Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8xcF6BjqSAOwk0GT9h_G4zcXcu0.cer
File: 8xcF6BjqSAOwk0GT9h_G4zcXcu0.cer (raw, json)
Hash identifier: gno3Cd4u/Kvn9VvCRomjaFqoImtcJy6RtQnDsLn09+Q=
Subject key identifier: F3:17:05:E8:18:EA:48:03:B0:93:41:93:F6:1F:C6:E3:37:17:72:ED
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02129C
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E094D/40B7386EDE8111EBA9FC7D72C4F9AE02/8xcF6BjqSAOwk0GT9h_G4zcXcu0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E094D/40B7386EDE8111EBA9FC7D72C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 07 Oct 2024 19:50:21 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: IP: 43.248.8.0/22
IP: 103.39.76.0/22
IP: 2406:d4c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 03 Dec 2024 18:10:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 135836 (0x2129c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 7 19:50:21 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A91E094D/serialNumber=F31705E818EA4803B0934193F61FC6E3371772ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ee:3e:a2:b4:71:28:89:af:ac:46:dc:b5:fd:
8e:b9:f8:da:3e:7c:4a:d4:11:6b:c8:ed:96:e8:35:
f1:f2:cb:72:44:fb:1b:59:6b:ff:24:d9:f8:33:4a:
9f:66:20:e1:48:a7:d6:83:08:7a:34:a1:ee:ff:c7:
01:9b:30:25:e0:a7:68:1e:29:2c:8d:5c:1a:34:d0:
de:fb:95:a0:9d:98:a4:25:2e:42:ee:a6:8a:1e:42:
d0:c4:4b:87:8f:9f:77:e2:fa:77:8c:4d:74:8f:c5:
85:93:ae:94:bc:16:8b:d3:e8:40:5f:77:9d:ce:11:
d5:cf:3b:a4:f5:45:18:79:1e:22:6e:13:0c:21:b7:
8d:6b:06:03:03:ce:c4:86:95:39:ec:57:fb:4f:d2:
84:bc:90:78:b8:48:d4:9f:91:c0:a4:72:55:e5:aa:
d7:cb:b3:de:3e:95:c3:34:b2:4b:8e:44:b0:b5:00:
cc:e4:59:47:65:2c:ee:bc:ca:c3:a7:34:42:75:8c:
d4:e4:9d:08:eb:85:6d:de:8c:ea:68:47:68:1a:23:
46:7b:58:86:8e:64:92:e7:3c:0c:ed:4c:35:34:66:
24:d9:93:d7:34:6d:eb:c6:0d:ba:5b:cb:2b:00:7a:
d0:69:b5:e1:54:05:77:ab:45:8d:f8:ae:01:c1:eb:
80:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:17:05:E8:18:EA:48:03:B0:93:41:93:F6:1F:C6:E3:37:17:72:ED
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E094D/40B7386EDE8111EBA9FC7D72C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E094D/40B7386EDE8111EBA9FC7D72C4F9AE02/8xcF6BjqSAOwk0GT9h_G4zcXcu0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.8.0/22
103.39.76.0/22
IPv6:
2406:d4c0::/32
Signature Algorithm: sha256WithRSAEncryption
84:e1:c4:29:c2:75:61:72:87:12:bd:ab:88:c9:d0:fb:c1:6f:
18:9e:45:c6:72:9c:ba:ca:af:38:8e:49:7e:98:51:4b:ee:08:
37:51:d0:44:9e:58:0a:95:92:7f:97:a4:3f:03:de:87:d5:65:
9f:07:ce:38:f4:da:80:d1:54:39:6e:9c:f3:f4:a5:78:fa:b7:
fe:0b:7f:dc:3d:a9:1c:33:a4:06:cb:00:74:ed:0c:4b:65:85:
06:be:be:b1:ff:10:8e:b1:b2:ce:f4:51:0f:ad:c5:1e:9b:87:
d7:da:bd:ce:2b:48:09:b6:37:6f:46:8a:75:68:f7:e6:5b:c0:
91:70:e2:07:40:3f:59:cf:e7:61:be:43:5a:0c:8e:09:b4:65:
df:44:18:f8:26:d4:bf:29:0d:52:84:72:c0:f9:60:67:a1:19:
40:f1:99:80:ca:cb:fa:bf:88:87:aa:d8:76:53:ae:2d:99:7d:
da:46:29:5d:67:a7:59:dc:41:cc:73:55:48:59:88:22:d7:ae:
ca:1d:d5:1e:30:53:ff:f1:12:8c:5e:3f:b7:3e:54:8b:93:e9:
78:d4:60:9a:b8:22:41:f3:78:8a:53:72:71:86:dc:1c:9f:ef:
ec:22:50:93:8a:44:9a:44:a2:c4:8d:88:e8:cd:89:51:4f:ce:
52:33:5d:be
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgIDAhKcMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTAwNzE5NTAyMVoXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTA5NEQxMTAvBgNVBAUTKEYzMTcwNUU4MThFQTQ4MDNCMDkzNDE5
M0Y2MUZDNkUzMzcxNzcyRUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCY7j6itHEoia+sRty1/Y65+No+fErUEWvI7ZboNfHyy3JE+xtZa/8k2fgzSp9m
IOFIp9aDCHo0oe7/xwGbMCXgp2geKSyNXBo00N77laCdmKQlLkLupooeQtDES4eP
n3fi+neMTXSPxYWTrpS8FovT6EBfd53OEdXPO6T1RRh5HiJuEwwht41rBgMDzsSG
lTnsV/tP0oS8kHi4SNSfkcCkclXlqtfLs94+lcM0skuORLC1AMzkWUdlLO68ysOn
NEJ1jNTknQjrhW3ejOpoR2gaI0Z7WIaOZJLnPAztTDU0ZiTZk9c0bevGDbpbyysA
etBpteFUBXerRY34rgHB64CPAgMBAAGjggMIMIIDBDAdBgNVHQ4EFgQU8xcF6Bjq
SAOwk0GT9h/G4zcXcu0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUUwOTRELzQwQjczODZFREU4MTExRUJBOUZDN0Q3MkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFMDk0RC80MEI3Mzg2RURFODExMUVCQTlGQzdENzJDNEY5QUUwMi84eGNGNkJq
cVNBT3drMEdUOWhfRzR6Y1hjdTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8EJTAj
MBIEAgABMAwDBAIr+AgDBAJnJ0wwDQQCAAIwBwMFACQG1MAwDQYJKoZIhvcNAQEL
BQADggEBAIThxCnCdWFyhxK9q4jJ0PvBbxieRcZynLrKrziOSX6YUUvuCDdR0ESe
WAqVkn+XpD8D3ofVZZ8Hzjj02oDRVDlunPP0pXj6t/4Lf9w9qRwzpAbLAHTtDEtl
hQa+vrH/EI6xss70UQ+txR6bh9favc4rSAm2N29GinVo9+ZbwJFw4gdAP1nP52G+
Q1oMjgm0Zd9EGPgm1L8pDVKEcsD5YGehGUDxmYDKy/q/iIeq2HZTri2ZfdpGKV1n
p1ncQcxzVUhZiCLXrsod1R4wU//xEoxeP7c+VIuT6XjUYJq4IkHzeIpTcnGG3Byf
7+wiUJOKRJpEosSNiOjNiVFPzlIzXb4=
-----END CERTIFICATE-----
Generated at Tue Nov 26 19:07:29 2024 by rpki-client on console-fra.rpki-client.org