Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MsAhMRti_kUAvI5OD0hSxkvF2ss.cer
File: MsAhMRti_kUAvI5OD0hSxkvF2ss.cer (raw, json)
Hash identifier: MS23dJExmT8avxWnBGhNjJI2vEzFctNhErhpuLUh6Qg=
Subject key identifier: 32:C0:21:31:1B:62:FE:45:00:BC:8E:4E:0F:48:52:C6:4B:C5:DA:CB
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5D51
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A915D8F3/C57F23AE9B0711EF837EA012C4F9AE02/MsAhMRti_kUAvI5OD0hSxkvF2ss.mft
caRepository: rsync://rpki.apnic.net/member_repository/A915D8F3/C57F23AE9B0711EF837EA012C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 04 Nov 2024 23:52:00 +0000
Certificate not after: Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources: IP: 160.191.145.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 15:41:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23889 (0x5d51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Nov 4 23:52:00 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=A915D8F3/serialNumber=32C021311B62FE4500BC8E4E0F4852C64BC5DACB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8b:fb:2d:a3:6a:10:39:b8:3d:4b:90:18:92:
73:4d:ac:82:03:3b:d8:cc:37:09:27:12:3b:c1:4a:
41:5b:2d:65:19:aa:57:b0:bf:fa:27:fa:60:ec:9d:
52:1e:f9:ef:2a:4c:e1:ff:55:4c:3f:f7:1b:63:de:
12:42:77:6d:59:26:e1:e7:a9:54:e2:fc:4d:c0:a7:
80:b4:3e:6f:62:b5:82:bb:10:d7:7f:60:e7:29:db:
ba:d7:61:19:89:c2:e5:06:5b:bb:74:3c:1f:6d:2b:
18:d7:42:82:f9:bd:bd:32:da:1f:ce:3a:4d:dc:62:
0f:91:80:53:7f:05:b5:d2:9d:81:29:a7:15:8b:c3:
9e:c0:ba:04:11:2a:13:04:de:ef:85:f4:93:10:34:
e2:51:84:20:a5:8a:92:17:ed:a8:99:7c:c1:4a:b7:
5a:d1:ad:ea:2a:22:8d:09:cb:54:1c:0d:c3:3e:e4:
77:8c:c6:08:ec:2d:e9:c6:ef:01:e7:bd:c6:63:29:
a0:45:21:b6:a1:f9:f0:8f:41:28:17:be:c6:68:cd:
ef:d0:77:b6:23:18:6d:6e:ee:55:40:3e:2f:0c:a7:
81:cb:d3:2e:26:d9:d6:3a:61:19:3a:da:f4:27:af:
54:00:56:1b:aa:ec:af:6d:37:7a:d0:0b:10:23:23:
bb:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C0:21:31:1B:62:FE:45:00:BC:8E:4E:0F:48:52:C6:4B:C5:DA:CB
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A915D8F3/C57F23AE9B0711EF837EA012C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A915D8F3/C57F23AE9B0711EF837EA012C4F9AE02/MsAhMRti_kUAvI5OD0hSxkvF2ss.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.145.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:43:b4:54:66:d0:fd:b3:e2:1c:4a:6b:2c:e9:54:27:76:f9:
d4:bd:59:b5:e5:4a:96:e7:20:14:ab:ba:a3:91:a7:65:67:26:
23:a7:81:21:e3:f8:59:32:90:4e:da:cf:37:27:28:b1:2b:92:
a1:f3:07:25:21:a8:be:15:a2:87:7f:3a:1f:50:9a:d5:2a:f0:
8a:14:8d:75:09:75:84:1d:b9:0c:2a:65:40:db:2f:d6:b8:14:
d1:79:f1:89:f0:bf:39:f3:99:80:a0:56:a0:a8:8f:17:df:96:
06:9a:ff:ad:f0:58:0f:9f:a2:7c:85:94:26:b8:7f:e6:2d:1e:
4d:8b:85:18:20:40:20:9c:59:1d:0a:29:b5:8f:ba:c7:be:a8:
ff:2b:82:86:b8:36:49:cd:59:19:90:6a:c8:90:05:9d:19:16:
c0:6c:30:c2:82:39:6e:d9:87:09:68:d5:7a:c5:9a:23:b2:87:
26:70:63:52:7f:81:45:c7:64:7e:75:d8:38:11:33:99:a7:db:
93:7d:05:bb:2f:0c:48:75:12:f2:a9:31:ad:fb:f9:a2:ce:d0:
85:fb:d4:4a:ec:a0:e7:dc:87:d1:64:8e:77:1f:ec:ee:53:d1:
30:01:b8:e4:09:3f:fe:9f:02:42:2a:9a:17:4e:52:a5:39:99:
3c:6a:ee:09
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICXVEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQxMTA0MjM1MjAwWhcNMjUwMzMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE1RDhGMzExMC8GA1UEBRMoMzJDMDIxMzExQjYyRkU0NTAwQkM4RTRF
MEY0ODUyQzY0QkM1REFDQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALiL+y2jahA5uD1LkBiSc02sggM72Mw3CScSO8FKQVstZRmqV7C/+if6YOydUh75
7ypM4f9VTD/3G2PeEkJ3bVkm4eepVOL8TcCngLQ+b2K1grsQ139g5ynbutdhGYnC
5QZbu3Q8H20rGNdCgvm9vTLaH846TdxiD5GAU38FtdKdgSmnFYvDnsC6BBEqEwTe
74X0kxA04lGEIKWKkhftqJl8wUq3WtGt6ioijQnLVBwNwz7kd4zGCOwt6cbvAee9
xmMpoEUhtqH58I9BKBe+xmjN79B3tiMYbW7uVUA+LwyngcvTLibZ1jphGTra9Cev
VABWG6rsr203etALECMju9MCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQywCExG2L+
RQC8jk4PSFLGS8XayzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQ4RjMvQzU3RjIzQUU5QjA3MTFFRjgzN0VBMDEyQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTVEOEYzL0M1N0YyM0FFOUIwNzExRUY4MzdFQTAxMkM0RjlBRTAyL01zQWhNUnRp
X2tVQXZJNU9EMGhTeGt2RjJzcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKC/kTANBgkqhkiG9w0BAQsFAAOCAQEAPUO0VGbQ/bPiHEprLOlU
J3b51L1ZteVKlucgFKu6o5GnZWcmI6eBIeP4WTKQTtrPNycosSuSofMHJSGovhWi
h386H1Ca1SrwihSNdQl1hB25DCplQNsv1rgU0XnxifC/OfOZgKBWoKiPF9+WBpr/
rfBYD5+ifIWUJrh/5i0eTYuFGCBAIJxZHQoptY+6x76o/yuChrg2Sc1ZGZBqyJAF
nRkWwGwwwoI5btmHCWjVesWaI7KHJnBjUn+BRcdkfnXYOBEzmafbk30Fuy8MSHUS
8qkxrfv5os7QhfvUSuyg59yH0WSOdx/s7lPRMAG45Ak//p8CQiqaF05SpTmZPGru
CQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:50:40 2024 by rpki-client on console-ams.rpki-client.org