Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lfCdXluLzW9LTWm1yTbJEvd9LP0.cer
File: lfCdXluLzW9LTWm1yTbJEvd9LP0.cer (raw, json)
Hash identifier: lwOxPQuq7StWMOhME2Q03ouLl8k0V0YlzaXLPxjDY84=
Subject key identifier: 95:F0:9D:5E:5B:8B:CD:6F:4B:4D:69:B5:C9:36:C9:12:F7:7D:2C:FD
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5A68
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 02 Sep 2024 11:53:52 +0000
Certificate not after: Mon 01 Dec 2025 00:00:00 +0000
Subordinate resources: IP: 160.30.212.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 15:41:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23144 (0x5a68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Sep 2 11:53:52 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=A91D44BE/serialNumber=95F09D5E5B8BCD6F4B4D69B5C936C912F77D2CFD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:40:3f:a4:59:6a:13:6e:b1:7b:b5:25:87:9b:
08:2a:6a:6f:de:f0:7d:c8:82:7e:a3:43:d3:f7:db:
fe:d3:a2:5b:d1:ec:a8:2f:38:cc:d0:70:dc:61:a1:
ae:29:c1:6e:ec:4d:94:9e:21:69:ca:8e:54:a3:3e:
29:32:f1:ed:9f:59:a0:4c:49:9f:7d:ae:cb:3e:f1:
46:57:27:44:2e:ae:22:2a:24:2e:71:ce:06:ab:c4:
37:94:ad:ae:a2:c5:83:a3:71:e1:90:0c:70:93:6d:
18:c5:34:b1:2d:e2:07:f3:20:0d:d1:54:4a:a5:fe:
fb:04:60:7f:51:e7:60:a3:07:f7:e0:83:bb:a4:74:
24:8a:d2:40:4f:2b:7b:42:ca:e6:bd:68:1d:06:54:
78:e4:1e:ed:2f:ab:ca:d5:b7:db:33:96:db:4c:05:
a8:20:36:2c:0d:3b:2f:70:58:2f:3e:16:58:cb:cf:
e7:4e:a7:b4:54:49:05:55:4b:15:01:53:f7:00:33:
e6:a4:11:35:22:fe:bf:06:38:87:68:ef:a2:c2:9d:
e5:b3:6e:91:8c:9c:39:40:58:93:0a:2d:79:88:47:
b5:d2:1d:6b:e8:cd:d9:73:f5:0a:e9:78:dc:46:05:
c3:af:00:fc:7e:97:13:d6:6c:57:a5:38:77:aa:2f:
c3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F0:9D:5E:5B:8B:CD:6F:4B:4D:69:B5:C9:36:C9:12:F7:7D:2C:FD
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.30.212.0/23
Signature Algorithm: sha256WithRSAEncryption
73:99:92:c8:31:18:d7:26:d0:52:38:29:60:db:0f:2c:14:d2:
8c:77:e3:ce:3f:e0:a4:af:8e:f9:ca:67:e6:03:74:c2:f8:cc:
02:9c:ae:8c:72:dc:bf:32:6e:33:23:35:90:a5:12:a5:06:4e:
16:19:d4:ff:ee:a3:21:25:54:7e:91:38:d9:14:97:82:7d:4a:
62:3b:38:58:b8:72:9d:f1:3c:d7:e4:36:ed:55:59:11:1a:44:
43:ff:7b:3c:17:75:c2:12:c3:00:97:7c:66:28:20:7c:0d:af:
99:4e:83:17:2e:93:e0:d2:6c:f0:e4:06:51:fd:5f:c1:d6:89:
b8:ed:40:2a:14:06:21:7e:f3:8f:d0:2d:80:e4:6a:ab:1e:c0:
9b:0a:38:3d:a2:2d:9b:c8:7f:e8:0e:a6:c1:94:d4:99:cf:f6:
24:a3:8f:29:4b:1d:3f:b1:8a:80:a5:f1:66:75:25:5b:56:6e:
3c:8b:9e:bb:01:0a:9e:69:fe:74:af:ac:2a:03:5e:98:39:06:
92:b8:ab:5c:15:2a:ac:a6:7e:6c:6b:8c:ad:d3:d4:5c:4b:14:
ee:05:ba:68:dc:30:09:fc:fb:ab:10:e0:c8:ac:be:c4:ac:05:
95:ea:59:38:c3:df:85:48:4c:f2:d1:1f:e7:f5:e0:bd:1a:48:
fc:37:da:2d
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICWmgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwOTAyMTE1MzUyWhcNMjUxMjAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFENDRCRTExMC8GA1UEBRMoOTVGMDlENUU1QjhCQ0Q2RjRCNEQ2OUI1
QzkzNkM5MTJGNzdEMkNGRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AJdAP6RZahNusXu1JYebCCpqb97wfciCfqND0/fb/tOiW9HsqC84zNBw3GGhrinB
buxNlJ4hacqOVKM+KTLx7Z9ZoExJn32uyz7xRlcnRC6uIiokLnHOBqvEN5StrqLF
g6Nx4ZAMcJNtGMU0sS3iB/MgDdFUSqX++wRgf1HnYKMH9+CDu6R0JIrSQE8re0LK
5r1oHQZUeOQe7S+rytW32zOW20wFqCA2LA07L3BYLz4WWMvP506ntFRJBVVLFQFT
9wAz5qQRNSL+vwY4h2jvosKd5bNukYycOUBYkwoteYhHtdIda+jN2XP1Cul43EYF
w68A/H6XE9ZsV6U4d6ovw0UCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBSV8J1eW4vN
b0tNabXJNskS930s/TAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDQ0QkUvMDI4QUJFNDI2OTIyMTFFRkJGODdCQjBFQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQ0NEJFLzAyOEFCRTQyNjkyMjExRUZCRjg3QkIwRUM0RjlBRTAyL2xmQ2RYbHVM
elc5TFRXbTF5VGJKRXZkOUxQMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaAe1DANBgkqhkiG9w0BAQsFAAOCAQEAc5mSyDEY1ybQUjgpYNsP
LBTSjHfjzj/gpK+O+cpn5gN0wvjMApyujHLcvzJuMyM1kKUSpQZOFhnU/+6jISVU
fpE42RSXgn1KYjs4WLhynfE81+Q27VVZERpEQ/97PBd1whLDAJd8ZiggfA2vmU6D
Fy6T4NJs8OQGUf1fwdaJuO1AKhQGIX7zj9AtgORqqx7Amwo4PaItm8h/6A6mwZTU
mc/2JKOPKUsdP7GKgKXxZnUlW1ZuPIueuwEKnmn+dK+sKgNemDkGkrirXBUqrKZ+
bGuMrdPUXEsU7gW6aNwwCfz7qxDgyKy+xKwFlepZOMPfhUhM8tEf5/XgvRpI/Dfa
LQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:50:41 2024 by rpki-client on console-ams.rpki-client.org