Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/q5Bd3Ar7vRVJ9m7-gReuFQAKXg8.cer
File: q5Bd3Ar7vRVJ9m7-gReuFQAKXg8.cer (raw, json)
Hash identifier: toLLoODhl026u7FnVm+k0Cui6Vwkc0Qb2sXrKB01RLU=
Subject key identifier: AB:90:5D:DC:0A:FB:BD:15:49:F6:6E:FE:81:17:AE:15:00:0A:5E:0F
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5DAF
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A918B5FE/32C300286A9E11EBB6762318C4F9AE02/q5Bd3Ar7vRVJ9m7-gReuFQAKXg8.mft
caRepository: rsync://rpki.apnic.net/member_repository/A918B5FE/32C300286A9E11EBB6762318C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 12 Nov 2024 15:12:54 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: IP: 162.249.119.0/24
IP: 204.48.62.0/23
IP: 216.157.157.0 -- 216.157.159.255
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 20:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23983 (0x5daf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Nov 12 15:12:54 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A918B5FE/serialNumber=AB905DDC0AFBBD1549F66EFE8117AE15000A5E0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:b8:22:46:8d:6e:53:be:a8:83:af:22:de:15:
fc:ff:81:5f:14:59:49:ef:bd:6f:69:ae:51:01:96:
56:4d:db:15:6a:40:1f:00:2d:dd:c0:96:8a:14:32:
93:fc:35:e2:ca:07:2c:b6:b9:88:41:c7:41:91:46:
44:0c:59:4c:e9:1b:0c:68:a2:7a:f3:25:dc:b0:51:
2d:ce:b8:90:8b:16:fc:63:05:67:3f:97:9e:68:eb:
a0:53:bc:19:60:cf:d1:e2:59:3b:20:dd:e4:bc:a9:
66:21:9b:88:bd:43:fd:51:af:5b:35:b9:92:3e:e4:
a5:f6:a4:73:38:06:c0:d3:d0:cf:98:bf:f3:b7:bc:
31:e4:07:3c:e4:ed:bd:16:f8:04:0e:77:2b:d0:54:
77:d4:68:6b:eb:38:06:bd:69:af:6d:f0:8a:e6:94:
4b:38:e4:f1:36:25:47:17:ca:35:14:42:c1:2f:67:
94:f9:00:35:ab:4c:2d:2a:7e:99:03:73:54:56:97:
f7:e6:df:24:fd:b3:ae:5c:85:00:c2:fe:d2:04:f5:
f1:34:25:8f:02:f9:77:83:2b:d9:23:17:0d:c4:db:
55:79:ab:1d:de:93:3a:70:86:ea:07:7c:98:1d:7e:
8e:79:9f:87:49:cc:5b:46:4e:59:75:5d:5f:ee:ea:
00:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:90:5D:DC:0A:FB:BD:15:49:F6:6E:FE:81:17:AE:15:00:0A:5E:0F
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918B5FE/32C300286A9E11EBB6762318C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918B5FE/32C300286A9E11EBB6762318C4F9AE02/q5Bd3Ar7vRVJ9m7-gReuFQAKXg8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
162.249.119.0/24
204.48.62.0/23
216.157.157.0-216.157.159.255
Signature Algorithm: sha256WithRSAEncryption
67:dc:af:f1:55:b4:3a:bc:c3:12:0c:67:36:1a:41:29:fa:ac:
54:81:a6:8f:a2:1a:9e:2a:9c:23:db:6a:78:1d:71:24:a3:4f:
22:fa:8f:13:4b:fb:20:41:37:dc:2d:35:b3:ef:4b:9c:33:61:
19:3e:9d:90:6b:96:dc:3a:a2:db:70:06:61:3d:91:9c:73:f9:
76:f5:f8:b6:88:39:a5:48:b2:c9:5f:41:a6:27:d4:23:4b:70:
29:b4:6b:28:ed:70:42:cc:e5:4c:77:d9:4a:a4:53:83:05:71:
77:4f:46:81:d3:60:18:58:e0:a1:34:3a:36:0d:a6:ff:c4:e1:
77:23:80:e6:29:84:97:9b:0c:12:cb:a8:37:99:0d:a9:ae:25:
14:26:e4:73:be:e4:f5:3d:1f:80:c0:57:d1:30:d2:81:69:3c:
b0:a9:86:85:1b:7d:a9:3a:c1:31:43:97:9e:c1:91:6a:cb:d1:
f0:30:b2:78:d4:dc:86:52:c5:53:77:2d:88:2c:01:c7:99:74:
18:48:00:98:ea:9e:92:90:bb:e5:6a:f9:cf:89:7f:94:8b:ee:
b6:49:7d:01:49:a5:2e:bd:b5:79:c0:7f:72:03:de:54:75:06:
39:fd:d2:65:49:e5:f7:de:81:77:4d:c7:a1:97:5d:0c:bd:a3:
8e:74:13:31
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgICXa8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQxMTEyMTUxMjU0WhcNMjUxMjMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE4QjVGRTExMC8GA1UEBRMoQUI5MDVEREMwQUZCQkQxNTQ5RjY2RUZF
ODExN0FFMTUwMDBBNUUwRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
APm4IkaNblO+qIOvIt4V/P+BXxRZSe+9b2muUQGWVk3bFWpAHwAt3cCWihQyk/w1
4soHLLa5iEHHQZFGRAxZTOkbDGiievMl3LBRLc64kIsW/GMFZz+XnmjroFO8GWDP
0eJZOyDd5LypZiGbiL1D/VGvWzW5kj7kpfakczgGwNPQz5i/87e8MeQHPOTtvRb4
BA53K9BUd9Roa+s4Br1pr23wiuaUSzjk8TYlRxfKNRRCwS9nlPkANatMLSp+mQNz
VFaX9+bfJP2zrlyFAML+0gT18TQljwL5d4Mr2SMXDcTbVXmrHd6TOnCG6gd8mB1+
jnmfh0nMW0ZOWXVdX+7qAM8CAwEAAaOCAwcwggMDMB0GA1UdDgQWBBSrkF3cCvu9
FUn2bv6BF64VAApeDzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEI1RkUvMzJDMzAwMjg2QTlFMTFFQkI2NzYyMzE4QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThCNUZFLzMyQzMwMDI4NkE5RTExRUJCNjc2MjMxOEM0RjlBRTAyL3E1QmQzQXI3
dlJWSjltNy1nUmV1RlFBS1hnOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAzBggrBgEFBQcBBwEB/wQkMCIw
IAQCAAEwGgMEAKL5dwMEAcwwPjAMAwQA2J2dAwQF2J2AMA0GCSqGSIb3DQEBCwUA
A4IBAQBn3K/xVbQ6vMMSDGc2GkEp+qxUgaaPohqeKpwj22p4HXEko08i+o8TS/sg
QTfcLTWz70ucM2EZPp2Qa5bcOqLbcAZhPZGcc/l29fi2iDmlSLLJX0GmJ9QjS3Ap
tGso7XBCzOVMd9lKpFODBXF3T0aB02AYWOChNDo2Dab/xOF3I4DmKYSXmwwSy6g3
mQ2priUUJuRzvuT1PR+AwFfRMNKBaTywqYaFG32pOsExQ5eewZFqy9HwMLJ41NyG
UsVTdy2ILAHHmXQYSACY6p6SkLvlavnPiX+Ui+62SX0BSaUuvbV5wH9yA95UdQY5
/dJlSeX33oF3Tcehl10MvaOOdBMx
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:41:40 2024 by rpki-client on console-ams.rpki-client.org