Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kkhmtAwwRC1pbyR3AVR1xfBwKsg.cer
File: kkhmtAwwRC1pbyR3AVR1xfBwKsg.cer (raw, json)
Hash identifier: VEZf5VC9VrxCdmlGh8VvSwB/Vm1czYsnzqK1WTPpqg8=
Subject key identifier: 92:48:66:B4:0C:30:44:2D:69:6F:24:77:01:54:75:C5:F0:70:2A:C8
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6112
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91C6A35/99277846D49211EFB564DE62C4F9AE02/kkhmtAwwRC1pbyR3AVR1xfBwKsg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91C6A35/99277846D49211EFB564DE62C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 17 Jan 2025 05:19:21 +0000
Certificate not after: Fri 01 May 2026 00:00:00 +0000
Subordinate resources: IP: 161.248.190.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 12 Feb 2025 14:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24850 (0x6112)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 17 05:19:21 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=A91C6A35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6d:f0:36:b4:31:62:04:8e:de:ad:0d:94:29:
f5:ca:44:26:77:af:24:e9:9a:3c:d6:9a:2b:d9:af:
c9:5d:1b:90:af:98:cb:7a:0e:36:ee:62:48:d1:78:
06:f4:3c:1b:0c:02:d7:19:e6:7a:b0:ff:a4:fa:58:
26:53:8e:6b:6e:71:9d:49:e9:90:bc:c3:4d:1b:46:
05:30:63:3b:bf:40:17:79:f9:bb:9d:f8:83:c6:a0:
a2:ce:f7:74:7f:d0:cf:07:27:9c:32:9d:ee:96:65:
c9:f5:7c:46:f4:0d:2a:6a:c9:dc:0a:e0:18:40:bb:
3e:d8:ed:8b:fd:d9:62:51:8d:e7:27:12:4e:8c:12:
db:ab:7d:35:d6:95:64:fc:52:e5:d3:a4:5d:85:a7:
25:e0:ba:f5:bc:a7:52:c5:77:6c:4a:86:13:53:7d:
e8:64:cc:76:48:8b:2f:b8:d2:44:69:26:80:4a:bc:
d8:78:2c:98:8d:44:d6:c1:70:a8:ce:7e:97:7f:26:
a9:d8:14:1d:96:1f:ee:ea:62:00:20:38:4a:b4:2a:
ee:ac:bb:66:b1:57:af:d9:04:f8:f4:e4:22:fe:f5:
19:92:6f:e5:d9:5a:08:09:24:b8:6f:39:5f:62:fc:
b7:8c:b4:e0:a5:c4:dd:d8:4b:a5:55:b3:44:81:ff:
a0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:48:66:B4:0C:30:44:2D:69:6F:24:77:01:54:75:C5:F0:70:2A:C8
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C6A35/99277846D49211EFB564DE62C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C6A35/99277846D49211EFB564DE62C4F9AE02/kkhmtAwwRC1pbyR3AVR1xfBwKsg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.190.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:2b:32:81:b8:ae:44:99:9f:9d:1b:a1:00:5c:17:54:f2:48:
cd:13:1c:12:92:12:5d:77:6e:d6:7c:ff:3e:e0:d0:d8:bb:a9:
78:30:cd:05:0f:61:55:b3:00:6f:15:4d:57:46:f3:97:d9:46:
d8:71:f7:dc:e1:96:65:2a:8f:6e:c0:04:48:63:c7:67:47:d2:
40:6e:ec:d3:db:10:a2:a5:bf:ba:df:96:3b:e5:c0:3c:c6:ee:
e5:fc:c5:00:e8:02:1d:f2:ce:ec:fa:09:f7:d5:2d:fb:c4:92:
6c:e0:20:05:0a:8d:32:68:5e:a0:0f:fb:d6:b8:03:e2:5a:d7:
ab:f1:f2:76:81:af:8f:14:be:7b:1b:52:e2:2d:9a:2e:81:46:
9f:ae:b2:08:ba:7d:f6:18:e7:f5:98:db:af:18:9f:51:ed:9c:
14:a8:df:09:76:b8:2a:28:43:07:45:9c:ff:1c:e5:0b:50:fc:
97:0d:b4:5e:05:41:67:46:0b:2b:ea:22:f9:59:39:77:54:1d:
be:58:6e:75:b7:89:5a:89:34:aa:70:a1:32:93:9b:eb:e2:7c:
0d:88:12:2a:20:91:95:80:08:67:9e:2b:ae:dc:2c:80:5c:00:
78:e8:2b:40:c2:5f:c7:a1:1a:60:ac:96:18:0b:c5:ad:c4:7a:
84:2f:32:27
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICYRIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwMTE3MDUxOTIxWhcNMjYwNTAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDNkEzNTExMC8GA1UEBRMoOTI0ODY2QjQwQzMwNDQyRDY5NkYyNDc3
MDE1NDc1QzVGMDcwMkFDODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKht8Da0MWIEjt6tDZQp9cpEJnevJOmaPNaaK9mvyV0bkK+Yy3oONu5iSNF4BvQ8
GwwC1xnmerD/pPpYJlOOa25xnUnpkLzDTRtGBTBjO79AF3n5u534g8agos73dH/Q
zwcnnDKd7pZlyfV8RvQNKmrJ3ArgGEC7Ptjti/3ZYlGN5ycSTowS26t9NdaVZPxS
5dOkXYWnJeC69bynUsV3bEqGE1N96GTMdkiLL7jSRGkmgEq82HgsmI1E1sFwqM5+
l38mqdgUHZYf7upiACA4SrQq7qy7ZrFXr9kE+PTkIv71GZJv5dlaCAkkuG85X2L8
t4y04KXE3dhLpVWzRIH/oAECAwEAAaOCAvMwggLvMB0GA1UdDgQWBBSSSGa0DDBE
LWlvJHcBVHXF8HAqyDAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzZBMzUvOTkyNzc4NDZENDkyMTFFRkI1NjRERTYyQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM2QTM1Lzk5Mjc3ODQ2RDQ5MjExRUZCNTY0REU2MkM0RjlBRTAyL2traG10QXd3
UkMxcGJ5UjNBVlIxeGZCd0tzZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaH4vjANBgkqhkiG9w0BAQsFAAOCAQEAoisygbiuRJmfnRuhAFwX
VPJIzRMcEpISXXdu1nz/PuDQ2LupeDDNBQ9hVbMAbxVNV0bzl9lG2HH33OGWZSqP
bsAESGPHZ0fSQG7s09sQoqW/ut+WO+XAPMbu5fzFAOgCHfLO7PoJ99Ut+8SSbOAg
BQqNMmheoA/71rgD4lrXq/HydoGvjxS+extS4i2aLoFGn66yCLp99hjn9Zjbrxif
Ue2cFKjfCXa4KihDB0Wc/xzlC1D8lw20XgVBZ0YLK+oi+Vk5d1QdvlhudbeJWok0
qnChMpOb6+J8DYgSKiCRlYAIZ54rrtwsgFwAeOgrQMJfx6EaYKyWGAvFrcR6hC8y
Jw==
-----END CERTIFICATE-----
Generated at Wed Feb 5 17:04:50 2025 by rpki-client