Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer
File: Tcfii1RvKgtTjozfgy2aofN8yOQ.cer (raw, json)
Hash identifier: Wnx9G2MqrLqS/fccLqXFAgG8JF49CgJ/x346mtOAEE0=
Subject key identifier: 4D:C7:E2:8B:54:6F:2A:0B:53:8E:8C:DF:83:2D:9A:A1:F3:7C:C8:E4
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 61D1
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 04 Feb 2025 14:47:54 +0000
Certificate not after: Mon 02 Mar 2026 00:00:00 +0000
Subordinate resources: IP: 161.248.10.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 12 Feb 2025 14:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25041 (0x61d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Feb 4 14:47:54 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=A91423C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:bb:10:f6:b6:63:fe:19:ea:99:fb:f2:23:9f:
7c:88:75:f8:54:21:d7:e7:7b:8a:a8:33:56:4d:70:
b8:cf:6d:51:6d:73:44:1a:ad:03:b6:0b:25:b2:87:
f8:c2:54:0b:44:e3:b6:33:30:e7:1d:91:ce:0d:80:
92:3f:1c:b8:cd:a3:57:0c:f0:b6:be:51:3c:8d:5e:
81:14:b9:a6:42:2a:80:8a:cd:e3:3e:df:25:39:26:
31:6d:e6:13:fa:c1:70:da:19:cf:93:ef:2d:85:20:
fa:58:85:d7:79:a3:fd:15:6e:8c:38:d0:f3:dc:40:
5d:fd:12:03:06:3b:2e:e3:36:85:9e:7d:54:2b:0b:
6d:2c:68:a9:79:a7:2f:1d:b1:29:23:be:8e:86:9c:
19:38:f9:25:50:c3:34:1d:b6:17:8f:35:4c:62:2f:
64:af:9d:7b:ba:6d:ef:aa:f1:9e:e2:2e:90:19:d1:
39:1e:bc:28:62:5a:1c:5c:dd:be:e3:ca:77:ee:30:
a8:32:1c:65:cc:49:c4:dc:a6:29:45:94:cf:20:e8:
ac:44:c3:94:6f:63:04:ef:b9:29:16:00:68:45:80:
9b:e5:0d:a7:29:c8:69:57:4c:dc:22:fa:a1:59:5e:
71:74:13:b2:42:52:34:5c:0c:cb:41:38:29:56:72:
79:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C7:E2:8B:54:6F:2A:0B:53:8E:8C:DF:83:2D:9A:A1:F3:7C:C8:E4
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.10.0/24
Signature Algorithm: sha256WithRSAEncryption
70:e0:35:c8:09:e8:0c:ce:f7:cf:51:4b:29:bb:c7:34:d1:69:
2b:be:06:3d:b6:15:18:ae:69:38:c9:50:48:2c:6e:49:5f:86:
16:0a:90:fe:15:c3:3c:00:2f:45:44:6b:e1:d9:9c:00:ad:15:
2b:ba:17:e6:d9:19:d1:46:b1:53:b1:ae:a1:22:c8:97:e5:1e:
6e:ad:60:23:08:31:98:41:9b:59:ac:dd:24:5b:62:fe:20:31:
ae:2b:a2:72:0f:49:fa:b8:27:d7:e8:e6:98:15:55:60:cb:1f:
73:ff:2b:76:22:61:6a:e1:2b:10:a6:c0:44:a3:41:4b:ee:44:
a9:63:76:33:e0:75:1d:d9:51:fb:5a:f9:59:ad:c9:9d:ba:54:
df:27:40:ce:bd:30:24:7d:fd:84:e4:4d:38:e5:fb:23:01:7d:
9b:23:2a:3a:14:09:07:84:26:ef:46:5a:72:b7:8c:6c:25:ef:
81:7c:35:49:3f:6b:83:de:60:b8:d3:6b:fb:09:d1:fd:da:d8:
38:76:87:3b:7c:41:e3:65:93:3e:56:df:13:f0:05:f5:89:7f:
04:df:12:7d:1e:85:7b:e0:ec:f7:63:4b:f9:b6:4d:d1:b9:71:
26:84:fa:9f:04:5e:de:38:c1:4a:66:d7:30:87:4a:bb:fb:d9:
eb:37:f2:ab
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICYdEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwMjA0MTQ0NzU0WhcNMjYwMzAyMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE0MjNDMTExMC8GA1UEBRMoNERDN0UyOEI1NDZGMkEwQjUzOEU4Q0RG
ODMyRDlBQTFGMzdDQzhFNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMu7EPa2Y/4Z6pn78iOffIh1+FQh1+d7iqgzVk1wuM9tUW1zRBqtA7YLJbKH+MJU
C0TjtjMw5x2Rzg2Akj8cuM2jVwzwtr5RPI1egRS5pkIqgIrN4z7fJTkmMW3mE/rB
cNoZz5PvLYUg+liF13mj/RVujDjQ89xAXf0SAwY7LuM2hZ59VCsLbSxoqXmnLx2x
KSO+joacGTj5JVDDNB22F481TGIvZK+de7pt76rxnuIukBnROR68KGJaHFzdvuPK
d+4wqDIcZcxJxNymKUWUzyDorETDlG9jBO+5KRYAaEWAm+UNpynIaVdM3CL6oVle
cXQTskJSNFwMy0E4KVZyefcCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRNx+KLVG8q
C1OOjN+DLZqh83zI5DAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDIzQzEvRDAzMjBFRjhCRjRGMTFFRkJDRjY4OTQ0QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTQyM0MxL0QwMzIwRUY4QkY0RjExRUZCQ0Y2ODk0NEM0RjlBRTAyL1RjZmlpMVJ2
S2d0VGpvemZneTJhb2ZOOHlPUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKH4CjANBgkqhkiG9w0BAQsFAAOCAQEAcOA1yAnoDM73z1FLKbvH
NNFpK74GPbYVGK5pOMlQSCxuSV+GFgqQ/hXDPAAvRURr4dmcAK0VK7oX5tkZ0Uax
U7GuoSLIl+Uebq1gIwgxmEGbWazdJFti/iAxriuicg9J+rgn1+jmmBVVYMsfc/8r
diJhauErEKbARKNBS+5EqWN2M+B1HdlR+1r5Wa3JnbpU3ydAzr0wJH39hORNOOX7
IwF9myMqOhQJB4Qm70ZacreMbCXvgXw1ST9rg95guNNr+wnR/drYOHaHO3xB42WT
PlbfE/AF9Yl/BN8SfR6Fe+Ds92NL+bZN0blxJoT6nwRe3jjBSmbXMIdKu/vZ6zfy
qw==
-----END CERTIFICATE-----
Generated at Wed Feb 5 17:09:05 2025 by rpki-client