Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BDp9FLYWj5Nkj0xaVzO_z1GacaI.cer
File: BDp9FLYWj5Nkj0xaVzO_z1GacaI.cer (raw, json)
Hash identifier: o7h2q7OFCXA3wwhSRUgjwk9OLYaoxBUTXGX+1y1+H7U=
Subject key identifier: 04:3A:7D:14:B6:16:8F:93:64:8F:4C:5A:57:33:BF:CF:51:9A:71:A2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 016DE2
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91B4778/B43CDB60141E11EABAE78E63C4F9AE02/BDp9FLYWj5Nkj0xaVzO_z1GacaI.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91B4778/B43CDB60141E11EABAE78E63C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 14 Sep 2022 07:12:59 +0000
Certificate not after: Mon 31 Oct 2022 00:00:00 +0000
Subordinate resources: IP: 43.245.244.0/22
IP: 103.240.248.0/22
IP: 221.120.96.0/21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93666 (0x16de2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Sep 14 07:12:59 2022 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=A91B4778/serialNumber=043A7D14B6168F93648F4C5A5733BFCF519A71A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b2:36:c2:8e:e6:46:c7:3f:11:7c:93:d0:64:
91:1b:4b:0a:78:46:07:98:39:a4:52:8b:60:04:bf:
e3:a0:99:66:23:98:ac:05:3c:14:5d:3a:5d:f2:27:
98:4d:99:e4:8a:87:f3:35:93:61:d3:05:b6:05:6a:
54:aa:39:7f:38:e4:62:d4:64:57:2a:3d:c3:63:c2:
57:bc:39:6c:86:01:da:dc:de:89:b0:f1:fa:76:7d:
52:53:f0:5b:ff:83:da:c1:9b:4e:1b:47:0e:2c:a1:
06:f0:1b:f8:b4:bc:dd:73:ab:74:44:41:db:2e:d9:
6d:a1:ed:fd:9d:4a:bb:38:78:35:c1:aa:55:e0:25:
ac:33:21:07:92:7b:92:7d:1d:58:ef:a5:3b:7e:24:
cb:5d:ef:10:33:41:c5:75:62:5f:ce:0b:23:a9:78:
55:9b:28:9b:d0:87:cf:2b:79:22:05:06:74:95:1d:
b3:6e:89:51:f7:92:ad:28:c8:4e:e7:ce:7e:f5:22:
c7:e4:ff:31:00:f1:07:10:67:a2:bf:4d:33:5b:ad:
7e:a2:4c:2e:4b:f2:ee:55:91:29:e6:d5:6e:aa:9b:
d9:f7:22:96:52:54:7c:51:34:22:00:b3:59:bb:24:
f8:52:ac:45:e4:4f:db:c9:65:06:66:33:88:b9:58:
26:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:3A:7D:14:B6:16:8F:93:64:8F:4C:5A:57:33:BF:CF:51:9A:71:A2
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B4778/B43CDB60141E11EABAE78E63C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B4778/B43CDB60141E11EABAE78E63C4F9AE02/BDp9FLYWj5Nkj0xaVzO_z1GacaI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.244.0/22
103.240.248.0/22
221.120.96.0/21
Signature Algorithm: sha256WithRSAEncryption
1c:ff:fb:04:e3:31:cb:ec:ed:ae:1a:70:cd:5d:f0:ea:07:99:
a7:99:7a:96:83:f1:19:44:e8:dc:7f:49:78:0d:59:eb:19:98:
e6:e8:f4:e2:24:f6:28:7b:b0:73:95:83:e9:13:68:43:5d:94:
25:9d:10:7d:b6:39:fa:6b:bf:79:e1:fe:23:67:ba:95:80:4e:
53:ed:52:e9:33:71:d8:73:7e:5b:08:8e:89:7f:1f:78:b7:26:
13:f6:ae:13:37:3b:97:71:43:7f:50:c9:b7:52:e9:04:28:d8:
60:1f:ba:fb:9e:56:b0:7a:1f:99:18:b7:61:9e:58:90:c7:8d:
f0:9f:98:90:b3:48:05:91:76:b0:c8:92:97:7b:20:75:f8:b5:
fa:22:a0:78:71:6a:60:f1:69:6f:84:58:4e:0d:a8:cb:c8:69:
8c:24:41:7f:45:74:38:d7:90:81:c2:e9:3d:56:fe:dd:2e:53:
0b:ec:79:10:98:45:59:4e:d7:22:f3:28:bf:9f:f8:03:c7:da:
45:f2:84:dc:59:ae:08:20:0e:25:56:00:9d:99:6c:f5:cf:d9:
1c:a9:45:bd:17:c3:76:02:9e:ed:b1:f3:39:26:c1:96:79:ce:
80:1b:c5:4c:e5:bf:7e:6c:51:89:f7:a3:a7:9a:cf:5d:eb:19:
d8:a8:ed:47
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgIDAW3iMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIyMDkxNDA3MTI1OVoXDTIyMTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjQ3NzgxMTAvBgNVBAUTKDA0M0E3RDE0QjYxNjhGOTM2NDhGNEM1
QTU3MzNCRkNGNTE5QTcxQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCasjbCjuZGxz8RfJPQZJEbSwp4RgeYOaRSi2AEv+OgmWYjmKwFPBRdOl3yJ5hN
meSKh/M1k2HTBbYFalSqOX845GLUZFcqPcNjwle8OWyGAdrc3omw8fp2fVJT8Fv/
g9rBm04bRw4soQbwG/i0vN1zq3REQdsu2W2h7f2dSrs4eDXBqlXgJawzIQeSe5J9
HVjvpTt+JMtd7xAzQcV1Yl/OCyOpeFWbKJvQh88reSIFBnSVHbNuiVH3kq0oyE7n
zn71Isfk/zEA8QcQZ6K/TTNbrX6iTC5L8u5VkSnm1W6qm9n3IpZSVHxRNCIAs1m7
JPhSrEXkT9vJZQZmM4i5WCZDAgMBAAGjggL/MIIC+zAdBgNVHQ4EFgQUBDp9FLYW
j5Nkj0xaVzO/z1GacaIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUI0Nzc4L0I0M0NEQjYwMTQxRTExRUFCQUU3OEU2M0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCNDc3OC9CNDNDREI2MDE0MUUxMUVBQkFFNzhFNjNDNEY5QUUwMi9CRHA5RkxZ
V2o1TmtqMHhhVnpPX3oxR2FjYUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8EHDAa
MBgEAgABMBIDBAIr9fQDBAJn8PgDBAPdeGAwDQYJKoZIhvcNAQELBQADggEBABz/
+wTjMcvs7a4acM1d8OoHmaeZepaD8RlE6Nx/SXgNWesZmObo9OIk9ih7sHOVg+kT
aENdlCWdEH22Ofprv3nh/iNnupWATlPtUukzcdhzflsIjol/H3i3JhP2rhM3O5dx
Q39QybdS6QQo2GAfuvueVrB6H5kYt2GeWJDHjfCfmJCzSAWRdrDIkpd7IHX4tfoi
oHhxamDxaW+EWE4NqMvIaYwkQX9FdDjXkIHC6T1W/t0uUwvseRCYRVlO1yLzKL+f
+APH2kXyhNxZrgggDiVWAJ2ZbPXP2RypRb0Xw3YCnu2x8zkmwZZ5zoAbxUzlv35s
UYn3o6eaz13rGdio7Uc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:16 2023 by rpki-client on console-fra.rpki-client.org