Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YUeipvEG3FYBPcO8-6C0t1Ps0bw.cer
File: YUeipvEG3FYBPcO8-6C0t1Ps0bw.cer (raw, json)
Hash identifier: Xlbu5/47jKoO55FkEYIGoPs31oYoR+S3s+VCw/WUVGk=
Subject key identifier: 61:47:A2:A6:F1:06:DC:56:01:3D:C3:BC:FB:A0:B4:B7:53:EC:D1:BC
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 60C1
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E5832/1ED452ACD0BA11EF896CD026C4F9AE02/YUeipvEG3FYBPcO8-6C0t1Ps0bw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E5832/1ED452ACD0BA11EF896CD026C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 12 Jan 2025 07:52:12 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: IP: 160.191.38.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 12 Feb 2025 14:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24769 (0x60c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 12 07:52:12 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A91E5832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d8:57:0f:38:e6:41:50:e5:32:77:b4:a9:2c:
37:43:41:74:af:25:4a:59:2f:9d:4d:34:88:f1:27:
98:c0:03:5e:84:da:49:9e:f7:45:d7:23:c9:c7:6c:
34:6a:48:d0:e5:c7:39:e9:e6:81:bf:5e:b2:77:77:
6d:fd:2f:8d:b6:74:89:d1:77:58:fe:62:ea:00:ae:
52:2d:c9:40:01:7c:b9:40:63:14:1e:e5:66:2f:d3:
6c:1c:cb:dd:be:bb:b5:66:e6:18:d6:0f:46:c1:57:
b8:67:52:70:41:ed:26:38:2b:47:79:38:22:91:e3:
ba:61:53:a1:c9:79:a3:3e:a3:eb:f9:18:cd:9a:46:
a9:39:5d:71:b2:a8:5e:bb:fc:ae:c0:24:99:d3:55:
05:3d:20:d2:d5:67:06:7d:30:dc:3a:a9:d2:cc:56:
3a:69:eb:f0:cf:60:52:95:27:4c:4e:cc:68:3a:4e:
25:63:92:a9:7f:47:cd:0a:cf:30:88:bd:4c:80:91:
64:9e:6a:73:fb:8a:50:39:71:c0:29:d6:bc:32:e9:
99:fd:12:54:82:1c:76:6a:9e:c5:ab:f3:f7:43:32:
95:a0:9e:2c:3d:ff:73:90:7b:a1:52:4b:f0:77:8d:
d6:3a:92:f9:9b:1c:af:c2:0a:bf:79:92:54:e9:c6:
59:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:47:A2:A6:F1:06:DC:56:01:3D:C3:BC:FB:A0:B4:B7:53:EC:D1:BC
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E5832/1ED452ACD0BA11EF896CD026C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E5832/1ED452ACD0BA11EF896CD026C4F9AE02/YUeipvEG3FYBPcO8-6C0t1Ps0bw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.38.0/23
Signature Algorithm: sha256WithRSAEncryption
57:70:08:25:cc:2f:b9:45:7d:97:27:61:3b:5a:04:45:fd:9a:
07:76:41:9b:4e:26:69:23:c9:25:8e:f2:87:f9:3c:a5:da:74:
69:06:2f:2a:ac:27:2b:ed:34:01:9e:e4:8e:49:a8:7d:f1:0b:
ef:ae:d3:17:75:3f:41:4e:59:c0:fc:8c:c8:36:3a:a2:8f:b7:
ca:aa:25:3d:13:96:e8:3a:da:ba:e0:6b:52:f7:07:83:6f:70:
fb:4f:59:ea:fe:78:d1:33:c4:f4:ae:59:43:5e:24:04:bd:a8:
56:43:dc:d3:53:9e:d0:6a:55:50:b9:95:c6:07:8d:eb:a1:74:
59:95:54:ae:4d:37:6f:2f:2e:00:96:ae:76:9f:78:fe:f5:e2:
f0:93:0a:0f:de:76:31:8e:d6:b0:27:70:79:25:1d:56:42:51:
d4:bb:a7:69:a6:e8:33:82:c7:98:01:a0:ed:aa:c5:51:51:22:
36:78:86:cf:e0:de:a1:3b:eb:0d:0a:a9:2d:8b:24:1d:32:8f:
cb:19:79:a4:fd:03:53:f0:33:84:3c:ff:6d:b1:b2:e4:99:31:
32:9e:84:fd:49:d2:29:65:63:9b:40:31:d2:f2:b5:bd:c7:69:
24:22:24:59:7f:0a:f3:ba:6c:2c:b7:40:fc:99:82:e1:00:02:
93:89:b5:c5
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICYMEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwMTEyMDc1MjEyWhcNMjYwMTMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFFNTgzMjExMC8GA1UEBRMoNjE0N0EyQTZGMTA2REM1NjAxM0RDM0JD
RkJBMEI0Qjc1M0VDRDFCQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALjYVw845kFQ5TJ3tKksN0NBdK8lSlkvnU00iPEnmMADXoTaSZ73RdcjycdsNGpI
0OXHOenmgb9esnd3bf0vjbZ0idF3WP5i6gCuUi3JQAF8uUBjFB7lZi/TbBzL3b67
tWbmGNYPRsFXuGdScEHtJjgrR3k4IpHjumFTocl5oz6j6/kYzZpGqTldcbKoXrv8
rsAkmdNVBT0g0tVnBn0w3Dqp0sxWOmnr8M9gUpUnTE7MaDpOJWOSqX9HzQrPMIi9
TICRZJ5qc/uKUDlxwCnWvDLpmf0SVIIcdmqexavz90MylaCeLD3/c5B7oVJL8HeN
1jqS+Zscr8IKv3mSVOnGWfECAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRhR6Km8Qbc
VgE9w7z7oLS3U+zRvDAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTU4MzIvMUVENDUyQUNEMEJBMTFFRjg5NkNEMDI2QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU1ODMyLzFFRDQ1MkFDRDBCQTExRUY4OTZDRDAyNkM0RjlBRTAyL1lVZWlwdkVH
M0ZZQlBjTzgtNkMwdDFQczBidy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaC/JjANBgkqhkiG9w0BAQsFAAOCAQEAV3AIJcwvuUV9lydhO1oE
Rf2aB3ZBm04maSPJJY7yh/k8pdp0aQYvKqwnK+00AZ7kjkmoffEL767TF3U/QU5Z
wPyMyDY6oo+3yqolPROW6DrauuBrUvcHg29w+09Z6v540TPE9K5ZQ14kBL2oVkPc
01Oe0GpVULmVxgeN66F0WZVUrk03by8uAJaudp94/vXi8JMKD952MY7WsCdweSUd
VkJR1LunaaboM4LHmAGg7arFUVEiNniGz+DeoTvrDQqpLYskHTKPyxl5pP0DU/Az
hDz/bbGy5JkxMp6E/UnSKWVjm0Ax0vK1vcdpJCIkWX8K87psLLdA/JmC4QACk4m1
xQ==
-----END CERTIFICATE-----
Generated at Wed Feb 5 17:01:02 2025 by rpki-client