Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2CKi28iCNPgPcORngrLU2c0_m9w.cer
File: 2CKi28iCNPgPcORngrLU2c0_m9w.cer (raw, json)
Hash identifier: itWcR4wRlDyXvOL4pm7mjsNd0gLDYr93TqY2mxOzUu8=
Subject key identifier: D8:22:A2:DB:C8:82:34:F8:0F:70:E4:67:82:B2:D4:D9:CD:3F:9B:DC
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02111A
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9176B32/738796182F3811ED9E7E027DC4F9AE02/2CKi28iCNPgPcORngrLU2c0_m9w.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9176B32/738796182F3811ED9E7E027DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 01 Oct 2024 20:21:44 +0000
Certificate not after: Fri 31 Oct 2025 00:00:00 +0000
Subordinate resources: AS: 138021
IP: 103.120.20.0/22
IP: 2403:4dc0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 02 Dec 2024 17:05:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 135450 (0x2111a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 1 20:21:44 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=A9176B32/serialNumber=D822A2DBC88234F80F70E46782B2D4D9CD3F9BDC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:31:40:c1:c9:ed:e8:5b:69:13:3c:2b:00:97:
16:8a:c7:34:d1:9d:03:b1:91:84:b4:f8:70:9e:aa:
6a:42:60:9f:88:21:40:5a:6f:b0:54:37:c4:ec:93:
c0:d8:eb:e0:03:3c:bf:84:9a:af:6c:77:4c:f9:0e:
98:b4:72:6f:ca:43:92:f8:b0:a4:69:05:ad:c3:46:
f2:3e:a4:b5:03:76:15:af:d7:5f:cb:cb:2d:c0:28:
a6:ee:a3:f6:34:32:dc:1c:ea:30:d3:66:95:f6:74:
68:77:3e:38:27:98:ce:28:2f:65:88:50:15:50:f8:
29:bb:7a:b2:c5:35:df:e5:b9:61:98:16:43:00:40:
b2:8a:0b:7e:33:c0:34:92:21:1c:8a:c6:fa:07:3f:
27:b2:f2:33:09:0d:67:07:9f:32:14:69:7e:3a:bb:
3f:bb:33:b5:60:bc:7f:16:03:54:79:18:67:60:6e:
f3:61:0a:56:a5:05:27:06:e2:46:df:4b:a6:16:94:
04:9a:46:54:88:85:3b:04:d6:04:79:0a:dc:f9:47:
c7:cd:a2:bf:fe:20:34:f9:04:14:3c:7d:6a:96:46:
c9:21:b8:07:81:ef:f4:77:00:33:0b:5b:39:d4:9a:
c2:fb:c9:f0:96:f6:c7:83:d0:51:fc:10:7e:c1:ef:
c7:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:22:A2:DB:C8:82:34:F8:0F:70:E4:67:82:B2:D4:D9:CD:3F:9B:DC
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9176B32/738796182F3811ED9E7E027DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9176B32/738796182F3811ED9E7E027DC4F9AE02/2CKi28iCNPgPcORngrLU2c0_m9w.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
138021
sbgp-ipAddrBlock: critical
IPv4:
103.120.20.0/22
IPv6:
2403:4dc0::/32
Signature Algorithm: sha256WithRSAEncryption
49:f5:06:68:c5:d1:3c:e1:ec:ef:50:81:33:d3:6e:bf:22:4d:
51:ed:bf:5b:43:d7:72:37:3e:9f:dd:27:5e:7d:e6:16:a1:85:
92:26:30:bd:93:3d:f2:1e:95:62:0b:12:2b:e9:9d:7e:da:b6:
d4:bf:e8:ea:a6:4b:d8:e5:32:59:7e:f5:86:12:58:fb:ba:47:
c7:e2:41:42:a7:89:b1:07:58:81:c4:3b:00:28:a8:4d:31:87:
4c:6c:bd:9d:9e:a3:df:ff:e9:9e:42:3e:60:5c:10:32:b8:f8:
6b:b7:8a:e8:ed:aa:e0:26:29:76:54:5f:62:38:c8:4c:95:07:
b4:d8:70:8a:19:7b:90:39:8c:4d:d3:58:70:4e:95:25:db:02:
4a:ba:e4:8a:a8:f0:88:61:5d:f9:1a:8c:1f:90:96:01:3c:e3:
ec:07:df:18:bd:c9:a8:56:69:69:35:42:f3:c2:f7:97:9b:22:
a5:5d:9e:e9:64:bd:43:8a:ec:b7:05:56:30:4b:c9:79:40:e5:
fd:2f:bb:04:46:d3:6f:c8:6e:02:55:95:c9:1c:bb:08:3b:83:
1c:19:f4:da:c3:08:d4:86:69:87:52:48:73:13:87:ad:b7:bf:
5e:85:f5:3f:88:f0:cc:92:3b:0d:29:d2:81:f8:f9:b2:ae:1e:
be:e8:34:e3
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAhEaMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTAwMTIwMjE0NFoXDTI1MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNzZCMzIxMTAvBgNVBAUTKEQ4MjJBMkRCQzg4MjM0RjgwRjcwRTQ2
NzgyQjJENEQ5Q0QzRjlCREMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDSMUDBye3oW2kTPCsAlxaKxzTRnQOxkYS0+HCeqmpCYJ+IIUBab7BUN8Tsk8DY
6+ADPL+Emq9sd0z5Dpi0cm/KQ5L4sKRpBa3DRvI+pLUDdhWv11/Lyy3AKKbuo/Y0
Mtwc6jDTZpX2dGh3PjgnmM4oL2WIUBVQ+Cm7erLFNd/luWGYFkMAQLKKC34zwDSS
IRyKxvoHPyey8jMJDWcHnzIUaX46uz+7M7VgvH8WA1R5GGdgbvNhClalBScG4kbf
S6YWlASaRlSIhTsE1gR5Ctz5R8fNor/+IDT5BBQ8fWqWRskhuAeB7/R3ADMLWznU
msL7yfCW9seD0FH8EH7B78fzAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQU2CKi28iC
NPgPcORngrLU2c0/m9wwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTc2QjMyLzczODc5NjE4MkYzODExRUQ5RTdFMDI3REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3NkIzMi83Mzg3OTYxODJGMzgxMUVEOUU3RTAyN0RDNEY5QUUwMi8yQ0tpMjhp
Q05QZ1BjT1JuZ3JMVTJjMF9tOXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhslMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ3gUMA0EAgAC
MAcDBQAkA03AMA0GCSqGSIb3DQEBCwUAA4IBAQBJ9QZoxdE84ezvUIEz026/Ik1R
7b9bQ9dyNz6f3SdefeYWoYWSJjC9kz3yHpViCxIr6Z1+2rbUv+jqpkvY5TJZfvWG
Elj7ukfH4kFCp4mxB1iBxDsAKKhNMYdMbL2dnqPf/+meQj5gXBAyuPhrt4ro7arg
Jil2VF9iOMhMlQe02HCKGXuQOYxN01hwTpUl2wJKuuSKqPCIYV35GowfkJYBPOPs
B98YvcmoVmlpNULzwveXmyKlXZ7pZL1Diuy3BVYwS8l5QOX9L7sERtNvyG4CVZXJ
HLsIO4McGfTawwjUhmmHUkhzE4ett79ehfU/iPDMkjsNKdKB+Pmyrh6+6DTj
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:48:56 2024 by rpki-client on console-ams.rpki-client.org