Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WfnUjdkWkJeD4xdx2K1-yzDcO6I.cer
File: WfnUjdkWkJeD4xdx2K1-yzDcO6I.cer (raw, json)
Hash identifier: RSZunocV9gheXHVNh1A12D44kLppXM4H0sw3cF9h/To=
Subject key identifier: 59:F9:D4:8D:D9:16:90:97:83:E3:17:71:D8:AD:7E:CB:30:DC:3B:A2
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5FB6
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A917C909/FF7C5FDCC0DB11EF9E871844C4F9AE02/WfnUjdkWkJeD4xdx2K1-yzDcO6I.mft
caRepository: rsync://rpki.apnic.net/member_repository/A917C909/FF7C5FDCC0DB11EF9E871844C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 23 Dec 2024 03:14:24 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: IP: 161.248.2.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 12 Feb 2025 14:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24502 (0x5fb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Dec 23 03:14:24 2024 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=A917C909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b7:a8:f7:86:37:b5:41:cb:71:e6:47:1f:88:
d5:2b:19:71:ca:81:ba:2f:9e:1b:19:51:ec:25:6b:
9c:3b:51:cb:fd:d4:4a:85:8f:b1:e1:44:66:cf:ba:
39:76:01:41:59:1b:4d:70:1a:d0:5c:ea:ab:3a:9a:
38:cb:61:d2:82:b3:77:7e:33:5e:b2:9d:69:e9:ef:
d6:37:5e:14:ce:33:49:20:a4:3f:cf:ce:0c:0b:d2:
fc:12:84:74:31:25:df:d5:89:54:55:f8:9d:6a:d9:
c7:5d:d1:33:d5:06:50:d3:63:f0:19:0a:7f:95:44:
a2:48:97:9a:ad:d3:63:40:2f:16:68:69:99:c6:2b:
dd:eb:da:3f:be:91:cb:a9:b7:a0:38:e1:1a:c2:5c:
c1:e5:99:09:9a:57:53:cc:5f:ea:80:bb:53:e9:97:
b3:a0:58:b2:15:a4:15:03:7c:f2:2c:7e:a7:a1:e4:
fe:0d:f7:ab:60:44:29:3c:be:43:ae:d3:a1:0b:a5:
a0:b9:d5:1e:68:19:0b:3d:cc:bf:0b:ed:af:59:bb:
ef:1a:81:e3:a5:31:59:c5:b8:07:c2:3b:4c:2d:a9:
af:32:d0:5e:fa:fd:20:1d:0b:5f:02:63:b0:18:76:
aa:3c:fe:21:e1:20:3e:e5:7c:99:4a:14:ae:14:bd:
24:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:F9:D4:8D:D9:16:90:97:83:E3:17:71:D8:AD:7E:CB:30:DC:3B:A2
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917C909/FF7C5FDCC0DB11EF9E871844C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917C909/FF7C5FDCC0DB11EF9E871844C4F9AE02/WfnUjdkWkJeD4xdx2K1-yzDcO6I.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.2.0/23
Signature Algorithm: sha256WithRSAEncryption
30:66:c9:4d:bd:b2:d7:28:c2:c7:54:46:54:36:74:ef:04:e6:
cc:f7:9b:c1:fd:3e:6f:37:2f:b2:06:48:60:ff:0d:71:ca:c6:
e0:56:bc:a9:ee:6f:42:1b:ea:16:cb:a7:b5:bf:19:17:32:ea:
73:8c:6e:b8:d3:96:af:06:56:7e:25:34:92:93:0d:66:e6:d4:
6d:ad:0d:1b:a2:82:f1:34:8b:69:83:e5:68:69:85:6b:57:31:
82:bf:3b:09:a7:13:e8:df:ec:af:53:8c:ec:c2:ba:10:2f:9e:
ed:e3:b2:c0:14:63:c7:5e:b3:54:f9:03:5a:78:60:49:e7:5c:
de:5f:55:03:3f:8b:2e:f0:34:47:2d:ae:bf:6d:04:cd:ec:24:
d3:1b:cf:ce:1c:41:e6:ac:c7:3d:39:d6:78:85:3e:c6:2f:49:
42:0b:00:e2:cd:b2:28:fb:b1:65:3f:6d:9e:d6:7b:f2:3f:68:
ef:34:c7:f2:dd:b4:e1:68:fa:2c:e9:f6:2f:c9:5a:81:c8:52:
0e:b3:66:2a:20:8b:47:bb:9c:a6:50:aa:62:56:a2:09:78:c2:
30:9b:4d:a1:92:14:c6:64:97:cf:3e:37:5b:73:7a:7a:b6:15:
76:4e:dd:d8:e2:b9:4a:09:e5:43:31:e8:0b:fc:27:be:7e:4f:
43:4f:ee:bd
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICX7YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQxMjIzMDMxNDI0WhcNMjYwMzMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE3QzkwOTExMC8GA1UEBRMoNTlGOUQ0OEREOTE2OTA5NzgzRTMxNzcx
RDhBRDdFQ0IzMERDM0JBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM+3qPeGN7VBy3HmRx+I1SsZccqBui+eGxlR7CVrnDtRy/3USoWPseFEZs+6OXYB
QVkbTXAa0FzqqzqaOMth0oKzd34zXrKdaenv1jdeFM4zSSCkP8/ODAvS/BKEdDEl
39WJVFX4nWrZx13RM9UGUNNj8BkKf5VEokiXmq3TY0AvFmhpmcYr3evaP76Ry6m3
oDjhGsJcweWZCZpXU8xf6oC7U+mXs6BYshWkFQN88ix+p6Hk/g33q2BEKTy+Q67T
oQuloLnVHmgZCz3Mvwvtr1m77xqB46UxWcW4B8I7TC2przLQXvr9IB0LXwJjsBh2
qjz+IeEgPuV8mUoUrhS9JN8CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRZ+dSN2RaQ
l4PjF3HYrX7LMNw7ojAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0M5MDkvRkY3QzVGRENDMERCMTFFRjlFODcxODQ0QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTdDOTA5L0ZGN0M1RkRDQzBEQjExRUY5RTg3MTg0NEM0RjlBRTAyL1dmblVqZGtX
a0plRDR4ZHgySzEteXpEY082SS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaH4AjANBgkqhkiG9w0BAQsFAAOCAQEAMGbJTb2y1yjCx1RGVDZ0
7wTmzPebwf0+bzcvsgZIYP8NccrG4Fa8qe5vQhvqFsuntb8ZFzLqc4xuuNOWrwZW
fiU0kpMNZubUba0NG6KC8TSLaYPlaGmFa1cxgr87CacT6N/sr1OM7MK6EC+e7eOy
wBRjx16zVPkDWnhgSedc3l9VAz+LLvA0Ry2uv20Ezewk0xvPzhxB5qzHPTnWeIU+
xi9JQgsA4s2yKPuxZT9tntZ78j9o7zTH8t204Wj6LOn2L8lagchSDrNmKiCLR7uc
plCqYlaiCXjCMJtNoZIUxmSXzz43W3N6erYVdk7d2OK5SgnlQzHoC/wnvn5PQ0/u
vQ==
-----END CERTIFICATE-----
Generated at Wed Feb 5 16:49:44 2025 by rpki-client