Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9TkpGRnN4USwNO8oiwpjR4PoLH8.cer
File: 9TkpGRnN4USwNO8oiwpjR4PoLH8.cer (raw, json)
Hash identifier: clqRYKob6mSTKtq6K3zGtXE1sjyH9b1IzYH0VAPfjjQ=
Subject key identifier: F5:39:29:19:19:CD:E1:44:B0:34:EF:28:8B:0A:63:47:83:E8:2C:7F
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01FB32
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/9TkpGRnN4USwNO8oiwpjR4PoLH8.mft
caRepository: rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 25 Jun 2024 23:24:11 +0000
Certificate not after: Thu 01 May 2025 00:00:00 +0000
Subordinate resources: AS: 136272
AS: 153038
IP: 116.204.140.0/22
IP: 2400:c7c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 04 Dec 2024 01:13:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 129842 (0x1fb32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jun 25 23:24:11 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=A916C61B/serialNumber=F539291919CDE144B034EF288B0A634783E82C7F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fa:5e:e1:e0:8d:b2:21:4c:7a:53:76:11:fb:
13:3c:b5:e5:4c:8b:c7:1b:0b:03:e2:28:f8:be:36:
dc:bb:7d:bd:1f:1e:d9:af:58:ca:c3:c6:25:82:a4:
cd:f6:98:a7:6e:2c:19:da:bd:c4:96:5f:ac:d7:51:
98:c3:05:2c:97:68:a4:41:a0:e6:bd:b1:9e:c6:77:
87:da:4b:25:a9:73:38:5c:88:60:0a:c2:98:a6:76:
c0:56:4b:9f:40:26:1e:ad:b8:f2:6f:1f:2b:c4:a4:
ba:3e:84:17:a7:b2:6b:02:b5:3f:28:46:cd:20:6b:
b0:fd:56:ef:3b:42:36:c3:f6:6b:e6:a4:dd:33:52:
00:e6:e9:20:ff:41:7f:90:e0:e3:08:a5:0f:67:9e:
fb:06:b6:70:96:4b:c0:5b:f6:33:41:ac:c4:49:9c:
ec:b1:05:b9:ac:45:c6:9d:44:f4:9d:92:6b:88:7c:
16:8f:63:d2:4f:9f:ad:7f:94:2e:11:8c:c7:2d:48:
9a:dc:5e:92:24:0b:29:64:56:f5:b4:ec:cf:3b:4b:
52:24:52:d0:b0:00:82:bc:bf:e9:02:d6:83:3b:aa:
09:fa:0a:f1:e8:33:6c:a9:93:34:6a:04:a6:a8:ef:
ab:31:fc:cb:32:5b:08:e6:1f:e9:ea:7f:46:c8:f5:
f4:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:39:29:19:19:CD:E1:44:B0:34:EF:28:8B:0A:63:47:83:E8:2C:7F
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/9TkpGRnN4USwNO8oiwpjR4PoLH8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
136272
153038
sbgp-ipAddrBlock: critical
IPv4:
116.204.140.0/22
IPv6:
2400:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
37:0c:9f:de:1f:2a:df:ca:a3:15:8a:41:e3:56:ed:3c:1f:e0:
aa:5b:fa:50:12:4b:87:b6:46:8b:93:59:c6:e7:ef:a1:b4:b4:
6d:ea:a8:58:ae:7a:ca:e6:89:f3:97:32:6f:66:6c:3f:44:b5:
dd:bd:98:12:9e:6b:33:08:2f:7f:5c:e5:65:e7:0e:91:62:23:
ab:3e:f1:e4:0a:6b:81:c3:e0:14:77:21:b0:17:fa:10:5f:76:
4f:fe:2c:36:0b:98:4b:6b:7f:3c:d8:86:58:f0:7c:25:a8:34:
cc:63:09:79:3c:2a:fd:cf:cf:a0:5a:b5:20:3d:f8:0c:96:8f:
65:ea:ac:af:d5:d4:e2:dc:05:3a:71:f7:07:4d:c7:53:b3:83:
ff:a6:70:6d:ee:03:1a:91:b6:a5:78:38:91:8c:8d:c9:76:dc:
f5:66:ff:0d:09:db:35:53:e6:53:89:99:c6:04:90:e8:5d:95:
c3:ea:7b:5e:50:6e:0d:d5:bc:cc:09:93:59:07:37:16:28:f8:
df:d8:6b:6b:72:67:c0:fc:6f:fe:45:de:76:c9:7e:90:10:c4:
5a:ee:15:56:dc:ff:3f:ae:92:fa:8a:42:76:bc:91:91:a4:1c:
24:05:56:68:1b:7d:a2:ed:8c:a0:07:8b:48:4a:72:12:ab:5d:
6e:f0:ca:90
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgIDAfsyMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDYyNTIzMjQxMVoXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNkM2MUIxMTAvBgNVBAUTKEY1MzkyOTE5MTlDREUxNDRCMDM0RUYy
ODhCMEE2MzQ3ODNFODJDN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCV+l7h4I2yIUx6U3YR+xM8teVMi8cbCwPiKPi+Nty7fb0fHtmvWMrDxiWCpM32
mKduLBnavcSWX6zXUZjDBSyXaKRBoOa9sZ7Gd4faSyWpczhciGAKwpimdsBWS59A
Jh6tuPJvHyvEpLo+hBensmsCtT8oRs0ga7D9Vu87QjbD9mvmpN0zUgDm6SD/QX+Q
4OMIpQ9nnvsGtnCWS8Bb9jNBrMRJnOyxBbmsRcadRPSdkmuIfBaPY9JPn61/lC4R
jMctSJrcXpIkCylkVvW07M87S1IkUtCwAIK8v+kC1oM7qgn6CvHoM2ypkzRqBKao
76sx/MsyWwjmH+nqf0bI9fQRAgMBAAGjggMjMIIDHzAdBgNVHQ4EFgQU9TkpGRnN
4USwNO8oiwpjR4PoLH8wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTZDNjFCLzUxRUZGQTMwODI2OTExRUNBRDJFOTUyNEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2QzYxQi81MUVGRkEzMDgyNjkxMUVDQUQyRTk1MjRDNEY5QUUwMi85VGtwR1Ju
TjRVU3dOTzhvaXdwalI0UG9MSDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDAhRQAgMCVc4wLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJ0zIww
DQQCAAIwBwMFACQAx8AwDQYJKoZIhvcNAQELBQADggEBADcMn94fKt/KoxWKQeNW
7Twf4Kpb+lASS4e2RouTWcbn76G0tG3qqFiuesrmifOXMm9mbD9Etd29mBKeazMI
L39c5WXnDpFiI6s+8eQKa4HD4BR3IbAX+hBfdk/+LDYLmEtrfzzYhljwfCWoNMxj
CXk8Kv3Pz6BatSA9+AyWj2XqrK/V1OLcBTpx9wdNx1Ozg/+mcG3uAxqRtqV4OJGM
jcl23PVm/w0J2zVT5lOJmcYEkOhdlcPqe15Qbg3VvMwJk1kHNxYo+N/Ya2tyZ8D8
b/5F3nbJfpAQxFruFVbc/z+ukvqKQna8kZGkHCQFVmgbfaLtjKAHi0hKchKrXW7w
ypA=
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:21:31 2024 by rpki-client on console-fra.rpki-client.org