Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rIhkJjgk7eNlW5l0Lfs56IO7kUU.cer
File: rIhkJjgk7eNlW5l0Lfs56IO7kUU.cer (raw, json)
Hash identifier: dCubtdAEOBgIJZWTzx6S4SI1WKsYebJp5y6ooHgoBxo=
Subject key identifier: AC:88:64:26:38:24:ED:E3:65:5B:99:74:2D:FB:39:E8:83:BB:91:45
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 4BA5
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9120974/E105B3BA3A4911E9940F2D16C4F9AE02/rIhkJjgk7eNlW5l0Lfs56IO7kUU.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9120974/E105B3BA3A4911E9940F2D16C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 28 Jun 2023 12:45:05 +0000
Certificate not after: Tue 30 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 45.40.192.0/18
IP: 129.28.0.0/16
IP: 129.204.0.0/16
IP: 129.211.0.0/16
IP: 132.232.0.0/16
IP: 134.175.0.0/16
IP: 142.70.0.0/16
IP: 142.86.0.0/16
IP: 146.56.192.0/18
IP: 148.70.0.0/16
IP: 149.41.0.0/16
IP: 152.136.0.0/16
IP: 158.79.0.0/16
IP: 159.75.0.0/16
IP: 161.120.0.0/16
IP: 162.14.0.0/16
IP: 172.81.192.0/18
IP: 192.144.128.0/17
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 27 Apr 2024 02:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19365 (0x4ba5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Jun 28 12:45:05 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=A9120974/serialNumber=AC8864263824EDE3655B99742DFB39E883BB9145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:32:cc:61:bd:20:76:20:f2:dc:b2:a4:68:f4:
fb:4d:96:94:70:08:ef:35:5b:cd:8b:7c:bb:6a:4e:
d2:99:a5:31:68:b3:25:79:65:e1:84:1c:07:a5:5d:
52:72:f3:c6:7c:2c:90:93:6a:42:3b:a9:9d:ca:3e:
df:19:8a:e5:fe:0f:c4:b3:00:bf:5b:e6:b6:ee:a2:
c0:86:23:4d:f9:bf:05:fe:79:8c:e6:0d:4c:de:58:
9e:92:2d:62:37:0e:22:11:70:fc:ec:26:34:a6:5a:
e9:30:bc:d6:33:f4:46:4d:4e:5b:87:b1:80:cb:58:
4e:c5:ff:6c:1b:04:00:17:b5:1b:9e:5c:e2:08:54:
3a:a5:58:88:5b:08:be:9c:2b:0d:28:07:85:68:14:
fe:4b:16:d2:5e:3a:08:bd:49:97:c2:8c:b0:60:78:
8e:ce:b4:17:e3:d1:f2:50:cd:f9:28:a4:c7:15:57:
b4:eb:e5:a6:f5:56:87:91:5d:f8:a5:1e:2b:96:18:
8e:6d:f9:99:f6:9f:85:a8:76:ab:57:98:5b:10:a7:
3f:87:f4:33:81:ef:a7:6e:23:97:ab:01:08:2c:9e:
d8:80:12:04:8b:4c:56:68:94:7a:aa:c3:ab:64:32:
e1:22:7e:73:9c:75:26:db:32:45:ce:c9:6f:c3:0a:
28:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:88:64:26:38:24:ED:E3:65:5B:99:74:2D:FB:39:E8:83:BB:91:45
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9120974/E105B3BA3A4911E9940F2D16C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9120974/E105B3BA3A4911E9940F2D16C4F9AE02/rIhkJjgk7eNlW5l0Lfs56IO7kUU.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.40.192.0/18
129.28.0.0/16
129.204.0.0/16
129.211.0.0/16
132.232.0.0/16
134.175.0.0/16
142.70.0.0/16
142.86.0.0/16
146.56.192.0/18
148.70.0.0/16
149.41.0.0/16
152.136.0.0/16
158.79.0.0/16
159.75.0.0/16
161.120.0.0/16
162.14.0.0/16
172.81.192.0/18
192.144.128.0/17
Signature Algorithm: sha256WithRSAEncryption
43:62:8b:9a:2e:01:a8:1f:c5:5d:b0:3f:d2:b0:34:98:47:3a:
30:7e:3f:69:bf:b8:ed:a5:f7:e2:b0:87:d6:d7:cd:b9:44:c7:
ed:7e:72:f4:42:a8:92:b3:ab:bf:5d:be:60:9f:df:73:7a:c0:
b8:eb:ee:6c:51:78:1c:fa:bc:fa:a4:31:cf:a0:93:a9:71:56:
3f:32:d3:5c:a9:a7:6b:b0:83:96:7e:02:82:72:db:00:a1:fd:
8d:83:9e:68:ae:65:f2:3e:08:e6:0c:9d:78:18:b0:0c:b0:f4:
5b:8a:bf:86:c8:bd:5c:21:e0:06:42:64:eb:7a:b5:6b:f9:bf:
2b:8b:e7:18:7c:68:41:b9:ea:39:10:a9:0e:a4:14:3d:3d:a3:
15:69:c6:2a:34:7b:db:d7:d4:01:f1:39:fe:d9:30:ea:61:9e:
fe:87:ff:96:7b:ca:72:56:5b:7b:44:2e:c2:9b:d2:26:75:8a:
fc:a3:ff:5a:06:92:9b:e2:4a:16:59:dd:8d:f5:7c:1d:35:d6:
ac:59:3b:65:32:ee:47:8f:24:d4:cc:7f:b4:e8:99:b6:bb:44:
76:84:df:52:c6:4c:5f:80:d3:94:36:91:b5:a8:be:ba:03:8a:
f9:ee:99:42:15:ad:54:39:c5:9e:28:e2:87:da:3b:9f:95:16:
9e:7a:b4:18
-----BEGIN CERTIFICATE-----
MIIGVTCCBT2gAwIBAgICS6UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjMwNjI4MTI0NTA1WhcNMjQwNzMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEyMDk3NDExMC8GA1UEBRMoQUM4ODY0MjYzODI0RURFMzY1NUI5OTc0
MkRGQjM5RTg4M0JCOTE0NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMoyzGG9IHYg8tyypGj0+02WlHAI7zVbzYt8u2pO0pmlMWizJXll4YQcB6VdUnLz
xnwskJNqQjupnco+3xmK5f4PxLMAv1vmtu6iwIYjTfm/Bf55jOYNTN5YnpItYjcO
IhFw/OwmNKZa6TC81jP0Rk1OW4exgMtYTsX/bBsEABe1G55c4ghUOqVYiFsIvpwr
DSgHhWgU/ksW0l46CL1Jl8KMsGB4js60F+PR8lDN+SikxxVXtOvlpvVWh5Fd+KUe
K5YYjm35mfafhah2q1eYWxCnP4f0M4Hvp24jl6sBCCye2IASBItMVmiUeqrDq2Qy
4SJ+c5x1JtsyRc7Jb8MKKOcCAwEAAaOCA0swggNHMB0GA1UdDgQWBBSsiGQmOCTt
42VbmXQt+znog7uRRTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjA5NzQvRTEwNUIzQkEzQTQ5MTFFOTk0MEYyRDE2QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTIwOTc0L0UxMDVCM0JBM0E0OTExRTk5NDBGMkQxNkM0RjlBRTAyL3JJaGtKamdr
N2VObFc1bDBMZnM1NklPN2tVVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDB3BggrBgEFBQcBBwEB/wRoMGYw
ZAQCAAEwXgMEBi0owAMDAIEcAwMAgcwDAwCB0wMDAIToAwMAhq8DAwCORgMDAI5W
AwQGkjjAAwMAlEYDAwCVKQMDAJiIAwMAnk8DAwCfSwMDAKF4AwMAog4DBAasUcAD
BAfAkIAwDQYJKoZIhvcNAQELBQADggEBAENii5ouAagfxV2wP9KwNJhHOjB+P2m/
uO2l9+Kwh9bXzblEx+1+cvRCqJKzq79dvmCf33N6wLjr7mxReBz6vPqkMc+gk6lx
Vj8y01ypp2uwg5Z+AoJy2wCh/Y2DnmiuZfI+COYMnXgYsAyw9FuKv4bIvVwh4AZC
ZOt6tWv5vyuL5xh8aEG56jkQqQ6kFD09oxVpxio0e9vX1AHxOf7ZMOphnv6H/5Z7
ynJWW3tELsKb0iZ1ivyj/1oGkpviShZZ3Y31fB011qxZO2Uy7kePJNTMf7Tomba7
RHaE31LGTF+A05Q2kbWovroDivnumUIVrVQ5xZ4o4ofaO5+VFp56tBg=
-----END CERTIFICATE-----
Generated at Sat Apr 20 03:57:35 2024 by rpki-client on console-fra.rpki-client.org