Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lD0-ELi74Ti0dzRVS2kFMRDUW-M.cer
File: lD0-ELi74Ti0dzRVS2kFMRDUW-M.cer (raw, json)
Hash identifier: SRv4ySHv61GIeODqFXgrMDPhqxWMkRWBJ4tiMx9lVGw=
Subject key identifier: 94:3D:3E:10:B8:BB:E1:38:B4:77:34:55:4B:69:05:31:10:D4:5B:E3
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 544B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/lD0-ELi74Ti0dzRVS2kFMRDUW-M.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 05 Apr 2024 05:37:16 +0000
Certificate not after: Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources: IP: 128.94.0.0/16
IP: 135.149.0.0/16
IP: 138.239.0.0/16
IP: 147.145.0.0/16
IP: 148.7.0.0/16
IP: 155.62.0.0/16
IP: 158.23.0.0/16
IP: 158.158.0.0/16
IP: 160.4.0.0/16
IP: 167.105.0.0/16
IP: 167.220.224.0 -- 167.220.243.255
IP: 167.220.248.0/21
IP: 169.138.0.0/16
IP: 170.165.0.0/16
IP: 192.146.133.0/24
IP: 192.153.251.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 May 2024 02:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21579 (0x544b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Apr 5 05:37:16 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=A91A3E3F/serialNumber=943D3E10B8BBE138B47734554B69053110D45BE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:46:55:ae:8c:26:11:18:89:cc:fb:f2:19:94:
b6:3f:db:a2:5e:b3:85:f3:83:8b:47:e4:bc:2a:a2:
1e:5d:52:ee:b0:2e:68:82:7a:80:b8:67:c9:a4:c2:
2b:8c:3c:81:d9:a8:40:b1:b2:ee:b6:04:dd:ad:d4:
ca:cd:d8:98:3b:e0:19:ac:72:b2:a2:5a:bd:4b:1a:
5e:be:28:d4:62:01:a5:b3:ce:de:9b:a6:36:fa:60:
e7:c2:89:5e:b5:a4:db:d5:ce:6b:2b:50:75:ec:4b:
1c:55:f1:3a:10:54:6d:88:1d:b7:46:3b:ff:3c:4d:
5e:4b:95:bf:c9:a0:d0:8f:19:ed:e9:ea:71:97:d9:
32:35:6f:91:07:03:3b:8a:f8:b8:11:2e:74:73:f4:
81:e0:13:c5:8f:a7:8f:0d:79:f0:ad:12:36:1c:54:
cd:8a:bc:18:38:ef:6e:0a:9c:fa:6c:84:6e:9b:6d:
a5:7b:af:66:29:3f:bc:47:b4:3e:61:20:e3:55:66:
93:60:c7:c2:26:da:48:aa:10:4c:00:88:a6:5c:c7:
af:e2:1b:0f:b5:d4:4e:d2:6e:d7:53:20:1c:13:0a:
1e:bc:a6:ad:94:7f:29:39:0c:bf:96:74:aa:31:97:
3a:44:3c:b6:3d:96:50:2b:de:df:11:56:56:78:7b:
e8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:3D:3E:10:B8:BB:E1:38:B4:77:34:55:4B:69:05:31:10:D4:5B:E3
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/lD0-ELi74Ti0dzRVS2kFMRDUW-M.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
128.94.0.0/16
135.149.0.0/16
138.239.0.0/16
147.145.0.0/16
148.7.0.0/16
155.62.0.0/16
158.23.0.0/16
158.158.0.0/16
160.4.0.0/16
167.105.0.0/16
167.220.224.0-167.220.243.255
167.220.248.0/21
169.138.0.0/16
170.165.0.0/16
192.146.133.0/24
192.153.251.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:1f:b7:f8:1a:66:04:93:fc:66:7c:de:a6:3b:7a:df:a8:3e:
8e:56:62:b3:94:7a:27:50:b4:8b:09:9d:14:c9:ea:bf:65:36:
6d:6c:39:d2:fa:06:b6:05:46:1f:b9:d2:df:e0:90:76:91:8a:
bf:12:01:38:d8:aa:35:57:c2:4d:5b:bc:9c:09:f2:f1:ac:3d:
4b:52:9a:9f:c5:68:d3:c9:21:27:4d:81:8c:29:94:27:12:a7:
5c:8c:b7:87:a6:75:a1:bf:59:a6:70:49:3b:47:2d:83:0f:dd:
b5:cb:f3:19:65:6e:4a:47:7f:13:ee:8a:45:68:20:22:76:42:
10:ed:51:07:9e:f0:a2:00:6c:59:bd:09:9d:30:03:e7:dd:e5:
f2:ae:88:d5:d2:5e:0a:e8:9f:67:5a:c7:ba:41:1f:a4:3f:c3:
e6:a7:0b:a8:da:f8:5f:e8:40:ca:90:cc:02:70:b8:3d:10:95:
8a:64:82:99:c9:b8:75:36:99:14:17:98:43:33:67:35:be:00:
25:e4:f7:b9:f0:94:74:13:81:e5:50:98:91:3d:ec:cc:16:e2:
64:79:e6:e5:d1:1f:52:63:95:4f:e6:aa:03:fb:fe:e1:bd:48:
3c:4b:f9:eb:13:50:0a:3e:11:3d:49:e5:e5:32:62:2a:97:b6:
44:0b:80:30
-----BEGIN CERTIFICATE-----
MIIGUzCCBTugAwIBAgICVEswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwNDA1MDUzNzE2WhcNMjUwMTMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFBM0UzRjExMC8GA1UEBRMoOTQzRDNFMTBCOEJCRTEzOEI0NzczNDU1
NEI2OTA1MzExMEQ0NUJFMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALBGVa6MJhEYicz78hmUtj/bol6zhfODi0fkvCqiHl1S7rAuaIJ6gLhnyaTCK4w8
gdmoQLGy7rYE3a3Uys3YmDvgGaxysqJavUsaXr4o1GIBpbPO3pumNvpg58KJXrWk
29XOaytQdexLHFXxOhBUbYgdt0Y7/zxNXkuVv8mg0I8Z7enqcZfZMjVvkQcDO4r4
uBEudHP0geATxY+njw158K0SNhxUzYq8GDjvbgqc+myEbpttpXuvZik/vEe0PmEg
41Vmk2DHwibaSKoQTACIplzHr+IbD7XUTtJu11MgHBMKHrymrZR/KTkMv5Z0qjGX
OkQ8tj2WUCve3xFWVnh76HcCAwEAAaOCA0kwggNFMB0GA1UdDgQWBBSUPT4QuLvh
OLR3NFVLaQUxENRb4zAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTNFM0YvMzA1RUI4NzY3Q0RCMTFFREFCODQ0QzE5QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUEzRTNGLzMwNUVCODc2N0NEQjExRURBQjg0NEMxOUM0RjlBRTAyL2xEMC1FTGk3
NFRpMGR6UlZTMmtGTVJEVVctTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDB1BggrBgEFBQcBBwEB/wRmMGQw
YgQCAAEwXAMDAIBeAwMAh5UDAwCK7wMDAJORAwMAlAcDAwCbPgMDAJ4XAwMAnp4D
AwCgBAMDAKdpMAwDBAWn3OADBAKn3PADBAOn3PgDAwCpigMDAKqlAwQAwJKFAwQA
wJn7MA0GCSqGSIb3DQEBCwUAA4IBAQB7H7f4GmYEk/xmfN6mO3rfqD6OVmKzlHon
ULSLCZ0Uyeq/ZTZtbDnS+ga2BUYfudLf4JB2kYq/EgE42Ko1V8JNW7ycCfLxrD1L
UpqfxWjTySEnTYGMKZQnEqdcjLeHpnWhv1mmcEk7Ry2DD921y/MZZW5KR38T7opF
aCAidkIQ7VEHnvCiAGxZvQmdMAPn3eXyrojV0l4K6J9nWse6QR+kP8Pmpwuo2vhf
6EDKkMwCcLg9EJWKZIKZybh1NpkUF5hDM2c1vgAl5Pe58JR0E4HlUJiRPezMFuJk
eebl0R9SY5VP5qoD+/7hvUg8S/nrE1AKPhE9SeXlMmIql7ZEC4Aw
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:02:38 2024 by rpki-client on console-ams.rpki-client.org