Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer
File: D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer (raw, json)
Hash identifier: lTRF6R6PdBpTtTTR1ZbN3rnZ5u+TexohNgNEMoWgAPI=
Subject key identifier: 0F:D4:43:75:21:DB:5C:0B:C9:9E:45:B5:97:54:FF:7B:67:1F:86:F3
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5EA5
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sat 30 Nov 2024 16:34:09 +0000
Certificate not after: Mon 02 Mar 2026 00:00:00 +0000
Subordinate resources: IP: 160.250.50.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 12 Feb 2025 14:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24229 (0x5ea5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Nov 30 16:34:09 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=A911E0B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:56:85:e1:13:23:0c:59:da:04:92:0d:64:68:
50:6d:cc:63:92:a9:c7:b2:1a:6f:b6:d2:bf:44:b5:
24:a1:7c:ce:7f:16:70:7a:17:62:d4:63:26:a6:f5:
45:5e:b4:52:85:a5:61:92:ca:a8:16:71:20:e6:94:
98:2f:82:fc:2f:a5:2f:c4:56:57:69:89:1e:1d:da:
b7:1e:52:0f:79:d0:27:f1:49:97:a1:a4:19:43:6b:
e3:c3:f9:03:ac:3a:50:52:b3:6e:8f:b1:2f:eb:cc:
71:d1:19:3f:ea:55:6a:9e:23:9c:a3:f2:7e:2a:85:
60:9b:e3:0a:c8:c4:9c:85:7a:09:e4:d8:d0:f3:49:
ac:bd:8d:13:a2:ab:34:ea:89:fc:4a:80:45:33:e0:
9e:0a:c2:5d:a9:ed:69:fa:46:9b:1e:3f:2b:70:0c:
5a:81:78:ea:90:be:5e:2d:63:f7:40:fc:b4:ef:f6:
0e:8c:ed:8a:81:b5:c3:11:d5:32:dc:66:c4:d8:27:
43:7e:40:df:a2:f4:03:38:79:b9:06:f1:0b:27:7c:
05:ee:c3:15:2c:b6:a8:2d:ae:a8:7f:fd:8f:d1:e4:
a0:6f:9e:00:ba:28:21:d1:1c:da:a8:05:f2:24:f0:
0e:4e:14:bb:cc:f9:40:0d:60:7e:23:d9:b9:8e:71:
b6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D4:43:75:21:DB:5C:0B:C9:9E:45:B5:97:54:FF:7B:67:1F:86:F3
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.250.50.0/23
Signature Algorithm: sha256WithRSAEncryption
47:0e:3e:d4:5e:36:fa:10:b0:60:ab:aa:c5:9b:90:48:04:70:
49:5c:72:ec:9b:64:59:ca:ff:12:e9:b3:3f:74:c2:66:09:d6:
19:44:0e:5a:0d:df:53:9b:81:bb:9d:c3:8f:aa:53:e9:85:33:
3f:a0:bb:41:c1:20:8c:1f:b9:52:53:ac:3f:78:71:bf:04:f8:
fe:17:d3:e8:07:95:e8:0b:d4:31:a0:c6:7c:ae:72:e7:24:a2:
87:6b:e7:fd:ad:9f:3a:a3:b4:d2:58:08:29:1a:67:c9:12:cb:
07:30:95:a4:d9:3b:40:da:26:c9:bd:ee:b5:6a:52:e6:49:70:
bc:12:95:65:b9:5a:7a:9e:c5:0a:49:18:3f:a7:96:e2:8f:57:
58:b6:fe:6a:92:04:7d:e3:23:5c:e6:9f:91:6c:26:6a:71:de:
80:b7:76:8f:68:90:cc:b8:d0:aa:a2:16:34:88:04:f4:f8:02:
da:41:f7:36:62:42:b9:a6:cd:0d:dc:0b:19:44:4f:5e:60:6f:
3d:7b:86:04:ef:14:49:a3:e9:c3:2e:e6:d1:5c:a1:b2:a2:20:
64:0d:83:a6:47:ac:84:b1:89:95:ab:23:b3:0e:f3:82:0a:ca:
03:49:72:b2:75:3b:8e:5b:04:24:79:1b:d6:3c:6f:8c:44:be:
05:19:b0:dc
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICXqUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQxMTMwMTYzNDA5WhcNMjYwMzAyMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTExRTBCNDExMC8GA1UEBRMoMEZENDQzNzUyMURCNUMwQkM5OUU0NUI1
OTc1NEZGN0I2NzFGODZGMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AK1WheETIwxZ2gSSDWRoUG3MY5Kpx7Iab7bSv0S1JKF8zn8WcHoXYtRjJqb1RV60
UoWlYZLKqBZxIOaUmC+C/C+lL8RWV2mJHh3atx5SD3nQJ/FJl6GkGUNr48P5A6w6
UFKzbo+xL+vMcdEZP+pVap4jnKPyfiqFYJvjCsjEnIV6CeTY0PNJrL2NE6KrNOqJ
/EqARTPgngrCXantafpGmx4/K3AMWoF46pC+Xi1j90D8tO/2DoztioG1wxHVMtxm
xNgnQ35A36L0Azh5uQbxCyd8Be7DFSy2qC2uqH/9j9HkoG+eALooIdEc2qgF8iTw
Dk4Uu8z5QA1gfiPZuY5xts8CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQP1EN1Idtc
C8meRbWXVP97Zx+G8zAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUUwQjQvRTk2NDg5QUVBRjM4MTFFRkEyMEREMDEzQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTFFMEI0L0U5NjQ4OUFFQUYzODExRUZBMjBERDAxM0M0RjlBRTAyL0Q5UkRkU0hi
WEF2Sm5rVzFsMVRfZTJjZmh2TS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaD6MjANBgkqhkiG9w0BAQsFAAOCAQEARw4+1F42+hCwYKuqxZuQ
SARwSVxy7JtkWcr/EumzP3TCZgnWGUQOWg3fU5uBu53Dj6pT6YUzP6C7QcEgjB+5
UlOsP3hxvwT4/hfT6AeV6AvUMaDGfK5y5ySih2vn/a2fOqO00lgIKRpnyRLLBzCV
pNk7QNomyb3utWpS5klwvBKVZblaep7FCkkYP6eW4o9XWLb+apIEfeMjXOafkWwm
anHegLd2j2iQzLjQqqIWNIgE9PgC2kH3NmJCuabNDdwLGURPXmBvPXuGBO8USaPp
wy7m0VyhsqIgZA2DpkeshLGJlasjsw7zggrKA0lysnU7jlsEJHkb1jxvjES+BRmw
3A==
-----END CERTIFICATE-----
Generated at Wed Feb 5 16:45:39 2025 by rpki-client