Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DbTT-dXiDYW-t_nLGwfDFapGCZ8.cer
File: DbTT-dXiDYW-t_nLGwfDFapGCZ8.cer (raw, json)
Hash identifier: R053wnkh9oWuHtsMs61oY90O5HbFbMkMI0hcjUXazvo=
Subject key identifier: 0D:B4:D3:F9:D5:E2:0D:85:BE:B7:F9:CB:1B:07:C3:15:AA:46:09:9F
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01EA45
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91C731A/C9F83AEE0EC311EBAC979118C4F9AE02/DbTT-dXiDYW-t_nLGwfDFapGCZ8.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91C731A/C9F83AEE0EC311EBAC979118C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sat 06 Apr 2024 17:46:53 +0000
Certificate not after: Wed 28 May 2025 00:00:00 +0000
Subordinate resources: IP: 103.85.108.0/22
IP: 119.160.232.0/22
IP: 2400:aa40::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125509 (0x1ea45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 6 17:46:53 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=A91C731A/serialNumber=0DB4D3F9D5E20D85BEB7F9CB1B07C315AA46099F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:af:fa:2f:84:aa:67:84:3c:b2:22:a3:4f:bf:
07:9c:d7:55:01:a4:61:e8:1b:e5:f5:18:10:67:4e:
01:29:12:fb:f5:ae:ce:15:55:72:f7:a7:4d:25:57:
f9:f6:42:04:1b:d0:b3:42:13:cd:b9:4b:5f:cd:12:
ae:8a:90:dc:ad:9b:7a:81:b0:a1:e4:97:3f:2e:01:
56:3b:92:9e:80:83:a1:50:e8:ab:53:39:bb:4a:32:
8c:80:84:72:d4:d5:ae:47:73:e2:48:a1:0c:27:6a:
86:c5:95:5f:4e:6a:e4:e8:2b:a4:50:ea:4b:6f:85:
70:75:d2:c9:d8:54:07:5b:c0:23:63:06:52:14:ad:
69:83:ef:8e:d2:6b:2d:9d:a0:f1:dd:0a:60:55:5a:
cf:0d:df:ae:3e:c0:f3:f5:1f:3b:d6:01:f1:0d:48:
b6:e0:e8:43:d5:a6:63:30:78:75:1f:b2:87:fe:6c:
df:d1:85:76:08:f3:36:17:04:a1:4e:19:b6:a2:dc:
97:df:be:a2:b2:69:6c:12:43:24:71:02:82:20:3f:
7d:3d:b2:89:55:bd:fd:8c:90:cb:5e:d8:28:91:10:
37:8b:56:14:90:45:96:5b:dc:84:17:98:09:48:1a:
ed:77:3e:3f:b4:b5:74:2b:c2:1c:ac:81:72:d3:6f:
e8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:B4:D3:F9:D5:E2:0D:85:BE:B7:F9:CB:1B:07:C3:15:AA:46:09:9F
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C731A/C9F83AEE0EC311EBAC979118C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C731A/C9F83AEE0EC311EBAC979118C4F9AE02/DbTT-dXiDYW-t_nLGwfDFapGCZ8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.85.108.0/22
119.160.232.0/22
IPv6:
2400:aa40::/32
Signature Algorithm: sha256WithRSAEncryption
0a:07:c2:7b:66:24:f8:af:17:07:a7:bc:2d:54:89:c4:ef:8b:
ca:c0:a0:c1:e0:3e:bc:d1:b4:bc:86:10:7c:73:32:1a:7b:a7:
99:82:86:dc:51:77:8e:35:f7:ac:17:39:43:8b:5f:95:43:7d:
3c:c5:9a:85:69:3b:dc:4f:b5:cd:3f:39:7c:d6:5b:2c:7b:62:
87:7e:b7:95:f7:78:b4:c4:b3:43:2d:8b:78:6d:4e:3b:81:24:
99:e2:92:43:8f:cc:f5:9d:5d:21:ca:79:9c:24:bb:67:66:7a:
eb:75:99:56:42:af:e2:00:83:59:16:00:4e:4b:04:70:63:3b:
96:f2:34:bf:8e:14:cf:f1:0b:ae:5c:f5:16:18:f8:80:03:d8:
95:ba:f7:8d:84:35:28:a3:f6:38:51:6f:93:9c:d1:aa:45:40:
4b:58:7d:a7:f1:b0:43:ef:a7:d5:56:ce:c8:1f:81:6b:b5:29:
14:55:29:60:09:50:c9:16:c6:5d:21:19:92:5d:b0:e2:78:b5:
01:d4:42:db:d7:e0:c1:5f:0f:6f:3d:1a:a2:7a:bd:37:85:2d:
ad:15:25:76:10:58:03:bd:df:5f:af:88:d3:20:b2:f5:1d:60:
90:b4:f8:b5:68:5e:6e:e5:aa:06:c7:ec:cd:ef:f1:ee:9e:cb:
6f:fe:46:68
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgIDAepFMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQwNjE3NDY1M1oXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzczMUExMTAvBgNVBAUTKDBEQjREM0Y5RDVFMjBEODVCRUI3RjlD
QjFCMDdDMzE1QUE0NjA5OUYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC1r/ovhKpnhDyyIqNPvwec11UBpGHoG+X1GBBnTgEpEvv1rs4VVXL3p00lV/n2
QgQb0LNCE825S1/NEq6KkNytm3qBsKHklz8uAVY7kp6Ag6FQ6KtTObtKMoyAhHLU
1a5Hc+JIoQwnaobFlV9OauToK6RQ6ktvhXB10snYVAdbwCNjBlIUrWmD747Say2d
oPHdCmBVWs8N364+wPP1HzvWAfENSLbg6EPVpmMweHUfsof+bN/RhXYI8zYXBKFO
Gbai3JffvqKyaWwSQyRxAoIgP309solVvf2MkMte2CiREDeLVhSQRZZb3IQXmAlI
Gu13Pj+0tXQrwhysgXLTb+ihAgMBAAGjggMIMIIDBDAdBgNVHQ4EFgQUDbTT+dXi
DYW+t/nLGwfDFapGCZ8wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM3MzFBL0M5RjgzQUVFMEVDMzExRUJBQzk3OTExOEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDNzMxQS9DOUY4M0FFRTBFQzMxMUVCQUM5NzkxMThDNEY5QUUwMi9EYlRULWRY
aURZVy10X25MR3dmREZhcEdDWjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8EJTAj
MBIEAgABMAwDBAJnVWwDBAJ3oOgwDQQCAAIwBwMFACQAqkAwDQYJKoZIhvcNAQEL
BQADggEBAAoHwntmJPivFwenvC1UicTvi8rAoMHgPrzRtLyGEHxzMhp7p5mChtxR
d44196wXOUOLX5VDfTzFmoVpO9xPtc0/OXzWWyx7Yod+t5X3eLTEs0Mti3htTjuB
JJnikkOPzPWdXSHKeZwku2dmeut1mVZCr+IAg1kWAE5LBHBjO5byNL+OFM/xC65c
9RYY+IAD2JW6942ENSij9jhRb5Oc0apFQEtYfafxsEPvp9VWzsgfgWu1KRRVKWAJ
UMkWxl0hGZJdsOJ4tQHUQtvX4MFfD289GqJ6vTeFLa0VJXYQWAO931+viNMgsvUd
YJC0+LVoXm7lqgbH7M3v8e6ey2/+Rmg=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:17 2024 by rpki-client on console-fra.rpki-client.org