Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/q5Bd3Ar7vRVJ9m7-gReuFQAKXg8.cer
File: q5Bd3Ar7vRVJ9m7-gReuFQAKXg8.cer (raw, json)
Hash identifier: /MCQLvu1YgNC18/PL/D6jEiV8mpjaxsjbheGwNPrzqI=
Subject key identifier: AB:90:5D:DC:0A:FB:BD:15:49:F6:6E:FE:81:17:AE:15:00:0A:5E:0F
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 4F30
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A918B5FE/32C300286A9E11EBB6762318C4F9AE02/q5Bd3Ar7vRVJ9m7-gReuFQAKXg8.mft
caRepository: rsync://rpki.apnic.net/member_repository/A918B5FE/32C300286A9E11EBB6762318C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 04 Dec 2023 16:57:04 +0000
Certificate not after: Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources: IP: 162.249.119.0/24
IP: 204.48.62.0/23
IP: 216.157.157.0 -- 216.157.159.255
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 May 2024 02:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20272 (0x4f30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Dec 4 16:57:04 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=A918B5FE/serialNumber=AB905DDC0AFBBD1549F66EFE8117AE15000A5E0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:b8:22:46:8d:6e:53:be:a8:83:af:22:de:15:
fc:ff:81:5f:14:59:49:ef:bd:6f:69:ae:51:01:96:
56:4d:db:15:6a:40:1f:00:2d:dd:c0:96:8a:14:32:
93:fc:35:e2:ca:07:2c:b6:b9:88:41:c7:41:91:46:
44:0c:59:4c:e9:1b:0c:68:a2:7a:f3:25:dc:b0:51:
2d:ce:b8:90:8b:16:fc:63:05:67:3f:97:9e:68:eb:
a0:53:bc:19:60:cf:d1:e2:59:3b:20:dd:e4:bc:a9:
66:21:9b:88:bd:43:fd:51:af:5b:35:b9:92:3e:e4:
a5:f6:a4:73:38:06:c0:d3:d0:cf:98:bf:f3:b7:bc:
31:e4:07:3c:e4:ed:bd:16:f8:04:0e:77:2b:d0:54:
77:d4:68:6b:eb:38:06:bd:69:af:6d:f0:8a:e6:94:
4b:38:e4:f1:36:25:47:17:ca:35:14:42:c1:2f:67:
94:f9:00:35:ab:4c:2d:2a:7e:99:03:73:54:56:97:
f7:e6:df:24:fd:b3:ae:5c:85:00:c2:fe:d2:04:f5:
f1:34:25:8f:02:f9:77:83:2b:d9:23:17:0d:c4:db:
55:79:ab:1d:de:93:3a:70:86:ea:07:7c:98:1d:7e:
8e:79:9f:87:49:cc:5b:46:4e:59:75:5d:5f:ee:ea:
00:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:90:5D:DC:0A:FB:BD:15:49:F6:6E:FE:81:17:AE:15:00:0A:5E:0F
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918B5FE/32C300286A9E11EBB6762318C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918B5FE/32C300286A9E11EBB6762318C4F9AE02/q5Bd3Ar7vRVJ9m7-gReuFQAKXg8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
162.249.119.0/24
204.48.62.0/23
216.157.157.0-216.157.159.255
Signature Algorithm: sha256WithRSAEncryption
5a:5b:bd:59:47:b9:b6:b7:2f:e5:87:04:f8:8a:ff:89:04:10:
b1:0a:f4:eb:6c:2a:df:30:5a:0d:0e:23:02:4d:72:16:84:24:
7c:36:36:c3:ec:55:32:92:ad:1d:6c:c0:f6:49:68:36:01:f3:
b4:93:56:23:1f:97:b1:83:c3:8c:e1:a3:13:0b:ab:2f:46:5e:
40:60:7e:83:ef:c0:97:66:80:18:09:b7:1d:49:fd:49:8b:d2:
3d:a6:de:90:27:a5:12:ac:2d:48:ef:bd:92:26:7d:97:14:5c:
6c:9a:2b:74:c1:ee:a9:52:1b:50:1d:c3:45:d7:a1:18:26:a1:
cd:47:fa:72:80:b9:1b:b8:81:88:e7:35:9c:2f:e6:72:49:dd:
fb:47:ab:0d:b8:8c:c5:fb:17:d0:76:1d:27:73:1a:65:89:ef:
05:e0:09:ac:5b:b1:ab:c3:e8:eb:70:ad:17:69:c0:51:83:0e:
14:20:b9:c9:62:ff:50:e9:fb:b3:06:b7:23:2a:9d:87:4b:32:
0c:4e:f0:30:af:0c:41:3d:00:db:62:ee:53:fc:16:27:d4:16:
04:fe:a3:cd:8c:04:f4:c1:7a:9b:c9:f8:22:46:58:8a:eb:78:
c2:e2:82:68:c8:5c:a6:5a:7c:55:9c:ce:7e:4c:f7:39:2d:67:
d9:47:b6:6d
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgICTzAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjMxMjA0MTY1NzA0WhcNMjQxMjMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE4QjVGRTExMC8GA1UEBRMoQUI5MDVEREMwQUZCQkQxNTQ5RjY2RUZF
ODExN0FFMTUwMDBBNUUwRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
APm4IkaNblO+qIOvIt4V/P+BXxRZSe+9b2muUQGWVk3bFWpAHwAt3cCWihQyk/w1
4soHLLa5iEHHQZFGRAxZTOkbDGiievMl3LBRLc64kIsW/GMFZz+XnmjroFO8GWDP
0eJZOyDd5LypZiGbiL1D/VGvWzW5kj7kpfakczgGwNPQz5i/87e8MeQHPOTtvRb4
BA53K9BUd9Roa+s4Br1pr23wiuaUSzjk8TYlRxfKNRRCwS9nlPkANatMLSp+mQNz
VFaX9+bfJP2zrlyFAML+0gT18TQljwL5d4Mr2SMXDcTbVXmrHd6TOnCG6gd8mB1+
jnmfh0nMW0ZOWXVdX+7qAM8CAwEAAaOCAwcwggMDMB0GA1UdDgQWBBSrkF3cCvu9
FUn2bv6BF64VAApeDzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEI1RkUvMzJDMzAwMjg2QTlFMTFFQkI2NzYyMzE4QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThCNUZFLzMyQzMwMDI4NkE5RTExRUJCNjc2MjMxOEM0RjlBRTAyL3E1QmQzQXI3
dlJWSjltNy1nUmV1RlFBS1hnOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAzBggrBgEFBQcBBwEB/wQkMCIw
IAQCAAEwGgMEAKL5dwMEAcwwPjAMAwQA2J2dAwQF2J2AMA0GCSqGSIb3DQEBCwUA
A4IBAQBaW71ZR7m2ty/lhwT4iv+JBBCxCvTrbCrfMFoNDiMCTXIWhCR8NjbD7FUy
kq0dbMD2SWg2AfO0k1YjH5exg8OM4aMTC6svRl5AYH6D78CXZoAYCbcdSf1Ji9I9
pt6QJ6USrC1I772SJn2XFFxsmit0we6pUhtQHcNF16EYJqHNR/pygLkbuIGI5zWc
L+ZySd37R6sNuIzF+xfQdh0ncxplie8F4AmsW7Grw+jrcK0XacBRgw4UILnJYv9Q
6fuzBrcjKp2HSzIMTvAwrwxBPQDbYu5T/BYn1BYE/qPNjAT0wXqbyfgiRliK63jC
4oJoyFymWnxVnM5+TPc5LWfZR7Zt
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:02:39 2024 by rpki-client on console-ams.rpki-client.org