Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/r0YdV6kKM1svp3p6rsFnNJVJI7E.cer
File: r0YdV6kKM1svp3p6rsFnNJVJI7E.cer (raw, json)
Hash identifier: K9qF0XaH4fevCt7HvqxJQZ4c/npIpbVMBXw+HbysbDg=
Subject key identifier: AF:46:1D:57:A9:0A:33:5B:2F:A7:7A:7A:AE:C1:67:34:95:49:23:B1
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 60C3
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/r0YdV6kKM1svp3p6rsFnNJVJI7E.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 12 Jan 2025 11:01:25 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: IP: 161.248.120.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 12 Feb 2025 14:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24771 (0x60c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 12 11:01:25 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=A9114EF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ec:94:6f:fc:cc:8e:d2:8e:44:98:e6:50:9a:
eb:f5:cd:3a:12:b8:6d:79:f2:69:48:fb:69:66:fb:
9e:c7:59:18:b2:19:f7:ea:91:76:d5:b2:0a:d3:ad:
a6:db:8d:ae:f2:da:10:bb:dc:83:62:94:c8:cb:f7:
5f:2c:c9:3f:b0:a8:b1:b3:c2:ea:2c:ac:21:5d:65:
fe:a7:0a:4e:c7:22:d2:40:e2:42:f6:14:87:9d:f3:
f2:f8:d6:89:07:95:f2:6d:aa:a1:9e:d6:5f:26:a9:
91:77:e3:7e:c9:a6:3c:dc:29:0f:b9:d3:86:9a:39:
0c:ff:c6:0b:94:cf:73:bb:6f:ae:cf:f0:44:f3:c8:
5a:a8:4a:5e:c2:25:5e:aa:12:0b:f9:ec:4a:f7:79:
96:f8:a3:d7:a0:13:4f:56:e2:61:09:29:85:2a:d5:
dc:ba:22:f2:33:ed:72:77:8a:4b:5a:f7:f5:48:d7:
0c:a1:d5:70:16:b9:b6:8a:b0:42:f1:ec:65:d0:b6:
1f:15:e6:fb:0f:05:2f:d2:4e:e2:77:5c:31:64:d7:
8a:1e:1e:51:15:e1:63:09:58:16:2f:77:17:9c:20:
3b:dd:22:4e:52:98:4b:8f:b8:61:48:99:41:68:2f:
c4:14:d6:b7:af:99:4b:a8:ee:cf:d8:87:73:05:37:
46:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:46:1D:57:A9:0A:33:5B:2F:A7:7A:7A:AE:C1:67:34:95:49:23:B1
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/r0YdV6kKM1svp3p6rsFnNJVJI7E.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.120.0/23
Signature Algorithm: sha256WithRSAEncryption
90:b5:61:d5:4d:76:11:c8:91:3a:fc:54:85:a5:4a:32:58:dd:
2f:70:6a:c8:2d:0c:b0:a2:9f:de:19:4b:79:5f:b2:41:3f:25:
3b:33:20:ee:1c:36:11:e6:56:86:4f:d2:f9:b0:d1:8a:0c:aa:
07:d1:97:60:44:a5:97:85:f5:08:a9:62:ad:c5:71:3c:5c:9f:
97:d7:1f:17:1d:d0:e0:13:f5:59:7d:bf:08:ab:c8:b1:74:c2:
de:5f:4e:b2:46:02:18:67:43:f6:21:34:41:bf:1a:4d:31:14:
f4:f6:bb:82:47:08:db:a2:69:38:72:80:fd:a5:15:46:dd:af:
a1:de:b9:09:c1:50:be:4a:4f:15:1d:e2:6c:e2:f9:8e:dd:6c:
1e:87:10:04:1b:66:0a:91:48:53:47:29:e7:90:11:7f:93:b3:
ee:7e:32:2e:8c:b2:33:cd:69:d3:dd:59:b2:96:c2:9c:fd:65:
ac:29:5d:be:fe:bd:b2:3d:0d:14:b3:f6:37:8e:d9:57:43:ee:
d0:6b:56:7e:72:7e:42:3e:86:cf:e0:d3:79:c2:f1:c4:15:b8:
3b:43:4d:b7:0f:f1:c1:a3:68:33:5c:a8:18:eb:08:35:af:9a:
ff:ce:56:6c:f2:4a:af:e4:5a:e5:3d:9d:c0:11:2b:c3:bf:24:
23:9b:de:0c
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICYMMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwMTEyMTEwMTI1WhcNMjYwMzMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTExNEVGNjExMC8GA1UEBRMoQUY0NjFENTdBOTBBMzM1QjJGQTc3QTdB
QUVDMTY3MzQ5NTQ5MjNCMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKrslG/8zI7SjkSY5lCa6/XNOhK4bXnyaUj7aWb7nsdZGLIZ9+qRdtWyCtOtptuN
rvLaELvcg2KUyMv3XyzJP7CosbPC6iysIV1l/qcKTsci0kDiQvYUh53z8vjWiQeV
8m2qoZ7WXyapkXfjfsmmPNwpD7nThpo5DP/GC5TPc7tvrs/wRPPIWqhKXsIlXqoS
C/nsSvd5lvij16ATT1biYQkphSrV3Loi8jPtcneKS1r39UjXDKHVcBa5toqwQvHs
ZdC2HxXm+w8FL9JO4ndcMWTXih4eURXhYwlYFi93F5wgO90iTlKYS4+4YUiZQWgv
xBTWt6+ZS6juz9iHcwU3RqcCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBSvRh1XqQoz
Wy+nenquwWc0lUkjsTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTRFRjYvOERBRTA1QTBEMEQ0MTFFRkJDRDUxMjNFQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTE0RUY2LzhEQUUwNUEwRDBENDExRUZCQ0Q1MTIzRUM0RjlBRTAyL3IwWWRWNmtL
TTFzdnAzcDZyc0ZuTkpWSkk3RS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaH4eDANBgkqhkiG9w0BAQsFAAOCAQEAkLVh1U12EciROvxUhaVK
MljdL3BqyC0MsKKf3hlLeV+yQT8lOzMg7hw2EeZWhk/S+bDRigyqB9GXYESll4X1
CKlircVxPFyfl9cfFx3Q4BP1WX2/CKvIsXTC3l9OskYCGGdD9iE0Qb8aTTEU9Pa7
gkcI26JpOHKA/aUVRt2vod65CcFQvkpPFR3ibOL5jt1sHocQBBtmCpFIU0cp55AR
f5Oz7n4yLoyyM81p091ZspbCnP1lrCldvv69sj0NFLP2N47ZV0Pu0GtWfnJ+Qj6G
z+DTecLxxBW4O0NNtw/xwaNoM1yoGOsINa+a/85WbPJKr+Ra5T2dwBErw78kI5ve
DA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 17:09:37 2025 by rpki-client