Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ngra_oYcSDq21UqjQPuE0kur8hs.cer
File: Ngra_oYcSDq21UqjQPuE0kur8hs.cer (raw, json)
Hash identifier: M6CPQdDcRjSObBGz5wf2PgGXuHKEkxnZ+XGZU+PPRv8=
Subject key identifier: 36:0A:DA:FE:86:1C:48:3A:B6:D5:4A:A3:40:FB:84:D2:4B:AB:F2:1B
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5CED
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A914E4C3/18ED3828B8B911E4901A6848C4F9AE02/Ngra_oYcSDq21UqjQPuE0kur8hs.mft
caRepository: rsync://rpki.apnic.net/member_repository/A914E4C3/18ED3828B8B911E4901A6848C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 25 Oct 2024 14:09:26 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: IP: 167.123.0.0/16
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 20:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23789 (0x5ced)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Oct 25 14:09:26 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A914E4C3/serialNumber=360ADAFE861C483AB6D54AA340FB84D24BABF21B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:25:d8:2d:5c:81:ee:f3:a7:a6:12:b0:31:a1:
3c:d4:ae:55:d9:36:2d:d3:dc:f2:be:b8:c5:6f:0f:
72:8e:79:e6:41:4e:33:c0:cb:bb:41:18:36:01:68:
c2:03:65:39:0c:3e:00:ed:2b:23:52:46:97:b4:6f:
b4:71:8d:b3:e5:7f:97:8d:9d:4e:de:e3:9f:88:a4:
63:8a:e0:55:f6:2a:36:20:2d:0f:c9:db:0b:00:70:
89:2f:58:57:01:7d:7d:97:61:24:88:f5:f4:07:90:
14:f4:7e:24:65:3e:a6:2d:71:f0:8c:44:bc:34:53:
98:03:fd:3f:cf:7d:de:e3:ed:60:8b:7d:e1:d5:ab:
19:5d:3b:a9:72:0c:3b:70:ff:66:a2:96:76:a6:0e:
15:fe:b1:70:34:ff:76:b6:b3:94:4e:3f:5a:c6:eb:
6f:cb:6d:53:59:1a:e8:44:77:a3:36:8f:01:0a:11:
51:57:34:62:17:3c:88:80:38:80:61:8f:34:72:d6:
1e:9b:0b:c9:ab:39:a5:0c:35:9d:6d:44:fe:cb:2f:
43:1d:88:87:6c:88:1b:f6:5e:68:87:f8:91:23:e3:
6c:12:be:19:f7:22:25:fd:66:9b:26:f4:66:86:2b:
de:de:c8:e1:ba:31:83:86:36:8f:3b:a8:8b:8d:1b:
dd:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:0A:DA:FE:86:1C:48:3A:B6:D5:4A:A3:40:FB:84:D2:4B:AB:F2:1B
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A914E4C3/18ED3828B8B911E4901A6848C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A914E4C3/18ED3828B8B911E4901A6848C4F9AE02/Ngra_oYcSDq21UqjQPuE0kur8hs.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
167.123.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:67:bf:06:26:ff:6f:96:ed:3f:25:bb:ae:b9:51:a4:e5:89:
72:95:9b:25:65:19:26:00:59:5d:a3:db:67:2c:9b:3b:26:ee:
86:55:b9:3f:60:30:8c:f9:c4:6c:ea:cf:74:16:ca:6c:6d:be:
70:ba:7a:8d:1b:80:43:3e:8a:c7:cf:82:00:32:2f:f9:8f:a8:
db:ec:1b:1c:52:83:fe:de:49:01:bd:76:75:c1:e6:51:4b:89:
6f:d5:38:f2:47:39:44:37:5f:f6:14:fd:2a:c7:77:bb:fd:0e:
14:8e:83:ae:fb:d5:bf:7c:30:93:73:cb:33:0a:cd:b0:2a:61:
d5:63:f4:9b:c4:e7:52:f4:f0:42:2f:d4:72:1d:f5:23:76:18:
26:f6:e9:b2:cf:70:98:1e:2d:1e:33:ef:40:63:61:9b:44:a6:
7d:ef:f2:2f:ca:64:18:c9:fb:9a:d1:71:1a:1c:4b:30:a3:a8:
98:8a:b1:69:9c:1e:d2:10:29:92:51:6b:29:7f:da:2f:32:25:
4b:0a:ac:f8:0f:ba:6b:c7:52:e5:52:48:b4:74:62:17:ba:e4:
d9:2c:55:80:9e:ba:d3:67:bd:64:ec:ac:a1:0b:86:36:0e:4d:
f4:54:5a:f3:42:14:01:33:9a:4a:a9:87:41:a0:14:69:7d:e6:
b4:05:0c:84
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgICXO0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQxMDI1MTQwOTI2WhcNMjUxMjMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE0RTRDMzExMC8GA1UEBRMoMzYwQURBRkU4NjFDNDgzQUI2RDU0QUEz
NDBGQjg0RDI0QkFCRjIxQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
APUl2C1cge7zp6YSsDGhPNSuVdk2LdPc8r64xW8Pco555kFOM8DLu0EYNgFowgNl
OQw+AO0rI1JGl7RvtHGNs+V/l42dTt7jn4ikY4rgVfYqNiAtD8nbCwBwiS9YVwF9
fZdhJIj19AeQFPR+JGU+pi1x8IxEvDRTmAP9P8993uPtYIt94dWrGV07qXIMO3D/
ZqKWdqYOFf6xcDT/drazlE4/Wsbrb8ttU1ka6ER3ozaPAQoRUVc0Yhc8iIA4gGGP
NHLWHpsLyas5pQw1nW1E/ssvQx2Ih2yIG/ZeaIf4kSPjbBK+GfciJf1mmyb0ZoYr
3t7I4boxg4Y2jzuoi40b3Z8CAwEAAaOCAvIwggLuMB0GA1UdDgQWBBQ2Ctr+hhxI
OrbVSqNA+4TSS6vyGzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEU0QzMvMThFRDM4MjhCOEI5MTFFNDkwMUE2ODQ4QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTRFNEMzLzE4RUQzODI4QjhCOTExRTQ5MDFBNjg0OEM0RjlBRTAyL05ncmFfb1lj
U0RxMjFVcWpRUHVFMGt1cjhocy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAeBggrBgEFBQcBBwEB/wQPMA0w
CwQCAAEwBQMDAKd7MA0GCSqGSIb3DQEBCwUAA4IBAQCAZ78GJv9vlu0/JbuuuVGk
5YlylZslZRkmAFldo9tnLJs7Ju6GVbk/YDCM+cRs6s90Fspsbb5wunqNG4BDPorH
z4IAMi/5j6jb7BscUoP+3kkBvXZ1weZRS4lv1TjyRzlEN1/2FP0qx3e7/Q4UjoOu
+9W/fDCTc8szCs2wKmHVY/SbxOdS9PBCL9RyHfUjdhgm9umyz3CYHi0eM+9AY2Gb
RKZ97/IvymQYyfua0XEaHEswo6iYirFpnB7SECmSUWspf9ovMiVLCqz4D7prx1Ll
Uki0dGIXuuTZLFWAnrrTZ71k7KyhC4Y2Dk30VFrzQhQBM5pKqYdBoBRpfea0BQyE
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:41:39 2024 by rpki-client on console-ams.rpki-client.org