Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YkuW4dZl7Xjnjfr2wiAZEHPbZsw.cer
File: YkuW4dZl7Xjnjfr2wiAZEHPbZsw.cer (raw, json)
Hash identifier: z3nNsn6p9x8aP5qk5UV+9Xu5tBal9/waT/nvZ3Ty/S0=
Subject key identifier: 62:4B:96:E1:D6:65:ED:78:E7:8D:FA:F6:C2:20:19:10:73:DB:66:CC
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 60C8
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/YkuW4dZl7Xjnjfr2wiAZEHPbZsw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 13 Jan 2025 06:22:29 +0000
Certificate not after: Fri 01 May 2026 00:00:00 +0000
Subordinate resources: IP: 161.248.162.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 12 Feb 2025 14:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24776 (0x60c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 13 06:22:29 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=A91685E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:42:c7:c2:d5:7d:11:92:65:46:b3:7e:19:01:
9e:39:c6:8d:21:7f:46:ae:48:3c:3b:ec:9d:46:e1:
0a:a5:ba:ae:58:c9:b7:57:9a:2d:66:ae:d9:11:eb:
9a:c4:7d:11:1d:cb:f0:b8:74:95:ed:20:2d:06:93:
69:fa:85:56:fe:ad:1c:22:aa:fe:0e:b9:f2:d5:08:
ad:01:c8:2c:1d:de:df:78:2f:3d:62:a5:d3:6d:83:
4e:82:21:85:12:3a:0a:5f:ed:6d:05:99:2a:2f:d1:
3b:01:09:05:fd:b5:de:1e:75:79:66:81:a4:4e:0a:
74:e4:37:b4:85:e7:05:18:0e:a8:49:57:1a:36:73:
df:12:74:00:c2:37:38:35:27:64:70:43:cd:10:3f:
e6:dc:61:20:77:4b:c4:6a:1f:d7:8a:7b:ef:36:b8:
0d:d9:4b:e1:af:32:5f:e1:a1:33:f5:f6:80:a8:f4:
d0:7c:d6:29:be:02:2c:a8:86:9d:1d:60:68:e7:68:
24:47:39:35:2b:85:8b:f5:0c:5e:cb:e0:fd:bf:82:
ca:c8:4f:99:89:0a:9c:4d:54:b7:58:7a:8a:61:7a:
df:31:0d:d5:da:55:2a:17:d9:35:20:18:35:5b:0a:
c1:fc:35:8b:03:37:e5:f7:bc:77:d0:29:3f:ba:69:
0e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:4B:96:E1:D6:65:ED:78:E7:8D:FA:F6:C2:20:19:10:73:DB:66:CC
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/YkuW4dZl7Xjnjfr2wiAZEHPbZsw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.162.0/23
Signature Algorithm: sha256WithRSAEncryption
82:d1:f4:85:9e:33:2f:9d:e5:d5:cc:81:80:90:67:d9:df:30:
db:14:0d:94:a6:4e:8b:ae:aa:a8:a0:ab:5f:2f:6f:56:23:dc:
0b:d0:b1:ea:2b:95:01:7c:97:62:a9:36:ee:56:db:c3:76:45:
04:bf:db:87:83:a0:2c:f3:1f:1c:fe:6a:2e:74:5a:50:3c:16:
0f:10:92:b3:f1:2e:06:fb:5a:f1:32:fc:4b:ab:91:65:f1:dc:
cf:c0:4d:fa:2d:0c:5b:96:eb:36:c6:88:cc:58:bc:03:1d:3a:
96:7c:5f:1b:19:c9:8b:f1:8b:bb:d0:84:9b:27:6b:84:3d:c1:
71:c2:b8:4c:ef:a3:5f:ef:97:19:57:ca:e4:83:06:1f:73:6b:
a6:ff:68:30:86:c1:d3:e4:3f:66:6b:38:4d:3e:ee:18:f0:59:
f3:9e:18:b7:69:d6:d3:92:ef:84:0d:51:64:16:c2:a8:93:49:
1a:e2:47:46:70:a4:83:da:00:28:53:08:52:10:a7:73:0f:9a:
87:80:bb:15:b1:29:8a:0a:d8:0b:51:1a:48:64:3c:d2:5e:25:
50:4a:01:4c:ff:c3:b5:12:a0:94:e7:1b:dc:fc:e3:b2:50:04:
c9:8b:13:ba:fa:0b:f8:9c:4d:96:bd:8b:4f:70:36:5e:1f:6f:
8c:fd:b2:74
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICYMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwMTEzMDYyMjI5WhcNMjYwNTAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE2ODVFOTExMC8GA1UEBRMoNjI0Qjk2RTFENjY1RUQ3OEU3OERGQUY2
QzIyMDE5MTA3M0RCNjZDQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AOJCx8LVfRGSZUazfhkBnjnGjSF/Rq5IPDvsnUbhCqW6rljJt1eaLWau2RHrmsR9
ER3L8Lh0le0gLQaTafqFVv6tHCKq/g658tUIrQHILB3e33gvPWKl022DToIhhRI6
Cl/tbQWZKi/ROwEJBf213h51eWaBpE4KdOQ3tIXnBRgOqElXGjZz3xJ0AMI3ODUn
ZHBDzRA/5txhIHdLxGof14p77za4DdlL4a8yX+GhM/X2gKj00HzWKb4CLKiGnR1g
aOdoJEc5NSuFi/UMXsvg/b+CyshPmYkKnE1Ut1h6imF63zEN1dpVKhfZNSAYNVsK
wfw1iwM35fe8d9ApP7ppDhkCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRiS5bh1mXt
eOeN+vbCIBkQc9tmzDAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njg1RTkvQzExMkY1NUNEMTc2MTFFRjk1QzVERTVBQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTY4NUU5L0MxMTJGNTVDRDE3NjExRUY5NUM1REU1QUM0RjlBRTAyL1lrdVc0ZFps
N1hqbmpmcjJ3aUFaRUhQYlpzdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaH4ojANBgkqhkiG9w0BAQsFAAOCAQEAgtH0hZ4zL53l1cyBgJBn
2d8w2xQNlKZOi66qqKCrXy9vViPcC9Cx6iuVAXyXYqk27lbbw3ZFBL/bh4OgLPMf
HP5qLnRaUDwWDxCSs/EuBvta8TL8S6uRZfHcz8BN+i0MW5brNsaIzFi8Ax06lnxf
GxnJi/GLu9CEmydrhD3BccK4TO+jX++XGVfK5IMGH3Nrpv9oMIbB0+Q/Zms4TT7u
GPBZ854Yt2nW05LvhA1RZBbCqJNJGuJHRnCkg9oAKFMIUhCncw+ah4C7FbEpigrY
C1EaSGQ80l4lUEoBTP/DtRKglOcb3PzjslAEyYsTuvoL+JxNlr2LT3A2Xh9vjP2y
dA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 17:10:07 2025 by rpki-client