Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EkR4XUDF7FjfxKMoVA8bOT3qI3U.cer
File: EkR4XUDF7FjfxKMoVA8bOT3qI3U.cer (raw, json)
Hash identifier: PM6UD80d2eel/kLyQert2RTCfAPPnFxfYMiHdRT4HxA=
Subject key identifier: 12:44:78:5D:40:C5:EC:58:DF:C4:A3:28:54:0F:1B:39:3D:EA:23:75
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023176
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91AB72F/2FB49B3E43D111EF8BE8D87BC4F9AE02/EkR4XUDF7FjfxKMoVA8bOT3qI3U.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91AB72F/2FB49B3E43D111EF8BE8D87BC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sat 15 Feb 2025 16:16:38 +0000
Certificate not after: Fri 01 May 2026 00:00:00 +0000
Subordinate resources: IP: 202.4.31.0/24
IP: 203.5.0.0/24
IP: 203.8.221.0/24
IP: 203.20.64.0/24
IP: 203.22.255.0/24
IP: 203.23.173.0/24
IP: 203.27.101.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143734 (0x23176)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Feb 15 16:16:38 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=A91AB72F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:2b:4d:8a:7b:6e:5b:45:b9:9d:60:e2:e5:34:
a4:06:2b:e8:fa:e3:74:72:0f:24:ce:c6:c2:4d:5c:
3d:a8:d5:cf:91:a0:60:49:d7:3a:2d:81:2f:2e:1b:
b1:33:c2:92:4d:a9:fe:fa:20:3e:83:20:39:aa:75:
cb:50:82:26:6b:0c:e7:33:c8:90:5c:40:a4:a1:9f:
04:98:c6:78:41:8d:02:ff:ac:d5:45:c7:02:dd:a4:
1d:cc:03:d4:9a:75:23:2c:4e:70:f6:c4:75:91:f7:
15:3e:4c:2d:9b:1f:fb:7e:d3:a0:51:7e:9a:c7:b1:
a8:2b:56:81:26:b2:b6:17:af:ad:35:b0:34:98:22:
89:c8:45:f4:c8:7e:8c:ef:f4:11:3c:77:6e:0c:6d:
c1:c2:8d:af:49:c2:b7:10:64:43:ee:45:c1:1c:2f:
8e:1a:5f:5a:9d:83:3a:dd:fb:6a:49:c8:61:66:4b:
d7:75:63:9d:cb:09:ce:e0:da:69:c1:54:6a:fb:82:
40:6b:e5:e6:2c:a4:46:10:cb:e7:6c:3f:94:61:b4:
57:65:e4:38:ba:e7:d8:f9:9d:7e:a5:0e:40:38:8b:
f3:22:27:ad:be:e2:be:4c:2a:d1:98:2e:08:c0:8f:
e0:08:73:13:a4:a7:43:d0:09:5f:f8:d1:ca:89:9c:
22:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:44:78:5D:40:C5:EC:58:DF:C4:A3:28:54:0F:1B:39:3D:EA:23:75
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91AB72F/2FB49B3E43D111EF8BE8D87BC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91AB72F/2FB49B3E43D111EF8BE8D87BC4F9AE02/EkR4XUDF7FjfxKMoVA8bOT3qI3U.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.4.31.0/24
203.5.0.0/24
203.8.221.0/24
203.20.64.0/24
203.22.255.0/24
203.23.173.0/24
203.27.101.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:dd:87:a6:e6:6a:7d:94:fd:b3:bb:3c:98:14:86:5f:42:67:
f2:2e:59:db:8a:4b:29:1e:2c:82:ad:51:64:4d:43:09:d8:3b:
60:7e:6b:2b:60:95:6f:40:99:e6:26:95:e8:d8:a1:e7:fe:a9:
6a:35:67:0f:47:eb:81:3a:c2:e0:d8:c7:5a:91:e7:29:2b:69:
ab:f7:fa:75:59:92:9b:c8:4a:58:3c:85:90:64:e0:b0:7f:66:
61:b7:dd:d8:11:f5:0f:14:49:18:31:75:08:7f:9b:ac:6d:a2:
2e:4a:a7:61:5a:7d:9d:88:dd:f9:53:25:01:9f:fa:62:3b:86:
4a:82:d4:71:82:ac:e2:5d:12:40:b9:ce:fe:79:ab:55:90:bc:
71:0a:4e:81:17:96:5b:f6:d7:f6:39:38:9d:ae:53:2e:05:81:
f0:ac:79:cb:fd:31:29:34:15:9a:11:3d:73:ed:2d:02:b3:1a:
98:65:9a:fd:47:1f:5f:fe:e7:30:9d:40:09:ee:d9:2c:a2:9e:
42:04:ce:c0:a7:d4:d3:61:d3:68:a3:88:0e:07:55:58:5e:18:
9d:d1:e5:37:1e:5b:48:b4:a7:47:6e:4d:86:9e:02:40:06:48:
ac:39:fa:af:77:ba:8e:ba:09:a8:60:84:46:a0:ac:f3:bf:28:
de:1e:3d:7f
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgIDAjF2MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDIxNTE2MTYzOFoXDTI2MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQUI3MkYxMTAvBgNVBAUTKDEyNDQ3ODVENDBDNUVDNThERkM0QTMy
ODU0MEYxQjM5M0RFQTIzNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCcK02Ke25bRbmdYOLlNKQGK+j643RyDyTOxsJNXD2o1c+RoGBJ1zotgS8uG7Ez
wpJNqf76ID6DIDmqdctQgiZrDOczyJBcQKShnwSYxnhBjQL/rNVFxwLdpB3MA9Sa
dSMsTnD2xHWR9xU+TC2bH/t+06BRfprHsagrVoEmsrYXr601sDSYIonIRfTIfozv
9BE8d24MbcHCja9JwrcQZEPuRcEcL44aX1qdgzrd+2pJyGFmS9d1Y53LCc7g2mnB
VGr7gkBr5eYspEYQy+dsP5RhtFdl5Di659j5nX6lDkA4i/MiJ62+4r5MKtGYLgjA
j+AIcxOkp0PQCV/40cqJnCL5AgMBAAGjggMXMIIDEzAdBgNVHQ4EFgQUEkR4XUDF
7FjfxKMoVA8bOT3qI3UwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUFCNzJGLzJGQjQ5QjNFNDNEMTExRUY4QkU4RDg3QkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBQjcyRi8yRkI0OUIzRTQzRDExMUVGOEJFOEQ4N0JDNEY5QUUwMi9Fa1I0WFVE
RjdGamZ4S01vVkE4Yk9UM3FJM1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8ENDAy
MDAEAgABMCoDBADKBB8DBADLBQADBADLCN0DBADLFEADBADLFv8DBADLF60DBADL
G2UwDQYJKoZIhvcNAQELBQADggEBAMvdh6bman2U/bO7PJgUhl9CZ/IuWduKSyke
LIKtUWRNQwnYO2B+aytglW9AmeYmlejYoef+qWo1Zw9H64E6wuDYx1qR5ykraav3
+nVZkpvISlg8hZBk4LB/ZmG33dgR9Q8USRgxdQh/m6xtoi5Kp2FafZ2I3flTJQGf
+mI7hkqC1HGCrOJdEkC5zv55q1WQvHEKToEXllv21/Y5OJ2uUy4FgfCsecv9MSk0
FZoRPXPtLQKzGphlmv1HH1/+5zCdQAnu2SyinkIEzsCn1NNh02ijiA4HVVheGJ3R
5TceW0i0p0duTYaeAkAGSKw5+q93uo66CahghEagrPO/KN4ePX8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:41 2025 by rpki-client