Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3nj0PVfAvnIiR0Mta6r3onwaW5o.cer
File: 3nj0PVfAvnIiR0Mta6r3onwaW5o.cer (raw, json)
Hash identifier: NNLr526XdKwKJ9o/MEYXK/KZlJRSiwbH5dnnWMuG4/Q=
Subject key identifier: DE:78:F4:3D:57:C0:BE:72:22:47:43:2D:6B:AA:F7:A2:7C:1A:5B:9A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01B5ED
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A912A3BE/2E43C3EC284011ECBE216F40C4F9AE02/3nj0PVfAvnIiR0Mta6r3onwaW5o.mft
caRepository: rsync://rpki.apnic.net/member_repository/A912A3BE/2E43C3EC284011ECBE216F40C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 09 Aug 2023 12:58:03 +0000
Certificate not after: Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources: AS: 146948
IP: 103.171.249.0/24
IP: 2001:df7:5880::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 08 May 2024 19:45:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112109 (0x1b5ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 9 12:58:03 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=A912A3BE/serialNumber=DE78F43D57C0BE722247432D6BAAF7A27C1A5B9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5d:e0:2e:09:c2:02:4e:88:35:b8:ae:fe:46:
48:96:4b:f5:76:b3:b7:25:8b:f7:29:88:39:7b:8a:
60:6a:07:6e:02:30:6d:2e:98:4c:d9:9e:26:e5:c3:
94:8e:97:59:c7:f7:34:b6:62:90:11:46:64:3a:77:
15:65:f8:ce:fd:3c:e0:ed:c6:0b:87:56:23:1b:4c:
46:bd:4e:13:f9:c1:eb:71:27:db:c2:70:90:38:7a:
10:84:3c:7c:54:cb:40:29:2d:5b:4b:80:3a:3a:95:
41:a0:6b:be:f5:25:9e:66:e3:88:03:da:2a:00:eb:
76:14:62:90:68:16:33:54:19:ea:85:bc:2b:87:4f:
41:56:d6:10:ea:7b:3a:39:24:8a:f1:02:e9:52:03:
ea:32:9e:66:9a:8f:1b:97:d4:92:89:b9:72:6a:9e:
d9:2c:44:08:c6:1f:54:9d:ee:70:16:f0:f3:4c:a9:
e9:2b:02:dc:e1:8b:7c:61:bc:f6:5f:e2:6b:c4:ef:
dc:fe:5d:37:8e:90:2f:01:96:03:84:cc:d8:97:87:
29:01:79:6f:46:12:14:c1:87:46:8a:c1:e2:e6:ce:
f4:5e:91:6f:b8:82:60:14:d5:86:70:6d:26:2b:1f:
ae:11:c1:27:6d:8b:7b:63:3e:d1:d0:b5:b3:54:cd:
1d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:78:F4:3D:57:C0:BE:72:22:47:43:2D:6B:AA:F7:A2:7C:1A:5B:9A
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912A3BE/2E43C3EC284011ECBE216F40C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912A3BE/2E43C3EC284011ECBE216F40C4F9AE02/3nj0PVfAvnIiR0Mta6r3onwaW5o.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
146948
sbgp-ipAddrBlock: critical
IPv4:
103.171.249.0/24
IPv6:
2001:df7:5880::/48
Signature Algorithm: sha256WithRSAEncryption
3d:93:c8:8e:8d:ba:8a:42:56:a1:02:c1:43:89:e3:6b:e5:a0:
40:f1:47:da:81:21:77:7e:5f:26:95:a1:1e:8b:a6:47:54:94:
2b:fc:ee:89:21:39:2a:28:db:ed:ce:07:77:cd:46:99:6f:20:
45:7a:91:f0:62:19:ff:61:46:b3:ee:d4:08:be:80:c0:de:8e:
a2:86:dd:6d:aa:30:9c:ee:44:51:91:3b:ac:0c:65:a8:76:10:
41:9e:a0:63:51:cd:31:72:f9:22:a0:98:c1:ee:72:d9:ed:d5:
7e:b3:e4:05:5e:6e:23:3e:83:78:0e:45:ec:b0:8c:eb:d8:ea:
7c:44:20:96:6f:1c:40:12:ab:1b:54:6d:13:ad:76:b9:df:85:
1a:24:25:6e:59:17:04:21:ae:a0:34:8f:c8:65:42:55:db:69:
68:0e:a8:c1:24:6d:7d:88:e8:12:a8:37:f6:ea:fa:1d:d1:e9:
2d:c0:c2:c7:5c:e8:34:a9:bf:d0:8b:30:6c:5c:dd:bb:c8:28:
66:4c:a5:19:d0:58:ae:41:ba:26:a5:b7:6f:d0:2a:d4:22:5f:
d3:b4:87:be:30:18:f2:e8:0e:cb:2b:8e:cc:5d:5a:cb:02:b8:
ac:0a:8f:57:fe:91:51:c1:33:2a:9f:4e:28:47:26:b3:36:e6:
97:21:91:c3
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAbXtMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDgwOTEyNTgwM1oXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMkEzQkUxMTAvBgNVBAUTKERFNzhGNDNENTdDMEJFNzIyMjQ3NDMy
RDZCQUFGN0EyN0MxQTVCOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCyXeAuCcICTog1uK7+RkiWS/V2s7cli/cpiDl7imBqB24CMG0umEzZniblw5SO
l1nH9zS2YpARRmQ6dxVl+M79PODtxguHViMbTEa9ThP5wetxJ9vCcJA4ehCEPHxU
y0ApLVtLgDo6lUGga771JZ5m44gD2ioA63YUYpBoFjNUGeqFvCuHT0FW1hDqezo5
JIrxAulSA+oynmaajxuX1JKJuXJqntksRAjGH1Sd7nAW8PNMqekrAtzhi3xhvPZf
4mvE79z+XTeOkC8BlgOEzNiXhykBeW9GEhTBh0aKweLmzvRekW+4gmAU1YZwbSYr
H64RwSdti3tjPtHQtbNUzR1FAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQU3nj0PVfA
vnIiR0Mta6r3onwaW5owHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTJBM0JFLzJFNDNDM0VDMjg0MDExRUNCRTIxNkY0MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyQTNCRS8yRTQzQzNFQzI4NDAxMUVDQkUyMTZGNDBDNEY5QUUwMi8zbmowUFZm
QXZuSWlSME10YTZyM29ud2FXNW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAj4EMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAZ6v5MA8EAgAC
MAkDBwAgAQ33WIAwDQYJKoZIhvcNAQELBQADggEBAD2TyI6NuopCVqECwUOJ42vl
oEDxR9qBIXd+XyaVoR6LpkdUlCv87okhOSoo2+3OB3fNRplvIEV6kfBiGf9hRrPu
1Ai+gMDejqKG3W2qMJzuRFGRO6wMZah2EEGeoGNRzTFy+SKgmMHuctnt1X6z5AVe
biM+g3gOReywjOvY6nxEIJZvHEASqxtUbROtdrnfhRokJW5ZFwQhrqA0j8hlQlXb
aWgOqMEkbX2I6BKoN/bq+h3R6S3Awsdc6DSpv9CLMGxc3bvIKGZMpRnQWK5Buial
t2/QKtQiX9O0h74wGPLoDssrjsxdWssCuKwKj1f+kVHBMyqfTihHJrM25pchkcM=
-----END CERTIFICATE-----
Generated at Wed May 1 20:49:27 2024 by rpki-client on console-ams.rpki-client.org