Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hsrvlnOe9JpRT-n5C2_pUJ08yVM.cer
File: hsrvlnOe9JpRT-n5C2_pUJ08yVM.cer (raw, json)
Hash identifier: HMY/+rTrO4KGk0hp/yg8mpj1J5tdit5JSF3U1DqSgxY=
Subject key identifier: 86:CA:EF:96:73:9E:F4:9A:51:4F:E9:F9:0B:6F:E9:50:9D:3C:C9:53
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 542B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/hsrvlnOe9JpRT-n5C2_pUJ08yVM.mft
caRepository: rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 03 Apr 2024 07:02:26 +0000
Certificate not after: Wed 28 May 2025 00:00:00 +0000
Subordinate resources: IP: 168.168.128.0/17
IP: 198.51.196.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 20:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21547 (0x542b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Apr 3 07:02:26 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=A915D0AC/serialNumber=86CAEF96739EF49A514FE9F90B6FE9509D3CC953
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f3:b6:ee:e5:34:16:df:58:c3:22:59:88:6d:
e9:2c:ba:25:48:cb:e2:d7:3e:22:c9:40:a9:e2:1e:
02:85:c3:04:14:56:ce:65:09:72:8a:24:7b:2d:0b:
f4:11:3a:65:1e:24:a0:8d:d4:ae:91:74:3f:11:69:
8a:da:f8:9e:74:a1:ac:da:f7:0e:c3:4c:d6:cf:23:
8e:19:f5:f6:17:f4:e1:ac:d4:9a:42:57:2d:85:a8:
80:48:b7:cd:90:3d:c8:e1:6e:56:3e:f5:15:6c:82:
df:31:21:0e:65:7c:aa:eb:f2:f6:be:4f:a7:68:ca:
24:c0:fa:5c:98:d7:96:73:70:23:18:c1:27:94:12:
98:57:e6:09:09:89:ca:e5:02:ae:dd:dd:2b:b3:78:
1d:04:d2:a6:1c:3b:91:1a:a8:1a:9f:a8:f0:a9:29:
c6:56:f2:33:51:9f:46:c4:c7:cb:b1:97:43:43:d7:
64:90:f7:69:7c:3a:34:ca:87:34:a1:ff:e8:bb:2b:
82:ff:93:6d:66:d2:82:50:4b:e4:03:c1:ad:25:2f:
91:af:95:de:98:fa:16:0b:70:7b:a8:7e:7d:81:8c:
8b:5e:9d:3f:3b:25:53:db:37:ae:d6:73:db:73:6e:
cc:1b:29:63:ef:df:c8:c2:8c:e5:e0:6b:c4:67:76:
68:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:CA:EF:96:73:9E:F4:9A:51:4F:E9:F9:0B:6F:E9:50:9D:3C:C9:53
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/hsrvlnOe9JpRT-n5C2_pUJ08yVM.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
168.168.128.0/17
198.51.196.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:2c:38:a3:42:a0:98:70:ee:24:04:6d:02:92:4d:1e:44:ca:
23:41:cd:f4:8b:c4:07:c9:8f:dc:84:b0:42:47:07:c9:45:84:
33:33:6a:93:3b:55:a2:18:d4:29:d1:0b:dd:c9:fa:8b:e3:35:
6f:61:4d:db:c9:0a:2d:41:ad:b5:1a:45:2d:d7:52:78:98:54:
76:ba:75:6a:f4:7d:8a:c6:a8:c9:33:ae:2a:ab:98:7c:65:c2:
96:29:be:42:d4:97:67:d7:91:a4:d6:54:b9:c8:fb:4c:71:c8:
25:f1:56:fa:38:bb:49:d6:0b:0e:fe:d7:bd:7c:80:47:d6:58:
a8:8d:a4:b9:dd:0a:b0:90:30:58:5e:b2:b1:a4:c8:d5:b7:c5:
4e:30:28:07:a3:67:3b:86:c8:85:a0:e6:dc:00:21:33:75:87:
30:a5:81:6f:ae:56:c6:c8:d5:f3:fe:98:7b:54:85:36:d3:24:
5e:7f:a6:ea:92:27:5a:3e:0d:98:d4:61:c6:bc:7a:fa:ec:01:
71:14:fc:c9:e5:c7:51:e4:f1:ca:d3:98:35:e3:dc:01:8e:39:
01:d2:9b:75:25:e8:f9:f7:a8:05:64:2b:ab:02:3a:37:ab:6c:
5d:f1:ce:24:0c:1c:09:f5:77:6c:fd:0a:c1:ac:10:cb:73:0c:
82:6b:66:b4
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgICVCswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwNDAzMDcwMjI2WhcNMjUwNTI4MDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE1RDBBQzExMC8GA1UEBRMoODZDQUVGOTY3MzlFRjQ5QTUxNEZFOUY5
MEI2RkU5NTA5RDNDQzk1MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM7ztu7lNBbfWMMiWYht6Sy6JUjL4tc+IslAqeIeAoXDBBRWzmUJcookey0L9BE6
ZR4koI3UrpF0PxFpitr4nnShrNr3DsNM1s8jjhn19hf04azUmkJXLYWogEi3zZA9
yOFuVj71FWyC3zEhDmV8quvy9r5Pp2jKJMD6XJjXlnNwIxjBJ5QSmFfmCQmJyuUC
rt3dK7N4HQTSphw7kRqoGp+o8KkpxlbyM1GfRsTHy7GXQ0PXZJD3aXw6NMqHNKH/
6Lsrgv+TbWbSglBL5APBrSUvka+V3pj6Fgtwe6h+fYGMi16dPzslU9s3rtZz23Nu
zBspY+/fyMKM5eBrxGd2aCkCAwEAAaOCAvkwggL1MB0GA1UdDgQWBBSGyu+Wc570
mlFP6fkLb+lQnTzJUzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQwQUMvOUE1RjBFMUExNTI0MTFFRTlENzBDOTY4QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTVEMEFDLzlBNUYwRTFBMTUyNDExRUU5RDcwQzk2OEM0RjlBRTAyL2hzcnZsbk9l
OUpwUlQtbjVDMl9wVUowOHlWTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQWMBQw
EgQCAAEwDAMEB6iogAMEAMYzxDANBgkqhkiG9w0BAQsFAAOCAQEADCw4o0KgmHDu
JARtApJNHkTKI0HN9IvEB8mP3ISwQkcHyUWEMzNqkztVohjUKdEL3cn6i+M1b2FN
28kKLUGttRpFLddSeJhUdrp1avR9isaoyTOuKquYfGXClim+QtSXZ9eRpNZUucj7
THHIJfFW+ji7SdYLDv7XvXyAR9ZYqI2kud0KsJAwWF6ysaTI1bfFTjAoB6NnO4bI
haDm3AAhM3WHMKWBb65WxsjV8/6Ye1SFNtMkXn+m6pInWj4NmNRhxrx6+uwBcRT8
yeXHUeTxytOYNePcAY45AdKbdSXo+feoBWQrqwI6N6tsXfHOJAwcCfV3bP0KwawQ
y3MMgmtmtA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:30 2024 by rpki-client on console-fra.rpki-client.org