Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer
File: kGA-NU21aLPKQpAOcDAR55ZiiS4.cer (raw, json)
Hash identifier: 6J7SaOQ7EkHGn0O4zdnxNz2gjhq0hXCJsh92xKHY5i0=
Subject key identifier: 90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5824
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 11 Jul 2024 23:16:40 +0000
Certificate not after: Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources: IP: 72.9.128.0/20
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 20:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22564 (0x5824)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Jul 11 23:16:40 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=A91F731E/serialNumber=90603E354DB568B3CA42900E703011E79662892E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bb:25:c1:8f:95:bd:a2:ad:eb:b0:fa:43:52:
4d:d3:d6:98:84:90:14:fb:97:f5:60:1f:ec:19:b9:
17:01:8a:0e:6b:63:81:cd:d8:e2:83:ab:2f:25:4e:
ee:96:cf:05:32:c0:56:8b:1f:62:84:f2:4f:db:c0:
2a:36:19:d0:14:96:bc:0a:c0:de:73:a9:6d:58:1f:
25:72:d7:b3:fd:f7:c1:17:67:60:d9:ad:4e:41:70:
d1:c7:bc:cb:cf:1e:63:8a:9f:5d:e1:f4:32:97:24:
81:a6:22:45:8e:99:18:31:0b:71:9e:07:f2:22:72:
2a:4c:23:6d:5e:1d:d6:e4:1d:b6:4f:2a:ff:03:65:
a3:7a:bd:20:60:d3:7e:77:4a:69:b4:f9:7e:8a:a2:
7a:fd:b9:65:0c:8d:7a:20:22:e3:e5:bb:81:19:eb:
a7:1e:80:01:8e:d8:be:9e:e9:9b:57:bc:89:46:6b:
44:a3:ca:cd:f7:c9:ee:be:da:de:96:22:36:6d:dd:
02:f5:7b:a0:6e:43:ea:24:5c:41:d3:48:e9:36:ba:
a8:16:3b:90:d6:a4:85:e7:ce:48:17:aa:5c:1c:2c:
a1:76:bf:c9:15:b7:1c:ca:0e:0f:ab:b4:ba:1a:31:
38:1d:1f:88:5a:8f:3a:23:2f:ec:88:56:d0:76:79:
6b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
72.9.128.0/20
Signature Algorithm: sha256WithRSAEncryption
3d:a9:cc:59:93:5f:79:6a:57:b8:c2:4d:e9:a2:1f:c7:be:9f:
1d:3e:75:c5:fe:a4:67:7d:a4:01:3d:c8:4b:42:d8:8a:6c:cb:
74:b7:ab:ba:09:d6:ce:11:a6:0f:6b:fd:7f:e4:30:13:26:d5:
1c:59:1a:79:46:f8:f9:82:b7:2e:7c:1c:cb:c7:e5:79:50:3a:
31:29:51:77:08:71:af:48:e1:71:5a:e0:42:24:de:5b:57:11:
58:c9:81:d5:52:c2:0c:41:78:49:8f:78:d1:98:ea:00:ef:9f:
57:a3:5d:41:3f:67:1c:8f:8f:d0:a4:33:7b:53:97:4f:bc:49:
24:e1:09:6a:14:0f:50:05:57:72:57:2a:29:c0:90:44:92:2e:
24:21:e8:07:f5:a9:c3:7d:98:71:cb:43:42:3a:1f:e4:e2:6f:
ac:18:c4:48:e8:cf:07:e0:55:88:2c:d3:fb:f0:eb:ba:4e:25:
9e:f8:05:88:9d:cd:88:03:4d:ad:b0:5b:2b:db:2c:33:9e:56:
30:60:85:aa:f5:fb:26:84:62:14:1b:87:52:af:f7:09:7b:48:
09:b5:10:98:2b:ba:ed:d4:03:9e:d7:bc:8c:d5:55:97:89:f3:
14:75:db:eb:3c:b4:3c:c3:e2:10:1c:2d:ff:b6:2e:ef:c4:6e:
03:2b:84:1d
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICWCQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwNzExMjMxNjQwWhcNMjUwOTMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFGNzMxRTExMC8GA1UEBRMoOTA2MDNFMzU0REI1NjhCM0NBNDI5MDBF
NzAzMDExRTc5NjYyODkyRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKy7JcGPlb2ireuw+kNSTdPWmISQFPuX9WAf7Bm5FwGKDmtjgc3Y4oOrLyVO7pbP
BTLAVosfYoTyT9vAKjYZ0BSWvArA3nOpbVgfJXLXs/33wRdnYNmtTkFw0ce8y88e
Y4qfXeH0MpckgaYiRY6ZGDELcZ4H8iJyKkwjbV4d1uQdtk8q/wNlo3q9IGDTfndK
abT5foqiev25ZQyNeiAi4+W7gRnrpx6AAY7Yvp7pm1e8iUZrRKPKzffJ7r7a3pYi
Nm3dAvV7oG5D6iRcQdNI6Ta6qBY7kNakhefOSBeqXBwsoXa/yRW3HMoOD6u0uhox
OB0fiFqPOiMv7IhW0HZ5a4ECAwEAAaOCAvMwggLvMB0GA1UdDgQWBBSQYD41TbVo
s8pCkA5wMBHnlmKJLjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjczMUUvRUFBMTlDQjRCMkRDMTFFQjg2MjFDQjU2QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUY3MzFFL0VBQTE5Q0I0QjJEQzExRUI4NjIxQ0I1NkM0RjlBRTAyL2tHQS1OVTIx
YUxQS1FwQU9jREFSNTVaaWlTNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEBEgJgDANBgkqhkiG9w0BAQsFAAOCAQEAPanMWZNfeWpXuMJN6aIf
x76fHT51xf6kZ32kAT3IS0LYimzLdLerugnWzhGmD2v9f+QwEybVHFkaeUb4+YK3
Lnwcy8fleVA6MSlRdwhxr0jhcVrgQiTeW1cRWMmB1VLCDEF4SY940ZjqAO+fV6Nd
QT9nHI+P0KQze1OXT7xJJOEJahQPUAVXclcqKcCQRJIuJCHoB/Wpw32YcctDQjof
5OJvrBjESOjPB+BViCzT+/Druk4lnvgFiJ3NiANNrbBbK9ssM55WMGCFqvX7JoRi
FBuHUq/3CXtICbUQmCu67dQDnte8jNVVl4nzFHXb6zy0PMPiEBwt/7Yu78RuAyuE
HQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:41:40 2024 by rpki-client on console-ams.rpki-client.org