Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rIhkJjgk7eNlW5l0Lfs56IO7kUU.cer
File: rIhkJjgk7eNlW5l0Lfs56IO7kUU.cer (raw, json)
Hash identifier: 3VDfyfYwo3f8ItlqLoIeBo0zp/sST9ryX9FYA7NT94I=
Subject key identifier: AC:88:64:26:38:24:ED:E3:65:5B:99:74:2D:FB:39:E8:83:BB:91:45
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5633
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9120974/E105B3BA3A4911E9940F2D16C4F9AE02/rIhkJjgk7eNlW5l0Lfs56IO7kUU.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9120974/E105B3BA3A4911E9940F2D16C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 29 May 2024 12:51:25 +0000
Certificate not after: Wed 30 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 45.40.192.0/18
IP: 129.28.0.0/16
IP: 129.204.0.0/16
IP: 129.211.0.0/16
IP: 132.232.0.0/16
IP: 134.175.0.0/16
IP: 142.70.0.0/16
IP: 142.86.0.0/16
IP: 146.56.192.0/18
IP: 148.70.0.0/16
IP: 149.41.0.0/16
IP: 152.136.0.0/16
IP: 158.79.0.0/16
IP: 159.75.0.0/16
IP: 161.120.0.0/16
IP: 162.14.0.0/16
IP: 172.81.192.0/18
IP: 192.144.128.0/17
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 20:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22067 (0x5633)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: May 29 12:51:25 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=A9120974/serialNumber=AC8864263824EDE3655B99742DFB39E883BB9145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:32:cc:61:bd:20:76:20:f2:dc:b2:a4:68:f4:
fb:4d:96:94:70:08:ef:35:5b:cd:8b:7c:bb:6a:4e:
d2:99:a5:31:68:b3:25:79:65:e1:84:1c:07:a5:5d:
52:72:f3:c6:7c:2c:90:93:6a:42:3b:a9:9d:ca:3e:
df:19:8a:e5:fe:0f:c4:b3:00:bf:5b:e6:b6:ee:a2:
c0:86:23:4d:f9:bf:05:fe:79:8c:e6:0d:4c:de:58:
9e:92:2d:62:37:0e:22:11:70:fc:ec:26:34:a6:5a:
e9:30:bc:d6:33:f4:46:4d:4e:5b:87:b1:80:cb:58:
4e:c5:ff:6c:1b:04:00:17:b5:1b:9e:5c:e2:08:54:
3a:a5:58:88:5b:08:be:9c:2b:0d:28:07:85:68:14:
fe:4b:16:d2:5e:3a:08:bd:49:97:c2:8c:b0:60:78:
8e:ce:b4:17:e3:d1:f2:50:cd:f9:28:a4:c7:15:57:
b4:eb:e5:a6:f5:56:87:91:5d:f8:a5:1e:2b:96:18:
8e:6d:f9:99:f6:9f:85:a8:76:ab:57:98:5b:10:a7:
3f:87:f4:33:81:ef:a7:6e:23:97:ab:01:08:2c:9e:
d8:80:12:04:8b:4c:56:68:94:7a:aa:c3:ab:64:32:
e1:22:7e:73:9c:75:26:db:32:45:ce:c9:6f:c3:0a:
28:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:88:64:26:38:24:ED:E3:65:5B:99:74:2D:FB:39:E8:83:BB:91:45
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9120974/E105B3BA3A4911E9940F2D16C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9120974/E105B3BA3A4911E9940F2D16C4F9AE02/rIhkJjgk7eNlW5l0Lfs56IO7kUU.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.40.192.0/18
129.28.0.0/16
129.204.0.0/16
129.211.0.0/16
132.232.0.0/16
134.175.0.0/16
142.70.0.0/16
142.86.0.0/16
146.56.192.0/18
148.70.0.0/16
149.41.0.0/16
152.136.0.0/16
158.79.0.0/16
159.75.0.0/16
161.120.0.0/16
162.14.0.0/16
172.81.192.0/18
192.144.128.0/17
Signature Algorithm: sha256WithRSAEncryption
7d:7c:89:88:22:ea:fd:9e:ef:8a:4d:b3:84:09:46:1b:8c:c1:
6a:96:29:1e:3c:4b:40:92:ce:d2:76:12:a5:94:8f:e8:88:9d:
77:2d:c8:c2:29:34:f8:e9:27:3d:6f:cb:a4:56:e3:31:70:54:
59:da:6c:85:92:63:1e:9b:09:c8:e5:58:38:55:d8:8e:11:86:
47:17:a9:12:85:f7:bc:ab:e9:3a:63:8c:f1:26:fe:a8:57:4a:
8d:db:86:a1:3d:36:10:e5:01:bf:12:71:38:50:97:1d:71:48:
f5:3c:27:ff:82:d3:91:1b:d9:95:15:36:cc:e2:73:5e:18:65:
95:95:05:7a:53:0b:e1:ec:6c:b9:5e:c0:fe:2e:d9:cf:7a:50:
9a:75:10:dc:ef:79:a3:b6:6d:33:23:10:59:6b:7a:1d:bd:06:
58:c3:e6:73:01:de:aa:13:75:e3:04:9e:fb:2d:5a:2e:98:e2:
e8:c2:bb:f3:24:1b:61:35:bf:af:f7:f1:fc:04:c9:aa:89:28:
b8:e8:26:09:6e:c0:b9:26:d1:a4:96:af:c8:52:e7:2a:54:47:
56:27:14:9f:8c:bc:29:f8:48:28:12:16:0a:bf:a3:89:c6:82:
68:02:56:4c:9e:ad:4b:7d:5d:cf:35:68:d3:cc:b2:0e:1c:2a:
e4:1c:73:a8
-----BEGIN CERTIFICATE-----
MIIGVTCCBT2gAwIBAgICVjMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwNTI5MTI1MTI1WhcNMjUwNzMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEyMDk3NDExMC8GA1UEBRMoQUM4ODY0MjYzODI0RURFMzY1NUI5OTc0
MkRGQjM5RTg4M0JCOTE0NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMoyzGG9IHYg8tyypGj0+02WlHAI7zVbzYt8u2pO0pmlMWizJXll4YQcB6VdUnLz
xnwskJNqQjupnco+3xmK5f4PxLMAv1vmtu6iwIYjTfm/Bf55jOYNTN5YnpItYjcO
IhFw/OwmNKZa6TC81jP0Rk1OW4exgMtYTsX/bBsEABe1G55c4ghUOqVYiFsIvpwr
DSgHhWgU/ksW0l46CL1Jl8KMsGB4js60F+PR8lDN+SikxxVXtOvlpvVWh5Fd+KUe
K5YYjm35mfafhah2q1eYWxCnP4f0M4Hvp24jl6sBCCye2IASBItMVmiUeqrDq2Qy
4SJ+c5x1JtsyRc7Jb8MKKOcCAwEAAaOCA0swggNHMB0GA1UdDgQWBBSsiGQmOCTt
42VbmXQt+znog7uRRTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjA5NzQvRTEwNUIzQkEzQTQ5MTFFOTk0MEYyRDE2QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTIwOTc0L0UxMDVCM0JBM0E0OTExRTk5NDBGMkQxNkM0RjlBRTAyL3JJaGtKamdr
N2VObFc1bDBMZnM1NklPN2tVVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDB3BggrBgEFBQcBBwEB/wRoMGYw
ZAQCAAEwXgMEBi0owAMDAIEcAwMAgcwDAwCB0wMDAIToAwMAhq8DAwCORgMDAI5W
AwQGkjjAAwMAlEYDAwCVKQMDAJiIAwMAnk8DAwCfSwMDAKF4AwMAog4DBAasUcAD
BAfAkIAwDQYJKoZIhvcNAQELBQADggEBAH18iYgi6v2e74pNs4QJRhuMwWqWKR48
S0CSztJ2EqWUj+iInXctyMIpNPjpJz1vy6RW4zFwVFnabIWSYx6bCcjlWDhV2I4R
hkcXqRKF97yr6TpjjPEm/qhXSo3bhqE9NhDlAb8ScThQlx1xSPU8J/+C05Eb2ZUV
Nszic14YZZWVBXpTC+HsbLlewP4u2c96UJp1ENzveaO2bTMjEFlreh29BljD5nMB
3qoTdeMEnvstWi6Y4ujCu/MkG2E1v6/38fwEyaqJKLjoJgluwLkm0aSWr8hS5ypU
R1YnFJ+MvCn4SCgSFgq/o4nGgmgCVkyerUt9Xc81aNPMsg4cKuQcc6g=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:41:40 2024 by rpki-client on console-ams.rpki-client.org