Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/446z9aUQfjDwynHd6nWxcNCwMlY.cer
File: 446z9aUQfjDwynHd6nWxcNCwMlY.cer (raw, json)
Hash identifier: SgiLbEzyQj1r/5vthZd7yGLMeRnbCS+P+fKmtTHPVRI=
Subject key identifier: E3:8E:B3:F5:A5:10:7E:30:F0:CA:71:DD:EA:75:B1:70:D0:B0:32:56
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021603
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A5560/4C3D6BC0216F11EFAF45EA2DC4F9AE02/446z9aUQfjDwynHd6nWxcNCwMlY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A5560/4C3D6BC0216F11EFAF45EA2DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 24 Oct 2024 20:18:53 +0000
Certificate not after: Mon 01 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 139318
IP: 103.108.174.0/23
IP: 2001:df1:1840::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136707 (0x21603)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 24 20:18:53 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=A91A5560/serialNumber=E38EB3F5A5107E30F0CA71DDEA75B170D0B03256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8b:b8:33:ac:9b:cc:9b:3d:89:46:a2:64:32:
70:ec:ec:f7:e2:bf:8d:09:da:0e:25:a9:b6:a8:b8:
b5:84:8e:0d:40:4f:bc:96:ad:43:09:9c:a4:3d:1d:
2e:66:52:0f:c4:ad:39:f5:79:c8:10:89:4b:1e:0b:
4f:74:41:25:ee:f7:84:c1:82:b6:98:ca:a9:de:97:
b3:a6:b6:e8:cf:de:2f:b2:9d:cd:4d:53:27:b3:1a:
ba:4f:22:3c:b3:73:ea:46:b2:db:24:e5:ee:39:d0:
c7:85:8e:9a:e4:d1:9d:c4:62:df:32:ea:8e:d5:93:
f1:95:1e:3a:04:dd:45:85:24:49:60:9c:4d:18:b5:
76:57:86:04:03:82:e9:ec:fe:a1:6a:54:08:7a:f0:
e3:c1:ef:65:d9:5b:c2:13:bd:8f:64:40:f7:8e:16:
41:94:15:41:55:da:b2:c8:43:09:69:f1:d6:87:fb:
f2:e8:3e:87:6d:bc:fe:a5:71:7b:d0:49:a6:71:31:
78:b4:6c:74:e1:ca:8a:61:32:94:a9:a5:55:46:c0:
24:81:d1:ad:60:db:ae:6a:c1:e8:76:3e:cd:65:b4:
62:54:20:c2:f4:c4:41:1f:9e:18:f7:cb:fd:f0:78:
d2:c6:1e:69:53:c8:8d:8a:00:3c:1b:dd:11:4f:4f:
0f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:8E:B3:F5:A5:10:7E:30:F0:CA:71:DD:EA:75:B1:70:D0:B0:32:56
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A5560/4C3D6BC0216F11EFAF45EA2DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A5560/4C3D6BC0216F11EFAF45EA2DC4F9AE02/446z9aUQfjDwynHd6nWxcNCwMlY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
139318
sbgp-ipAddrBlock: critical
IPv4:
103.108.174.0/23
IPv6:
2001:df1:1840::/48
Signature Algorithm: sha256WithRSAEncryption
8b:47:5a:b3:9c:30:f9:a7:83:c5:08:ae:01:63:00:d6:26:88:
c5:55:22:71:e1:0c:f7:c5:83:ee:fc:f1:18:5e:96:60:75:61:
d4:f0:b3:6c:7d:a2:c6:39:e3:3d:23:c6:c7:d3:16:89:cb:c5:
4d:3d:fb:67:8c:4d:a2:3e:39:43:b3:50:da:6b:6f:50:a1:29:
e5:af:9b:a1:78:61:b6:0a:9b:a0:da:be:ff:2b:1f:23:68:6a:
db:b3:55:e8:26:8b:8d:36:f1:0b:bf:a9:e3:3e:f9:eb:76:88:
ad:0a:14:94:85:cf:30:0c:ea:8b:f5:6e:6f:f8:1f:31:bc:fd:
cd:f9:c3:5a:e1:f8:ee:58:9f:eb:99:77:2f:24:79:ff:07:1a:
5e:fe:71:f1:ee:56:28:67:5f:a2:e9:48:63:59:ec:92:c3:df:
fe:4d:86:94:43:f7:67:6c:1a:51:7a:16:e4:8b:9a:ab:99:1b:
fc:a8:fe:d5:0e:8e:23:09:35:de:3b:97:20:a1:a0:e4:31:74:
ee:9e:40:f4:94:2d:fc:a1:5f:23:b5:1b:c0:50:4c:dd:4b:25:
8a:63:20:e3:a8:20:e1:26:43:8b:88:52:3a:8c:d4:7c:87:ad:
bf:91:a2:9e:dd:0f:52:88:cb:1f:fb:23:2d:38:4e:21:3e:bf:
de:36:94:5f
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAhYDMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTAyNDIwMTg1M1oXDTI1MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTU1NjAxMTAvBgNVBAUTKEUzOEVCM0Y1QTUxMDdFMzBGMENBNzFE
REVBNzVCMTcwRDBCMDMyNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDai7gzrJvMmz2JRqJkMnDs7Pfiv40J2g4lqbaouLWEjg1AT7yWrUMJnKQ9HS5m
Ug/ErTn1ecgQiUseC090QSXu94TBgraYyqnel7OmtujP3i+ync1NUyezGrpPIjyz
c+pGstsk5e450MeFjprk0Z3EYt8y6o7Vk/GVHjoE3UWFJElgnE0YtXZXhgQDguns
/qFqVAh68OPB72XZW8ITvY9kQPeOFkGUFUFV2rLIQwlp8daH+/LoPodtvP6lcXvQ
SaZxMXi0bHThyophMpSppVVGwCSB0a1g265qweh2Ps1ltGJUIML0xEEfnhj3y/3w
eNLGHmlTyI2KADwb3RFPTw87AgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQU446z9aUQ
fjDwynHd6nWxcNCwMlYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE1NTYwLzRDM0Q2QkMwMjE2RjExRUZBRjQ1RUEyREM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBNTU2MC80QzNENkJDMDIxNkYxMUVGQUY0NUVBMkRDNEY5QUUwMi80NDZ6OWFV
UWZqRHd5bkhkNm5XeGNOQ3dNbFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiA2MDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ2yuMA8EAgAC
MAkDBwAgAQ3xGEAwDQYJKoZIhvcNAQELBQADggEBAItHWrOcMPmng8UIrgFjANYm
iMVVInHhDPfFg+788RhelmB1YdTws2x9osY54z0jxsfTFonLxU09+2eMTaI+OUOz
UNprb1ChKeWvm6F4YbYKm6Davv8rHyNoatuzVegmi4028Qu/qeM++et2iK0KFJSF
zzAM6ov1bm/4HzG8/c35w1rh+O5Yn+uZdy8kef8HGl7+cfHuVihnX6LpSGNZ7JLD
3/5NhpRD92dsGlF6FuSLmquZG/yo/tUOjiMJNd47lyChoOQxdO6eQPSULfyhXyO1
G8BQTN1LJYpjIOOoIOEmQ4uIUjqM1HyHrb+Rop7dD1KIyx/7Iy04TiE+v942lF8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:24:21 2024 by rpki-client on console-fra.rpki-client.org