:4c:7b:
bc:1a:74:90:d2:06:02:1c:b0:16:44:31:69:cc:46:
0c:7c:39:cc:33:69:b5:9b:df:77:37:6f:ee:e1:3b:
e3:6c:03:d1:1f:db:dd:99:0a:ef:79:29:43:d3:30:
ae:04:68:db:4f:cd:f0:fd:8e:2a:ac:ea:16:ef:a7:
96:d6:a0:39:c4:06:bf:54:13:8b:2a:72:b6:0c:89:
e8:6f:4a:a4:b2:51:36:9f:4a:91:ff:b2:3d:ea:df:
07:f1:2c:c1:1c:1c:06:98:88:35:4f:6a:96:68:24:
6f:43:ad:09:4d:89:09:c0:42:58:7e:70:be:65:ee:
a3:2f:a4:35:a2:c2:35:47:b1:32:2f:35:dc:f3:a3:
a3:de:5c:db:17:59:13:58:0b:43:b6:ac:22:e1:75:
84:f6:49:44:ee:23:56:d3:5d:e4:7b:46:e5:12:1f:
35:14:7e:80:64:d7:64:f9:cf:a4:ed:58:36:11:e4:
f9:60:24:ef:df:53:a5:96:ca:be:19:46:62:40:f8:
2e:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
134.159.0.0/16
192.154.16.0/24
192.154.24.0/23
Signature Algorithm: sha256WithRSAEncryption
60:97:8f:e5:01:50:f7:83:e6:e2:40:39:2f:28:71:58:65:d2:
7f:e8:43:86:e0:99:d0:ae:68:12:7c:4b:0c:87:a5:43:79:24:
c2:d0:6a:e5:87:c9:0d:8d:e5:b4:98:b0:be:61:39:15:a8:c3:
34:d7:c2:81:84:54:85:5d:6d:5c:7d:25:b2:39:68:db:33:3a:
9c:e7:91:41:13:bd:bf:9f:ab:ab:78:b9:7c:c4:87:cd:13:60:
58:70:47:a8:6d:e3:7f:a0:36:97:38:c7:e0:c8:2b:64:96:31:
91:f3:75:84:10:0b:f0:69:79:ef:e0:fd:7b:f2:6f:e2:e3:b5:
b3:1d:cf:88:96:2c:0e:b7:9b:c1:f8:fd:d5:f4:c2:16:d7:3d:
08:d7:1a:8e:f4:ee:37:1f:07:d5:18:6a:b0:7a:89:75:ca:29:
81:d1:12:33:a5:d7:fa:d1:d4:02:f0:18:09:89:d0:44:1b:25:
de:fe:03:51:3a:00:0d:f1:cf:47:16:65:d8:36:99:6b:7d:aa:
fd:3e:cf:ed:24:11:72:59:f4:98:e3:07:0c:34:00:d7:0a:29:
33:0f:6e:63:61:73:da:56:c5:79:78:e7:75:2a:c6:2a:d8:25:
b0:f4:13:12:6e:99:fd:b1:8d:c7:80:ba:58:32:54:36:99:38:
ac:2d:f8:a7
-----BEGIN CERTIFICATE-----
MIIGCDCCBPCgAwIBAgICT6AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjMxMjI3MjEzMjIwWhcNMjUwMzMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDRkZBMDExMC8GA1UEBRMoMDU0MzNDM0FFQThBNDk3MDJDOUE4MkVF
Qzk1RDE2QjU1MDNDRUE2MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMXKljs6dxwb1UFKmf56KKWr3V66IEpqWaVTARucraNBBdR0d1fQ23elRRcSpLcs
fZeFWYAfes49Ukx7vBp0kNIGAhywFkQxacxGDHw5zDNptZvfdzdv7uE742wD0R/b
3ZkK73kpQ9MwrgRo20/N8P2OKqzqFu+nltagOcQGv1QTiypytgyJ6G9KpLJRNp9K
kf+yPerfB/EswRwcBpiINU9qlmgkb0OtCU2JCcBCWH5wvmXuoy+kNaLCNUexMi81
3POjo95c2xdZE1gLQ7asIuF1hPZJRO4jVtNd5HtG5RIfNRR+gGTXZPnPpO1YNhHk
+WAk799TpZbKvhlGYkD4LqMCAwEAAaOCAv4wggL6MB0GA1UdDgQWBBQFQzw66opJ
cCyagu7JXRa1UDzqYDAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZGQTAvMTUwQkY2OTBEOENCMTFFOUJBRTI0RDIxQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNGRkEwLzE1MEJGNjkwRDhDQjExRTlCQUUyNEQyMUM0RjlBRTAyL0JVTThPdXFL
U1hBc21vTHV5VjBXdFZBODZtQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAqBggrBgEFBQcBBwEB/wQbMBkw
FwQCAAEwEQMDAIafAwQAwJoQAwQBwJoYMA0GCSqGSIb3DQEBCwUAA4IBAQBgl4/l
AVD3g+biQDkvKHFYZdJ/6EOG4JnQrmgSfEsMh6VDeSTC0Grlh8kNjeW0mLC+YTkV
qMM018KBhFSFXW1cfSWyOWjbMzqc55FBE72/n6ureLl8xIfNE2BYcEeobeN/oDaX
OMfgyCtkljGR83WEEAvwaXnv4P178m/i47WzHc+IliwOt5vB+P3V9MIW1z0I1xqO
9O43HwfVGGqweol1yimB0RIzpdf60dQC8BgJidBEGyXe/gNROgAN8c9HFmXYNplr
far9Ps/tJBFyWfSY4wcMNADXCikzD25jYXPaVsV5eOd1KsYq2CWw9BMSbpn9sY3H
gLpYMlQ2mTisLfin
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:41:38 2024 by rpki-client on console-ams.rpki-client.org