Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ovb2YTEslb8FoLUjCxNx1GIv1ic.cer
File: ovb2YTEslb8FoLUjCxNx1GIv1ic.cer (raw, json)
Hash identifier: RAZbWC4pWXyziD109YItjIR5LBsVUhZTKI1jFzgU2t8=
Subject key identifier: A2:F6:F6:61:31:2C:95:BF:05:A0:B5:23:0B:13:71:D4:62:2F:D6:27
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5104
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 23 Jan 2024 21:24:01 +0000
Certificate not after: Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources: IP: 161.142.0.0/16
IP: 192.228.128.0/17
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 15:41:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20740 (0x5104)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Jan 23 21:24:01 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=A91E7BC4/serialNumber=A2F6F661312C95BF05A0B5230B1371D4622FD627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:cb:8c:c9:6a:11:2c:07:ba:bd:05:90:e5:c5:
56:0c:f1:a2:4f:9c:37:a3:4d:b0:51:09:7a:63:b6:
82:cf:d1:5b:b4:2f:c0:e8:32:82:b6:61:4d:6b:c7:
0b:d6:bf:db:d0:26:d1:96:13:18:c0:6f:2c:fa:e6:
8a:a4:0a:d4:df:a7:0d:6f:42:2e:63:7a:88:ca:c1:
2c:ae:6e:1d:f4:1d:99:0c:c9:7d:98:8a:b0:e6:e9:
d9:3b:f6:b1:e9:55:72:1d:9c:05:91:75:f9:fd:7d:
4f:7a:a3:ff:6f:3a:0b:b8:10:d3:a4:17:c2:5f:75:
71:a5:9c:13:48:fa:7d:a6:53:2a:7f:34:3b:d0:1c:
df:3d:b5:2c:f0:ca:c4:9a:85:0c:07:6e:f6:65:d8:
c3:ca:f9:ff:5a:f2:b7:30:6c:ae:0d:8d:51:43:ec:
be:c5:13:03:b3:c1:35:e5:e9:a7:09:97:34:01:c5:
4a:5a:d1:6e:13:8a:b2:f7:32:56:29:14:86:80:fe:
a5:5d:79:33:72:0d:81:9b:bf:25:3d:bc:d0:cc:65:
db:72:a5:87:17:2c:09:d3:04:82:4f:d8:c8:9d:62:
0f:81:df:9d:00:43:11:07:78:5d:98:40:b0:c5:9d:
96:59:26:9b:fa:df:3d:55:7f:7f:8d:ba:96:0a:5a:
e1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:F6:F6:61:31:2C:95:BF:05:A0:B5:23:0B:13:71:D4:62:2F:D6:27
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.142.0.0/16
192.228.128.0/17
Signature Algorithm: sha256WithRSAEncryption
56:01:2e:6d:44:b6:52:69:f3:a1:63:35:b3:48:89:b9:05:6c:
3c:6d:6a:70:39:84:07:5c:a2:d6:87:c0:1d:13:d1:03:e8:87:
f5:17:ba:af:5f:8c:2e:c5:08:9d:3d:b4:22:d7:dd:2b:a2:df:
53:5d:6f:f4:29:a6:2e:c9:92:8f:79:d5:90:10:1d:c7:cf:82:
92:e6:d6:d7:19:bc:7b:ac:2b:2c:3e:5f:94:a2:b7:67:eb:17:
0c:8f:72:af:a0:41:cd:c2:c6:24:7c:ff:f3:66:d7:cb:6c:26:
12:5f:13:53:2f:43:d8:c3:b2:62:35:2e:55:f9:ae:6a:c9:a9:
a3:1e:5e:02:1f:1a:8f:3f:e0:7d:1d:b7:2a:71:f9:09:48:91:
a3:67:30:a7:f8:8e:c9:6b:cb:17:7e:1f:63:a4:27:e9:28:08:
7a:fb:b5:c6:f6:42:17:97:0d:82:b8:a8:07:01:d6:fd:02:e6:
78:ac:00:74:71:a2:a1:5e:e7:4c:6a:45:ef:31:3f:ee:67:a7:
d0:46:ac:c1:b2:2d:d9:da:e0:03:e3:03:56:a7:0b:be:fc:a9:
ea:96:14:b9:9d:54:0f:be:08:a0:ed:f0:35:5c:39:fb:ba:c0:
24:e3:44:fc:bc:80:20:76:f5:0c:e8:08:de:a7:27:41:4a:fc:
4f:d0:a6:24
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgICUQQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwMTIzMjEyNDAxWhcNMjUwMzMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFFN0JDNDExMC8GA1UEBRMoQTJGNkY2NjEzMTJDOTVCRjA1QTBCNTIz
MEIxMzcxRDQ2MjJGRDYyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKnLjMlqESwHur0FkOXFVgzxok+cN6NNsFEJemO2gs/RW7QvwOgygrZhTWvHC9a/
29Am0ZYTGMBvLPrmiqQK1N+nDW9CLmN6iMrBLK5uHfQdmQzJfZiKsObp2Tv2selV
ch2cBZF1+f19T3qj/286C7gQ06QXwl91caWcE0j6faZTKn80O9Ac3z21LPDKxJqF
DAdu9mXYw8r5/1rytzBsrg2NUUPsvsUTA7PBNeXppwmXNAHFSlrRbhOKsvcyVikU
hoD+pV15M3INgZu/JT280Mxl23KlhxcsCdMEgk/YyJ1iD4HfnQBDEQd4XZhAsMWd
llkmm/rfPVV/f426lgpa4UMCAwEAAaOCAvgwggL0MB0GA1UdDgQWBBSi9vZhMSyV
vwWgtSMLE3HUYi/WJzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTdCQzQvMjYxRDI4MzBENTBEMTFFOUJBRDZDMjI2QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU3QkM0LzI2MUQyODMwRDUwRDExRTlCQUQ2QzIyNkM0RjlBRTAyL292YjJZVEVz
bGI4Rm9MVWpDeE54MUdJdjFpYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAkBggrBgEFBQcBBwEB/wQVMBMw
EQQCAAEwCwMDAKGOAwQHwOSAMA0GCSqGSIb3DQEBCwUAA4IBAQBWAS5tRLZSafOh
YzWzSIm5BWw8bWpwOYQHXKLWh8AdE9ED6If1F7qvX4wuxQidPbQi190rot9TXW/0
KaYuyZKPedWQEB3Hz4KS5tbXGbx7rCssPl+Uordn6xcMj3KvoEHNwsYkfP/zZtfL
bCYSXxNTL0PYw7JiNS5V+a5qyamjHl4CHxqPP+B9HbcqcfkJSJGjZzCn+I7Ja8sX
fh9jpCfpKAh6+7XG9kIXlw2CuKgHAdb9AuZ4rAB0caKhXudMakXvMT/uZ6fQRqzB
si3Z2uAD4wNWpwu+/KnqlhS5nVQPvgig7fA1XDn7usAk40T8vIAgdvUM6AjepydB
SvxP0KYk
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:50:41 2024 by rpki-client on console-ams.rpki-client.org