Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XtX3khrIZUHZKTb2kcsc2_bVwqE.cer
File: XtX3khrIZUHZKTb2kcsc2_bVwqE.cer (raw, json)
Hash identifier: 455CbEQWZmFpiv4g3ZPhXnE5r4DI5wo/D80ypKzYy+Q=
Subject key identifier: 5E:D5:F7:92:1A:C8:65:41:D9:29:36:F6:91:CB:1C:DB:F6:D5:C2:A1
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5256
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1.mft
caRepository: rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/
Notify URL: https://rrdp-rps.arin.net/notification.xml
Certificate not before: Sat 17 Feb 2024 12:06:59 +0000
Certificate not after: Thu 01 May 2025 00:00:00 +0000
Subordinate resources: IP: 192.64.203.0 -- 192.64.204.255
IP: 198.179.225.0/24
IP: 205.147.104.0/22
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 15:41:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21078 (0x5256)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Feb 17 12:06:59 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=A91D85A20000/serialNumber=5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8f:48:e9:5f:7d:e8:21:37:2b:f1:93:06:f3:
d3:e6:d3:f3:73:72:af:97:5a:9a:26:ed:06:eb:70:
b1:55:f4:c6:ac:0c:47:33:90:7e:5c:e9:41:2b:2a:
93:0d:ca:8c:75:79:d1:81:ec:f9:a4:47:05:7f:11:
b1:4a:4e:07:63:8f:43:42:29:e3:a7:10:09:84:72:
6b:e2:33:35:d3:1f:a3:a7:47:a8:09:ae:b2:2b:d2:
dd:a9:eb:81:b6:81:c1:4f:e6:5c:2f:f7:cf:eb:f0:
3e:49:85:18:0a:26:ab:72:64:da:f3:17:40:3a:93:
40:22:f8:1c:65:e1:af:d7:cd:b4:2c:ef:7d:cf:a0:
1f:ae:a1:3c:47:15:c8:29:be:ef:d2:54:f7:63:cf:
e4:8c:a5:d5:17:17:d1:fe:b4:8c:b2:c1:c7:56:e3:
7f:a7:f0:1a:fe:93:aa:08:e9:00:69:ea:03:6c:59:
a2:5f:e7:a7:fd:83:5c:a1:c6:7d:02:65:4c:c5:e9:
95:e0:c4:b6:d0:fe:61:71:72:19:89:6b:a6:a0:00:
79:b7:71:f5:cc:10:8d:dc:8f:a1:5b:c1:e4:fa:40:
2c:ab:62:17:24:45:8c:45:96:97:57:17:ed:98:fe:
c4:1a:ec:00:b0:77:3f:16:c6:d4:3b:5c:e4:43:24:
92:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:D5:F7:92:1A:C8:65:41:D9:29:36:F6:91:CB:1C:DB:F6:D5:C2:A1
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/
RPKI Manifest - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1.mft
RPKI Notify - URI:https://rrdp-rps.arin.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.64.203.0-192.64.204.255
198.179.225.0/24
205.147.104.0/22
Signature Algorithm: sha256WithRSAEncryption
be:b5:99:fa:e5:3a:f0:6c:6f:58:c0:07:f0:fa:21:2a:e6:ce:
04:40:07:2d:c2:d4:70:21:29:51:10:89:2b:2b:4d:bb:6d:1b:
27:78:af:b9:58:1f:8c:78:f7:ba:b0:5f:99:4f:af:30:ed:fa:
e0:73:f3:5c:81:43:58:9f:23:d6:d7:3f:b7:f7:d7:24:84:2a:
bc:67:79:04:7c:ff:90:8c:04:d3:1b:01:67:ff:53:f2:0a:0c:
b9:d1:4f:a2:4f:73:ef:a9:50:da:93:02:70:e8:ff:d2:bb:9e:
73:50:61:34:87:98:a7:67:f2:19:a5:67:43:fe:7c:00:44:48:
9b:e4:3c:ba:23:fe:0f:89:64:06:f9:2a:14:30:fd:a4:a6:3d:
48:56:69:3d:7c:1b:34:70:44:42:97:32:b0:0d:0d:c8:8f:46:
0b:df:e3:26:cc:f4:37:1a:6a:7e:91:27:ca:62:3f:8e:fb:a3:
19:cb:ed:24:88:43:c5:b7:72:43:6b:19:9d:d7:3f:a0:a4:86:
e1:53:80:d4:1d:53:e4:a6:61:c5:17:76:bd:84:dc:73:00:bb:
a5:93:ac:26:c7:c0:e1:c2:6f:2c:07:98:1a:09:ce:e1:5f:95:
81:5e:c0:82:e1:84:d7:4b:af:84:0f:7b:e9:a9:1c:01:3e:9d:
26:aa:a7:24
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgICUlYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwMjE3MTIwNjU5WhcNMjUwNTAxMDAwMDAwWjBKMRUwEwYD
VQQDEwxBOTFEODVBMjAwMDAxMTAvBgNVBAUTKDVFRDVGNzkyMUFDODY1NDFEOTI5
MzZGNjkxQ0IxQ0RCRjZENUMyQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDQj0jpX33oITcr8ZMG89Pm0/Nzcq+XWpom7QbrcLFV9MasDEczkH5c6UEr
KpMNyox1edGB7PmkRwV/EbFKTgdjj0NCKeOnEAmEcmviMzXTH6OnR6gJrrIr0t2p
64G2gcFP5lwv98/r8D5JhRgKJqtyZNrzF0A6k0Ai+Bxl4a/XzbQs733PoB+uoTxH
Fcgpvu/SVPdjz+SMpdUXF9H+tIyywcdW43+n8Br+k6oI6QBp6gNsWaJf56f9g1yh
xn0CZUzF6ZXgxLbQ/mFxchmJa6agAHm3cfXMEI3cj6FbweT6QCyrYhckRYxFlpdX
F+2Y/sQa7ACwdz8WxtQ7XORDJJJDAgMBAAGjggMCMIIC/jAdBgNVHQ4EFgQUXtX3
khrIZUHZKTb2kcsc2/bVwqEwHwYDVR0jBBgwFoAUdAFlqA0QcZcKvAnAK3HBrHwd
bg4wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBo
oGagZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIw
MUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL2RBRmxxQTBRY1pjS3ZBbkFLM0hCckh3
ZGJnNC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUy
MUE0RjRGQjQvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0LmNlcjBKBgNVHSAB
Af8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFw
bmljLm5ldC9SUEtJL0NQUy5wZGYwggEjBggrBgEFBQcBCwSCARUwggERMFQGCCsG
AQUFBzAFhkhyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4
NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMi8wgYAGCCsGAQUFBzAKhnRy
c3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4MmQ1
ZGU0MTAxODNmNjg2NjEwODRiODYvMi81RUQ1Rjc5MjFBQzg2NTQxRDkyOTM2RjY5
MUNCMUNEQkY2RDVDMkExLm1mdDA2BggrBgEFBQcwDYYqaHR0cHM6Ly9ycmRwLXJw
cy5hcmluLm5ldC9ub3RpZmljYXRpb24ueG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAg
BAIAATAaMAwDBADAQMsDBADAQMwDBADGs+EDBALNk2gwDQYJKoZIhvcNAQELBQAD
ggEBAL61mfrlOvBsb1jAB/D6ISrmzgRABy3C1HAhKVEQiSsrTbttGyd4r7lYH4x4
97qwX5lPrzDt+uBz81yBQ1ifI9bXP7f31ySEKrxneQR8/5CMBNMbAWf/U/IKDLnR
T6JPc++pUNqTAnDo/9K7nnNQYTSHmKdn8hmlZ0P+fABESJvkPLoj/g+JZAb5KhQw
/aSmPUhWaT18GzRwREKXMrANDciPRgvf4ybM9Dcaan6RJ8piP477oxnL7SSIQ8W3
ckNrGZ3XP6CkhuFTgNQdU+SmYcUXdr2E3HMAu6WTrCbHwOHCbywHmBoJzuFflYFe
wILhhNdLr4QPe+mpHAE+nSaqpyQ=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:50:40 2024 by rpki-client on console-ams.rpki-client.org