Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/794a7CEt8qF3bc_CwWEe0SA_NWM.cer
File: 794a7CEt8qF3bc_CwWEe0SA_NWM.cer (raw, json)
Hash identifier: uk9redggCykESOVMvV/37ngt4FS4PwVAOGiszswBUbc=
Subject key identifier: EF:DE:1A:EC:21:2D:F2:A1:77:6D:CF:C2:C1:61:1E:D1:20:3F:35:63
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01675B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2410520f-a6ff-46b5-91e9-abd919dd2d6e/manifest.mft
caRepository: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2410520f-a6ff-46b5-91e9-abd919dd2d6e/
Notify URL: https://rpki-rrdp.us-east-2.amazonaws.com/rrdp/2410520f-a6ff-46b5-91e9-abd919dd2d6e/notification.xml
Certificate not before: Tue 09 Aug 2022 21:40:23 +0000
Certificate not after: Fri 31 Mar 2023 00:00:00 +0000
Subordinate resources: AS: 17493
IP: 43.250.192.0/22
IP: 122.248.192.0/18
IP: 175.41.128.0/18
IP: 2400:6500::/32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91995 (0x1675b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 9 21:40:23 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=A91609040000/serialNumber=EFDE1AEC212DF2A1776DCFC2C1611ED1203F3563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:03:1b:44:36:08:78:24:46:49:1b:71:8b:a1:
b3:52:17:ed:2e:2c:79:b9:8a:bf:f4:0a:42:ed:b9:
fb:ad:4b:16:dc:13:3c:55:c6:71:2a:e4:f2:64:90:
20:03:3f:ec:94:5e:e1:74:1f:ea:80:d1:32:97:6e:
80:66:48:0b:3c:aa:65:28:26:36:68:78:07:11:a9:
54:c1:b3:36:bb:b9:3e:be:11:44:de:8f:61:b5:40:
6a:fe:62:0c:55:f1:82:2c:98:ef:b3:6c:56:01:ac:
35:c7:15:47:10:f1:25:de:3c:a9:25:49:b1:60:c7:
fa:0c:0b:c8:20:99:1f:83:fb:91:af:c7:24:e2:55:
d4:c2:6a:94:27:54:c3:f8:39:d0:ee:00:e9:06:f6:
a9:71:89:f1:89:4c:eb:88:bf:3a:c6:ce:cd:36:f6:
56:50:3c:3a:68:8d:c9:cf:15:66:87:21:4f:a4:56:
7c:47:9c:84:5a:2f:28:94:d6:27:10:24:09:9c:69:
d3:97:d5:d3:51:d3:01:8e:55:f3:d0:bd:05:48:91:
9a:5a:09:67:92:cc:2d:71:66:df:c6:08:42:a8:91:
38:a2:b9:a7:7f:89:19:76:92:01:c1:4e:3f:c8:d0:
56:c2:db:97:43:71:50:86:53:57:3d:da:2e:2d:88:
80:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:DE:1A:EC:21:2D:F2:A1:77:6D:CF:C2:C1:61:1E:D1:20:3F:35:63
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2410520f-a6ff-46b5-91e9-abd919dd2d6e/
RPKI Manifest - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2410520f-a6ff-46b5-91e9-abd919dd2d6e/manifest.mft
RPKI Notify - URI:https://rpki-rrdp.us-east-2.amazonaws.com/rrdp/2410520f-a6ff-46b5-91e9-abd919dd2d6e/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
17493
sbgp-ipAddrBlock: critical
IPv4:
43.250.192.0/22
122.248.192.0/18
175.41.128.0/18
IPv6:
2400:6500::/32
Signature Algorithm: sha256WithRSAEncryption
30:a9:bb:45:cd:1e:eb:91:18:8f:f4:42:9e:6c:1e:36:07:9c:
2d:36:ee:74:db:f2:e0:d5:bb:0e:fc:87:9f:09:ee:a1:94:99:
76:65:fe:2a:7e:3f:08:e6:68:45:05:f8:c8:1f:12:e3:7d:62:
da:4e:7e:ad:c1:20:46:e3:1f:8f:bb:f7:d2:b2:59:57:bd:d6:
e2:57:a6:f6:0a:24:2d:f1:0c:47:e8:98:6d:5f:49:2a:eb:dc:
ab:8f:b1:96:78:74:ee:48:19:eb:09:67:17:00:60:09:f6:5b:
9d:dd:8b:98:b0:ad:4a:42:4d:e0:45:d2:b8:11:fb:2d:38:18:
9f:5f:e9:b0:fe:4b:32:45:52:9a:75:05:7a:18:c4:6c:05:1d:
0c:9f:86:02:0f:80:4e:e8:57:6d:6c:b3:cc:38:a7:9b:e1:1b:
f7:ea:b9:b1:da:cf:aa:c9:df:62:2d:51:6b:b1:2e:08:68:ad:
b2:1c:dd:80:ff:aa:68:71:14:98:fa:cf:62:c0:53:77:77:42:
c6:1f:b0:5e:3c:59:9f:f4:ec:bd:6e:ca:23:98:1e:cb:24:2b:
54:ae:6c:02:09:56:7a:22:14:0e:3d:f8:7c:6a:e8:27:0c:45:
6a:db:7c:c2:9d:86:42:da:13:8b:13:db:66:59:0c:24:41:ea:
50:70:4d:e0
-----BEGIN CERTIFICATE-----
MIIGajCCBVKgAwIBAgIDAWdbMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIyMDgwOTIxNDAyM1oXDTIzMDMzMTAwMDAwMFowSjEVMBMG
A1UEAxMMQTkxNjA5MDQwMDAwMTEwLwYDVQQFEyhFRkRFMUFFQzIxMkRGMkExNzc2
RENGQzJDMTYxMUVEMTIwM0YzNTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtwMbRDYIeCRGSRtxi6GzUhftLix5uYq/9ApC7bn7rUsW3BM8VcZxKuTy
ZJAgAz/slF7hdB/qgNEyl26AZkgLPKplKCY2aHgHEalUwbM2u7k+vhFE3o9htUBq
/mIMVfGCLJjvs2xWAaw1xxVHEPEl3jypJUmxYMf6DAvIIJkfg/uRr8ck4lXUwmqU
J1TD+DnQ7gDpBvapcYnxiUzriL86xs7NNvZWUDw6aI3JzxVmhyFPpFZ8R5yEWi8o
lNYnECQJnGnTl9XTUdMBjlXz0L0FSJGaWglnkswtcWbfxghCqJE4ormnf4kZdpIB
wU4/yNBWwtuXQ3FQhlNXPdouLYiA3wIDAQABo4IDWzCCA1cwHQYDVR0OBBYEFO/e
GuwhLfKhd23PwsFhHtEgPzVjMB8GA1UdIwQYMBaAFA5lpPX9NrW9aOs8kjQIl4yQ
eqefMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1
ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9EbVdrOWYwMnRiMW82enlTTkFpWGpK
QjZwNTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3RTExRTdBOTZBMzk1
MjFBNEY0RkI0L0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1OC5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMIIBWgYIKwYBBQUHAQsEggFMMIIBSDBjBggr
BgEFBQcwBYZXcnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS8yNDEwNTIwZi1hNmZmLTQ2YjUtOTFlOS1hYmQ5MTlkZDJkNmUv
MG8GCCsGAQUFBzAKhmNyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv
bmF3cy5jb20vdm9sdW1lLzI0MTA1MjBmLWE2ZmYtNDZiNS05MWU5LWFiZDkxOWRk
MmQ2ZS9tYW5pZmVzdC5tZnQwcAYIKwYBBQUHMA2GZGh0dHBzOi8vcnBraS1ycmRw
LnVzLWVhc3QtMi5hbWF6b25hd3MuY29tL3JyZHAvMjQxMDUyMGYtYTZmZi00NmI1
LTkxZTktYWJkOTE5ZGQyZDZlL25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgB
Af8ECjAIoAYwBAICRFUwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAIr+sAD
BAZ6+MADBAavKYAwDQQCAAIwBwMFACQAZQAwDQYJKoZIhvcNAQELBQADggEBADCp
u0XNHuuRGI/0Qp5sHjYHnC027nTb8uDVuw78h58J7qGUmXZl/ip+PwjmaEUF+Mgf
EuN9YtpOfq3BIEbjH4+799KyWVe91uJXpvYKJC3xDEfomG1fSSrr3KuPsZZ4dO5I
GesJZxcAYAn2W53di5iwrUpCTeBF0rgR+y04GJ9f6bD+SzJFUpp1BXoYxGwFHQyf
hgIPgE7oV21ss8w4p5vhG/fqubHaz6rJ32ItUWuxLghorbIc3YD/qmhxFJj6z2LA
U3d3QsYfsF48WZ/07L1uyiOYHsskK1SubAIJVnoiFA49+Hxq6CcMRWrbfMKdhkLa
E4sT22ZZDCRB6lBwTeA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:16 2023 by rpki-client on console-fra.rpki-client.org