Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2gE-F4NYyzWot2XJvAkK6c8cT74.cer
File: 2gE-F4NYyzWot2XJvAkK6c8cT74.cer (raw, json)
Hash identifier: FsvYvsOakQW/9rMY6ZYkWLLpIeij+0tBj1wr8nbbZVo=
Subject key identifier: DA:01:3E:17:83:58:CB:35:A8:B7:65:C9:BC:09:0A:E9:CF:1C:4F:BE
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02198D
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/2gE-F4NYyzWot2XJvAkK6c8cT74.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 06 Nov 2024 03:00:42 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 23936
IP: 103.229.96.0/24
IP: 180.178.72.0/21
IP: 2402:4400::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137613 (0x2198d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 6 03:00:42 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A91B2C88/serialNumber=DA013E178358CB35A8B765C9BC090AE9CF1C4FBE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:90:48:a0:3e:e7:44:a9:c2:63:eb:69:c3:26:
df:4f:03:c3:18:a7:a6:68:fc:88:aa:a0:1a:64:72:
32:e3:59:c5:e9:3e:ea:e8:fb:4a:40:6a:f3:14:1f:
38:5b:cd:ad:49:4c:0d:4c:80:3e:29:a8:39:65:d3:
5b:eb:e2:5d:62:74:eb:54:85:f7:8d:09:15:d5:6d:
77:32:e2:cc:c7:a3:a7:03:c8:da:52:51:c4:3c:03:
e6:00:b6:4c:fe:96:89:d9:c5:2f:84:d5:56:d3:95:
02:c5:7d:79:3b:98:4b:22:2b:36:97:22:be:57:a0:
0a:32:06:e8:cc:2d:c4:4f:a2:fc:b9:9f:b8:40:bc:
99:44:0e:77:69:22:1d:ca:3b:57:31:fe:8e:e0:a5:
d5:01:4a:d1:59:38:a9:77:eb:f8:b3:c3:63:42:3d:
ce:99:59:29:ec:86:3d:a6:d5:e2:dc:be:4e:dd:28:
76:c3:62:6e:10:d1:f4:df:10:0e:25:f1:13:aa:39:
9c:4e:51:6a:7d:09:49:3c:e0:b2:5a:63:6f:6c:2a:
f2:b9:52:df:8f:fa:72:09:8f:e5:be:fe:72:f6:17:
e5:3c:65:28:5a:ed:47:12:8c:88:c3:ce:db:c6:7d:
ab:53:ab:3f:8f:a0:4f:ba:ba:19:46:0a:08:0e:de:
ca:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:01:3E:17:83:58:CB:35:A8:B7:65:C9:BC:09:0A:E9:CF:1C:4F:BE
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/2gE-F4NYyzWot2XJvAkK6c8cT74.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
23936
sbgp-ipAddrBlock: critical
IPv4:
103.229.96.0/24
180.178.72.0/21
IPv6:
2402:4400::/32
Signature Algorithm: sha256WithRSAEncryption
a6:67:eb:32:6f:09:62:62:16:80:6f:f3:16:55:07:0f:b4:04:
19:1b:52:7f:02:b1:ce:fa:e0:b7:00:39:4b:eb:b3:d1:4f:e6:
de:9d:82:06:6d:76:ba:6b:e8:59:12:d5:09:82:3f:5f:c8:bd:
c4:61:fe:84:db:1c:c0:df:a6:9b:88:5a:d7:c7:0f:91:d7:67:
3f:52:1c:15:00:8a:fd:5e:3c:50:b8:9e:10:bc:63:70:fb:a8:
b1:7d:38:8f:db:8a:97:74:35:8d:de:15:f5:22:2c:69:85:6b:
3f:cd:3b:17:71:ca:04:29:c3:c1:df:5d:11:87:ce:f5:bc:bf:
c9:cc:83:14:bd:d0:2f:5f:28:50:94:44:b7:c1:ed:2c:30:b6:
d0:17:7e:68:ff:70:95:0d:5d:05:ba:61:cd:24:2b:c2:33:99:
70:63:7e:81:e2:72:24:e2:d1:28:02:48:09:b0:09:3b:46:8c:
16:c4:9b:b9:41:5a:e2:53:a8:e7:2e:04:fe:fa:da:0f:83:d6:
47:8c:df:38:f1:bd:b0:2d:90:ae:ae:59:15:f6:30:ee:f5:2f:
a8:a5:92:71:a7:05:16:bf:7d:d2:6f:22:1b:eb:d8:ee:fb:da:
09:43:77:6c:41:96:c5:17:a7:f2:44:b9:95:67:ca:4f:36:19:
0e:8c:f4:5f
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgIDAhmNMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTEwNjAzMDA0MloXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjJDODgxMTAvBgNVBAUTKERBMDEzRTE3ODM1OENCMzVBOEI3NjVD
OUJDMDkwQUU5Q0YxQzRGQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCjkEigPudEqcJj62nDJt9PA8MYp6Zo/IiqoBpkcjLjWcXpPuro+0pAavMUHzhb
za1JTA1MgD4pqDll01vr4l1idOtUhfeNCRXVbXcy4szHo6cDyNpSUcQ8A+YAtkz+
lonZxS+E1VbTlQLFfXk7mEsiKzaXIr5XoAoyBujMLcRPovy5n7hAvJlEDndpIh3K
O1cx/o7gpdUBStFZOKl36/izw2NCPc6ZWSnshj2m1eLcvk7dKHbDYm4Q0fTfEA4l
8ROqOZxOUWp9CUk84LJaY29sKvK5Ut+P+nIJj+W+/nL2F+U8ZSha7UcSjIjDztvG
fatTqz+PoE+6uhlGCggO3spJAgMBAAGjggMjMIIDHzAdBgNVHQ4EFgQU2gE+F4NY
yzWot2XJvAkK6c8cT74wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUIyQzg4LzI0Mjk5RENBOTc4RTExRUJCRDgxQjA1NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCMkM4OC8yNDI5OURDQTk3OEUxMUVCQkQ4MUIwNTVDNEY5QUUwMi8yZ0UtRjRO
WXl6V290MlhKdkFrSzZjOGNUNzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICXYAwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBABn5WADBAO0skgw
DQQCAAIwBwMFACQCRAAwDQYJKoZIhvcNAQELBQADggEBAKZn6zJvCWJiFoBv8xZV
Bw+0BBkbUn8Csc764LcAOUvrs9FP5t6dggZtdrpr6FkS1QmCP1/IvcRh/oTbHMDf
ppuIWtfHD5HXZz9SHBUAiv1ePFC4nhC8Y3D7qLF9OI/bipd0NY3eFfUiLGmFaz/N
OxdxygQpw8HfXRGHzvW8v8nMgxS90C9fKFCURLfB7SwwttAXfmj/cJUNXQW6Yc0k
K8IzmXBjfoHiciTi0SgCSAmwCTtGjBbEm7lBWuJTqOcuBP762g+D1keM3zjxvbAt
kK6uWRX2MO71L6ilknGnBRa/fdJvIhvr2O772glDd2xBlsUXp/JEuZVnyk82GQ6M
9F8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:14:57 2024 by rpki-client on console-ams.rpki-client.org