Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6b_gIVuE9EnQu1Xzey1hYNRkwZA.cer
File: 6b_gIVuE9EnQu1Xzey1hYNRkwZA.cer (raw, json)
Hash identifier: 2fCN42yaW5BntpDAXuT6lPLmdR6iFZ8nai0f5imB3qc=
Subject key identifier: E9:BF:E0:21:5B:84:F4:49:D0:BB:55:F3:7B:2D:61:60:D4:64:C1:90
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021B5F
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.roa.net/rrdp/xTom/43/E9BFE0215B84F449D0BB55F37B2D6160D464C190.mft
caRepository: rsync://rpki.roa.net/rrdp/xTom/43/
Notify URL: https://rpki.roa.net/rrdp/notification.xml
Certificate not before: Thu 14 Nov 2024 13:50:10 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: IP: 103.155.232.0/23
IP: 2001:df4:dd80::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138079 (0x21b5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Nov 14 13:50:10 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A913FFE90000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2e:89:28:be:8e:98:4f:27:85:40:8a:a4:78:
1a:36:aa:5a:63:56:62:9b:e3:8f:e9:27:96:d9:cc:
19:f0:cd:56:ce:74:1a:0c:0a:c2:02:55:c3:54:a7:
e8:5b:82:dc:2a:4c:99:5e:21:79:8e:dc:1c:6f:11:
5f:8c:ed:bb:b7:57:19:94:75:38:cc:02:57:54:bb:
ee:dd:6d:fa:ee:4a:5a:6d:ec:e2:ce:f1:92:13:1a:
03:4a:4c:6d:e9:2e:88:7a:bb:45:8e:cf:34:e1:0d:
35:00:31:ee:e5:a1:2a:35:33:d2:70:63:ae:99:69:
71:50:d1:f8:1e:1e:c1:1a:4c:83:fe:e4:6e:69:07:
e1:77:24:ab:fd:d6:d4:57:f2:55:5e:f2:7c:18:39:
ee:3d:68:a9:70:6c:ad:a0:8d:af:c5:31:a9:72:e5:
97:61:1d:95:9c:87:03:f1:92:18:e3:3f:10:f0:11:
ed:82:19:ad:e7:c5:22:66:8f:b1:3d:2c:c4:00:16:
c0:27:b7:0f:d4:43:77:3b:bd:dc:2b:0a:94:4f:3e:
2d:62:63:be:1b:9a:27:fb:57:d6:6e:7d:09:e7:63:
0e:a3:f1:69:2b:2a:f9:69:5b:80:67:27:08:1a:68:
3d:4e:cc:2b:22:06:f4:39:63:89:a7:c6:c3:2e:83:
f7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:BF:E0:21:5B:84:F4:49:D0:BB:55:F3:7B:2D:61:60:D4:64:C1:90
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.roa.net/rrdp/xTom/43/
RPKI Manifest - URI:rsync://rpki.roa.net/rrdp/xTom/43/E9BFE0215B84F449D0BB55F37B2D6160D464C190.mft
RPKI Notify - URI:https://rpki.roa.net/rrdp/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.155.232.0/23
IPv6:
2001:df4:dd80::/48
Signature Algorithm: sha256WithRSAEncryption
52:db:d8:38:5c:21:27:c9:a3:ec:e3:23:18:94:c1:40:34:10:
67:2d:70:85:ea:eb:3c:b8:32:37:c6:39:5d:6c:b0:28:37:c0:
c0:bd:70:7b:3d:72:c1:6d:e3:c3:73:dc:03:e8:cd:59:27:bc:
1c:28:a5:a9:a0:56:82:d7:00:29:77:eb:43:2f:63:25:a2:a7:
09:14:9b:3d:6a:42:70:fa:77:94:4b:fd:3c:51:9b:82:a6:cc:
ac:85:cf:e6:7b:fc:bd:76:87:bc:8d:53:59:d6:7b:b1:a2:84:
33:22:e1:61:71:ab:be:da:9c:75:1a:bc:ca:53:bd:c7:57:9d:
18:19:3f:57:0f:0f:35:9b:5e:21:3f:e5:fb:2d:c5:eb:db:4e:
6d:21:05:32:c2:3f:7c:c2:16:18:8b:92:bc:fd:b9:c7:8d:be:
a9:6e:4d:8c:75:c9:54:7c:dc:b1:77:17:0a:7e:a6:a7:f0:b3:
d9:2b:4e:70:10:10:07:9b:54:58:49:44:8e:56:be:30:88:4b:
0d:8e:a9:d3:45:03:b3:45:23:a5:d4:fd:96:a4:18:6a:4b:74:
d4:f7:90:36:4e:10:78:05:30:d6:a7:42:93:cf:5a:06:a1:ef:
dc:e1:89:09:54:fd:a3:d5:e4:50:9e:61:f7:e8:fa:4a:3c:85:
e7:b8:f6:78
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIDAhtfMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTExNDEzNTAxMFoXDTI1MTIzMDAwMDAwMFowSjEVMBMG
A1UEAxMMQTkxM0ZGRTkwMDAwMTEwLwYDVQQFEyhFOUJGRTAyMTVCODRGNDQ5RDBC
QjU1RjM3QjJENjE2MEQ0NjRDMTkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuS6JKL6OmE8nhUCKpHgaNqpaY1Zim+OP6SeW2cwZ8M1WznQaDArCAlXD
VKfoW4LcKkyZXiF5jtwcbxFfjO27t1cZlHU4zAJXVLvu3W367kpabezizvGSExoD
Skxt6S6IertFjs804Q01ADHu5aEqNTPScGOumWlxUNH4Hh7BGkyD/uRuaQfhdySr
/dbUV/JVXvJ8GDnuPWipcGytoI2vxTGpcuWXYR2VnIcD8ZIY4z8Q8BHtghmt58Ui
Zo+xPSzEABbAJ7cP1EN3O73cKwqUTz4tYmO+G5on+1fWbn0J52MOo/FpKyr5aVuA
ZycIGmg9TswrIgb0OWOJp8bDLoP3fQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFOm/
4CFbhPRJ0LtV83stYWDUZMGQMB8GA1UdIwQYMBaAFA5lpPX9NrW9aOs8kjQIl4yQ
eqefMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1
ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9EbVdrOWYwMnRiMW82enlTTkFpWGpK
QjZwNTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3RTExRTdBOTZBMzk1
MjFBNEY0RkI0L0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1OC5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMIHUBggrBgEFBQcBCwSBxzCBxDAuBggrBgEF
BQcwBYYicnN5bmM6Ly9ycGtpLnJvYS5uZXQvcnJkcC94VG9tLzQzLzBaBggrBgEF
BQcwCoZOcnN5bmM6Ly9ycGtpLnJvYS5uZXQvcnJkcC94VG9tLzQzL0U5QkZFMDIx
NUI4NEY0NDlEMEJCNTVGMzdCMkQ2MTYwRDQ2NEMxOTAubWZ0MDYGCCsGAQUFBzAN
hipodHRwczovL3Jwa2kucm9hLm5ldC9ycmRwL25vdGlmaWNhdGlvbi54bWwwMAYI
KwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAFnm+gwDwQCAAIwCQMHACABDfTdgDAN
BgkqhkiG9w0BAQsFAAOCAQEAUtvYOFwhJ8mj7OMjGJTBQDQQZy1wherrPLgyN8Y5
XWywKDfAwL1wez1ywW3jw3PcA+jNWSe8HCilqaBWgtcAKXfrQy9jJaKnCRSbPWpC
cPp3lEv9PFGbgqbMrIXP5nv8vXaHvI1TWdZ7saKEMyLhYXGrvtqcdRq8ylO9x1ed
GBk/Vw8PNZteIT/l+y3F69tObSEFMsI/fMIWGIuSvP25x42+qW5NjHXJVHzcsXcX
Cn6mp/Cz2StOcBAQB5tUWElEjla+MIhLDY6p00UDs0UjpdT9lqQYakt01PeQNk4Q
eAUw1qdCk89aBqHv3OGJCVT9o9XkUJ5h9+j6SjyF57j2eA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:33:25 2025 by rpki-client