Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
File: ischKY-S4Qou4wUa-8kRQoT4DhI.cer (raw, json)
Hash identifier: Ud1BGR5jwLXSiGrTvrkQWpLF9WeYpnai47DiltDZyRs=
Subject key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5E29
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 21 Nov 2024 07:40:28 +0000
Certificate not after: Fri 31 Oct 2025 00:00:00 +0000
Subordinate resources: IP: 64.239.24.0/22
IP: 157.10.42.0 -- 157.10.53.255
IP: 157.10.86.0/23
IP: 157.10.170.0/23
IP: 157.10.186.0 -- 157.10.189.255
IP: 157.10.194.0 -- 157.10.203.255
IP: 157.15.14.0/23
IP: 157.15.18.0/23
IP: 157.15.38.0/23
IP: 157.15.84.0/22
IP: 157.15.108.0/22
IP: 157.20.58.0 -- 157.20.63.255
IP: 157.20.82.0/23
IP: 157.20.88.0/23
IP: 157.20.200.0/23
IP: 157.20.224.0/23
IP: 157.66.10.0 -- 157.66.13.255
IP: 157.66.24.0/22
IP: 157.66.46.0 -- 157.66.49.255
IP: 157.66.80.0/23
IP: 157.66.96.0 -- 157.66.101.255
IP: 157.66.120.0/23
IP: 157.66.134.0/23
IP: 157.66.156.0 -- 157.66.163.255
IP: 157.66.194.0 -- 157.66.199.255
IP: 157.66.216.0 -- 157.66.225.255
IP: 157.66.252.0/23
IP: 160.19.78.0/23
IP: 160.19.150.0/23
IP: 160.19.158.0/23
IP: 160.19.204.0/23
IP: 160.22.2.0/23
IP: 160.22.16.0/23
IP: 160.22.54.0 -- 160.22.57.255
IP: 160.22.74.0/23
IP: 160.22.80.0/23
IP: 160.22.102.0/23
IP: 160.22.106.0/23
IP: 160.22.118.0 -- 160.22.125.255
IP: 160.22.158.0 -- 160.22.161.255
IP: 160.22.170.0 -- 160.22.175.255
IP: 160.25.72.0 -- 160.25.89.255
IP: 160.25.144.0/21
IP: 160.25.164.0 -- 160.25.169.255
IP: 160.25.206.0 -- 160.25.209.255
IP: 160.25.232.0/22
IP: 160.30.10.0 -- 160.30.13.255
IP: 160.30.18.0 -- 160.30.23.255
IP: 160.30.44.0/23
IP: 160.30.48.0 -- 160.30.57.255
IP: 160.30.80.0/23
IP: 160.30.86.0 -- 160.30.91.255
IP: 160.30.112.0/23
IP: 160.30.134.0 -- 160.30.137.255
IP: 160.30.154.0 -- 160.30.165.255
IP: 160.30.168.0 -- 160.30.173.255
IP: 160.30.190.0 -- 160.30.193.255
IP: 160.30.200.0/23
IP: 160.30.204.0/23
IP: 160.30.252.0/22
IP: 160.187.0.0/22
IP: 160.187.38.0/23
IP: 160.187.58.0/23
IP: 160.187.74.0/23
IP: 160.187.84.0/23
IP: 160.187.88.0/22
IP: 160.187.94.0/24
IP: 160.187.104.0/23
IP: 160.187.120.0/22
IP: 160.187.146.0 -- 160.187.149.255
IP: 160.187.152.0/23
IP: 160.187.156.0/23
IP: 160.187.226.0 -- 160.187.229.255
IP: 160.187.240.0/21
IP: 160.191.2.0/23
IP: 160.191.32.0 -- 160.191.37.255
IP: 160.191.46.0 -- 160.191.55.255
IP: 160.191.84.0 -- 160.191.101.255
IP: 160.191.112.0/23
IP: 160.191.138.0/23
IP: 160.191.146.0/23
IP: 160.191.160.0/23
IP: 160.191.164.0/22
IP: 160.191.174.0 -- 160.191.177.255
IP: 160.191.214.0 -- 160.191.223.255
IP: 160.191.230.0/23
IP: 160.191.236.0/23
IP: 160.191.240.0 -- 160.191.245.255
IP: 160.191.248.0/21
IP: 160.250.0.0 -- 160.250.5.255
IP: 160.250.26.0/23
IP: 160.250.30.0 -- 160.250.33.255
IP: 160.250.46.0/23
IP: 192.223.12.0/22
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 20:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24105 (0x5e29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Nov 21 07:40:28 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:63:46:00:f1:2f:45:e3:46:dc:02:5e:8b:c1:
90:d7:d3:f4:9a:bd:48:f7:4d:c5:6d:8b:57:e4:e9:
4b:6c:95:bf:8e:4f:4a:17:d1:7a:0b:13:dc:bf:50:
b0:87:3c:ce:69:40:b9:74:10:08:7c:bf:d1:03:c3:
8c:b9:34:81:74:71:73:76:e5:bd:b1:9c:23:b1:a0:
92:9c:44:4f:b5:da:f4:fb:21:70:18:85:01:ff:2c:
24:24:31:bc:50:53:ca:67:c7:39:06:2d:c3:cf:ed:
00:41:c2:68:70:8c:62:10:d0:6d:35:c3:85:63:2c:
74:66:b6:61:98:b1:cf:96:66:95:66:5e:cc:aa:8c:
c3:69:38:77:7e:dd:9b:e4:28:3f:9a:ac:13:8f:80:
d1:86:17:11:5e:a4:2d:10:69:1f:99:f7:08:c4:c6:
44:2a:3a:22:b9:4b:8e:00:f9:48:32:b9:92:67:9f:
34:88:de:6d:dd:62:75:c0:2f:5c:6f:7f:e6:bb:6d:
51:ff:b4:67:8c:9a:d7:da:9a:4f:0b:3d:1b:05:7b:
98:a0:69:6a:67:8d:71:fb:15:5d:14:d0:65:6b:92:
01:16:63:17:7c:5f:ed:e7:87:90:18:0f:6c:ad:a2:
0d:c3:54:4d:dc:74:7c:07:a2:ea:4f:f5:58:42:22:
81:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
64.239.24.0/22
157.10.42.0-157.10.53.255
157.10.86.0/23
157.10.170.0/23
157.10.186.0-157.10.189.255
157.10.194.0-157.10.203.255
157.15.14.0/23
157.15.18.0/23
157.15.38.0/23
157.15.84.0/22
157.15.108.0/22
157.20.58.0-157.20.63.255
157.20.82.0/23
157.20.88.0/23
157.20.200.0/23
157.20.224.0/23
157.66.10.0-157.66.13.255
157.66.24.0/22
157.66.46.0-157.66.49.255
157.66.80.0/23
157.66.96.0-157.66.101.255
157.66.120.0/23
157.66.134.0/23
157.66.156.0-157.66.163.255
157.66.194.0-157.66.199.255
157.66.216.0-157.66.225.255
157.66.252.0/23
160.19.78.0/23
160.19.150.0/23
160.19.158.0/23
160.19.204.0/23
160.22.2.0/23
160.22.16.0/23
160.22.54.0-160.22.57.255
160.22.74.0/23
160.22.80.0/23
160.22.102.0/23
160.22.106.0/23
160.22.118.0-160.22.125.255
160.22.158.0-160.22.161.255
160.22.170.0-160.22.175.255
160.25.72.0-160.25.89.255
160.25.144.0/21
160.25.164.0-160.25.169.255
160.25.206.0-160.25.209.255
160.25.232.0/22
160.30.10.0-160.30.13.255
160.30.18.0-160.30.23.255
160.30.44.0/23
160.30.48.0-160.30.57.255
160.30.80.0/23
160.30.86.0-160.30.91.255
160.30.112.0/23
160.30.134.0-160.30.137.255
160.30.154.0-160.30.165.255
160.30.168.0-160.30.173.255
160.30.190.0-160.30.193.255
160.30.200.0/23
160.30.204.0/23
160.30.252.0/22
160.187.0.0/22
160.187.38.0/23
160.187.58.0/23
160.187.74.0/23
160.187.84.0/23
160.187.88.0/22
160.187.94.0/24
160.187.104.0/23
160.187.120.0/22
160.187.146.0-160.187.149.255
160.187.152.0/23
160.187.156.0/23
160.187.226.0-160.187.229.255
160.187.240.0/21
160.191.2.0/23
160.191.32.0-160.191.37.255
160.191.46.0-160.191.55.255
160.191.84.0-160.191.101.255
160.191.112.0/23
160.191.138.0/23
160.191.146.0/23
160.191.160.0/23
160.191.164.0/22
160.191.174.0-160.191.177.255
160.191.214.0-160.191.223.255
160.191.230.0/23
160.191.236.0/23
160.191.240.0-160.191.245.255
160.191.248.0/21
160.250.0.0-160.250.5.255
160.250.26.0/23
160.250.30.0-160.250.33.255
160.250.46.0/23
192.223.12.0/22
Signature Algorithm: sha256WithRSAEncryption
24:85:8d:e1:9a:50:b7:4f:c2:26:af:4f:90:d1:8c:1a:a9:cd:
de:69:26:fa:ec:b4:c4:a7:99:4d:50:30:e9:87:1a:4d:46:fb:
49:61:17:57:89:1b:b7:62:05:1d:a8:e8:b2:fc:fd:01:94:13:
1b:61:8c:37:d3:de:26:e0:f3:1c:ae:37:f0:fe:a2:d5:38:fd:
e4:fa:3b:8a:4b:30:8f:a5:fa:c9:88:5a:b8:e3:70:25:83:e5:
a2:cf:fe:63:78:44:bd:3c:09:22:3e:81:d4:28:bc:92:7e:5a:
59:ad:6f:b7:64:ef:ba:08:bc:1c:00:65:d6:6e:a8:c0:de:6c:
eb:d9:0e:b4:11:03:69:a3:df:cb:b9:61:f7:3a:09:10:8a:90:
7b:1e:85:94:e3:dc:0e:17:16:f7:e5:01:04:01:c9:01:39:3d:
70:99:8f:03:07:02:09:d1:83:f3:8f:76:47:fd:1b:18:8d:b7:
9e:83:e4:85:07:4c:f5:c5:ce:78:21:52:41:4d:3c:7e:b1:72:
79:7f:b3:6e:39:50:af:fd:7a:85:de:0f:1a:c6:67:85:0a:89:
e1:c0:2a:9a:62:c3:2e:9a:21:a8:64:27:e4:e6:e5:88:f5:b5:
63:62:7e:dd:25:d1:ca:c0:70:ec:ce:ee:81:44:99:1a:b7:26:
ac:1c:d0:e5
-----BEGIN CERTIFICATE-----
MIIJTDCCCDSgAwIBAgICXikwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQxMTIxMDc0MDI4WhcNMjUxMDMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFBNTYwQTExMC8GA1UEBRMoOEFDNzIxMjk4RjkyRTEwQTJFRTMwNTFB
RkJDOTExNDI4NEY4MEUxMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALljRgDxL0XjRtwCXovBkNfT9Jq9SPdNxW2LV+TpS2yVv45PShfRegsT3L9QsIc8
zmlAuXQQCHy/0QPDjLk0gXRxc3blvbGcI7GgkpxET7Xa9PshcBiFAf8sJCQxvFBT
ymfHOQYtw8/tAEHCaHCMYhDQbTXDhWMsdGa2YZixz5ZmlWZezKqMw2k4d37dm+Qo
P5qsE4+A0YYXEV6kLRBpH5n3CMTGRCo6IrlLjgD5SDK5kmefNIjebd1idcAvXG9/
5rttUf+0Z4ya19qaTws9GwV7mKBpameNcfsVXRTQZWuSARZjF3xf7eeHkBgPbK2i
DcNUTdx0fAei6k/1WEIigX0CAwEAAaOCBkIwggY+MB0GA1UdDgQWBBSKxyEpj5Lh
Ci7jBRr7yRFChPgOEjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE1NjBBLzIwOTU4NjE4QTlERjExRUVBMzU2QTQzRUM0RjlBRTAyL2lzY2hLWS1T
NFFvdTR3VWEtOGtSUW9UNERoSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDCCA2wGCCsGAQUFBwEHAQH/BIID
WzCCA1cwggNTBAIAATCCA0sDBAJA7xgwDAMEAZ0KKgMEAZ0KNAMEAZ0KVgMEAZ0K
qjAMAwQBnQq6AwQBnQq8MAwDBAGdCsIDBAKdCsgDBAGdDw4DBAGdDxIDBAGdDyYD
BAKdD1QDBAKdD2wwDAMEAZ0UOgMEBp0UAAMEAZ0UUgMEAZ0UWAMEAZ0UyAMEAZ0U
4DAMAwQBnUIKAwQBnUIMAwQCnUIYMAwDBAGdQi4DBAGdQjADBAGdQlAwDAMEBZ1C
YAMEAZ1CZAMEAZ1CeAMEAZ1ChjAMAwQCnUKcAwQCnUKgMAwDBAGdQsIDBAOdQsAw
DAMEA51C2AMEAZ1C4AMEAZ1C/AMEAaATTgMEAaATlgMEAaATngMEAaATzAMEAaAW
AgMEAaAWEDAMAwQBoBY2AwQBoBY4AwQBoBZKAwQBoBZQAwQBoBZmAwQBoBZqMAwD
BAGgFnYDBAGgFnwwDAMEAaAWngMEAaAWoDAMAwQBoBaqAwQEoBagMAwDBAOgGUgD
BAGgGVgDBAOgGZAwDAMEAqAZpAMEAaAZqDAMAwQBoBnOAwQBoBnQAwQCoBnoMAwD
BAGgHgoDBAGgHgwwDAMEAaAeEgMEA6AeEAMEAaAeLDAMAwQEoB4wAwQBoB44AwQB
oB5QMAwDBAGgHlYDBAKgHlgDBAGgHnAwDAMEAaAehgMEAaAeiDAMAwQBoB6aAwQB
oB6kMAwDBAOgHqgDBAGgHqwwDAMEAaAevgMEAaAewAMEAaAeyAMEAaAezAMEAqAe
/AMEAqC7AAMEAaC7JgMEAaC7OgMEAaC7SgMEAaC7VAMEAqC7WAMEAKC7XgMEAaC7
aAMEAqC7eDAMAwQBoLuSAwQBoLuUAwQBoLuYAwQBoLucMAwDBAGgu+IDBAGgu+QD
BAOgu/ADBAGgvwIwDAMEBaC/IAMEAaC/JDAMAwQBoL8uAwQDoL8wMAwDBAKgv1QD
BAGgv2QDBAGgv3ADBAGgv4oDBAGgv5IDBAGgv6ADBAKgv6QwDAMEAaC/rgMEAaC/
sDAMAwQBoL/WAwQFoL/AAwQBoL/mAwQBoL/sMAwDBASgv/ADBAGgv/QDBAOgv/gw
CwMDAaD6AwQBoPoEAwQBoPoaMAwDBAGg+h4DBAGg+iADBAGg+i4DBALA3wwwDQYJ
KoZIhvcNAQELBQADggEBACSFjeGaULdPwiavT5DRjBqpzd5pJvrstMSnmU1QMOmH
Gk1G+0lhF1eJG7diBR2o6LL8/QGUExthjDfT3ibg8xyuN/D+otU4/eT6O4pLMI+l
+smIWrjjcCWD5aLP/mN4RL08CSI+gdQovJJ+Wlmtb7dk77oIvBwAZdZuqMDebOvZ
DrQRA2mj38u5Yfc6CRCKkHsehZTj3A4XFvflAQQByQE5PXCZjwMHAgnRg/OPdkf9
GxiNt56D5IUHTPXFznghUkFNPH6xcnl/s245UK/9eoXeDxrGZ4UKieHAKppiwy6a
IahkJ+Tm5Yj1tWNift0l0crAcOzO7oFEmRq3Jqwc0OU=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:30 2024 by rpki-client on console-fra.rpki-client.org