Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/uEwjlp7XnA4xwTwUUAEuIkbT-U0.cer
File: uEwjlp7XnA4xwTwUUAEuIkbT-U0.cer (raw, json)
Hash identifier: UV+8F4a7hJds4gLjpMk6JSZL0WWkwHgC4nP0EyRHqXc=
Subject key identifier: B8:4C:23:96:9E:D7:9C:0E:31:C1:3C:14:50:01:2E:22:46:D3:F9:4D
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 5AA2
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911F2DF/00501FD223AE11EF9493F45CC4F9AE02/uEwjlp7XnA4xwTwUUAEuIkbT-U0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911F2DF/00501FD223AE11EF9493F45CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 06 Sep 2024 04:48:13 +0000
Certificate not after: Sun 31 Aug 2025 00:00:00 +0000
Subordinate resources: IP: 160.187.8.0/23
IP: 168.152.0.0/16
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 20:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23202 (0x5aa2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Sep 6 04:48:13 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=A911F2DF/serialNumber=B84C23969ED79C0E31C13C1450012E2246D3F94D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:17:e2:28:42:e3:e5:68:96:b0:67:54:30:7b:
59:f2:32:21:3c:9c:7b:c5:50:22:f6:f4:e0:7a:40:
a1:d9:b9:26:17:ac:74:58:97:42:33:94:10:7c:f0:
2e:2d:61:da:52:89:e4:eb:d6:51:84:a5:36:d0:6a:
ce:99:b5:e5:af:e8:f4:14:26:bc:86:4e:ab:a6:20:
1f:96:d3:89:26:85:ce:01:e8:cc:11:a2:e3:3a:fd:
6e:57:80:ca:84:2c:2a:65:69:72:52:57:67:e5:ad:
09:4c:15:20:2b:fb:d3:76:af:e0:74:79:5e:27:6d:
31:ed:71:80:ed:29:34:42:a4:fc:36:37:87:2f:54:
de:d6:51:c4:be:06:24:60:4d:ef:b0:fb:3f:f6:9d:
e0:2b:e3:5a:54:4b:71:4a:62:aa:90:50:66:ba:42:
6e:45:d1:b8:ae:6e:b1:e4:1f:07:7b:1d:48:a6:64:
5a:6c:5a:29:9f:8e:79:0e:f7:56:3f:97:ed:a4:f7:
1c:6b:48:69:d0:c2:e1:b9:08:0d:99:60:ea:0e:da:
ab:14:b3:7c:35:b3:39:fa:4c:d5:d4:4e:bf:21:c6:
da:05:5a:e4:bf:b5:73:40:97:98:1b:01:20:19:52:
f2:ee:2c:0b:54:64:6d:9b:9f:60:a0:ff:19:48:85:
0b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:4C:23:96:9E:D7:9C:0E:31:C1:3C:14:50:01:2E:22:46:D3:F9:4D
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911F2DF/00501FD223AE11EF9493F45CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911F2DF/00501FD223AE11EF9493F45CC4F9AE02/uEwjlp7XnA4xwTwUUAEuIkbT-U0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.187.8.0/23
168.152.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:ba:8a:48:be:13:77:e1:7c:04:0b:dc:38:36:9b:b8:f1:c9:
aa:27:7f:82:fa:9d:ca:a0:72:92:05:b7:79:a0:a0:8a:ee:40:
9d:f7:f7:01:f9:49:87:98:b4:a3:e4:59:7d:cb:32:6c:d3:51:
13:c4:35:10:d6:28:53:00:77:cf:b9:f1:9d:28:96:c6:d8:08:
ef:74:0d:1a:fb:d3:1f:6b:43:b7:ca:8a:e3:93:fd:d6:ef:d7:
b7:cd:b0:52:37:29:f4:3b:34:69:df:df:c0:7d:57:d0:27:bb:
17:0c:82:8e:84:3d:8d:c9:bb:3b:6a:ed:80:27:99:c8:68:66:
42:14:9f:b4:a8:bb:a2:f7:76:5b:74:52:6d:a4:26:9c:ce:55:
18:d8:20:84:47:cd:61:c7:35:02:b1:47:c3:9a:13:80:0b:d7:
04:d2:5e:7e:44:3a:16:88:20:6f:ea:0b:66:27:05:b5:74:e5:
c0:79:0a:bc:b9:30:c9:3d:b6:9c:db:2a:66:db:d3:fb:49:90:
cb:d6:d8:4d:2f:dc:b9:61:e3:a5:d1:10:ca:e6:1b:82:ca:5a:
d4:c3:79:a8:35:83:2d:4a:44:ef:ba:6e:aa:40:74:09:d3:65:
86:c0:74:4d:9d:8c:07:5c:35:b8:94:3d:38:d6:80:46:2e:04:
ee:7d:5d:7f
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgICWqIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwOTA2MDQ0ODEzWhcNMjUwODMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTExRjJERjExMC8GA1UEBRMoQjg0QzIzOTY5RUQ3OUMwRTMxQzEzQzE0
NTAwMTJFMjI0NkQzRjk0RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANQX4ihC4+VolrBnVDB7WfIyITyce8VQIvb04HpAodm5JhesdFiXQjOUEHzwLi1h
2lKJ5OvWUYSlNtBqzpm15a/o9BQmvIZOq6YgH5bTiSaFzgHozBGi4zr9bleAyoQs
KmVpclJXZ+WtCUwVICv703av4HR5XidtMe1xgO0pNEKk/DY3hy9U3tZRxL4GJGBN
77D7P/ad4CvjWlRLcUpiqpBQZrpCbkXRuK5useQfB3sdSKZkWmxaKZ+OeQ73Vj+X
7aT3HGtIadDC4bkIDZlg6g7aqxSzfDWzOfpM1dROvyHG2gVa5L+1c0CXmBsBIBlS
8u4sC1RkbZufYKD/GUiFCw8CAwEAAaOCAvgwggL0MB0GA1UdDgQWBBS4TCOWntec
DjHBPBRQAS4iRtP5TTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUYyREYvMDA1MDFGRDIyM0FFMTFFRjk0OTNGNDVDQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTFGMkRGLzAwNTAxRkQyMjNBRTExRUY5NDkzRjQ1Q0M0RjlBRTAyL3VFd2pscDdY
bkE0eHdUd1VVQUV1SWtiVC1VMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAkBggrBgEFBQcBBwEB/wQVMBMw
EQQCAAEwCwMEAaC7CAMDAKiYMA0GCSqGSIb3DQEBCwUAA4IBAQAguopIvhN34XwE
C9w4Npu48cmqJ3+C+p3KoHKSBbd5oKCK7kCd9/cB+UmHmLSj5Fl9yzJs01ETxDUQ
1ihTAHfPufGdKJbG2AjvdA0a+9Mfa0O3yorjk/3W79e3zbBSNyn0OzRp39/AfVfQ
J7sXDIKOhD2Nybs7au2AJ5nIaGZCFJ+0qLui93ZbdFJtpCaczlUY2CCER81hxzUC
sUfDmhOAC9cE0l5+RDoWiCBv6gtmJwW1dOXAeQq8uTDJPbac2ypm29P7SZDL1thN
L9y5YeOl0RDK5huCylrUw3moNYMtSkTvum6qQHQJ02WGwHRNnYwHXDW4lD041oBG
LgTufV1/
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:30 2024 by rpki-client on console-fra.rpki-client.org