Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/loLCq-JTI1gHdrHQ4nXS_S1pfrY.cer
File: loLCq-JTI1gHdrHQ4nXS_S1pfrY.cer (raw, json)
Hash identifier: ku0QIOes4o0pUf7oEmBCz6OQWyS7OtrN9qvZhiLIL9w=
Subject key identifier: 96:82:C2:AB:E2:53:23:58:07:76:B1:D0:E2:75:D2:FD:2D:69:7E:B6
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5A6F
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/loLCq-JTI1gHdrHQ4nXS_S1pfrY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 02 Sep 2024 17:48:13 +0000
Certificate not after: Fri 31 Oct 2025 00:00:00 +0000
Subordinate resources: IP: 161.43.0.0/16
IP: 192.131.13.0/24
IP: 192.203.176.0/24
IP: 198.142.0.0/16
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 20:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23151 (0x5a6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Sep 2 17:48:13 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=A91514B1/serialNumber=9682C2ABE25323580776B1D0E275D2FD2D697EB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:39:95:cf:6a:49:d2:6c:44:1e:3e:81:26:f7:
b9:da:23:1a:c6:21:06:50:2d:aa:d1:83:de:ae:f9:
39:dc:49:e3:ed:3f:d5:53:12:45:14:3a:ed:e6:b2:
66:46:5b:b1:3b:1b:b8:ec:04:04:b5:fb:2b:12:d5:
cf:1d:4b:24:b9:4c:69:43:c7:85:e3:a9:f0:da:b3:
c8:85:09:f2:72:ff:d9:1c:1a:11:11:fd:ae:3e:6d:
97:19:4b:8d:8e:37:d0:55:91:8a:98:da:07:3c:7e:
00:5c:7a:e9:f7:83:86:3e:9f:47:0b:84:84:77:2c:
d3:7f:c2:61:0c:c4:e6:3b:3b:dd:e6:de:18:70:5e:
2a:dc:4c:3b:29:91:0e:aa:60:b0:2f:00:4f:97:46:
8f:97:2d:60:d0:b3:be:8f:63:d2:7a:eb:ef:83:0c:
0e:60:42:67:ce:90:65:30:03:43:18:69:0e:82:10:
11:0d:3f:f5:ce:a1:f7:61:cf:0a:f6:54:6a:08:bd:
4e:1c:16:3e:46:e5:22:d8:f1:5c:84:37:84:c4:98:
bb:c3:08:17:49:a9:be:27:9e:34:e3:fc:74:30:de:
ec:18:27:67:cc:d7:4b:3f:6e:8e:36:00:fe:06:7e:
56:24:ba:fb:96:32:1d:8b:33:54:e5:83:d5:0b:fc:
56:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:82:C2:AB:E2:53:23:58:07:76:B1:D0:E2:75:D2:FD:2D:69:7E:B6
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/loLCq-JTI1gHdrHQ4nXS_S1pfrY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.43.0.0/16
192.131.13.0/24
192.203.176.0/24
198.142.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1e:de:3a:4b:74:7f:34:32:19:14:f9:b5:de:29:ce:b6:db:04:
1c:6f:32:36:2b:75:9e:fb:ed:d3:1d:0d:55:a6:09:f0:9b:a3:
bf:3d:09:95:6e:c3:c7:6c:7b:35:77:55:35:78:10:6f:39:f8:
4c:2c:ff:fc:7d:c2:45:7c:5a:bb:b2:ae:e2:55:04:d7:c7:be:
a4:78:74:e8:23:1d:ba:65:9a:57:fa:84:d2:31:19:fe:7e:0a:
f2:12:7e:d1:31:b6:a6:64:41:9b:3b:e1:41:49:4c:72:9b:44:
d5:e9:b3:48:88:2a:b8:24:be:a0:f1:33:e9:a0:04:0d:36:6e:
5e:d0:ee:5e:6d:f6:21:9d:7c:7f:a6:af:53:30:4c:2e:be:8a:
9c:8e:ca:db:78:31:a5:04:5a:c8:74:11:9e:0b:28:d9:eb:a7:
a1:a9:2e:8a:b0:39:34:71:bc:2a:b3:a1:22:0c:1b:2f:7f:40:
23:4a:fd:aa:72:21:f9:8f:5a:1e:43:a0:16:1f:89:b3:de:5f:
92:50:32:52:a2:01:32:1f:8e:7f:27:c9:6f:b8:e7:5b:3c:73:
80:b7:bd:fe:18:4b:e9:60:45:88:13:5c:f7:c0:0b:45:aa:8c:
ae:22:f2:9b:e6:b6:ed:a0:dd:c3:b6:a5:23:22:eb:14:24:5d:
92:18:00:54
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgICWm8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwOTAyMTc0ODEzWhcNMjUxMDMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE1MTRCMTExMC8GA1UEBRMoOTY4MkMyQUJFMjUzMjM1ODA3NzZCMUQw
RTI3NUQyRkQyRDY5N0VCNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMw5lc9qSdJsRB4+gSb3udojGsYhBlAtqtGD3q75OdxJ4+0/1VMSRRQ67eayZkZb
sTsbuOwEBLX7KxLVzx1LJLlMaUPHheOp8NqzyIUJ8nL/2RwaERH9rj5tlxlLjY43
0FWRipjaBzx+AFx66feDhj6fRwuEhHcs03/CYQzE5js73ebeGHBeKtxMOymRDqpg
sC8AT5dGj5ctYNCzvo9j0nrr74MMDmBCZ86QZTADQxhpDoIQEQ0/9c6h92HPCvZU
agi9ThwWPkblItjxXIQ3hMSYu8MIF0mpvieeNOP8dDDe7BgnZ8zXSz9ujjYA/gZ+
ViS6+5YyHYszVOWD1Qv8VvUCAwEAAaOCAwMwggL/MB0GA1UdDgQWBBSWgsKr4lMj
WAd2sdDiddL9LWl+tjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTE0QjEvN0E4ODY0QUNGQkU0MTFFQjgyQjYyNjRGQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTUxNEIxLzdBODg2NEFDRkJFNDExRUI4MkI2MjY0RkM0RjlBRTAyL2xvTENxLUpU
STFnSGRySFE0blhTX1MxcGZyWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAvBggrBgEFBQcBBwEB/wQgMB4w
HAQCAAEwFgMDAKErAwQAwIMNAwQAwMuwAwMAxo4wDQYJKoZIhvcNAQELBQADggEB
AB7eOkt0fzQyGRT5td4pzrbbBBxvMjYrdZ777dMdDVWmCfCbo789CZVuw8dsezV3
VTV4EG85+Ews//x9wkV8WruyruJVBNfHvqR4dOgjHbplmlf6hNIxGf5+CvISftEx
tqZkQZs74UFJTHKbRNXps0iIKrgkvqDxM+mgBA02bl7Q7l5t9iGdfH+mr1MwTC6+
ipyOytt4MaUEWsh0EZ4LKNnrp6GpLoqwOTRxvCqzoSIMGy9/QCNK/apyIfmPWh5D
oBYfibPeX5JQMlKiATIfjn8nyW+451s8c4C3vf4YS+lgRYgTXPfAC0WqjK4i8pvm
tu2g3cO2pSMi6xQkXZIYAFQ=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:41:40 2024 by rpki-client on console-ams.rpki-client.org