Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/P7GNifrzGI3OWQ98SJB3lh-CqVc.cer
File: P7GNifrzGI3OWQ98SJB3lh-CqVc.cer (raw, json)
Hash identifier: RCmukmXMh2jowI3Zy9V4J7BS/wmWUerJAKP2C3gdv2U=
Subject key identifier: 3F:B1:8D:89:FA:F3:18:8D:CE:59:0F:7C:48:90:77:96:1F:82:A9:57
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 54BB
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9186214/B7F81958331A11E4AF2AB37CC4F9AE02/P7GNifrzGI3OWQ98SJB3lh-CqVc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9186214/B7F81958331A11E4AF2AB37CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 19 Apr 2024 16:19:12 +0000
Certificate not after: Sat 31 Aug 2024 00:00:00 +0000
Subordinate resources: IP: 66.96.224.0/19
IP: 139.0.0.0/16
IP: 139.192.0.0/14
IP: 139.228.0.0/16
IP: 139.255.0.0 -- 140.0.255.255
IP: 140.213.0.0/16
IP: 157.10.0.0 -- 157.10.5.255
IP: 157.10.8.0/22
IP: 157.10.16.0 -- 157.10.21.255
IP: 157.10.63.0/24
IP: 157.10.66.0 -- 157.10.71.255
IP: 157.10.74.0 -- 157.10.77.255
IP: 157.10.88.0/22
IP: 157.10.94.0/23
IP: 157.10.97.0/24
IP: 157.10.102.0/23
IP: 157.10.106.0 -- 157.10.111.255
IP: 157.10.114.0 -- 157.10.117.255
IP: 157.10.148.0/23
IP: 157.10.152.0 -- 157.10.161.255
IP: 157.10.178.0 -- 157.10.185.255
IP: 157.10.190.0 -- 157.10.193.255
IP: 157.10.205.0/24
IP: 157.10.212.0/23
IP: 157.10.222.0/23
IP: 157.10.228.0/24
IP: 157.10.230.0 -- 157.10.237.255
IP: 157.10.252.0/22
IP: 157.15.0.0 -- 157.15.4.255
IP: 157.15.27.0/24
IP: 157.15.40.0 -- 157.15.49.255
IP: 157.15.51.0/24
IP: 157.15.62.0 -- 157.15.68.255
IP: 157.15.72.0/23
IP: 157.15.76.0 -- 157.15.80.255
IP: 157.15.82.0/23
IP: 157.15.96.0/23
IP: 157.15.112.0/23
IP: 157.15.116.0 -- 157.15.120.255
IP: 157.15.122.0 -- 157.15.125.255
IP: 157.15.139.0/24
IP: 157.15.144.0/23
IP: 157.15.148.0 -- 157.15.157.255
IP: 157.15.160.0 -- 157.15.166.255
IP: 157.15.168.0/21
IP: 157.15.180.0 -- 157.15.187.255
IP: 157.15.194.0/23
IP: 157.15.198.0/23
IP: 157.15.204.0 -- 157.15.212.255
IP: 157.15.214.0 -- 157.15.217.255
IP: 157.15.226.0/23
IP: 157.15.230.0 -- 157.15.233.255
IP: 157.15.236.0 -- 157.15.241.255
IP: 157.15.244.0 -- 157.15.249.255
IP: 157.15.252.0/23
IP: 157.20.0.0/21
IP: 157.20.10.0 -- 157.20.13.255
IP: 157.20.18.0 -- 157.20.25.255
IP: 157.20.30.0 -- 157.20.32.255
IP: 157.20.34.0 -- 157.20.39.255
IP: 157.20.44.0 -- 157.20.50.255
IP: 157.20.70.0 -- 157.20.73.255
IP: 157.20.78.0/23
IP: 157.20.90.0 -- 157.20.100.255
IP: 157.20.118.0 -- 157.20.128.255
IP: 157.20.130.0 -- 157.20.133.255
IP: 157.20.144.0/23
IP: 157.20.152.0/24
IP: 157.20.154.0 -- 157.20.159.255
IP: 157.20.162.0 -- 157.20.165.255
IP: 157.20.167.0/24
IP: 157.20.176.0/22
IP: 157.20.188.0/23
IP: 157.20.193.0/24
IP: 157.20.204.0 -- 157.20.210.255
IP: 157.20.212.0/23
IP: 157.20.217.0 -- 157.20.223.255
IP: 157.20.230.0 -- 157.20.239.255
IP: 157.20.243.0 -- 157.20.245.255
IP: 157.20.252.0/22
IP: 157.66.0.0 -- 157.66.9.255
IP: 157.66.14.0 -- 157.66.21.255
IP: 157.66.29.0/24
IP: 157.66.34.0 -- 157.66.41.255
IP: 157.66.50.0 -- 157.66.63.255
IP: 157.66.66.0 -- 157.66.69.255
IP: 157.66.82.0 -- 157.66.87.255
IP: 157.66.112.0 -- 157.66.117.255
IP: 157.66.122.0 -- 157.66.133.255
IP: 157.66.136.0 -- 157.66.142.255
IP: 158.140.160.0/19
IP: 160.19.16.0/22
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 27 Apr 2024 02:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21691 (0x54bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Apr 19 16:19:12 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=A9186214/serialNumber=3FB18D89FAF3188DCE590F7C489077961F82A957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0d:a6:0b:51:ed:06:f7:20:2c:e7:cd:65:4e:
a7:4a:13:35:c0:b6:8b:22:85:70:c4:dd:8e:fb:a2:
3a:ed:e1:e9:d2:df:79:3e:e4:8a:5b:15:aa:99:56:
5b:3a:31:3d:ab:42:6d:47:8f:0e:b2:e6:e1:42:ae:
f0:f7:a3:f0:af:43:52:e4:e1:63:12:f8:36:ee:69:
61:0d:76:c7:ca:c6:40:36:e7:5a:9a:ea:94:57:cd:
1c:60:3e:60:cc:82:c0:1b:ea:b4:0e:c9:6e:d1:28:
bb:74:89:89:3f:e9:02:07:76:c4:5a:5e:9c:a2:3c:
9d:c6:08:19:15:14:81:d0:1c:65:56:1a:0a:99:a7:
b0:e5:7a:cd:99:82:d2:73:e9:14:3a:9d:9e:57:5d:
d3:7f:c2:39:6e:1a:11:cc:8a:0e:21:93:b3:fe:7f:
44:a5:81:46:b2:35:df:2c:1b:2e:f2:cc:9a:63:ec:
9f:c3:23:0e:07:2c:65:0e:00:a3:e1:1f:e8:33:5e:
46:ea:63:ad:4b:fd:19:24:3f:84:f0:52:78:30:96:
3f:6b:f7:21:4a:f8:5d:80:e6:8b:67:79:8d:c5:ea:
cd:0a:f5:52:b1:00:49:ce:43:02:64:f5:de:11:c4:
58:c9:0d:32:1a:f8:03:b3:d6:c1:f6:88:a8:ce:13:
a3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:B1:8D:89:FA:F3:18:8D:CE:59:0F:7C:48:90:77:96:1F:82:A9:57
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9186214/B7F81958331A11E4AF2AB37CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9186214/B7F81958331A11E4AF2AB37CC4F9AE02/P7GNifrzGI3OWQ98SJB3lh-CqVc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
66.96.224.0/19
139.0.0.0/16
139.192.0.0/14
139.228.0.0/16
139.255.0.0-140.0.255.255
140.213.0.0/16
157.10.0.0-157.10.5.255
157.10.8.0/22
157.10.16.0-157.10.21.255
157.10.63.0/24
157.10.66.0-157.10.71.255
157.10.74.0-157.10.77.255
157.10.88.0/22
157.10.94.0/23
157.10.97.0/24
157.10.102.0/23
157.10.106.0-157.10.111.255
157.10.114.0-157.10.117.255
157.10.148.0/23
157.10.152.0-157.10.161.255
157.10.178.0-157.10.185.255
157.10.190.0-157.10.193.255
157.10.205.0/24
157.10.212.0/23
157.10.222.0/23
157.10.228.0/24
157.10.230.0-157.10.237.255
157.10.252.0/22
157.15.0.0-157.15.4.255
157.15.27.0/24
157.15.40.0-157.15.49.255
157.15.51.0/24
157.15.62.0-157.15.68.255
157.15.72.0/23
157.15.76.0-157.15.80.255
157.15.82.0/23
157.15.96.0/23
157.15.112.0/23
157.15.116.0-157.15.120.255
157.15.122.0-157.15.125.255
157.15.139.0/24
157.15.144.0/23
157.15.148.0-157.15.157.255
157.15.160.0-157.15.166.255
157.15.168.0/21
157.15.180.0-157.15.187.255
157.15.194.0/23
157.15.198.0/23
157.15.204.0-157.15.212.255
157.15.214.0-157.15.217.255
157.15.226.0/23
157.15.230.0-157.15.233.255
157.15.236.0-157.15.241.255
157.15.244.0-157.15.249.255
157.15.252.0/23
157.20.0.0/21
157.20.10.0-157.20.13.255
157.20.18.0-157.20.25.255
157.20.30.0-157.20.32.255
157.20.34.0-157.20.39.255
157.20.44.0-157.20.50.255
157.20.70.0-157.20.73.255
157.20.78.0/23
157.20.90.0-157.20.100.255
157.20.118.0-157.20.128.255
157.20.130.0-157.20.133.255
157.20.144.0/23
157.20.152.0/24
157.20.154.0-157.20.159.255
157.20.162.0-157.20.165.255
157.20.167.0/24
157.20.176.0/22
157.20.188.0/23
157.20.193.0/24
157.20.204.0-157.20.210.255
157.20.212.0/23
157.20.217.0-157.20.223.255
157.20.230.0-157.20.239.255
157.20.243.0-157.20.245.255
157.20.252.0/22
157.66.0.0-157.66.9.255
157.66.14.0-157.66.21.255
157.66.29.0/24
157.66.34.0-157.66.41.255
157.66.50.0-157.66.63.255
157.66.66.0-157.66.69.255
157.66.82.0-157.66.87.255
157.66.112.0-157.66.117.255
157.66.122.0-157.66.133.255
157.66.136.0-157.66.142.255
158.140.160.0/19
160.19.16.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:d4:46:de:f2:17:de:c6:5f:29:74:b4:af:16:80:c9:63:2c:
05:86:78:31:9e:b7:1f:f2:b6:72:a1:04:69:4d:a6:40:c4:c6:
ad:1f:36:0d:d3:28:09:e2:99:bb:fa:40:fc:c1:a9:6f:8e:13:
13:5f:18:05:33:ef:e4:2f:9e:8c:0c:0c:12:4e:8a:1c:e4:7a:
fb:fd:d7:18:9f:4f:fa:86:ed:bd:d4:21:56:d1:1b:3c:ea:4c:
90:a7:67:44:9b:7c:80:0c:99:b5:b4:de:12:a7:88:f3:cd:7f:
f8:98:b1:26:1b:57:e7:02:df:1e:96:44:97:3b:c6:34:e9:e7:
09:32:6c:19:13:92:fd:2b:be:10:5f:1e:52:23:80:83:49:55:
07:39:b9:26:83:00:0b:91:d0:53:6d:22:48:e7:b6:33:00:c9:
05:fa:b1:80:55:21:77:d6:23:98:56:23:1a:57:f1:eb:53:cf:
32:2d:1d:4f:5b:4b:33:8f:68:dc:e8:67:cc:09:28:df:c0:d6:
b0:98:23:71:a0:62:8f:c7:bd:70:5a:92:32:fb:c7:22:a7:d9:
27:f0:ce:8e:01:a0:67:8a:36:4d:2c:07:4a:8b:09:1b:d8:ab:
0b:a3:99:59:2f:02:9e:94:73:57:4e:b6:ea:a7:23:a8:85:0f:
d6:92:44:61
-----BEGIN CERTIFICATE-----
MIIJqDCCCJCgAwIBAgICVLswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwNDE5MTYxOTEyWhcNMjQwODMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE4NjIxNDExMC8GA1UEBRMoM0ZCMThEODlGQUYzMTg4RENFNTkwRjdD
NDg5MDc3OTYxRjgyQTk1NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKMNpgtR7Qb3ICznzWVOp0oTNcC2iyKFcMTdjvuiOu3h6dLfeT7kilsVqplWWzox
PatCbUePDrLm4UKu8Pej8K9DUuThYxL4Nu5pYQ12x8rGQDbnWprqlFfNHGA+YMyC
wBvqtA7JbtEou3SJiT/pAgd2xFpenKI8ncYIGRUUgdAcZVYaCpmnsOV6zZmC0nPp
FDqdnldd03/COW4aEcyKDiGTs/5/RKWBRrI13ywbLvLMmmPsn8MjDgcsZQ4Ao+Ef
6DNeRupjrUv9GSQ/hPBSeDCWP2v3IUr4XYDmi2d5jcXqzQr1UrEASc5DAmT13hHE
WMkNMhr4A7PWwfaIqM4To2ECAwEAAaOCBp4wggaaMB0GA1UdDgQWBBQ/sY2J+vMY
jc5ZD3xIkHeWH4KpVzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQjdGODE5NTgzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTg2MjE0L0I3RjgxOTU4MzMxQTExRTRBRjJBQjM3Q0M0RjlBRTAyL1A3R05pZnJ6
R0kzT1dROThTSkIzbGgtQ3FWYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDCCA8gGCCsGAQUFBwEHAQH/BIID
tzCCA7MwggOvBAIAATCCA6cDBAVCYOADAwCLAAMDAovAAwMAi+QwCgMDAIv/AwMA
jAADAwCM1TALAwMBnQoDBAGdCgQDBAKdCggwDAMEBJ0KEAMEAZ0KFAMEAJ0KPzAM
AwQBnQpCAwQDnQpAMAwDBAGdCkoDBAGdCkwDBAKdClgDBAGdCl4DBACdCmEDBAGd
CmYwDAMEAZ0KagMEBJ0KYDAMAwQBnQpyAwQBnQp0AwQBnQqUMAwDBAOdCpgDBAGd
CqAwDAMEAZ0KsgMEAZ0KuDAMAwQBnQq+AwQBnQrAAwQAnQrNAwQBnQrUAwQBnQre
AwQAnQrkMAwDBAGdCuYDBAGdCuwDBAKdCvwwCwMDAJ0PAwQAnQ8EAwQAnQ8bMAwD
BAOdDygDBAGdDzADBACdDzMwDAMEAZ0PPgMEAJ0PRAMEAZ0PSDAMAwQCnQ9MAwQA
nQ9QAwQBnQ9SAwQBnQ9gAwQBnQ9wMAwDBAKdD3QDBACdD3gwDAMEAZ0PegMEAZ0P
fAMEAJ0PiwMEAZ0PkDAMAwQCnQ+UAwQBnQ+cMAwDBAWdD6ADBACdD6YDBAOdD6gw
DAMEAp0PtAMEAp0PuAMEAZ0PwgMEAZ0PxjAMAwQCnQ/MAwQAnQ/UMAwDBAGdD9YD
BAGdD9gDBAGdD+IwDAMEAZ0P5gMEAZ0P6DAMAwQCnQ/sAwQBnQ/wMAwDBAKdD/QD
BAGdD/gDBAGdD/wDBAOdFAAwDAMEAZ0UCgMEAZ0UDDAMAwQBnRQSAwQBnRQYMAwD
BAGdFB4DBACdFCAwDAMEAZ0UIgMEA50UIDAMAwQCnRQsAwQAnRQyMAwDBAGdFEYD
BAGdFEgDBAGdFE4wDAMEAZ0UWgMEAJ0UZDAMAwQBnRR2AwQAnRSAMAwDBAGdFIID
BAGdFIQDBAGdFJADBACdFJgwDAMEAZ0UmgMEBZ0UgDAMAwQBnRSiAwQBnRSkAwQA
nRSnAwQCnRSwAwQBnRS8AwQAnRTBMAwDBAKdFMwDBACdFNIDBAGdFNQwDAMEAJ0U
2QMEBZ0UwDAMAwQBnRTmAwQEnRTgMAwDBACdFPMDBAGdFPQDBAKdFPwwCwMDAZ1C
AwQBnUIIMAwDBAGdQg4DBAGdQhQDBACdQh0wDAMEAZ1CIgMEAZ1CKDAMAwQBnUIy
AwQGnUIAMAwDBAGdQkIDBAGdQkQwDAMEAZ1CUgMEA51CUDAMAwQEnUJwAwQBnUJ0
MAwDBAGdQnoDBAGdQoQwDAMEA51CiAMEAJ1CjgMEBZ6MoAMEAqATEDANBgkqhkiG
9w0BAQsFAAOCAQEAjNRG3vIX3sZfKXS0rxaAyWMsBYZ4MZ63H/K2cqEEaU2mQMTG
rR82DdMoCeKZu/pA/MGpb44TE18YBTPv5C+ejAwMEk6KHOR6+/3XGJ9P+obtvdQh
VtEbPOpMkKdnRJt8gAyZtbTeEqeI881/+JixJhtX5wLfHpZElzvGNOnnCTJsGROS
/Su+EF8eUiOAg0lVBzm5JoMAC5HQU20iSOe2MwDJBfqxgFUhd9YjmFYjGlfx61PP
Mi0dT1tLM49o3OhnzAko38DWsJgjcaBij8e9cFqSMvvHIqfZJ/DOjgGgZ4o2TSwH
SosJG9irC6OZWS8CnpRzV0626qcjqIUP1pJEYQ==
-----END CERTIFICATE-----
Generated at Sat Apr 20 03:57:34 2024 by rpki-client on console-fra.rpki-client.org