Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DAcR2ALXqTRuZMQ1u46dwn9tn4c.cer
File: DAcR2ALXqTRuZMQ1u46dwn9tn4c.cer (raw, json)
Hash identifier: sDBIvceEIzkgAWFjj3Wx7aeZRUH3NIQsY2nBIrkjeI0=
Subject key identifier: 0C:07:11:D8:02:D7:A9:34:6E:64:C4:35:BB:8E:9D:C2:7F:6D:9F:87
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01E980
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9199990/5860F3861D9411E2BE7E7BF808B02CD2/DAcR2ALXqTRuZMQ1u46dwn9tn4c.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9199990/5860F3861D9411E2BE7E7BF808B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 03 Apr 2024 22:27:16 +0000
Certificate not after: Wed 28 May 2025 00:00:00 +0000
Subordinate resources: AS: 38529
IP: 116.50.64.0/18
IP: 2402:8e00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 May 2024 21:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125312 (0x1e980)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 3 22:27:16 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=A9199990/serialNumber=0C0711D802D7A9346E64C435BB8E9DC27F6D9F87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b4:39:d9:52:81:2d:64:ff:46:60:84:dd:bd:
2c:ca:c6:91:fa:83:ab:42:82:ba:e6:2b:11:33:c3:
38:c3:d7:77:b8:4b:7c:5c:5f:d5:70:9f:3f:d6:be:
a0:2f:e0:98:d9:90:13:df:87:4d:06:cc:04:bc:72:
81:c7:f2:02:d7:c4:40:73:f9:09:b0:72:7a:3b:97:
0b:70:23:de:44:2b:6e:24:54:c4:b3:04:8c:56:fc:
37:08:1b:3d:8a:55:25:71:99:58:01:09:d4:b0:ab:
f5:e6:40:33:2c:1a:20:1c:8d:81:58:ba:15:76:45:
d8:08:d6:8d:4a:5b:dd:e2:07:68:f2:0d:11:0a:e3:
88:28:f0:75:4a:22:0f:54:be:47:45:6e:15:f7:e9:
77:45:61:2c:20:7f:6d:4f:74:c9:ef:ef:4b:74:fd:
69:bb:6d:30:22:b8:f0:dc:36:65:ff:93:b0:c4:7d:
63:f4:57:56:93:6e:d5:b3:e8:3e:a6:4c:be:6f:1f:
78:1d:7d:02:dc:66:4e:bc:1b:0e:c3:2d:98:5f:d2:
0f:45:21:94:4f:6e:03:67:32:15:0a:0c:68:47:48:
9e:d3:4d:9e:ef:04:f9:37:f5:9c:1a:3d:b6:8f:60:
7c:73:33:d1:82:72:9b:99:96:37:2b:40:17:f3:56:
b2:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:07:11:D8:02:D7:A9:34:6E:64:C4:35:BB:8E:9D:C2:7F:6D:9F:87
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9199990/5860F3861D9411E2BE7E7BF808B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9199990/5860F3861D9411E2BE7E7BF808B02CD2/DAcR2ALXqTRuZMQ1u46dwn9tn4c.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
38529
sbgp-ipAddrBlock: critical
IPv4:
116.50.64.0/18
IPv6:
2402:8e00::/32
Signature Algorithm: sha256WithRSAEncryption
c2:4d:6d:0c:b0:32:06:a7:a9:3c:20:a6:cc:81:58:b0:5f:10:
11:02:c1:22:56:26:87:68:db:0f:7b:37:ec:77:a6:78:d3:1c:
4a:5e:78:2b:36:2d:f5:57:01:ac:ae:48:21:b3:ed:fc:3f:5d:
81:4b:c2:22:17:73:e4:b3:87:38:e8:d4:be:8a:c7:31:0b:91:
83:2d:ca:13:c9:17:15:ab:a7:00:04:e5:8c:cc:d4:7c:6a:a7:
44:8e:12:13:ba:e0:33:14:ff:4e:e9:1c:4a:bc:a2:a5:19:c6:
be:7d:7c:90:2f:cd:6e:2b:47:71:17:fe:bc:c5:92:89:94:0b:
99:61:5c:01:8e:31:ed:87:9d:c6:13:1e:10:98:05:ac:46:3a:
94:6a:8b:40:24:fd:b1:ce:ae:e5:b0:9a:9a:ff:09:47:fa:80:
bd:23:bb:fe:b5:77:16:6c:6e:86:88:86:43:42:ca:61:0f:f1:
4f:64:26:dd:6a:b9:37:78:bf:47:68:c2:84:36:3c:d3:a3:91:
f0:ea:b2:d7:d6:46:48:21:8a:7c:80:8b:bc:c5:72:b8:4a:da:
14:31:01:2e:0b:5c:cb:32:3d:fe:4c:e0:13:bf:57:39:e9:28:
f4:77:63:4a:86:13:b9:d7:58:75:ea:e6:ed:7f:7c:4c:12:4a:
28:82:28:ba
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAemAMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQwMzIyMjcxNloXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTk5OTAxMTAvBgNVBAUTKDBDMDcxMUQ4MDJEN0E5MzQ2RTY0QzQz
NUJCOEU5REMyN0Y2RDlGODcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDEtDnZUoEtZP9GYITdvSzKxpH6g6tCgrrmKxEzwzjD13e4S3xcX9Vwnz/WvqAv
4JjZkBPfh00GzAS8coHH8gLXxEBz+Qmwcno7lwtwI95EK24kVMSzBIxW/DcIGz2K
VSVxmVgBCdSwq/XmQDMsGiAcjYFYuhV2RdgI1o1KW93iB2jyDREK44go8HVKIg9U
vkdFbhX36XdFYSwgf21PdMnv70t0/Wm7bTAiuPDcNmX/k7DEfWP0V1aTbtWz6D6m
TL5vH3gdfQLcZk68Gw7DLZhf0g9FIZRPbgNnMhUKDGhHSJ7TTZ7vBPk39ZwaPbaP
YHxzM9GCcpuZljcrQBfzVrIVAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUDAcR2ALX
qTRuZMQ1u46dwn9tn4cwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTk5OTkwLzU4NjBGMzg2MUQ5NDExRTJCRTdFN0JGODA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5OTk5MC81ODYwRjM4NjFEOTQxMUUyQkU3RTdCRjgwOEIwMkNEMi9EQWNSMkFM
WHFUUnVaTVExdTQ2ZHduOXRuNGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAJaBMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGdDJAMA0EAgAC
MAcDBQAkAo4AMA0GCSqGSIb3DQEBCwUAA4IBAQDCTW0MsDIGp6k8IKbMgViwXxAR
AsEiViaHaNsPezfsd6Z40xxKXngrNi31VwGsrkghs+38P12BS8IiF3Pks4c46NS+
iscxC5GDLcoTyRcVq6cABOWMzNR8aqdEjhITuuAzFP9O6RxKvKKlGca+fXyQL81u
K0dxF/68xZKJlAuZYVwBjjHth53GEx4QmAWsRjqUaotAJP2xzq7lsJqa/wlH+oC9
I7v+tXcWbG6GiIZDQsphD/FPZCbdark3eL9HaMKENjzTo5Hw6rLX1kZIIYp8gIu8
xXK4StoUMQEuC1zLMj3+TOATv1c56Sj0d2NKhhO511h16ubtf3xMEkoogii6
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:34:15 2024 by rpki-client on console-fra.rpki-client.org