Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KumFgVoQ3W0EUj_IHY2v1ya-eBY.cer
File: KumFgVoQ3W0EUj_IHY2v1ya-eBY.cer (raw, json)
Hash identifier: ssKiAf/N5WdrN0j2D0iM47+66x8Q7YJwZxNorVvbZQk=
Subject key identifier: 2A:E9:85:81:5A:10:DD:6D:04:52:3F:C8:1D:8D:AF:D7:26:BE:78:16
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 602F
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911F536/9A86DBD0C99A11EFB4CEEF1EC4F9AE02/KumFgVoQ3W0EUj_IHY2v1ya-eBY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911F536/9A86DBD0C99A11EFB4CEEF1EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 03 Jan 2025 06:18:57 +0000
Certificate not after: Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources: IP: 160.22.213.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 12 Feb 2025 14:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24623 (0x602f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 3 06:18:57 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=A911F536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4e:2c:4f:d7:42:f2:14:ec:10:8d:81:31:6e:
20:d9:2e:dd:a4:65:22:ed:0e:c4:d8:27:3a:48:75:
22:09:07:1a:58:71:dc:ea:76:37:d6:d5:07:fb:5a:
dd:69:b7:59:d9:4d:6e:af:8e:70:11:9a:61:2f:b0:
e7:8b:40:42:ed:37:95:68:30:92:e9:27:ad:89:e3:
89:56:a0:64:38:01:7b:94:bf:14:5f:51:6a:58:7d:
87:1f:4d:92:63:ea:48:55:c1:52:ec:0b:03:ee:e5:
e8:1e:84:30:17:e2:b3:22:99:3e:46:e2:bd:81:24:
4d:41:58:99:9f:07:b2:43:8a:ab:a2:8b:5a:da:65:
9f:d9:e1:e7:bb:53:e8:bf:8f:85:f4:5c:b6:cc:d5:
4a:d1:2c:a1:92:4b:7d:55:e7:1b:6d:19:9c:7e:cc:
72:6d:0d:84:f0:e7:2e:b1:2b:4f:d6:fb:17:ca:29:
a9:d7:4c:60:e9:c5:c8:bf:90:17:2f:59:26:05:cc:
cb:03:f5:b7:a4:0d:13:1d:ff:ee:46:36:79:a9:ce:
a6:2f:85:89:17:1d:75:e8:67:dc:e8:9c:81:f6:46:
13:a0:ad:62:e1:81:1d:be:bc:99:1f:0d:b2:15:c7:
74:69:59:c2:ad:aa:20:95:c3:24:fd:78:77:1d:73:
95:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:E9:85:81:5A:10:DD:6D:04:52:3F:C8:1D:8D:AF:D7:26:BE:78:16
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911F536/9A86DBD0C99A11EFB4CEEF1EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911F536/9A86DBD0C99A11EFB4CEEF1EC4F9AE02/KumFgVoQ3W0EUj_IHY2v1ya-eBY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.22.213.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:42:ef:03:57:a3:22:08:7c:15:54:f4:14:87:a2:14:f5:a0:
ed:01:c8:07:60:c4:d5:5a:89:83:31:95:02:27:34:67:b7:ce:
53:85:27:ed:e4:c0:26:ed:76:f3:f2:52:66:ed:32:86:9f:f9:
68:4e:1c:9a:29:7a:ea:48:6c:1f:46:94:2b:fa:c8:ef:bf:93:
f2:b8:83:4d:4b:81:96:55:ae:d8:ec:09:1b:5d:00:4b:25:49:
a7:ba:0b:5e:f0:92:51:16:79:91:8b:1f:0c:31:bc:3b:83:ff:
eb:c6:e6:8b:84:09:a6:b0:4a:41:76:b4:75:dd:99:b9:5d:0b:
9d:64:09:9d:2a:90:6e:eb:e6:5e:24:73:e3:46:d5:7c:9e:76:
32:af:8b:61:a9:46:2b:ed:af:a3:aa:25:2d:a1:1b:22:88:c1:
08:4e:69:40:b7:58:65:0f:8f:ea:1d:3c:de:b0:7b:12:16:e0:
c6:0a:77:0f:41:3f:d7:a1:b3:a6:f5:e7:5a:b6:5f:0f:93:3b:
a0:43:1e:e8:c4:53:6b:9d:84:e6:39:83:24:6a:27:96:cc:7f:
d5:61:7e:c8:32:e1:50:47:aa:94:f4:7d:6c:54:9d:c8:35:e3:
9f:3b:d8:19:54:0f:b6:2a:c3:20:16:95:44:05:0e:cd:a6:38:
a6:d1:35:0d
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICYC8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwMTAzMDYxODU3WhcNMjUwOTMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTExRjUzNjExMC8GA1UEBRMoMkFFOTg1ODE1QTEwREQ2RDA0NTIzRkM4
MUQ4REFGRDcyNkJFNzgxNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMBOLE/XQvIU7BCNgTFuINku3aRlIu0OxNgnOkh1IgkHGlhx3Op2N9bVB/ta3Wm3
WdlNbq+OcBGaYS+w54tAQu03lWgwkuknrYnjiVagZDgBe5S/FF9Ralh9hx9NkmPq
SFXBUuwLA+7l6B6EMBfisyKZPkbivYEkTUFYmZ8HskOKq6KLWtpln9nh57tT6L+P
hfRctszVStEsoZJLfVXnG20ZnH7Mcm0NhPDnLrErT9b7F8opqddMYOnFyL+QFy9Z
JgXMywP1t6QNEx3/7kY2eanOpi+FiRcddehn3OicgfZGE6CtYuGBHb68mR8NshXH
dGlZwq2qIJXDJP14dx1zleMCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQq6YWBWhDd
bQRSP8gdja/XJr54FjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUY1MzYvOUE4NkRCRDBDOTlBMTFFRkI0Q0VFRjFFQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTFGNTM2LzlBODZEQkQwQzk5QTExRUZCNENFRUYxRUM0RjlBRTAyL0t1bUZnVm9R
M1cwRVVqX0lIWTJ2MXlhLWVCWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKAW1TANBgkqhkiG9w0BAQsFAAOCAQEASkLvA1ejIgh8FVT0FIei
FPWg7QHIB2DE1VqJgzGVAic0Z7fOU4Un7eTAJu128/JSZu0yhp/5aE4cmil66khs
H0aUK/rI77+T8riDTUuBllWu2OwJG10ASyVJp7oLXvCSURZ5kYsfDDG8O4P/68bm
i4QJprBKQXa0dd2ZuV0LnWQJnSqQbuvmXiRz40bVfJ52Mq+LYalGK+2vo6olLaEb
IojBCE5pQLdYZQ+P6h083rB7Ehbgxgp3D0E/16GzpvXnWrZfD5M7oEMe6MRTa52E
5jmDJGonlsx/1WF+yDLhUEeqlPR9bFSdyDXjnzvYGVQPtirDIBaVRAUOzaY4ptE1
DQ==
-----END CERTIFICATE-----
Generated at Wed Feb 5 16:48:33 2025 by rpki-client