Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OhVDvfN3KpjSlOuQAjgD3d3xHmI.cer
File: OhVDvfN3KpjSlOuQAjgD3d3xHmI.cer (raw, json)
Hash identifier: 9aSJ531bvEEaOXNqhdoFgMM8rFlmv3aan4/VBgot0Fk=
Subject key identifier: 3A:15:43:BD:F3:77:2A:98:D2:94:EB:90:02:38:03:DD:DD:F1:1E:62
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5E0D
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 18 Nov 2024 20:50:39 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: IP: 156.69.0.0/16
IP: 192.160.226.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 20:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24077 (0x5e0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Nov 18 20:50:39 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A91D318A/serialNumber=3A1543BDF3772A98D294EB90023803DDDDF11E62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d8:c8:59:e1:69:07:d6:a3:64:2d:57:31:12:
30:8f:63:1d:04:68:9f:dd:fa:fc:e0:35:33:79:0a:
94:10:5a:84:12:5d:dd:92:77:e2:c7:e1:b8:67:aa:
41:ad:27:1f:7e:3b:99:fd:51:0d:6e:8b:1f:cd:c2:
24:6a:2d:97:20:23:77:9f:40:3a:62:7a:6e:48:66:
8f:0f:2e:b8:1f:9b:86:8b:b5:75:5a:f8:13:b5:04:
8a:b7:a0:70:4a:ce:99:0d:0f:4e:45:e7:00:31:0a:
3e:24:ed:ca:2b:49:1f:a4:f5:32:df:3e:d6:44:e3:
78:b8:6b:34:e9:8d:62:5f:dc:80:8d:23:1e:e4:42:
0d:22:d9:86:fe:77:15:54:50:b1:33:86:a5:19:0a:
ed:98:1a:b7:4b:cc:72:a7:2b:cc:c7:4e:11:2e:c2:
b9:30:dd:b4:33:2e:4f:cf:2a:b2:1c:d9:b9:e2:18:
09:a1:54:5f:ad:61:93:4c:2f:9a:13:00:c2:ad:73:
f9:c2:1e:59:52:86:f8:c9:a9:ae:5a:52:31:e7:cb:
7f:e4:a9:35:6d:01:63:f1:7b:3d:9c:d2:c7:4e:d4:
46:90:fc:1b:d8:23:61:00:92:53:b8:fa:d4:fe:66:
5c:62:03:6b:b1:90:37:2f:86:55:6c:b7:1d:dc:9a:
f8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:15:43:BD:F3:77:2A:98:D2:94:EB:90:02:38:03:DD:DD:F1:1E:62
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.69.0.0/16
192.160.226.0/24
Signature Algorithm: sha256WithRSAEncryption
84:fa:1b:ae:30:91:22:55:13:9b:45:61:d8:fd:73:c2:39:d0:
f8:dc:7d:e0:5a:f2:fb:b7:f8:13:4b:90:b9:ae:45:39:78:48:
4a:6e:77:a1:8c:07:4e:1c:bc:68:80:be:ea:2f:83:36:41:85:
50:21:7d:24:21:79:5c:32:70:76:59:bd:ce:22:a2:da:70:c5:
89:b3:8d:87:ca:92:5a:02:05:28:aa:00:53:f9:da:8f:c9:22:
19:65:2a:5b:13:cb:2c:df:61:35:e2:41:41:46:f8:bf:50:fa:
b2:56:87:ad:56:cd:40:3d:4e:e7:41:ac:c2:26:f4:9d:6f:69:
27:09:df:46:90:18:c6:14:e7:0b:12:8c:fa:2e:f6:2f:68:3e:
5e:a4:49:1b:25:47:af:9c:0f:12:b4:47:9d:51:ec:e5:81:f2:
bb:8f:8c:8c:09:66:46:ec:f7:ed:57:14:7a:42:93:ca:f1:19:
1b:f2:cb:5e:31:62:a8:3e:e5:e5:39:15:16:aa:a4:d9:42:b8:
3f:a7:71:ab:0a:b4:b1:82:e3:f0:4d:c1:24:97:a1:6e:02:23:
9a:ef:82:78:46:15:98:ec:85:9b:6b:94:90:9f:a0:1b:37:4a:
63:86:6d:e4:bd:dd:6e:a9:a2:bd:11:d4:78:5b:00:a5:3d:84:
1d:a8:55:f9
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgICXg0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQxMTE4MjA1MDM5WhcNMjUxMjMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFEMzE4QTExMC8GA1UEBRMoM0ExNTQzQkRGMzc3MkE5OEQyOTRFQjkw
MDIzODAzREREREYxMUU2MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMTYyFnhaQfWo2QtVzESMI9jHQRon936/OA1M3kKlBBahBJd3ZJ34sfhuGeqQa0n
H347mf1RDW6LH83CJGotlyAjd59AOmJ6bkhmjw8uuB+bhou1dVr4E7UEiregcErO
mQ0PTkXnADEKPiTtyitJH6T1Mt8+1kTjeLhrNOmNYl/cgI0jHuRCDSLZhv53FVRQ
sTOGpRkK7Zgat0vMcqcrzMdOES7CuTDdtDMuT88qshzZueIYCaFUX61hk0wvmhMA
wq1z+cIeWVKG+MmprlpSMefLf+SpNW0BY/F7PZzSx07URpD8G9gjYQCSU7j61P5m
XGIDa7GQNy+GVWy3Hdya+AECAwEAAaOCAvgwggL0MB0GA1UdDgQWBBQ6FUO983cq
mNKU65ACOAPd3fEeYjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDMxOEEvRUNGRjJBRjg4N0U2MTFFRTk3RTZDNzQ2QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQzMThBL0VDRkYyQUY4ODdFNjExRUU5N0U2Qzc0NkM0RjlBRTAyL09oVkR2Zk4z
S3BqU2xPdVFBamdEM2QzeEhtSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAkBggrBgEFBQcBBwEB/wQVMBMw
EQQCAAEwCwMDAJxFAwQAwKDiMA0GCSqGSIb3DQEBCwUAA4IBAQCE+huuMJEiVROb
RWHY/XPCOdD43H3gWvL7t/gTS5C5rkU5eEhKbnehjAdOHLxogL7qL4M2QYVQIX0k
IXlcMnB2Wb3OIqLacMWJs42HypJaAgUoqgBT+dqPySIZZSpbE8ss32E14kFBRvi/
UPqyVoetVs1APU7nQazCJvSdb2knCd9GkBjGFOcLEoz6LvYvaD5epEkbJUevnA8S
tEedUezlgfK7j4yMCWZG7PftVxR6QpPK8Rkb8steMWKoPuXlORUWqqTZQrg/p3Gr
CrSxguPwTcEkl6FuAiOa74J4RhWY7IWba5SQn6AbN0pjhm3kvd1uqaK9EdR4WwCl
PYQdqFX5
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:29 2024 by rpki-client on console-fra.rpki-client.org