Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ic_Ogdh11c-PWWrb_MNgGWHEQec.cer
File: Ic_Ogdh11c-PWWrb_MNgGWHEQec.cer (raw, json)
Hash identifier: IBR7z+4oUxn3CxLItRFYCao2rkK+lyddgVp/p6Hq7+U=
Subject key identifier: 21:CF:CE:81:D8:75:D5:CF:8F:59:6A:DB:FC:C3:60:19:61:C4:41:E7
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5DFC
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9171BF0/9F591E8EA41511EFA14FBD3FC4F9AE02/Ic_Ogdh11c-PWWrb_MNgGWHEQec.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9171BF0/9F591E8EA41511EFA14FBD3FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sat 16 Nov 2024 12:23:49 +0000
Certificate not after: Mon 02 Mar 2026 00:00:00 +0000
Subordinate resources: IP: 160.191.196.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 20:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24060 (0x5dfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Nov 16 12:23:49 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=A9171BF0/serialNumber=21CFCE81D875D5CF8F596ADBFCC3601961C441E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f3:9e:e1:58:a3:3c:ae:d4:d0:bf:82:97:a4:
fd:c8:6a:9c:10:cf:1e:7e:62:b5:a9:d8:ef:a4:c5:
bf:5a:e9:b5:6d:f4:8b:ab:57:b5:e4:ae:b5:76:f3:
a9:5c:1a:1b:4e:4b:e1:70:a6:b5:3e:d8:e3:c1:77:
51:e1:54:da:75:7f:48:f8:e6:e1:45:48:47:0d:ba:
cc:67:6a:be:84:7b:f4:2f:27:c0:1c:8d:04:94:6e:
89:e4:b3:18:6d:15:bd:96:3c:51:82:dd:a1:78:fa:
04:93:ba:5e:13:e0:9e:48:7a:3a:21:3b:2a:18:32:
c8:06:a4:b0:85:06:12:95:62:b8:e6:2a:8a:36:72:
c2:e1:d3:52:06:6a:51:6c:f9:6c:da:05:f5:94:4b:
5f:01:77:4b:81:61:e2:9e:95:6f:fa:2d:cb:02:2e:
83:cd:e4:90:fc:21:c5:8b:62:55:d5:dd:84:75:27:
48:5e:67:85:15:a9:d0:e2:75:3a:f6:a7:7a:c1:e2:
fb:cb:fc:84:9d:fc:a2:c5:cc:e7:9d:d4:d2:ca:8c:
ca:24:6e:6c:32:c3:02:c8:9c:ba:0c:78:b7:80:e5:
89:0a:e4:4b:f6:d5:75:29:15:de:c6:dc:f7:d1:2a:
17:f7:46:88:7f:26:fa:02:b0:fb:18:9c:fb:4b:1a:
c9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:CF:CE:81:D8:75:D5:CF:8F:59:6A:DB:FC:C3:60:19:61:C4:41:E7
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9171BF0/9F591E8EA41511EFA14FBD3FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9171BF0/9F591E8EA41511EFA14FBD3FC4F9AE02/Ic_Ogdh11c-PWWrb_MNgGWHEQec.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.196.0/23
Signature Algorithm: sha256WithRSAEncryption
19:8c:2c:6c:c4:95:7e:e3:69:23:af:45:68:9c:c2:ec:13:df:
47:c1:b5:e1:06:4d:a6:81:f1:1d:e1:da:c4:2a:2b:04:79:cb:
87:ff:db:4d:3e:42:d5:56:68:31:5d:a7:16:3a:42:62:94:99:
26:0c:8e:b9:a9:11:f5:93:72:c9:4f:45:e0:88:bf:a9:33:43:
15:50:0c:3e:86:09:46:06:a4:2c:ee:1e:4b:de:f5:2c:ef:66:
4b:aa:53:23:06:7c:b2:12:ea:1d:b6:3e:7b:24:81:55:91:3b:
13:87:95:45:a6:50:4a:d1:3b:f3:30:b9:8e:45:f9:f5:3f:ca:
ac:20:b0:96:eb:32:34:fd:b6:4f:ce:a8:90:54:19:17:03:de:
67:a3:fb:cf:62:75:11:e3:26:0d:34:2e:a8:e4:71:56:cf:55:
57:e8:bc:4c:c3:fd:a6:91:19:f2:2b:9a:aa:26:ec:8a:46:e2:
f3:6c:42:95:62:77:dc:ef:bb:5d:a7:a0:ba:a5:26:23:cb:9c:
bd:48:d0:87:16:7c:25:0a:00:5d:60:93:fa:a1:53:98:ce:16:
e8:45:dd:a7:da:a8:b3:cf:00:db:c0:55:e6:32:72:e3:19:00:
39:4c:0e:b7:ef:c1:eb:1b:ab:1b:13:d0:91:58:2f:db:4f:ff:
ff:f4:3b:12
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICXfwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQxMTE2MTIyMzQ5WhcNMjYwMzAyMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE3MUJGMDExMC8GA1UEBRMoMjFDRkNFODFEODc1RDVDRjhGNTk2QURC
RkNDMzYwMTk2MUM0NDFFNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMrznuFYozyu1NC/gpek/chqnBDPHn5itanY76TFv1rptW30i6tXteSutXbzqVwa
G05L4XCmtT7Y48F3UeFU2nV/SPjm4UVIRw26zGdqvoR79C8nwByNBJRuieSzGG0V
vZY8UYLdoXj6BJO6XhPgnkh6OiE7KhgyyAaksIUGEpViuOYqijZywuHTUgZqUWz5
bNoF9ZRLXwF3S4Fh4p6Vb/otywIug83kkPwhxYtiVdXdhHUnSF5nhRWp0OJ1Ovan
esHi+8v8hJ38osXM553U0sqMyiRubDLDAsicugx4t4DliQrkS/bVdSkV3sbc99Eq
F/dGiH8m+gKw+xic+0sayXcCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQhz86B2HXV
z49Zatv8w2AZYcRB5zAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzFCRjAvOUY1OTFFOEVBNDE1MTFFRkExNEZCRDNGQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTcxQkYwLzlGNTkxRThFQTQxNTExRUZBMTRGQkQzRkM0RjlBRTAyL0ljX09nZGgx
MWMtUFdXcmJfTU5nR1dIRVFlYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaC/xDANBgkqhkiG9w0BAQsFAAOCAQEAGYwsbMSVfuNpI69FaJzC
7BPfR8G14QZNpoHxHeHaxCorBHnLh//bTT5C1VZoMV2nFjpCYpSZJgyOuakR9ZNy
yU9F4Ii/qTNDFVAMPoYJRgakLO4eS971LO9mS6pTIwZ8shLqHbY+eySBVZE7E4eV
RaZQStE78zC5jkX59T/KrCCwlusyNP22T86okFQZFwPeZ6P7z2J1EeMmDTQuqORx
Vs9VV+i8TMP9ppEZ8iuaqibsikbi82xClWJ33O+7XaeguqUmI8ucvUjQhxZ8JQoA
XWCT+qFTmM4W6EXdp9qos88A28BV5jJy4xkAOUwOt+/B6xurGxPQkVgv20////Q7
Eg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:29 2024 by rpki-client on console-fra.rpki-client.org