Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A2exVIJlFyUqY-y0w4aTXLe9NA4.cer
File: A2exVIJlFyUqY-y0w4aTXLe9NA4.cer (raw, json)
Hash identifier: 3oIw8mK7sk1AM6D7ZJ5EWaBlHvfsoxi5gNzz5Rd9J28=
Subject key identifier: 03:67:B1:54:82:65:17:25:2A:63:EC:B4:C3:86:93:5C:B7:BD:34:0E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021C89
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A913CA90/25E3BBB452EB11EC8969E744C4F9AE02/A2exVIJlFyUqY-y0w4aTXLe9NA4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A913CA90/25E3BBB452EB11EC8969E744C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 20 Nov 2024 13:23:26 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: AS: 148988
IP: 103.175.123.0/24
IP: 2001:df7:f480::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 04 Dec 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138377 (0x21c89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 20 13:23:26 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A913CA90/serialNumber=0367B154826517252A63ECB4C386935CB7BD340E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:62:4a:9c:21:2f:fc:e4:31:11:b9:38:d7:79:
99:05:3a:97:21:58:d9:e6:68:39:84:7a:f2:43:07:
11:39:50:12:1b:21:e6:53:55:b6:37:44:dc:bc:39:
91:66:c9:43:64:c3:c1:f7:db:ce:ae:e4:30:f2:d7:
d3:d4:52:59:ea:34:f6:bd:37:29:01:f0:cc:cd:e7:
3d:51:38:61:d0:2c:e4:cd:3f:af:d2:c8:da:33:41:
73:22:23:ed:3a:37:03:9d:b5:8b:11:0d:37:61:4f:
5b:2e:15:0c:c9:83:e0:a0:34:7b:e8:f7:4e:c8:94:
1c:83:3d:e8:03:63:08:79:cf:f3:59:bf:a1:3a:3d:
3c:16:67:89:e4:4b:f7:72:eb:94:1f:eb:28:d2:6b:
4f:2e:b0:d2:c6:02:d0:a8:f9:ee:52:4b:2b:27:03:
a5:0d:9e:ce:2e:8c:4d:a4:ea:a5:a2:fb:78:d8:93:
c5:72:2f:60:ab:d6:d4:74:54:5f:b1:69:0c:2e:7b:
52:c9:d1:a2:a8:fb:a9:c2:5f:c5:8d:00:59:9a:4a:
fb:16:1c:fb:bb:cf:e1:22:e8:ca:dd:bc:a3:52:9b:
ea:73:85:a5:5c:2c:43:9b:b2:cc:fe:e5:44:a0:22:
e5:b9:2a:1f:a2:05:3f:c0:7b:75:e9:5c:c4:49:98:
da:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:67:B1:54:82:65:17:25:2A:63:EC:B4:C3:86:93:5C:B7:BD:34:0E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913CA90/25E3BBB452EB11EC8969E744C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913CA90/25E3BBB452EB11EC8969E744C4F9AE02/A2exVIJlFyUqY-y0w4aTXLe9NA4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
148988
sbgp-ipAddrBlock: critical
IPv4:
103.175.123.0/24
IPv6:
2001:df7:f480::/48
Signature Algorithm: sha256WithRSAEncryption
c9:4d:4e:ec:e1:23:d7:2b:1b:d7:84:2d:14:a2:ce:c5:b7:a8:
ff:f3:37:ed:20:84:e9:68:cc:d0:8e:78:3e:33:cb:53:ca:68:
4d:fe:59:e9:88:9e:fc:0e:d0:e6:e3:f7:69:80:65:df:4c:23:
5e:2b:1c:09:f9:c4:2e:a6:4d:ef:bb:e0:b1:c8:93:cc:b5:60:
7a:3d:16:c0:16:d0:e0:ea:3f:c5:62:78:f9:c3:de:5f:ae:9c:
c8:58:53:be:8b:dd:2d:bb:ff:e7:50:24:9e:75:73:23:6c:04:
5e:e3:c2:1f:be:59:07:5e:b9:f1:52:5e:47:46:ef:fd:30:57:
71:97:60:f4:44:5a:25:f7:c3:cf:12:d8:3b:2f:d6:db:19:72:
78:81:a2:77:83:52:2e:0c:67:cb:d7:a5:7b:c0:2b:66:fa:88:
b3:f7:9d:b7:03:af:1e:4e:e4:6e:fe:ce:89:c2:b4:20:92:6a:
a6:5f:57:e8:c1:80:23:4b:9e:9d:62:9b:ba:dd:0e:c6:02:bd:
d7:c8:d7:a9:18:ea:9b:11:07:66:a3:f4:3e:3f:21:dd:28:60:
76:8d:77:ec:ea:a5:dd:c3:18:d3:11:85:4c:28:16:5c:9e:18:
a9:df:d2:56:4b:d8:57:e0:f0:e7:47:11:48:4b:31:0b:d8:48:
13:88:2c:3f
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAhyJMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTEyMDEzMjMyNloXDTI2MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0NBOTAxMTAvBgNVBAUTKDAzNjdCMTU0ODI2NTE3MjUyQTYzRUNC
NEMzODY5MzVDQjdCRDM0MEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCnYkqcIS/85DERuTjXeZkFOpchWNnmaDmEevJDBxE5UBIbIeZTVbY3RNy8OZFm
yUNkw8H3286u5DDy19PUUlnqNPa9NykB8MzN5z1ROGHQLOTNP6/SyNozQXMiI+06
NwOdtYsRDTdhT1suFQzJg+CgNHvo907IlByDPegDYwh5z/NZv6E6PTwWZ4nkS/dy
65Qf6yjSa08usNLGAtCo+e5SSysnA6UNns4ujE2k6qWi+3jYk8VyL2Cr1tR0VF+x
aQwue1LJ0aKo+6nCX8WNAFmaSvsWHPu7z+Ei6MrdvKNSm+pzhaVcLEObssz+5USg
IuW5Kh+iBT/Ae3XpXMRJmNoNAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUA2exVIJl
FyUqY+y0w4aTXLe9NA4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNDQTkwLzI1RTNCQkI0NTJFQjExRUM4OTY5RTc0NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzQ0E5MC8yNUUzQkJCNDUyRUIxMUVDODk2OUU3NDRDNEY5QUUwMi9BMmV4VklK
bEZ5VXFZLXkwdzRhVFhMZTlOQTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkX8MDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAZ697MA8EAgAC
MAkDBwAgAQ339IAwDQYJKoZIhvcNAQELBQADggEBAMlNTuzhI9crG9eELRSizsW3
qP/zN+0ghOlozNCOeD4zy1PKaE3+WemInvwO0Obj92mAZd9MI14rHAn5xC6mTe+7
4LHIk8y1YHo9FsAW0ODqP8ViePnD3l+unMhYU76L3S27/+dQJJ51cyNsBF7jwh++
WQdeufFSXkdG7/0wV3GXYPREWiX3w88S2Dsv1tsZcniBoneDUi4MZ8vXpXvAK2b6
iLP3nbcDrx5O5G7+zonCtCCSaqZfV+jBgCNLnp1im7rdDsYCvdfI16kY6psRB2aj
9D4/Id0oYHaNd+zqpd3DGNMRhUwoFlyeGKnf0lZL2Ffg8OdHEUhLMQvYSBOILD8=
-----END CERTIFICATE-----
Generated at Wed Nov 27 04:07:29 2024 by rpki-client on console-ams.rpki-client.org