Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6FKljehxn4vGvWSUmFS0dEe4nN4.cer
File: 6FKljehxn4vGvWSUmFS0dEe4nN4.cer (raw, json)
Hash identifier: 1Hw4pliKEUvd9Vz2cdoNl+eXt13eic0mOh0ugEsg8yE=
Subject key identifier: E8:52:A5:8D:E8:71:9F:8B:C6:BD:64:94:98:54:B4:74:47:B8:9C:DE
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 020AC7
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A918F862/1E6F6C120FF911E9A0D92B0FC4F9AE02/6FKljehxn4vGvWSUmFS0dEe4nN4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A918F862/1E6F6C120FF911E9A0D92B0FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 01 Sep 2024 17:38:39 +0000
Certificate not after: Mon 01 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 132372
IP: 103.28.90.0/23
IP: 103.72.162.0/23
IP: 103.117.20.0/24
IP: 103.122.164.0/24
IP: 2403:fd40::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133831 (0x20ac7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Sep 1 17:38:39 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=A918F862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6e:47:f1:90:aa:87:ba:d0:fc:2c:d3:1e:01:
fb:49:8c:b2:3f:d5:29:ab:bd:fb:c9:0c:71:ed:68:
eb:dd:8a:22:ed:14:31:28:43:cc:97:25:38:4c:51:
25:7c:8f:7a:82:1b:b7:e9:53:ec:03:c2:aa:5e:ab:
40:6b:00:ed:a6:b9:f1:10:28:e9:f5:af:b6:57:48:
75:05:aa:24:a1:85:34:e3:47:8d:db:c1:85:23:90:
81:89:fa:bd:57:c2:8b:47:ef:52:2b:69:f7:95:c5:
d9:e3:aa:c5:8a:eb:fe:62:17:2a:ec:fd:47:6e:79:
36:70:9b:3c:8f:06:4f:79:95:70:1d:78:c0:d0:da:
b5:b2:b3:7c:2c:ae:49:03:91:e0:34:b0:8d:a0:76:
03:8d:2f:f8:e1:9f:0b:73:6d:f7:1d:98:b8:1b:d6:
17:d8:8f:a8:42:3d:24:25:11:fe:c1:25:de:44:72:
0a:cc:2a:c9:04:4e:1b:d4:59:20:e0:1e:0c:53:12:
00:8d:25:df:9a:43:8c:a1:9d:f1:9a:ec:ea:cc:cc:
50:a0:1b:05:ed:f8:0e:e5:bd:cd:85:23:c6:2c:3e:
6e:df:6f:28:3f:15:6c:3f:0d:39:de:5b:a0:27:a1:
f3:19:2f:32:35:b7:90:e2:7c:24:93:fa:0c:ec:8c:
4a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:52:A5:8D:E8:71:9F:8B:C6:BD:64:94:98:54:B4:74:47:B8:9C:DE
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918F862/1E6F6C120FF911E9A0D92B0FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918F862/1E6F6C120FF911E9A0D92B0FC4F9AE02/6FKljehxn4vGvWSUmFS0dEe4nN4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
132372
sbgp-ipAddrBlock: critical
IPv4:
103.28.90.0/23
103.72.162.0/23
103.117.20.0/24
103.122.164.0/24
IPv6:
2403:fd40::/32
Signature Algorithm: sha256WithRSAEncryption
51:82:4a:15:0e:54:a3:7b:79:b9:f5:f8:f5:89:44:db:e8:e0:
10:7e:14:82:54:8b:7b:e0:26:74:29:f6:a9:3f:66:d6:c2:f5:
c2:b7:fe:de:cb:51:97:7f:c6:0a:50:58:bb:10:fb:0f:a4:54:
8c:b3:e8:87:52:8b:57:92:92:ae:67:62:65:81:e9:3f:fe:62:
1d:d3:f2:c7:f1:09:6b:61:f6:e9:62:c2:d2:d0:ad:b0:67:df:
bc:d9:4d:b8:6b:a8:8c:c5:ee:54:6e:a2:2e:d3:6c:43:dd:bc:
6a:13:96:e1:86:95:ed:bb:b5:50:5d:cd:a7:fa:67:a9:dc:1a:
fa:d9:2c:42:d2:ea:1b:24:78:e6:69:9b:de:b8:98:d1:13:01:
77:58:62:ed:f7:16:c2:5f:b0:3d:18:cd:01:e2:8b:56:50:fd:
89:5a:03:bf:7c:4e:b9:22:9e:d4:82:04:77:87:43:c7:b4:06:
9b:a1:ab:e2:a2:b4:cf:8d:3d:97:3a:8e:62:97:89:8e:8e:f5:
a3:c0:be:f3:e7:43:a7:1d:14:8d:f9:02:19:96:ce:8c:ed:c7:
08:9f:3f:b6:66:8c:fd:38:28:d5:6d:cb:1f:bf:b8:44:0f:40:
17:7e:31:c2:ee:a4:b4:3e:b5:0c:12:2f:96:e9:e1:16:e3:0a:
7b:68:7f:73
-----BEGIN CERTIFICATE-----
MIIGOzCCBSOgAwIBAgIDAgrHMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDkwMTE3MzgzOVoXDTI1MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOEY4NjIxMTAvBgNVBAUTKEU4NTJBNThERTg3MTlGOEJDNkJENjQ5
NDk4NTRCNDc0NDdCODlDREUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCbbkfxkKqHutD8LNMeAftJjLI/1SmrvfvJDHHtaOvdiiLtFDEoQ8yXJThMUSV8
j3qCG7fpU+wDwqpeq0BrAO2mufEQKOn1r7ZXSHUFqiShhTTjR43bwYUjkIGJ+r1X
wotH71IrafeVxdnjqsWK6/5iFyrs/UdueTZwmzyPBk95lXAdeMDQ2rWys3wsrkkD
keA0sI2gdgONL/jhnwtzbfcdmLgb1hfYj6hCPSQlEf7BJd5EcgrMKskEThvUWSDg
HgxTEgCNJd+aQ4yhnfGa7OrMzFCgGwXt+A7lvc2FI8YsPm7fbyg/FWw/DTneW6An
ofMZLzI1t5DifCST+gzsjEoPAgMBAAGjggMwMIIDLDAdBgNVHQ4EFgQU6FKljehx
n4vGvWSUmFS0dEe4nN4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThGODYyLzFFNkY2QzEyMEZGOTExRTlBMEQ5MkIwRkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4Rjg2Mi8xRTZGNkMxMjBGRjkxMUU5QTBEOTJCMEZDNEY5QUUwMi82RktsamVo
eG40dkd2V1NVbUZTMGRFZTRuTjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgUUMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBZxxaAwQBZ0ii
AwQAZ3UUAwQAZ3qkMA0EAgACMAcDBQAkA/1AMA0GCSqGSIb3DQEBCwUAA4IBAQBR
gkoVDlSje3m59fj1iUTb6OAQfhSCVIt74CZ0KfapP2bWwvXCt/7ey1GXf8YKUFi7
EPsPpFSMs+iHUotXkpKuZ2Jlgek//mId0/LH8QlrYfbpYsLS0K2wZ9+82U24a6iM
xe5UbqIu02xD3bxqE5bhhpXtu7VQXc2n+mep3Br62SxC0uobJHjmaZveuJjREwF3
WGLt9xbCX7A9GM0B4otWUP2JWgO/fE65Ip7UggR3h0PHtAaboaviorTPjT2XOo5i
l4mOjvWjwL7z50OnHRSN+QIZls6M7ccInz+2Zoz9OCjVbcsfv7hED0AXfjHC7qS0
PrUMEi+W6eEW4wp7aH9z
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:38 2025 by rpki-client