Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3r0oU3qS6xPagPeYhK77f1FpqHk.cer
File: 3r0oU3qS6xPagPeYhK77f1FpqHk.cer (raw, json)
Hash identifier: ILZK7WFRdK2lvLYywtXrouPS7F/ALv0SPNVUHSeyWQk=
Subject key identifier: DE:BD:28:53:7A:92:EB:13:DA:80:F7:98:84:AE:FB:7F:51:69:A8:79
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01D009
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91EEAF9/E61E7D5CE90011EAB59F6971C4F9AE02/3r0oU3qS6xPagPeYhK77f1FpqHk.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91EEAF9/E61E7D5CE90011EAB59F6971C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 05 Dec 2023 22:22:27 +0000
Certificate not after: Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources: AS: 59222
IP: 103.252.184.0/22
IP: 2001:df7:1000::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 May 2024 08:04:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118793 (0x1d009)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Dec 5 22:22:27 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=A91EEAF9/serialNumber=DEBD28537A92EB13DA80F79884AEFB7F5169A879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7c:c1:87:7e:94:ce:d8:b5:b3:c0:91:5c:8e:
ee:36:71:90:54:0e:5e:da:95:f9:1a:48:2b:a6:cc:
a2:5c:8c:13:ac:57:a3:a0:eb:5b:2b:58:cf:30:80:
27:b9:30:74:0f:c9:7c:8a:e3:38:d2:62:06:7d:0e:
13:62:14:d0:e4:05:27:95:b8:a7:59:dd:a2:88:94:
75:37:af:13:77:bd:53:e6:8f:66:25:67:0d:40:73:
44:9b:df:21:1b:e2:b1:b1:a3:68:1b:34:bb:dc:9c:
48:6d:04:c7:8f:dd:c6:7d:ad:f1:f0:04:f3:fc:21:
3b:21:cd:30:9b:b1:5b:3e:52:1c:a9:eb:0b:12:3d:
e3:91:b6:27:64:74:51:ed:75:d6:73:ef:88:b2:6a:
33:d9:c1:a1:a5:06:74:2c:81:7d:15:71:fb:93:de:
98:c5:0d:88:12:c5:6c:3c:66:3d:53:1e:ca:4b:e7:
d7:64:4c:df:b2:26:6f:ae:1b:bb:4f:22:ad:a1:c3:
01:55:9f:fb:73:5d:66:2f:fa:73:f8:04:f2:25:b0:
23:2d:65:66:3c:37:6e:f9:b1:dd:1c:ab:2b:87:75:
70:ad:fa:50:9e:2a:42:bd:a5:b2:8e:b7:ae:6e:67:
eb:d5:bc:1f:57:52:6b:48:2d:b1:60:87:57:f3:d1:
3e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:BD:28:53:7A:92:EB:13:DA:80:F7:98:84:AE:FB:7F:51:69:A8:79
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91EEAF9/E61E7D5CE90011EAB59F6971C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91EEAF9/E61E7D5CE90011EAB59F6971C4F9AE02/3r0oU3qS6xPagPeYhK77f1FpqHk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
59222
sbgp-ipAddrBlock: critical
IPv4:
103.252.184.0/22
IPv6:
2001:df7:1000::/48
Signature Algorithm: sha256WithRSAEncryption
be:3b:7e:aa:43:8d:1a:2d:77:20:e8:7d:24:fa:16:87:80:f0:
d4:7f:79:5d:02:44:bf:5b:f1:96:29:63:d6:f8:59:e5:37:1f:
7e:ff:ad:64:09:cd:e7:1b:69:b5:68:03:c0:6b:9d:5e:62:17:
d7:ad:d7:59:4d:96:52:49:70:df:b1:be:49:1e:73:15:10:de:
03:0f:60:27:31:ff:2b:00:d6:86:38:2c:89:76:b7:db:cb:31:
f1:2f:16:d4:4b:3e:1c:8f:9a:bd:66:02:62:69:b0:cc:f3:16:
3a:e8:e7:39:44:00:fc:cb:a8:1a:4b:7d:be:13:04:a2:51:2c:
c8:5a:8a:bf:10:f3:3f:19:a3:d7:67:29:31:6c:15:92:c4:5a:
5a:a3:81:87:47:dc:36:e3:27:73:89:31:a7:7b:51:b1:b4:8a:
c8:31:90:dd:00:7d:f2:f4:cd:52:71:e7:67:d7:f1:be:b7:bf:
c9:cf:f3:d9:8f:4c:bb:6a:bb:3b:6d:32:98:0b:89:87:c9:e9:
75:cf:35:55:17:d5:41:8d:ae:9f:47:4f:f3:e4:59:c2:2d:97:
f4:2f:c7:1a:0a:34:70:5c:5c:f4:c8:4e:cd:ef:22:ce:6a:b7:
39:88:8e:f7:8f:a6:b7:1d:ed:c1:77:2a:45:44:a9:49:ca:af:
8b:1b:a9:22
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAdAJMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIwNTIyMjIyN1oXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRUVBRjkxMTAvBgNVBAUTKERFQkQyODUzN0E5MkVCMTNEQTgwRjc5
ODg0QUVGQjdGNTE2OUE4NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDAfMGHfpTO2LWzwJFcju42cZBUDl7alfkaSCumzKJcjBOsV6Og61srWM8wgCe5
MHQPyXyK4zjSYgZ9DhNiFNDkBSeVuKdZ3aKIlHU3rxN3vVPmj2YlZw1Ac0Sb3yEb
4rGxo2gbNLvcnEhtBMeP3cZ9rfHwBPP8ITshzTCbsVs+Uhyp6wsSPeORtidkdFHt
ddZz74iyajPZwaGlBnQsgX0VcfuT3pjFDYgSxWw8Zj1THspL59dkTN+yJm+uG7tP
Iq2hwwFVn/tzXWYv+nP4BPIlsCMtZWY8N275sd0cqyuHdXCt+lCeKkK9pbKOt65u
Z+vVvB9XUmtILbFgh1fz0T4PAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQU3r0oU3qS
6xPagPeYhK77f1FpqHkwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUVFQUY5L0U2MUU3RDVDRTkwMDExRUFCNTlGNjk3MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFRUFGOS9FNjFFN0Q1Q0U5MDAxMUVBQjU5RjY5NzFDNEY5QUUwMi8zcjBvVTNx
UzZ4UGFnUGVZaEs3N2YxRnBxSGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAOdWMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCZ/y4MA8EAgAC
MAkDBwAgAQ33EAAwDQYJKoZIhvcNAQELBQADggEBAL47fqpDjRotdyDofST6FoeA
8NR/eV0CRL9b8ZYpY9b4WeU3H37/rWQJzecbabVoA8BrnV5iF9et11lNllJJcN+x
vkkecxUQ3gMPYCcx/ysA1oY4LIl2t9vLMfEvFtRLPhyPmr1mAmJpsMzzFjro5zlE
APzLqBpLfb4TBKJRLMhair8Q8z8Zo9dnKTFsFZLEWlqjgYdH3DbjJ3OJMad7UbG0
isgxkN0AffL0zVJx52fX8b63v8nP89mPTLtquzttMpgLiYfJ6XXPNVUX1UGNrp9H
T/PkWcItl/QvxxoKNHBcXPTITs3vIs5qtzmIjvePprcd7cF3KkVEqUnKr4sbqSI=
-----END CERTIFICATE-----
Generated at Wed Apr 24 08:44:47 2024 by rpki-client on console-ams.rpki-client.org