Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mFjOS0vHLnbmaMR9RImMCQiWq-s.cer
File: mFjOS0vHLnbmaMR9RImMCQiWq-s.cer (raw, json)
Hash identifier: M5TTOqC0s0QqOBbOIeyoiinRXVgCa8P2BMfvFIllmm0=
Subject key identifier: 98:58:CE:4B:4B:C7:2E:76:E6:68:C4:7D:44:89:8C:09:08:96:AB:EB
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 4FA9
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A4B1A/B45F3FC4819A11ED8D61BA2BC4F9AE02/mFjOS0vHLnbmaMR9RImMCQiWq-s.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A4B1A/B45F3FC4819A11ED8D61BA2BC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 28 Dec 2023 16:24:49 +0000
Certificate not after: Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources: IP: 129.60.0.0/16
IP: 192.5.216.0/24
IP: 192.26.94.0/24
IP: 192.47.167.0 -- 192.47.169.255
IP: 192.68.235.0 -- 192.68.249.255
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 20:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20393 (0x4fa9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Dec 28 16:24:49 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=A91A4B1A/serialNumber=9858CE4B4BC72E76E668C47D44898C090896ABEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:53:ca:a5:53:70:2f:83:db:ee:e3:b4:dc:8b:
09:41:f1:4f:41:60:b8:cc:07:3c:5b:2f:b5:50:78:
04:03:a2:dd:4e:e0:43:35:20:68:78:bd:a6:ba:e3:
aa:39:5c:55:1b:8a:f0:8d:69:b1:09:c8:b2:b7:ca:
a8:66:a2:3e:e7:bb:b5:ad:28:c4:5c:08:35:ae:7d:
84:8e:9a:b2:51:9c:71:fd:f0:b5:ec:d1:2a:df:88:
d1:88:d3:c7:16:fa:35:b7:9b:10:23:0e:7e:c8:09:
37:fa:15:92:36:b3:71:cb:a8:fc:d8:7c:f0:ad:7f:
06:96:fa:a2:eb:5a:38:a3:08:6b:9e:e2:d1:31:69:
c0:bf:98:24:64:a9:3f:d5:2d:33:0a:86:e7:af:98:
69:80:ce:25:5b:9f:54:aa:a8:e2:93:f5:5a:93:2d:
0a:42:43:28:75:75:7b:0d:a7:0c:4e:c9:12:a9:15:
15:5a:05:8a:b2:d6:ae:7c:46:6f:f6:5e:a9:68:73:
3e:12:37:c4:49:bc:ea:40:54:54:ec:c8:8a:ec:e8:
b7:7c:15:c8:f2:f8:5a:6f:81:fa:a3:8e:28:cd:55:
52:98:b4:f1:6e:a0:2d:98:81:6e:67:d1:10:6a:07:
a3:ac:50:9f:06:34:9d:02:ea:0c:2d:3e:18:13:ef:
2e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:58:CE:4B:4B:C7:2E:76:E6:68:C4:7D:44:89:8C:09:08:96:AB:EB
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/B45F3FC4819A11ED8D61BA2BC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/B45F3FC4819A11ED8D61BA2BC4F9AE02/mFjOS0vHLnbmaMR9RImMCQiWq-s.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.60.0.0/16
192.5.216.0/24
192.26.94.0/24
192.47.167.0-192.47.169.255
192.68.235.0-192.68.249.255
Signature Algorithm: sha256WithRSAEncryption
33:a5:76:61:71:6c:73:d5:c5:66:f3:04:99:72:d2:3b:43:5a:
8e:8b:69:68:73:49:2e:38:0a:91:3f:a3:27:a1:1a:49:45:e3:
93:ca:91:36:41:0e:6d:34:6f:b0:66:99:ec:e5:4d:0b:ea:e0:
74:24:dd:92:a7:a4:62:f5:bd:fa:7e:d0:9f:4e:2a:02:08:6f:
0c:b5:e5:06:88:cc:2a:42:47:d6:f9:5b:cd:9f:1e:4e:54:40:
34:6d:27:3a:ba:2d:de:ad:d5:f4:70:4a:74:fd:39:60:3e:ed:
13:5c:05:54:95:b7:34:a1:4e:39:40:be:f4:c7:9f:a1:30:b9:
1a:29:32:5c:0b:6f:b6:0e:6b:17:cf:68:9f:a4:76:e9:f3:f8:
5f:d3:45:e7:b9:2f:86:0a:f8:c2:ab:ff:81:41:ab:10:6b:93:
f0:39:0d:4c:24:3f:fd:91:50:fc:8c:15:87:e7:3b:4f:bf:4a:
d9:4d:7b:76:bb:88:4c:dd:bb:ef:d5:f5:76:b9:f5:b3:de:f2:
7b:1e:d4:90:3e:40:4e:f6:2c:ee:4f:df:4d:e9:3a:fe:a9:31:
bf:e3:a4:e2:79:b7:bc:b6:7d:c1:2f:84:89:c3:8d:ae:5f:32:
f2:60:49:9b:10:87:f0:3d:d7:90:67:1f:6f:d4:4a:de:93:33:
31:b4:92:d1
-----BEGIN CERTIFICATE-----
MIIGJDCCBQygAwIBAgICT6kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjMxMjI4MTYyNDQ5WhcNMjUwMzAyMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFBNEIxQTExMC8GA1UEBRMoOTg1OENFNEI0QkM3MkU3NkU2NjhDNDdE
NDQ4OThDMDkwODk2QUJFQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM5TyqVTcC+D2+7jtNyLCUHxT0FguMwHPFsvtVB4BAOi3U7gQzUgaHi9prrjqjlc
VRuK8I1psQnIsrfKqGaiPue7ta0oxFwINa59hI6aslGccf3wtezRKt+I0YjTxxb6
NbebECMOfsgJN/oVkjazccuo/Nh88K1/Bpb6outaOKMIa57i0TFpwL+YJGSpP9Ut
MwqG56+YaYDOJVufVKqo4pP1WpMtCkJDKHV1ew2nDE7JEqkVFVoFirLWrnxGb/Ze
qWhzPhI3xEm86kBUVOzIiuzot3wVyPL4Wm+B+qOOKM1VUpi08W6gLZiBbmfREGoH
o6xQnwY0nQLqDC0+GBPvLpcCAwEAAaOCAxowggMWMB0GA1UdDgQWBBSYWM5LS8cu
duZoxH1EiYwJCJar6zAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTRCMUEvQjQ1RjNGQzQ4MTlBMTFFRDhENjFCQTJCQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE0QjFBL0I0NUYzRkM0ODE5QTExRUQ4RDYxQkEyQkM0RjlBRTAyL21Gak9TMHZI
TG5ibWFNUjlSSW1NQ1FpV3Etcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBGBggrBgEFBQcBBwEB/wQ3MDUw
MwQCAAEwLQMDAIE8AwQAwAXYAwQAwBpeMAwDBADAL6cDBAHAL6gwDAMEAMBE6wME
AcBE+DANBgkqhkiG9w0BAQsFAAOCAQEAM6V2YXFsc9XFZvMEmXLSO0NajotpaHNJ
LjgKkT+jJ6EaSUXjk8qRNkEObTRvsGaZ7OVNC+rgdCTdkqekYvW9+n7Qn04qAghv
DLXlBojMKkJH1vlbzZ8eTlRANG0nOrot3q3V9HBKdP05YD7tE1wFVJW3NKFOOUC+
9MefoTC5GikyXAtvtg5rF89on6R26fP4X9NF57kvhgr4wqv/gUGrEGuT8DkNTCQ/
/ZFQ/IwVh+c7T79K2U17druITN2779X1drn1s97yex7UkD5ATvYs7k/fTek6/qkx
v+Ok4nm3vLZ9wS+EicONrl8y8mBJmxCH8D3XkGcfb9RK3pMzMbSS0Q==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:30 2024 by rpki-client on console-fra.rpki-client.org