Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer
File: 3af4p0oKdM_262MEKLbJ1w1XvXY.cer (raw, json)
Hash identifier: zwtriJIAZcrlWQPmEZttk58oYuRk3Ue80q1gOccmE+0=
Subject key identifier: DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01DA16
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 23 Jan 2024 21:24:36 +0000
Certificate not after: Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources: AS: 9930
IP: 61.6.0.0 -- 61.6.191.255
IP: 103.5.236.0/22
IP: 103.10.160.0/23
IP: 202.184.0.0/14
IP: 202.190.0.0/16
IP: 203.121.0.0/17
IP: 210.19.0.0/16
IP: 211.24.0.0/15
IP: 218.100.18.0/24
IP: 223.28.0.0/17
IP: 2001:f40::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 May 2024 21:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121366 (0x1da16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jan 23 21:24:36 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=A91E7BC4/serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c3:5d:cf:b8:d9:ef:a4:ca:46:03:a3:f5:ee:
bd:4f:11:30:ca:da:d6:cc:d8:3c:5f:cb:e6:99:30:
0a:e1:51:0b:83:ce:40:b6:9c:94:ab:8f:f1:ab:62:
5a:19:fe:68:d1:a8:4c:47:96:b0:c6:9d:cd:36:46:
60:cb:58:bf:00:f5:8a:a2:aa:c8:56:05:82:20:e0:
f8:e8:58:c2:3d:77:7a:a3:64:94:44:60:fa:2e:ad:
94:72:03:6a:2c:3c:e2:af:82:91:25:22:6f:45:52:
a7:9a:af:00:3f:fb:c1:05:69:03:ed:a6:26:f1:89:
d1:9d:ce:f1:c4:57:52:57:42:d8:9a:f7:27:29:52:
49:84:20:2f:c3:50:a0:5a:e3:21:a0:5e:7c:e1:55:
75:41:93:1c:2c:0c:aa:31:45:68:1e:cd:27:4b:60:
3f:c4:7b:fe:4a:5e:0e:b4:e1:25:16:22:01:cc:3c:
5b:0a:33:ff:6a:7c:17:74:a3:35:10:fa:d8:9f:22:
89:af:13:0f:e5:b0:c1:b2:44:92:5a:19:0a:98:af:
ba:70:a5:0f:2c:db:95:e6:d9:18:3a:9b:a8:05:5d:
5e:51:7e:c6:65:dd:6d:fe:9d:9b:a7:de:db:c2:ea:
3b:33:1d:b4:c3:eb:d4:47:2b:6c:d7:f8:23:91:f2:
74:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9930
sbgp-ipAddrBlock: critical
IPv4:
61.6.0.0-61.6.191.255
103.5.236.0/22
103.10.160.0/23
202.184.0.0/14
202.190.0.0/16
203.121.0.0/17
210.19.0.0/16
211.24.0.0/15
218.100.18.0/24
223.28.0.0/17
IPv6:
2001:f40::/32
Signature Algorithm: sha256WithRSAEncryption
cd:94:53:b2:c0:a7:31:8a:94:97:33:d8:7e:9d:51:19:c8:33:
3a:18:17:2d:b3:54:28:1d:46:61:45:9e:56:83:77:3f:8a:c2:
9b:8b:6f:40:c7:06:d3:07:95:b7:83:b6:6a:c1:11:d2:37:01:
1f:c7:6f:e3:05:ce:c2:69:95:3a:74:6f:7a:c3:08:8c:34:63:
f0:9d:6c:3f:7e:b1:bc:09:ac:d8:c1:40:26:ab:e7:7f:7c:30:
32:7f:b7:37:35:ab:7b:ba:1f:25:89:21:40:df:e6:fd:a2:65:
a5:00:bd:5a:35:dc:62:99:02:18:2b:38:6a:04:e3:5b:ba:fb:
48:79:86:9a:aa:9f:0b:e9:45:62:cf:26:c4:ab:40:ff:c9:f8:
45:2e:b3:5c:bb:e4:aa:82:bd:62:d7:e0:55:44:39:e9:f1:90:
c6:c7:f0:68:ef:43:69:fa:7d:d0:93:52:24:e1:d6:f1:2d:5a:
14:91:62:36:46:4d:e2:01:20:fa:94:ed:1d:2d:0d:a5:d0:82:
36:47:bd:65:f5:e6:fe:25:3d:09:85:37:38:cf:80:ee:b8:b0:
58:17:17:10:aa:bc:d8:e3:dd:27:57:bf:9a:aa:e1:6b:fe:87:
4d:cb:83:3e:b5:43:ff:46:26:96:af:93:a7:83:97:3a:ad:6f:
67:83:43:7e
-----BEGIN CERTIFICATE-----
MIIGYTCCBUmgAwIBAgIDAdoWMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEyMzIxMjQzNloXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTdCQzQxMTAvBgNVBAUTKEREQTdGOEE3NEEwQTc0Q0ZGNkVCNjMw
NDI4QjZDOUQ3MEQ1N0JENzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIw13PuNnvpMpGA6P17r1PETDK2tbM2Dxfy+aZMArhUQuDzkC2nJSrj/GrYloZ
/mjRqExHlrDGnc02RmDLWL8A9YqiqshWBYIg4PjoWMI9d3qjZJREYPourZRyA2os
POKvgpElIm9FUqearwA/+8EFaQPtpibxidGdzvHEV1JXQtia9ycpUkmEIC/DUKBa
4yGgXnzhVXVBkxwsDKoxRWgezSdLYD/Ee/5KXg604SUWIgHMPFsKM/9qfBd0ozUQ
+tifIomvEw/lsMGyRJJaGQqYr7pwpQ8s25Xm2Rg6m6gFXV5RfsZl3W3+nZun3tvC
6jszHbTD69RHK2zX+COR8nR5AgMBAAGjggNWMIIDUjAdBgNVHQ4EFgQU3af4p0oK
dM/262MEKLbJ1w1XvXYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU3QkM0LzJEMUE1OTVBRDUwRDExRTlCQUQ2QzIyNkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFN0JDNC8yRDFBNTk1QUQ1MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBv
S2RNXzI2Mk1FS0xiSjF3MVh2WFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICJsowZwYIKwYBBQUHAQcBAf8EWDBWMEUEAgABMD8wCwMDAT0GAwQGPQaA
AwQCZwXsAwQBZwqgAwMCyrgDAwDKvgMEB8t5AAMDANITAwMB0xgDBADaZBIDBAff
HAAwDQQCAAIwBwMFACABD0AwDQYJKoZIhvcNAQELBQADggEBAM2UU7LApzGKlJcz
2H6dURnIMzoYFy2zVCgdRmFFnlaDdz+KwpuLb0DHBtMHlbeDtmrBEdI3AR/Hb+MF
zsJplTp0b3rDCIw0Y/CdbD9+sbwJrNjBQCar5398MDJ/tzc1q3u6HyWJIUDf5v2i
ZaUAvVo13GKZAhgrOGoE41u6+0h5hpqqnwvpRWLPJsSrQP/J+EUus1y75KqCvWLX
4FVEOenxkMbH8GjvQ2n6fdCTUiTh1vEtWhSRYjZGTeIBIPqU7R0tDaXQgjZHvWX1
5v4lPQmFNzjPgO64sFgXFxCqvNjj3SdXv5qq4Wv+h03Lgz61Q/9GJpavk6eDlzqt
b2eDQ34=
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:34:10 2024 by rpki-client on console-fra.rpki-client.org