Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-O7OfTwM9ZIuo9gDVTY4gj-u6gg.cer
File: -O7OfTwM9ZIuo9gDVTY4gj-u6gg.cer (raw, json)
Hash identifier: Hlnbdt3rP4JZAOf8wDaZ14FdKtW/a7QO61Ghx8yLL64=
Subject key identifier: F8:EE:CE:7D:3C:0C:F5:92:2E:A3:D8:03:55:36:38:82:3F:AE:EA:08
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0204A0
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91B268A/84FB4C9CDDA111E8A2E78A69C4F9AE02/-O7OfTwM9ZIuo9gDVTY4gj-u6gg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91B268A/84FB4C9CDDA111E8A2E78A69C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 02 Aug 2024 17:47:59 +0000
Certificate not after: Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources: AS: 56037
IP: 14.102.136.0/21
IP: 43.247.116.0/22
IP: 103.237.160.0/22
IP: 115.42.0.0/19
IP: 122.129.216.0/21
IP: 123.136.32.0/19
IP: 203.18.23.0/24
IP: 203.25.185.0/24
IP: 203.57.0.0/23
IP: 210.56.80.0/20
IP: 2403:1680::/32
IP: 2404:9600::/31
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132256 (0x204a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Aug 2 17:47:59 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=A91B268A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:0d:8e:b9:7b:26:3e:17:d2:76:ae:9b:fc:3c:
c0:a8:e0:8d:45:39:22:24:51:70:bd:bc:d0:9a:73:
3b:bf:bb:66:36:7e:59:d8:2e:45:7c:1d:22:e5:72:
47:50:58:3d:a6:b4:0d:e8:8c:d8:fb:9d:6d:d2:80:
79:02:f2:31:fd:65:2c:bd:a8:7f:ee:45:66:cb:d0:
96:d8:d2:b7:4b:d6:7a:3f:fb:85:cf:c1:6c:51:57:
d0:a9:f5:de:a8:a5:21:3e:cc:a0:c3:fc:e8:bc:26:
32:3a:44:95:9b:e6:61:66:e1:c0:1f:b5:06:1c:a1:
6a:8f:95:f6:9c:07:e5:ec:c0:c3:b1:3e:fd:76:5b:
47:37:ac:b6:03:00:60:41:d1:5e:b5:4a:5f:12:21:
d3:b1:fb:96:26:76:06:9b:8b:eb:cd:47:7d:d0:06:
a3:03:4a:95:a9:79:99:38:f9:9d:82:6c:a6:87:1e:
f3:4f:4c:3d:7f:5c:c0:9a:10:d1:ed:ee:35:40:e0:
4f:0b:af:a9:cc:e7:62:50:a1:d8:f5:1e:e7:b2:cd:
64:56:84:b9:d3:44:23:5e:46:51:37:70:b1:35:6d:
98:9c:3f:e3:24:96:37:36:f0:7c:a9:70:51:f4:29:
68:0c:7b:1e:5c:fb:8a:7a:3a:20:6a:9e:d4:57:1d:
12:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:EE:CE:7D:3C:0C:F5:92:2E:A3:D8:03:55:36:38:82:3F:AE:EA:08
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B268A/84FB4C9CDDA111E8A2E78A69C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B268A/84FB4C9CDDA111E8A2E78A69C4F9AE02/-O7OfTwM9ZIuo9gDVTY4gj-u6gg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
56037
sbgp-ipAddrBlock: critical
IPv4:
14.102.136.0/21
43.247.116.0/22
103.237.160.0/22
115.42.0.0/19
122.129.216.0/21
123.136.32.0/19
203.18.23.0/24
203.25.185.0/24
203.57.0.0/23
210.56.80.0/20
IPv6:
2403:1680::/32
2404:9600::/31
Signature Algorithm: sha256WithRSAEncryption
a3:ea:a8:05:ec:fb:d0:b9:45:6d:e0:97:06:38:cb:af:3e:9a:
f3:36:ca:04:be:c2:cc:16:55:b5:6e:4a:fa:ff:49:9a:7c:e2:
0d:f3:12:5c:dc:ab:65:92:a4:d1:87:f0:c2:4b:03:e0:69:d0:
43:2b:de:6a:fb:62:6f:25:e4:cf:ec:17:64:25:2f:ca:a0:d5:
5c:99:96:6e:a0:55:41:e3:c9:12:3a:b2:54:60:e1:21:bd:69:
5b:90:0a:17:d1:46:ba:f5:0c:c2:5a:8c:b6:b6:83:6c:1d:60:
cd:b8:c9:a3:b5:4a:3a:d0:1b:fe:5b:03:f9:48:0a:8c:f8:4b:
7b:2f:bf:a5:6d:82:a5:b7:74:f5:93:73:4f:cf:2b:10:b8:ab:
25:d5:a2:9b:6d:98:c5:29:c4:e8:f5:cf:0c:1a:93:cb:96:f7:
df:a8:6c:4c:10:cc:1f:b7:0d:d4:0e:d0:0a:88:fb:e4:a8:0c:
3f:0c:62:bc:19:27:c0:73:63:00:37:d5:2c:50:b7:30:1e:d4:
84:e2:7f:64:d2:66:8f:0c:41:2f:36:18:d8:f5:79:cb:04:f3:
98:20:a3:b3:67:6c:fb:a5:c7:ca:57:47:4c:76:8d:80:3c:61:
a7:cc:0f:ec:b1:c3:dc:ed:eb:9e:ff:38:16:cf:48:d3:98:3b:
12:1d:1d:51
-----BEGIN CERTIFICATE-----
MIIGZjCCBU6gAwIBAgIDAgSgMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDgwMjE3NDc1OVoXDTI1MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjI2OEExMTAvBgNVBAUTKEY4RUVDRTdEM0MwQ0Y1OTIyRUEzRDgw
MzU1MzYzODgyM0ZBRUVBMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDfDY65eyY+F9J2rpv8PMCo4I1FOSIkUXC9vNCaczu/u2Y2flnYLkV8HSLlckdQ
WD2mtA3ojNj7nW3SgHkC8jH9ZSy9qH/uRWbL0JbY0rdL1no/+4XPwWxRV9Cp9d6o
pSE+zKDD/Oi8JjI6RJWb5mFm4cAftQYcoWqPlfacB+XswMOxPv12W0c3rLYDAGBB
0V61Sl8SIdOx+5Ymdgabi+vNR33QBqMDSpWpeZk4+Z2CbKaHHvNPTD1/XMCaENHt
7jVA4E8Lr6nM52JQodj1HueyzWRWhLnTRCNeRlE3cLE1bZicP+Mkljc28HypcFH0
KWgMex5c+4p6OiBqntRXHRLBAgMBAAGjggNbMIIDVzAdBgNVHQ4EFgQU+O7OfTwM
9ZIuo9gDVTY4gj+u6ggwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUIyNjhBLzg0RkI0QzlDRERBMTExRThBMkU3OEE2OUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCMjY4QS84NEZCNEM5Q0REQTExMUU4QTJFNzhBNjlDNEY5QUUwMi8tTzdPZlR3
TTlaSXVvOWdEVlRZNGdqLXU2Z2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDANrlMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQDDmaIAwQCK/d0
AwQCZ+2gAwQFcyoAAwQDeoHYAwQFe4ggAwQAyxIXAwQAyxm5AwQByzkAAwQE0jhQ
MBQEAgACMA4DBQAkAxaAAwUBJASWADANBgkqhkiG9w0BAQsFAAOCAQEAo+qoBez7
0LlFbeCXBjjLrz6a8zbKBL7CzBZVtW5K+v9JmnziDfMSXNyrZZKk0YfwwksD4GnQ
QyveavtibyXkz+wXZCUvyqDVXJmWbqBVQePJEjqyVGDhIb1pW5AKF9FGuvUMwlqM
traDbB1gzbjJo7VKOtAb/lsD+UgKjPhLey+/pW2Cpbd09ZNzT88rELirJdWim22Y
xSnE6PXPDBqTy5b336hsTBDMH7cN1A7QCoj75KgMPwxivBknwHNjADfVLFC3MB7U
hOJ/ZNJmjwxBLzYY2PV5ywTzmCCjs2ds+6XHyldHTHaNgDxhp8wP7LHD3O3rnv84
Fs9I05g7Eh0dUQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:58 2025 by rpki-client