Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/T_UoRyFcSiLp8RSebL_t901hzos.cer
File: T_UoRyFcSiLp8RSebL_t901hzos.cer (raw, json)
Hash identifier: twGxtcnjZFMywqLdKMqQxfeLS41Fj8gwz7UQPHx2dOo=
Subject key identifier: 4F:F5:28:47:21:5C:4A:22:E9:F1:14:9E:6C:BF:ED:F7:4D:61:CE:8B
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 4DB7
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 27 Sep 2023 21:40:34 +0000
Certificate not after: Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources: IP: 130.116.0.0/16
IP: 130.155.0.0/16
IP: 138.194.0.0/16
IP: 140.79.0.0/16
IP: 140.253.0.0/16
IP: 144.110.0.0/16
IP: 146.118.0.0/16
IP: 152.83.0.0/16
IP: 192.16.180.0/24
IP: 192.41.146.0/24
IP: 192.42.60.0 -- 192.42.62.255
IP: 192.54.105.0 -- 192.54.106.255
IP: 192.55.219.0/24
IP: 192.55.232.0/24
IP: 192.65.130.0/24
IP: 192.67.12.0/24
IP: 192.67.171.0/24
IP: 192.68.132.0/24
IP: 192.82.140.0/24
IP: 192.83.238.0/24
IP: 192.84.237.0 -- 192.84.238.255
IP: 192.94.62.0 -- 192.94.64.255
IP: 192.94.209.0/24
IP: 192.102.250.0/23
IP: 192.107.9.0/24
IP: 192.111.32.0/24
IP: 192.122.176.0/24
IP: 192.124.117.0/24
IP: 192.124.152.0/24
IP: 192.138.100.0/24
IP: 192.149.36.0/24
IP: 192.150.202.0/24
IP: 192.160.16.0/24
IP: 192.188.115.0/24
IP: 192.188.186.0/24
IP: 192.203.235.0/24
IP: 192.207.33.0/24
IP: 192.207.113.0/24
IP: 192.207.156.0 -- 192.207.158.255
IP: 192.207.161.0/24
IP: 192.207.197.0 -- 192.207.198.255
IP: 192.231.212.0/24
IP: 192.245.210.0 -- 192.245.217.255
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 May 2024 02:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19895 (0x4db7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Sep 27 21:40:34 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=A91F33A5/serialNumber=4FF52847215C4A22E9F1149E6CBFEDF74D61CE8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6c:03:bb:a4:9b:e9:bd:b6:54:1f:fb:54:c7:
ad:fb:d0:e0:3e:91:7f:7f:48:f6:1a:20:de:da:29:
5e:e7:96:5c:66:21:32:a2:1f:6c:f7:52:79:8a:25:
2d:80:98:41:67:13:a2:c8:c4:ba:84:a3:7b:9c:79:
d6:c1:be:fa:ec:c6:e7:41:9c:e3:1f:9a:93:e4:d5:
d1:bb:3c:51:5c:21:25:7a:95:b4:07:85:5b:60:59:
b9:5e:99:3d:df:38:2a:3c:3e:8a:7f:d5:92:49:5a:
da:7b:2b:ee:38:26:b8:38:47:e5:1f:9e:17:55:0e:
a8:cd:4e:11:e0:d5:4b:88:d0:1b:19:b6:a5:78:c0:
dc:78:81:ff:d6:ce:d1:0a:61:a5:aa:f5:c0:d9:01:
30:24:7a:04:60:22:a6:0d:09:73:df:0f:d4:90:bd:
fc:60:e7:8c:0b:49:19:2c:aa:7f:8e:55:82:f8:bf:
66:25:1b:58:7b:56:a0:22:4f:da:d6:51:1b:6e:8d:
a8:a7:f4:88:0c:ac:c3:e6:3d:47:f8:ef:cb:04:37:
7f:4e:5d:a6:3a:48:2c:56:02:38:3f:1e:85:96:d3:
ba:7e:04:44:df:9b:cf:c5:c0:e9:89:d8:16:65:d5:
41:59:11:28:ce:2a:c3:9e:8a:75:96:25:96:ef:51:
27:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:F5:28:47:21:5C:4A:22:E9:F1:14:9E:6C:BF:ED:F7:4D:61:CE:8B
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
130.116.0.0/16
130.155.0.0/16
138.194.0.0/16
140.79.0.0/16
140.253.0.0/16
144.110.0.0/16
146.118.0.0/16
152.83.0.0/16
192.16.180.0/24
192.41.146.0/24
192.42.60.0-192.42.62.255
192.54.105.0-192.54.106.255
192.55.219.0/24
192.55.232.0/24
192.65.130.0/24
192.67.12.0/24
192.67.171.0/24
192.68.132.0/24
192.82.140.0/24
192.83.238.0/24
192.84.237.0-192.84.238.255
192.94.62.0-192.94.64.255
192.94.209.0/24
192.102.250.0/23
192.107.9.0/24
192.111.32.0/24
192.122.176.0/24
192.124.117.0/24
192.124.152.0/24
192.138.100.0/24
192.149.36.0/24
192.150.202.0/24
192.160.16.0/24
192.188.115.0/24
192.188.186.0/24
192.203.235.0/24
192.207.33.0/24
192.207.113.0/24
192.207.156.0-192.207.158.255
192.207.161.0/24
192.207.197.0-192.207.198.255
192.231.212.0/24
192.245.210.0-192.245.217.255
Signature Algorithm: sha256WithRSAEncryption
6a:23:1a:2e:f4:b4:5f:85:c1:fa:89:56:e8:1e:2e:61:ed:bb:
97:39:4d:15:e7:cc:0a:0a:0e:eb:58:bf:05:64:8e:ce:a7:3f:
6d:18:18:28:02:05:ac:37:e0:f1:76:1a:3d:95:7d:1c:b2:df:
7a:4b:b5:36:95:c7:f4:c8:c2:06:32:06:6b:d3:4c:7c:42:fd:
4f:1e:22:f3:1b:db:e5:2f:8f:6d:56:97:84:39:0c:ff:ec:b4:
8d:ce:90:7b:3d:40:17:6d:31:9b:b7:12:7b:4f:e4:d2:85:de:
e0:da:64:a1:53:77:5d:b8:43:1b:d2:6b:55:22:48:23:94:35:
31:8b:a5:55:b9:a3:27:38:70:18:89:22:9a:7f:ce:0c:25:73:
ac:4b:fd:e0:c7:48:94:89:ae:92:75:2d:f6:96:19:b2:29:92:
3d:5b:42:ee:5c:05:79:62:e5:03:0a:fc:d2:95:20:f6:52:f3:
0c:d3:5b:1c:04:4a:6f:d8:b4:ed:c2:08:67:0f:7e:a0:26:05:
80:67:89:52:06:00:bc:ce:dd:26:c0:7e:a7:16:99:98:8a:15:
5d:31:fc:ca:fe:3d:7d:19:e2:66:1b:7b:31:ff:50:bb:80:6f:
2a:e2:0a:f8:e3:7b:df:a0:09:2a:3d:ae:86:a8:26:00:03:e3:
2b:74:28:4b
-----BEGIN CERTIFICATE-----
MIIHMzCCBhugAwIBAgICTbcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjMwOTI3MjE0MDM0WhcNMjQxMjAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFGMzNBNTExMC8GA1UEBRMoNEZGNTI4NDcyMTVDNEEyMkU5RjExNDlF
NkNCRkVERjc0RDYxQ0U4QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMRsA7ukm+m9tlQf+1THrfvQ4D6Rf39I9hog3topXueWXGYhMqIfbPdSeYolLYCY
QWcTosjEuoSje5x51sG++uzG50Gc4x+ak+TV0bs8UVwhJXqVtAeFW2BZuV6ZPd84
Kjw+in/Vkkla2nsr7jgmuDhH5R+eF1UOqM1OEeDVS4jQGxm2pXjA3HiB/9bO0Qph
par1wNkBMCR6BGAipg0Jc98P1JC9/GDnjAtJGSyqf45Vgvi/ZiUbWHtWoCJP2tZR
G26NqKf0iAysw+Y9R/jvywQ3f05dpjpILFYCOD8ehZbTun4ERN+bz8XA6YnYFmXV
QVkRKM4qw56KdZYllu9RJ2cCAwEAAaOCBCkwggQlMB0GA1UdDgQWBBRP9ShHIVxK
IunxFJ5sv+33TWHOizAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjMzQTUvMTE4NzA5NzJENEQ4MTFFQ0E0MjQ1RjEwQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUYzM0E1LzExODcwOTcyRDREODExRUNBNDI0NUYxMEM0RjlBRTAyL1RfVW9SeUZj
U2lMcDhSU2ViTF90OTAxaHpvcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDCCAVMGCCsGAQUFBwEHAQH/BIIB
QjCCAT4wggE6BAIAATCCATIDAwCCdAMDAIKbAwMAisIDAwCMTwMDAIz9AwMAkG4D
AwCSdgMDAJhTAwQAwBC0AwQAwCmSMAwDBALAKjwDBADAKj4wDAMEAMA2aQMEAMA2
agMEAMA32wMEAMA36AMEAMBBggMEAMBDDAMEAMBDqwMEAMBEhAMEAMBSjAMEAMBT
7jAMAwQAwFTtAwQAwFTuMAwDBAHAXj4DBADAXkADBADAXtEDBAHAZvoDBADAawkD
BADAbyADBADAerADBADAfHUDBADAfJgDBADAimQDBADAlSQDBADAlsoDBADAoBAD
BADAvHMDBADAvLoDBADAy+sDBADAzyEDBADAz3EwDAMEAsDPnAMEAMDPngMEAMDP
oTAMAwQAwM/FAwQAwM/GAwQAwOfUMAwDBAHA9dIDBAHA9dgwDQYJKoZIhvcNAQEL
BQADggEBAGojGi70tF+FwfqJVugeLmHtu5c5TRXnzAoKDutYvwVkjs6nP20YGCgC
Baw34PF2Gj2VfRyy33pLtTaVx/TIwgYyBmvTTHxC/U8eIvMb2+Uvj21Wl4Q5DP/s
tI3OkHs9QBdtMZu3EntP5NKF3uDaZKFTd124QxvSa1UiSCOUNTGLpVW5oyc4cBiJ
Ipp/zgwlc6xL/eDHSJSJrpJ1LfaWGbIpkj1bQu5cBXli5QMK/NKVIPZS8wzTWxwE
Sm/YtO3CCGcPfqAmBYBniVIGALzO3SbAfqcWmZiKFV0x/Mr+PX0Z4mYbezH/ULuA
byriCvjje9+gCSo9roaoJgAD4yt0KEs=
-----END CERTIFICATE-----
Generated at Thu Apr 25 03:22:05 2024 by rpki-client on console-ams.rpki-client.org