Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OhVDvfN3KpjSlOuQAjgD3d3xHmI.cer
File: OhVDvfN3KpjSlOuQAjgD3d3xHmI.cer (raw, json)
Hash identifier: emeD/MGOB6qfKFYBbC8qqyQD4ey5FGKKQr83RRpJTlQ=
Subject key identifier: 3A:15:43:BD:F3:77:2A:98:D2:94:EB:90:02:38:03:DD:DD:F1:1E:62
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 4ED4
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 20 Nov 2023 20:54:05 +0000
Certificate not after: Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources: IP: 156.69.0.0/16
IP: 192.160.226.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 10 May 2024 13:10:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20180 (0x4ed4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Nov 20 20:54:05 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=A91D318A/serialNumber=3A1543BDF3772A98D294EB90023803DDDDF11E62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d8:c8:59:e1:69:07:d6:a3:64:2d:57:31:12:
30:8f:63:1d:04:68:9f:dd:fa:fc:e0:35:33:79:0a:
94:10:5a:84:12:5d:dd:92:77:e2:c7:e1:b8:67:aa:
41:ad:27:1f:7e:3b:99:fd:51:0d:6e:8b:1f:cd:c2:
24:6a:2d:97:20:23:77:9f:40:3a:62:7a:6e:48:66:
8f:0f:2e:b8:1f:9b:86:8b:b5:75:5a:f8:13:b5:04:
8a:b7:a0:70:4a:ce:99:0d:0f:4e:45:e7:00:31:0a:
3e:24:ed:ca:2b:49:1f:a4:f5:32:df:3e:d6:44:e3:
78:b8:6b:34:e9:8d:62:5f:dc:80:8d:23:1e:e4:42:
0d:22:d9:86:fe:77:15:54:50:b1:33:86:a5:19:0a:
ed:98:1a:b7:4b:cc:72:a7:2b:cc:c7:4e:11:2e:c2:
b9:30:dd:b4:33:2e:4f:cf:2a:b2:1c:d9:b9:e2:18:
09:a1:54:5f:ad:61:93:4c:2f:9a:13:00:c2:ad:73:
f9:c2:1e:59:52:86:f8:c9:a9:ae:5a:52:31:e7:cb:
7f:e4:a9:35:6d:01:63:f1:7b:3d:9c:d2:c7:4e:d4:
46:90:fc:1b:d8:23:61:00:92:53:b8:fa:d4:fe:66:
5c:62:03:6b:b1:90:37:2f:86:55:6c:b7:1d:dc:9a:
f8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:15:43:BD:F3:77:2A:98:D2:94:EB:90:02:38:03:DD:DD:F1:1E:62
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.69.0.0/16
192.160.226.0/24
Signature Algorithm: sha256WithRSAEncryption
37:09:c6:08:15:05:36:0d:a8:4f:84:3b:db:d4:02:85:8f:da:
76:e3:b7:fb:8f:50:ce:d1:c5:f6:5e:34:06:eb:4f:ff:5a:0c:
dc:00:ff:a2:9d:6f:4a:10:73:f0:45:07:cb:5c:8e:d8:2b:76:
09:2e:23:fc:e4:15:fb:80:e0:6f:b1:5c:58:3b:ae:6a:f4:24:
c9:6c:fc:89:05:3f:80:49:27:ee:e1:0c:75:b4:4d:51:59:79:
36:20:a1:04:1e:71:e0:67:61:69:79:f7:6f:4f:e5:40:8d:9a:
4e:f5:15:da:a8:d6:15:66:e5:26:c7:b5:46:a2:20:4f:fb:67:
28:8c:2d:2c:80:7b:52:ab:db:2b:19:e3:e8:43:fc:b9:2f:ba:
a2:f3:88:bc:9f:ab:00:75:c4:df:af:04:09:3d:e6:62:0e:e5:
7e:e7:ee:f6:38:eb:1e:59:eb:6f:8d:70:7f:5b:e4:aa:cc:a1:
ef:2f:37:03:bf:66:31:cd:dd:c4:f0:1c:01:be:29:4d:fe:86:
80:c6:f0:04:56:e5:30:27:cb:25:13:f1:d0:eb:93:87:1b:1b:
f9:a5:9d:43:94:ba:cb:06:54:5d:89:56:42:60:b3:ca:f9:e6:
92:10:88:75:5b:e5:b9:61:8c:c9:8c:fd:b2:70:2c:7e:3a:4a:
dd:92:0c:14
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgICTtQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjMxMTIwMjA1NDA1WhcNMjQxMjMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFEMzE4QTExMC8GA1UEBRMoM0ExNTQzQkRGMzc3MkE5OEQyOTRFQjkw
MDIzODAzREREREYxMUU2MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMTYyFnhaQfWo2QtVzESMI9jHQRon936/OA1M3kKlBBahBJd3ZJ34sfhuGeqQa0n
H347mf1RDW6LH83CJGotlyAjd59AOmJ6bkhmjw8uuB+bhou1dVr4E7UEiregcErO
mQ0PTkXnADEKPiTtyitJH6T1Mt8+1kTjeLhrNOmNYl/cgI0jHuRCDSLZhv53FVRQ
sTOGpRkK7Zgat0vMcqcrzMdOES7CuTDdtDMuT88qshzZueIYCaFUX61hk0wvmhMA
wq1z+cIeWVKG+MmprlpSMefLf+SpNW0BY/F7PZzSx07URpD8G9gjYQCSU7j61P5m
XGIDa7GQNy+GVWy3Hdya+AECAwEAAaOCAvgwggL0MB0GA1UdDgQWBBQ6FUO983cq
mNKU65ACOAPd3fEeYjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDMxOEEvRUNGRjJBRjg4N0U2MTFFRTk3RTZDNzQ2QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQzMThBL0VDRkYyQUY4ODdFNjExRUU5N0U2Qzc0NkM0RjlBRTAyL09oVkR2Zk4z
S3BqU2xPdVFBamdEM2QzeEhtSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAkBggrBgEFBQcBBwEB/wQVMBMw
EQQCAAEwCwMDAJxFAwQAwKDiMA0GCSqGSIb3DQEBCwUAA4IBAQA3CcYIFQU2DahP
hDvb1AKFj9p247f7j1DO0cX2XjQG60//WgzcAP+inW9KEHPwRQfLXI7YK3YJLiP8
5BX7gOBvsVxYO65q9CTJbPyJBT+ASSfu4Qx1tE1RWXk2IKEEHnHgZ2FpefdvT+VA
jZpO9RXaqNYVZuUmx7VGoiBP+2cojC0sgHtSq9srGePoQ/y5L7qi84i8n6sAdcTf
rwQJPeZiDuV+5+72OOseWetvjXB/W+SqzKHvLzcDv2Yxzd3E8BwBvilN/oaAxvAE
VuUwJ8slE/HQ65OHGxv5pZ1DlLrLBlRdiVZCYLPK+eaSEIh1W+W5YYzJjP2ycCx+
OkrdkgwU
-----END CERTIFICATE-----
Generated at Fri May 3 15:17:02 2024 by rpki-client on console-ams.rpki-client.org