Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3nj0PVfAvnIiR0Mta6r3onwaW5o.cer
File: 3nj0PVfAvnIiR0Mta6r3onwaW5o.cer (raw, json)
Hash identifier: qz3o47P1OOqzEhlPKPGPxWYQARZxwBjHPm0U3jr7/dk=
Subject key identifier: DE:78:F4:3D:57:C0:BE:72:22:47:43:2D:6B:AA:F7:A2:7C:1A:5B:9A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02085F
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A912A3BE/2E43C3EC284011ECBE216F40C4F9AE02/3nj0PVfAvnIiR0Mta6r3onwaW5o.mft
caRepository: rsync://rpki.apnic.net/member_repository/A912A3BE/2E43C3EC284011ECBE216F40C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 22 Aug 2024 13:16:46 +0000
Certificate not after: Mon 01 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 146948
IP: 103.171.249.0/24
IP: 2001:df7:5880::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133215 (0x2085f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 22 13:16:46 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=A912A3BE/serialNumber=DE78F43D57C0BE722247432D6BAAF7A27C1A5B9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5d:e0:2e:09:c2:02:4e:88:35:b8:ae:fe:46:
48:96:4b:f5:76:b3:b7:25:8b:f7:29:88:39:7b:8a:
60:6a:07:6e:02:30:6d:2e:98:4c:d9:9e:26:e5:c3:
94:8e:97:59:c7:f7:34:b6:62:90:11:46:64:3a:77:
15:65:f8:ce:fd:3c:e0:ed:c6:0b:87:56:23:1b:4c:
46:bd:4e:13:f9:c1:eb:71:27:db:c2:70:90:38:7a:
10:84:3c:7c:54:cb:40:29:2d:5b:4b:80:3a:3a:95:
41:a0:6b:be:f5:25:9e:66:e3:88:03:da:2a:00:eb:
76:14:62:90:68:16:33:54:19:ea:85:bc:2b:87:4f:
41:56:d6:10:ea:7b:3a:39:24:8a:f1:02:e9:52:03:
ea:32:9e:66:9a:8f:1b:97:d4:92:89:b9:72:6a:9e:
d9:2c:44:08:c6:1f:54:9d:ee:70:16:f0:f3:4c:a9:
e9:2b:02:dc:e1:8b:7c:61:bc:f6:5f:e2:6b:c4:ef:
dc:fe:5d:37:8e:90:2f:01:96:03:84:cc:d8:97:87:
29:01:79:6f:46:12:14:c1:87:46:8a:c1:e2:e6:ce:
f4:5e:91:6f:b8:82:60:14:d5:86:70:6d:26:2b:1f:
ae:11:c1:27:6d:8b:7b:63:3e:d1:d0:b5:b3:54:cd:
1d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:78:F4:3D:57:C0:BE:72:22:47:43:2D:6B:AA:F7:A2:7C:1A:5B:9A
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912A3BE/2E43C3EC284011ECBE216F40C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912A3BE/2E43C3EC284011ECBE216F40C4F9AE02/3nj0PVfAvnIiR0Mta6r3onwaW5o.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
146948
sbgp-ipAddrBlock: critical
IPv4:
103.171.249.0/24
IPv6:
2001:df7:5880::/48
Signature Algorithm: sha256WithRSAEncryption
d1:d8:8a:26:73:64:92:62:96:de:34:46:c7:68:1a:bc:12:62:
4f:f6:5f:64:37:3c:6c:3b:bf:c4:96:c8:7a:8c:3e:ad:c4:76:
54:1c:a4:29:0c:81:c6:94:8c:cb:53:db:99:20:73:3c:b2:4a:
13:1a:ee:25:d0:80:69:6a:b9:1d:a9:f9:58:d1:c9:f2:38:8a:
27:fc:f2:1d:6c:f4:41:62:19:28:e7:3d:01:c8:23:30:b1:81:
ec:76:ff:c8:6a:63:6d:e0:74:ed:bd:4d:96:4c:c4:20:de:91:
0a:5a:99:11:30:7a:ee:b2:97:e2:d3:19:4e:0f:64:12:24:23:
63:ce:19:8f:6e:3f:81:31:7b:6a:4e:b8:f3:d9:76:f2:31:b6:
5b:3b:4d:6f:d1:cb:dd:e0:76:b6:c9:15:34:85:11:db:96:1c:
f3:04:03:c4:5a:21:70:df:f5:51:1c:5f:75:a5:6c:55:79:81:
16:1e:39:30:2e:41:ea:ae:ea:81:fc:34:33:b8:72:06:06:e5:
eb:70:5b:dd:04:96:89:77:6d:45:e7:72:d1:bf:96:22:71:fe:
03:5d:81:16:be:75:86:18:00:f9:2a:c7:c5:1a:93:d8:51:b0:
57:3c:64:a5:b6:89:c7:bc:6a:f6:71:0c:84:4e:d1:14:4f:80:
13:6d:c3:41
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAghfMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDgyMjEzMTY0NloXDTI1MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMkEzQkUxMTAvBgNVBAUTKERFNzhGNDNENTdDMEJFNzIyMjQ3NDMy
RDZCQUFGN0EyN0MxQTVCOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCyXeAuCcICTog1uK7+RkiWS/V2s7cli/cpiDl7imBqB24CMG0umEzZniblw5SO
l1nH9zS2YpARRmQ6dxVl+M79PODtxguHViMbTEa9ThP5wetxJ9vCcJA4ehCEPHxU
y0ApLVtLgDo6lUGga771JZ5m44gD2ioA63YUYpBoFjNUGeqFvCuHT0FW1hDqezo5
JIrxAulSA+oynmaajxuX1JKJuXJqntksRAjGH1Sd7nAW8PNMqekrAtzhi3xhvPZf
4mvE79z+XTeOkC8BlgOEzNiXhykBeW9GEhTBh0aKweLmzvRekW+4gmAU1YZwbSYr
H64RwSdti3tjPtHQtbNUzR1FAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQU3nj0PVfA
vnIiR0Mta6r3onwaW5owHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTJBM0JFLzJFNDNDM0VDMjg0MDExRUNCRTIxNkY0MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyQTNCRS8yRTQzQzNFQzI4NDAxMUVDQkUyMTZGNDBDNEY5QUUwMi8zbmowUFZm
QXZuSWlSME10YTZyM29ud2FXNW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAj4EMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAZ6v5MA8EAgAC
MAkDBwAgAQ33WIAwDQYJKoZIhvcNAQELBQADggEBANHYiiZzZJJilt40RsdoGrwS
Yk/2X2Q3PGw7v8SWyHqMPq3EdlQcpCkMgcaUjMtT25kgczyyShMa7iXQgGlquR2p
+VjRyfI4iif88h1s9EFiGSjnPQHIIzCxgex2/8hqY23gdO29TZZMxCDekQpamREw
eu6yl+LTGU4PZBIkI2POGY9uP4Exe2pOuPPZdvIxtls7TW/Ry93gdrbJFTSFEduW
HPMEA8RaIXDf9VEcX3WlbFV5gRYeOTAuQequ6oH8NDO4cgYG5etwW90Elol3bUXn
ctG/liJx/gNdgRa+dYYYAPkqx8Uak9hRsFc8ZKW2ice8avZxDIRO0RRPgBNtw0E=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:07 2024 by rpki-client on console-fra.rpki-client.org