Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQ3AO11ZRaM-q5UYF_Fnm9kQxqw.cer
File: BQ3AO11ZRaM-q5UYF_Fnm9kQxqw.cer (raw, json)
Hash identifier: ouKkCNLwLuVEKeD4nOdJDAn1NffsU7rDsh9K9bk5NrQ=
Subject key identifier: 05:0D:C0:3B:5D:59:45:A3:3E:AB:95:18:17:F1:67:9B:D9:10:C6:AC
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01D9AB
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91AB8D7/B67F301A989D11EDB4E30F5CC4F9AE02/BQ3AO11ZRaM-q5UYF_Fnm9kQxqw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91AB8D7/B67F301A989D11EDB4E30F5CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 21 Jan 2024 04:48:43 +0000
Certificate not after: Thu 01 May 2025 00:00:00 +0000
Subordinate resources: AS: 150445
IP: 103.76.116.0/23
IP: 2400:d360::/31
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 23 Apr 2024 20:22:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121259 (0x1d9ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jan 21 04:48:43 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=A91AB8D7/serialNumber=050DC03B5D5945A33EAB951817F1679BD910C6AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:62:74:62:0c:6d:a4:16:7e:77:76:95:7a:ca:
37:9c:2a:14:b4:78:ce:47:48:67:ac:d0:5e:18:5c:
13:ca:f2:2f:b0:14:8a:61:d5:84:04:33:85:af:0b:
31:af:c0:76:4c:2c:72:23:84:d9:fa:b9:93:73:f1:
2b:57:21:1f:a9:38:29:5e:0c:79:2d:ce:33:e3:5e:
6f:67:70:ea:0a:eb:2f:9d:5b:4e:db:69:40:f9:4b:
38:78:18:11:df:19:82:8a:23:99:dd:6e:ed:d5:2e:
63:71:b6:33:6c:ae:b2:40:b5:96:ba:13:29:8a:f4:
98:45:34:ea:ac:0d:c2:47:88:f4:f2:41:c5:14:80:
aa:77:70:7d:14:45:e6:16:71:7d:0e:33:c3:5c:24:
1f:12:cf:2b:71:09:60:a0:07:f9:d0:de:b1:37:23:
26:f0:86:9a:48:0f:e2:b6:98:fd:6c:ed:26:6d:79:
8d:18:28:d0:58:21:55:11:1e:93:58:78:af:be:16:
7c:cf:b6:98:66:da:26:9d:e5:34:9b:c0:9b:cf:cc:
69:a1:4b:65:d4:1a:cf:00:08:d9:b9:12:df:43:45:
70:ae:80:fb:84:46:db:66:2f:e0:ff:94:63:02:22:
99:2d:6b:4a:95:54:85:88:6d:68:1f:1b:4a:66:e5:
95:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:0D:C0:3B:5D:59:45:A3:3E:AB:95:18:17:F1:67:9B:D9:10:C6:AC
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91AB8D7/B67F301A989D11EDB4E30F5CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91AB8D7/B67F301A989D11EDB4E30F5CC4F9AE02/BQ3AO11ZRaM-q5UYF_Fnm9kQxqw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
150445
sbgp-ipAddrBlock: critical
IPv4:
103.76.116.0/23
IPv6:
2400:d360::/31
Signature Algorithm: sha256WithRSAEncryption
3e:42:40:6a:5f:cd:c4:3b:0e:c6:97:a8:ee:d9:f6:b8:bf:c0:
30:4f:88:6a:35:bf:7b:22:f4:15:a4:97:c1:5d:e3:78:f2:6f:
7f:8d:a4:0a:f1:bf:c0:07:b4:c2:31:1d:60:d5:cd:a7:49:5e:
64:af:bc:98:70:23:fc:88:93:56:ae:d8:4f:bf:6e:cc:7d:dd:
ec:32:c4:00:43:ff:c7:26:71:af:de:f3:aa:47:7b:44:62:b2:
82:e8:17:58:16:92:28:fc:87:bb:8a:be:38:e2:73:98:68:9d:
c6:84:61:ec:14:57:b7:4b:19:31:a4:8e:46:bd:05:90:98:71:
d2:6d:8b:59:30:86:5f:37:cd:4e:c7:83:4a:7a:7f:ce:3f:cb:
12:98:e4:ae:13:90:78:73:39:01:52:64:08:ab:a0:92:1c:51:
1b:ab:c1:d5:d2:4e:6e:8d:52:24:1f:cb:1e:70:56:d7:b5:6c:
8b:29:a9:b8:87:f6:95:2a:ce:1b:12:bd:23:39:7f:c5:3a:12:
3a:29:5c:95:0d:89:07:54:c8:1c:57:01:85:df:b7:57:a0:38:
e1:2b:3b:eb:cb:f6:5a:c1:01:4c:08:32:aa:0a:a6:8e:2e:f0:
c7:e5:23:1a:32:a1:35:89:ce:9a:11:d3:69:9a:ba:52:fd:0a:
15:d3:5f:e5
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAdmrMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEyMTA0NDg0M1oXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQUI4RDcxMTAvBgNVBAUTKDA1MERDMDNCNUQ1OTQ1QTMzRUFCOTUx
ODE3RjE2NzlCRDkxMEM2QUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC1YnRiDG2kFn53dpV6yjecKhS0eM5HSGes0F4YXBPK8i+wFIph1YQEM4WvCzGv
wHZMLHIjhNn6uZNz8StXIR+pOCleDHktzjPjXm9ncOoK6y+dW07baUD5Szh4GBHf
GYKKI5ndbu3VLmNxtjNsrrJAtZa6EymK9JhFNOqsDcJHiPTyQcUUgKp3cH0UReYW
cX0OM8NcJB8SzytxCWCgB/nQ3rE3IybwhppID+K2mP1s7SZteY0YKNBYIVURHpNY
eK++FnzPtphm2iad5TSbwJvPzGmhS2XUGs8ACNm5Et9DRXCugPuERttmL+D/lGMC
Ipkta0qVVIWIbWgfG0pm5ZUdAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUBQ3AO11Z
RaM+q5UYF/Fnm9kQxqwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUFCOEQ3L0I2N0YzMDFBOTg5RDExRURCNEUzMEY1Q0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBQjhENy9CNjdGMzAxQTk4OUQxMUVEQjRFMzBGNUNDNEY5QUUwMi9CUTNBTzEx
WlJhTS1xNVVZRl9Gbm05a1F4cXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkutMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ0x0MA0EAgAC
MAcDBQEkANNgMA0GCSqGSIb3DQEBCwUAA4IBAQA+QkBqX83EOw7Gl6ju2fa4v8Aw
T4hqNb97IvQVpJfBXeN48m9/jaQK8b/AB7TCMR1g1c2nSV5kr7yYcCP8iJNWrthP
v27Mfd3sMsQAQ//HJnGv3vOqR3tEYrKC6BdYFpIo/Ie7ir444nOYaJ3GhGHsFFe3
SxkxpI5GvQWQmHHSbYtZMIZfN81Ox4NKen/OP8sSmOSuE5B4czkBUmQIq6CSHFEb
q8HV0k5ujVIkH8secFbXtWyLKam4h/aVKs4bEr0jOX/FOhI6KVyVDYkHVMgcVwGF
37dXoDjhKzvry/ZawQFMCDKqCqaOLvDH5SMaMqE1ic6aEdNpmrpS/QoV01/l
-----END CERTIFICATE-----
Generated at Tue Apr 16 22:13:19 2024 by rpki-client on console-fra.rpki-client.org