Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2z39hs6_6u06rxXeruaWUjR0aik.cer
File: 2z39hs6_6u06rxXeruaWUjR0aik.cer (raw, json)
Hash identifier: r44JiaSzPStsxAYn/duKANduRJOWWSuysSMiLnae5as=
Subject key identifier: DB:3D:FD:86:CE:BF:EA:ED:3A:AF:15:DE:AE:E6:96:52:34:74:6A:29
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021BBF
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9171BF0/A78F1B12A41511EFA14FBD3FC4F9AE02/2z39hs6_6u06rxXeruaWUjR0aik.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9171BF0/A78F1B12A41511EFA14FBD3FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sat 16 Nov 2024 12:24:03 +0000
Certificate not after: Mon 02 Mar 2026 00:00:00 +0000
Subordinate resources: AS: 153399
IP: 2401:d520::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138175 (0x21bbf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 16 12:24:03 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=A9171BF0/serialNumber=DB3DFD86CEBFEAED3AAF15DEAEE6965234746A29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:03:a2:2a:c4:df:45:83:83:43:af:a2:7e:00:
1b:8f:65:92:03:7c:38:44:fe:d9:7c:9f:61:83:62:
7b:4f:f2:16:f6:04:1b:27:6d:10:50:5d:28:c0:77:
7f:36:2d:cf:b7:e0:44:5d:e5:cd:54:3a:50:16:68:
de:15:c8:0d:fd:a0:ac:45:d8:de:bc:f6:46:c5:a1:
f3:dd:e9:ab:98:52:4d:bf:1a:60:4d:67:bc:ec:5a:
4f:eb:9a:27:87:28:a6:e4:79:43:9c:cf:8a:a4:61:
5c:a3:ef:60:53:0c:d7:58:d8:8c:2c:53:0a:91:3f:
31:b0:41:de:2b:b0:d9:b8:79:ab:ea:e4:e5:76:62:
06:23:02:a3:61:70:3d:15:61:a5:e4:e9:ad:b5:9f:
90:29:4a:a3:39:16:81:05:1c:60:f1:4b:a6:56:c1:
ab:66:c0:9a:2d:8c:ed:d7:2d:f7:e7:4f:d2:02:21:
88:95:bc:f5:fd:7c:b0:58:8e:e1:69:00:b7:e0:11:
64:b5:f1:09:85:0d:36:b7:55:f8:3b:a3:93:f8:80:
1a:69:64:f9:25:7b:01:74:eb:41:30:ee:79:62:05:
d5:75:cc:9c:72:78:6f:1d:14:b7:db:45:91:bb:4e:
03:4e:7d:4e:bd:cb:48:c3:02:3e:8b:f6:07:d2:74:
d0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3D:FD:86:CE:BF:EA:ED:3A:AF:15:DE:AE:E6:96:52:34:74:6A:29
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9171BF0/A78F1B12A41511EFA14FBD3FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9171BF0/A78F1B12A41511EFA14FBD3FC4F9AE02/2z39hs6_6u06rxXeruaWUjR0aik.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
153399
sbgp-ipAddrBlock: critical
IPv6:
2401:d520::/32
Signature Algorithm: sha256WithRSAEncryption
04:9d:5f:3f:e9:82:19:95:8f:b4:d8:b5:d1:22:0d:4e:31:35:
bc:ee:61:53:45:97:96:42:e6:44:ce:a1:d8:64:77:0b:70:6a:
eb:9d:0c:72:0e:77:b1:95:53:d2:41:f7:36:74:54:e3:3a:00:
d1:89:a0:a2:44:01:cc:a2:08:6d:0d:55:d2:57:3a:69:d2:7f:
ac:93:9d:c1:a9:37:4b:ff:34:36:bc:6d:86:7c:41:96:d7:03:
4a:b7:a6:4d:a1:1b:af:d1:33:34:cf:09:81:d6:c2:11:82:42:
c5:23:ff:6b:bd:ea:92:3d:b1:a0:d7:b6:8b:30:a9:3f:43:70:
9e:f6:cd:78:ce:b5:15:83:c5:35:48:a2:7c:4c:78:ab:7f:d6:
6b:65:b9:5b:29:71:67:6b:cd:95:11:24:63:da:4f:ac:aa:58:
b7:b2:9d:05:ae:48:4e:8e:03:0f:f7:c9:e0:28:4a:03:f1:46:
b0:1c:af:5a:63:40:9a:06:ff:69:dc:e3:2f:ff:d4:60:d1:19:
d6:b4:1d:96:e4:38:1a:47:38:b4:83:6a:ce:2e:fd:79:17:63:
e6:50:31:55:22:3c:88:6a:a6:e3:03:86:6d:fb:8c:1c:c4:09:
70:cb:db:e9:14:90:47:fb:e2:fa:f9:5b:55:3c:82:98:e8:ad:
46:92:54:4b
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIDAhu/MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTExNjEyMjQwM1oXDTI2MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNzFCRjAxMTAvBgNVBAUTKERCM0RGRDg2Q0VCRkVBRUQzQUFGMTVE
RUFFRTY5NjUyMzQ3NDZBMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDEA6IqxN9Fg4NDr6J+ABuPZZIDfDhE/tl8n2GDYntP8hb2BBsnbRBQXSjAd382
Lc+34ERd5c1UOlAWaN4VyA39oKxF2N689kbFofPd6auYUk2/GmBNZ7zsWk/rmieH
KKbkeUOcz4qkYVyj72BTDNdY2IwsUwqRPzGwQd4rsNm4eavq5OV2YgYjAqNhcD0V
YaXk6a21n5ApSqM5FoEFHGDxS6ZWwatmwJotjO3XLffnT9ICIYiVvPX9fLBYjuFp
ALfgEWS18QmFDTa3Vfg7o5P4gBppZPklewF060Ew7nliBdV1zJxyeG8dFLfbRZG7
TgNOfU69y0jDAj6L9gfSdNBDAgMBAAGjggMQMIIDDDAdBgNVHQ4EFgQU2z39hs6/
6u06rxXeruaWUjR0aikwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTcxQkYwL0E3OEYxQjEyQTQxNTExRUZBMTRGQkQzRkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3MUJGMC9BNzhGMUIxMkE0MTUxMUVGQTE0RkJEM0ZDNEY5QUUwMi8yejM5aHM2
XzZ1MDZyeFhlcnVhV1VqUjBhaWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlc3MCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAHVIDANBgkq
hkiG9w0BAQsFAAOCAQEABJ1fP+mCGZWPtNi10SINTjE1vO5hU0WXlkLmRM6h2GR3
C3Bq650Mcg53sZVT0kH3NnRU4zoA0YmgokQBzKIIbQ1V0lc6adJ/rJOdwak3S/80
NrxthnxBltcDSremTaEbr9EzNM8JgdbCEYJCxSP/a73qkj2xoNe2izCpP0NwnvbN
eM61FYPFNUiifEx4q3/Wa2W5WylxZ2vNlREkY9pPrKpYt7KdBa5ITo4DD/fJ4ChK
A/FGsByvWmNAmgb/adzjL//UYNEZ1rQdluQ4Gkc4tINqzi79eRdj5lAxVSI8iGqm
4wOGbfuMHMQJcMvb6RSQR/vi+vlbVTyCmOitRpJUSw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:14:58 2024 by rpki-client on console-ams.rpki-client.org