Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer
File: KbaocCpK1kSocQZLZAet5JPmOo0.cer (raw, json)
Hash identifier: bk0vUVXkSteD/ViF+mWSe31dibPFeP0ltCkimn1GRbs=
Subject key identifier: 29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 578D
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 02 Jul 2024 16:47:36 +0000
Certificate not after: Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources: IP: 168.245.188.0/22
IP: 198.246.223.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 20:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22413 (0x578d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Jul 2 16:47:36 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=A919EAF3/serialNumber=29B6A8702A4AD644A871064B6407ADE493E63A8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:cf:e1:bd:7f:38:00:70:74:25:c4:67:da:60:
c1:1d:08:41:cf:77:c5:c1:d5:74:6f:0f:ff:a2:7a:
cf:6b:cf:20:cc:6a:69:a9:d8:f3:d8:59:e4:38:dc:
fc:a7:46:5a:78:1d:00:ef:44:6e:41:05:5e:aa:b1:
48:4e:aa:f2:b6:7d:58:2b:0d:9b:1b:d6:72:24:d7:
e4:f9:a0:89:53:92:07:13:ee:b1:5d:82:a3:7e:ca:
77:7b:46:25:ca:7d:78:01:d6:02:c9:68:fb:2e:f2:
4d:80:f3:b1:cb:d0:12:6e:96:85:b9:6d:1f:02:e0:
f8:d9:f3:6e:cf:d0:8e:60:89:15:c8:53:00:24:36:
c6:10:79:3a:da:dd:ff:b3:c2:23:36:b8:60:72:20:
3b:71:d0:43:4d:af:9e:8e:09:de:b8:6e:25:36:10:
81:f1:c7:6b:57:cc:6b:00:04:b6:2b:e7:55:20:dd:
43:8f:9d:4b:fe:08:86:ce:df:c3:49:db:e3:71:67:
e8:f1:35:02:68:37:a4:f5:a6:a3:38:d5:84:89:d9:
c6:0f:eb:49:ca:ba:e6:cd:78:fc:27:cb:ff:71:8b:
b3:b3:19:5e:12:2e:df:a9:9f:42:02:75:e1:e6:4a:
1f:61:e0:5c:b1:33:52:d6:c8:81:65:2d:09:40:5e:
de:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
168.245.188.0/22
198.246.223.0/24
Signature Algorithm: sha256WithRSAEncryption
46:a4:92:09:26:53:a7:ea:02:2c:33:8b:88:3c:84:05:02:bf:
b2:ab:2d:f6:32:78:a4:fe:3e:34:0d:18:e8:d5:e3:12:80:b7:
ee:47:ef:83:45:f4:f0:5a:03:d0:69:45:00:25:79:19:bc:30:
82:b5:b8:f8:94:3f:b3:98:a7:ab:34:36:c9:84:75:8f:9b:8c:
32:97:0e:92:3b:78:43:20:1b:af:a6:a5:e0:8d:23:bb:0e:a4:
29:2b:57:1c:7a:ae:ae:69:c9:cc:d9:76:37:a4:57:80:7a:34:
20:56:ad:6c:b5:9d:ec:c5:a9:65:9d:2a:3d:79:27:8d:05:51:
f9:18:56:74:cf:85:d9:ef:57:4d:59:87:a2:4f:ee:d8:93:ea:
a9:79:04:9b:05:de:31:6d:9a:d5:8d:8d:68:95:8a:0e:b4:44:
da:fd:c6:4a:e1:e3:1f:ab:f5:1f:62:52:40:b1:c8:1a:7d:eb:
3e:94:5d:ad:55:72:4a:21:57:11:6c:2a:ad:24:f9:b4:93:25:
17:06:b2:93:e2:7a:81:42:d6:38:41:02:89:3b:29:6a:09:b5:
57:97:10:5b:fb:47:cc:08:fb:e3:3f:d8:3c:fe:5b:ed:74:e1:
bf:2d:ea:b5:d9:35:9c:4a:13:e3:81:44:b1:a7:a8:e4:b4:65:
88:64:c5:66
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgICV40wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwNzAyMTY0NzM2WhcNMjUwOTMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE5RUFGMzExMC8GA1UEBRMoMjlCNkE4NzAyQTRBRDY0NEE4NzEwNjRC
NjQwN0FERTQ5M0U2M0E4RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM7P4b1/OABwdCXEZ9pgwR0IQc93xcHVdG8P/6J6z2vPIMxqaanY89hZ5Djc/KdG
WngdAO9EbkEFXqqxSE6q8rZ9WCsNmxvWciTX5PmgiVOSBxPusV2Co37Kd3tGJcp9
eAHWAslo+y7yTYDzscvQEm6WhbltHwLg+Nnzbs/QjmCJFchTACQ2xhB5Otrd/7PC
Iza4YHIgO3HQQ02vno4J3rhuJTYQgfHHa1fMawAEtivnVSDdQ4+dS/4Ihs7fw0nb
43Fn6PE1Amg3pPWmozjVhInZxg/rScq65s14/CfL/3GLs7MZXhIu36mfQgJ14eZK
H2HgXLEzUtbIgWUtCUBe3mUCAwEAAaOCAvkwggL1MB0GA1UdDgQWBBQptqhwKkrW
RKhxBktkB63kk+Y6jTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVBRjMvOTNCQjUwMkU2RDE4MTFFN0E4MTVEQTgwQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTlFQUYzLzkzQkI1MDJFNkQxODExRTdBODE1REE4MEM0RjlBRTAyL0tiYW9jQ3BL
MWtTb2NRWkxaQWV0NUpQbU9vMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQWMBQw
EgQCAAEwDAMEAqj1vAMEAMb23zANBgkqhkiG9w0BAQsFAAOCAQEARqSSCSZTp+oC
LDOLiDyEBQK/sqst9jJ4pP4+NA0Y6NXjEoC37kfvg0X08FoD0GlFACV5GbwwgrW4
+JQ/s5inqzQ2yYR1j5uMMpcOkjt4QyAbr6al4I0juw6kKStXHHqurmnJzNl2N6RX
gHo0IFatbLWd7MWpZZ0qPXknjQVR+RhWdM+F2e9XTVmHok/u2JPqqXkEmwXeMW2a
1Y2NaJWKDrRE2v3GSuHjH6v1H2JSQLHIGn3rPpRdrVVySiFXEWwqrST5tJMlFway
k+J6gULWOEECiTspagm1V5cQW/tHzAj74z/YPP5b7XThvy3qtdk1nEoT44FEsaeo
5LRliGTFZg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:41:39 2024 by rpki-client on console-ams.rpki-client.org