Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer
File: 3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer (raw, json)
Hash identifier: TgYWsUBMdk0eEdX0Q+34TlSW4/kskqZzKcHUw+s4CQ0=
Subject key identifier: DC:1B:39:B5:4F:60:89:1A:C7:78:A9:31:6D:71:B0:BE:80:06:39:6E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01EF5C
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 02 May 2024 03:13:02 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 136473
IP: 103.89.140.0/22
IP: 202.14.204.0/22
IP: 2400:f040::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126812 (0x1ef5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 2 03:13:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A91DC4E1/serialNumber=DC1B39B54F60891AC778A9316D71B0BE8006396E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6f:08:84:8a:44:28:7c:8f:eb:aa:54:93:1f:
5e:98:e0:95:d1:a9:ec:9f:65:f7:b4:db:9f:ca:39:
42:43:40:6e:6c:2d:98:2c:23:55:89:ec:71:3f:98:
89:8e:73:53:46:88:60:0f:ff:c3:06:aa:e9:20:4a:
3f:4d:3f:4b:53:de:09:b0:c0:8a:28:74:a0:93:f1:
af:90:1a:bd:39:e2:af:17:bd:fa:93:29:cf:68:bd:
dd:4c:7c:65:cd:b6:cc:a2:e1:99:f1:d9:4e:74:95:
cf:d6:ec:fb:3a:29:44:3d:a2:cc:f1:a6:58:44:ab:
bc:0f:11:c3:52:81:df:7b:9b:57:27:5a:42:4a:23:
2f:61:49:97:1e:16:96:03:5e:6d:7a:59:fb:44:e9:
85:2e:b4:18:f3:99:78:e2:cf:5c:fb:b7:46:d8:b3:
e8:70:5c:74:39:2b:d2:89:65:77:39:5c:f4:e0:fc:
3f:5f:a6:94:b0:70:ff:96:89:c6:57:8c:e2:b1:8b:
ec:5e:76:58:94:79:d5:c0:42:d0:80:05:0f:1b:29:
4e:d4:e0:c3:0c:19:ae:9e:d4:0e:23:7b:13:56:b8:
0d:a2:49:7c:77:bb:a8:82:99:10:60:f7:68:d9:16:
08:af:8b:17:5c:4f:b2:53:af:de:e9:8f:4d:91:43:
d0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:1B:39:B5:4F:60:89:1A:C7:78:A9:31:6D:71:B0:BE:80:06:39:6E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
136473
sbgp-ipAddrBlock: critical
IPv4:
103.89.140.0/22
202.14.204.0/22
IPv6:
2400:f040::/32
Signature Algorithm: sha256WithRSAEncryption
c6:45:27:c1:e5:5a:2f:cd:75:45:e5:f7:e3:3d:f9:a4:f3:d2:
99:33:ac:84:bb:79:d3:21:43:a5:3b:bc:54:71:5f:0f:3a:55:
a4:03:e5:ac:e3:5b:8f:66:0a:9f:5f:a7:7a:04:05:6f:24:14:
9c:75:67:4f:60:3a:59:af:7c:1c:e0:17:1b:06:2b:48:46:64:
e3:13:19:74:51:66:39:4c:90:83:72:27:f7:f3:87:39:10:06:
09:f9:5c:32:3f:a6:aa:af:cc:a7:fa:56:87:4b:63:43:1d:f0:
67:ed:77:7a:1c:ee:bb:e3:af:14:25:b8:df:29:94:ea:ed:6e:
6d:7f:1d:ad:4a:51:7a:e7:a4:ba:9f:72:31:79:ab:f8:02:74:
f2:4f:c4:79:bc:d6:b6:98:07:76:18:c8:33:aa:b1:f7:15:7d:
92:f6:28:da:83:d3:5b:77:98:df:4a:48:aa:5f:4f:f0:44:5d:
57:32:ff:e7:ac:d3:90:10:75:bc:b9:6c:58:b6:30:c2:8b:4c:
3d:ff:da:10:9a:d3:bc:b6:00:fc:40:6d:bc:23:fa:e3:13:f0:
2a:c7:a7:eb:2b:2a:0f:58:66:05:5b:50:c9:f9:57:59:92:af:
80:f5:5f:5e:ae:d7:96:cd:b0:f9:77:2a:9b:a8:87:df:96:ad:
b1:20:c2:61
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAe9cMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDUwMjAzMTMwMloXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxREM0RTExMTAvBgNVBAUTKERDMUIzOUI1NEY2MDg5MUFDNzc4QTkz
MTZENzFCMEJFODAwNjM5NkUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDcbwiEikQofI/rqlSTH16Y4JXRqeyfZfe025/KOUJDQG5sLZgsI1WJ7HE/mImO
c1NGiGAP/8MGqukgSj9NP0tT3gmwwIoodKCT8a+QGr054q8XvfqTKc9ovd1MfGXN
tsyi4Znx2U50lc/W7Ps6KUQ9oszxplhEq7wPEcNSgd97m1cnWkJKIy9hSZceFpYD
Xm16WftE6YUutBjzmXjiz1z7t0bYs+hwXHQ5K9KJZXc5XPTg/D9fppSwcP+WicZX
jOKxi+xedliUedXAQtCABQ8bKU7U4MMMGa6e1A4jexNWuA2iSXx3u6iCmRBg92jZ
FgivixdcT7JTr97pj02RQ9ArAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQU3Bs5tU9g
iRrHeKkxbXGwvoAGOW4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MURDNEUxLzIwMDRGMTQ0MTYwMTExRTdBOEFDMjI1REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEQzRFMS8yMDA0RjE0NDE2MDExMUU3QThBQzIyNURDNEY5QUUwMi8zQnM1dFU5
Z2lSckhlS2t4YlhHd3ZvQUdPVzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhUZMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ1mMAwQCyg7M
MA0EAgACMAcDBQAkAPBAMA0GCSqGSIb3DQEBCwUAA4IBAQDGRSfB5VovzXVF5ffj
Pfmk89KZM6yEu3nTIUOlO7xUcV8POlWkA+Ws41uPZgqfX6d6BAVvJBScdWdPYDpZ
r3wc4BcbBitIRmTjExl0UWY5TJCDcif384c5EAYJ+VwyP6aqr8yn+laHS2NDHfBn
7Xd6HO67468UJbjfKZTq7W5tfx2tSlF656S6n3Ixeav4AnTyT8R5vNa2mAd2GMgz
qrH3FX2S9ijag9Nbd5jfSkiqX0/wRF1XMv/nrNOQEHW8uWxYtjDCi0w9/9oQmtO8
tgD8QG28I/rjE/Aqx6frKyoPWGYFW1DJ+VdZkq+A9V9erteWzbD5dyqbqIfflq2x
IMJh
-----END CERTIFICATE-----
Generated at Wed May 8 21:04:11 2024 by rpki-client on console-fra.rpki-client.org