Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/g8kBUb4XghT8FnWDNNO21Sd6PL8.cer
File: g8kBUb4XghT8FnWDNNO21Sd6PL8.cer (raw, json)
Hash identifier: XCshDUbN7FDmIIUJd35kU40dEHBXgY0mh/t61RPkv48=
Subject key identifier: 83:C9:01:51:BE:17:82:14:FC:16:75:83:34:D3:B6:D5:27:7A:3C:BF
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5631
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91F4091/5A116BAA1D9D11EFA10F2D3AC4F9AE02/g8kBUb4XghT8FnWDNNO21Sd6PL8.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91F4091/5A116BAA1D9D11EFA10F2D3AC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 29 May 2024 09:25:20 +0000
Certificate not after: Sun 31 Aug 2025 00:00:00 +0000
Subordinate resources: IP: 160.20.132.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 26 Sep 2024 21:06:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22065 (0x5631)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: May 29 09:25:20 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=A91F4091/serialNumber=83C90151BE178214FC16758334D3B6D5277A3CBF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c3:6b:c1:c7:15:67:73:0a:62:ab:15:35:bb:
d7:46:45:6c:42:34:4d:18:0f:e7:8d:ca:89:c2:fd:
d7:2d:aa:56:af:14:b7:fa:d6:ea:93:b8:fd:5f:6a:
d9:dd:c0:57:b1:47:1b:55:69:d1:79:db:30:12:ad:
f9:04:d7:5d:fa:c4:44:25:fd:12:2d:75:7e:7a:ff:
c8:0f:8b:65:ca:ac:38:be:20:48:f9:a2:76:fb:82:
a9:60:0c:2a:99:cd:5e:4d:bd:af:90:7a:e9:1b:6c:
49:79:a8:fc:c5:11:e1:67:a2:bd:5c:02:29:db:49:
9e:dd:20:9b:c1:24:5f:fc:77:92:15:47:9c:39:e3:
e6:c8:a0:dc:11:d9:a1:c8:4e:cc:62:37:85:3a:51:
ca:2d:01:23:83:dc:f7:b2:51:d6:88:8f:33:bc:6a:
47:d5:67:20:c9:e4:c5:a9:bb:da:3e:70:e9:e6:f5:
05:66:25:49:79:06:70:df:94:0e:14:fd:e5:40:4c:
b0:6d:e9:d0:31:1d:62:f6:ba:01:03:34:0e:22:9b:
08:44:bc:6a:f6:75:3a:e4:f0:48:86:20:96:65:0c:
02:aa:98:8a:22:6d:fb:ad:37:7b:0c:e8:a1:7f:a3:
6f:b4:d5:7a:4f:68:24:f8:65:66:5e:06:1b:97:54:
67:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:C9:01:51:BE:17:82:14:FC:16:75:83:34:D3:B6:D5:27:7A:3C:BF
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F4091/5A116BAA1D9D11EFA10F2D3AC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F4091/5A116BAA1D9D11EFA10F2D3AC4F9AE02/g8kBUb4XghT8FnWDNNO21Sd6PL8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.20.132.0/23
Signature Algorithm: sha256WithRSAEncryption
35:ef:69:19:31:b7:1c:d7:8f:17:67:50:48:bf:b3:fe:db:aa:
91:96:d6:9f:a1:8a:41:a3:ce:d1:57:db:14:29:b1:e5:2c:3b:
9c:7d:7d:b5:c2:e1:e9:58:4e:c6:54:a7:f2:ca:38:2a:34:bc:
0f:fd:59:f8:37:ca:aa:e0:bb:fb:52:e9:98:e2:9a:cd:d3:72:
bc:69:fd:70:03:bd:d1:0d:0c:4b:62:37:cd:a6:f6:27:1d:f8:
44:0f:0c:da:3d:93:e4:0b:a9:f4:e5:9d:5f:64:e5:f0:15:03:
88:dc:8b:b1:d1:7f:74:79:6e:f6:01:2a:66:d6:1f:bb:32:0b:
0c:35:0c:c1:d1:ff:26:ba:5d:10:f5:db:99:75:53:3a:8f:07:
f6:44:60:f7:1d:d5:17:cc:01:2b:a9:c6:51:e2:22:ab:92:23:
98:c5:9c:95:a8:22:a4:88:83:4e:1e:ac:3b:a8:4b:4f:d6:f6:
ab:a5:b8:8d:81:e0:48:10:ff:2f:b2:22:8f:ad:c4:15:77:37:
f3:f9:a4:3d:0b:28:ec:57:2f:5f:20:3f:11:bb:e8:d5:b9:43:
8e:5e:b4:a3:d2:8f:5e:dd:ff:93:d4:b2:49:fa:1a:7d:83:fa:
c3:54:10:bf:9d:44:e2:98:42:12:e2:9a:c5:73:33:fe:ba:c4:
dd:a1:72:4e
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICVjEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwNTI5MDkyNTIwWhcNMjUwODMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFGNDA5MTExMC8GA1UEBRMoODNDOTAxNTFCRTE3ODIxNEZDMTY3NTgz
MzREM0I2RDUyNzdBM0NCRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMrDa8HHFWdzCmKrFTW710ZFbEI0TRgP543KicL91y2qVq8Ut/rW6pO4/V9q2d3A
V7FHG1Vp0XnbMBKt+QTXXfrERCX9Ei11fnr/yA+LZcqsOL4gSPmidvuCqWAMKpnN
Xk29r5B66RtsSXmo/MUR4WeivVwCKdtJnt0gm8EkX/x3khVHnDnj5sig3BHZochO
zGI3hTpRyi0BI4Pc97JR1oiPM7xqR9VnIMnkxam72j5w6eb1BWYlSXkGcN+UDhT9
5UBMsG3p0DEdYva6AQM0DiKbCES8avZ1OuTwSIYglmUMAqqYiiJt+603ewzooX+j
b7TVek9oJPhlZl4GG5dUZ7MCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBSDyQFRvheC
FPwWdYM007bVJ3o8vzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjQwOTEvNUExMTZCQUExRDlEMTFFRkExMEYyRDNBQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUY0MDkxLzVBMTE2QkFBMUQ5RDExRUZBMTBGMkQzQUM0RjlBRTAyL2c4a0JVYjRY
Z2hUOEZuV0ROTk8yMVNkNlBMOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaAUhDANBgkqhkiG9w0BAQsFAAOCAQEANe9pGTG3HNePF2dQSL+z
/tuqkZbWn6GKQaPO0VfbFCmx5Sw7nH19tcLh6VhOxlSn8so4KjS8D/1Z+DfKquC7
+1LpmOKazdNyvGn9cAO90Q0MS2I3zab2Jx34RA8M2j2T5Aup9OWdX2Tl8BUDiNyL
sdF/dHlu9gEqZtYfuzILDDUMwdH/JrpdEPXbmXVTOo8H9kRg9x3VF8wBK6nGUeIi
q5IjmMWclagipIiDTh6sO6hLT9b2q6W4jYHgSBD/L7Iij63EFXc38/mkPQso7Fcv
XyA/Ebvo1blDjl60o9KPXt3/k9SySfoafYP6w1QQv51E4phCEuKaxXMz/rrE3aFy
Tg==
-----END CERTIFICATE-----
Generated at Thu Sep 19 22:41:13 2024 by rpki-client on console-fra.rpki-client.org