Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fh4CKuiXURLudYnUmzFmDKkKBBA.cer
File: Fh4CKuiXURLudYnUmzFmDKkKBBA.cer (raw, json)
Hash identifier: gD5zJZy2YvOnKxIlt3t/SGKDO86ZBHNiQ/mmRT15UIg=
Subject key identifier: 16:1E:02:2A:E8:97:51:12:EE:75:89:D4:9B:31:66:0C:A9:0A:04:10
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0209D3
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A865F/BF966E4A1C8911EAA9B95761C4F9AE02/Fh4CKuiXURLudYnUmzFmDKkKBBA.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A865F/BF966E4A1C8911EAA9B95761C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 29 Aug 2024 19:48:11 +0000
Certificate not after: Fri 31 Oct 2025 00:00:00 +0000
Subordinate resources: IP: 45.123.104.0/22
IP: 103.63.228.0/22
IP: 2403:4e80::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133587 (0x209d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 29 19:48:11 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=A91A865F/serialNumber=161E022AE8975112EE7589D49B31660CA90A0410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:29:2c:37:94:32:ef:6c:77:97:3c:c6:3d:fd:
39:75:3f:52:f6:45:39:c9:23:9a:08:21:59:36:5c:
47:22:7f:53:5d:f7:aa:00:a4:64:42:6a:60:18:48:
a7:ad:2c:e1:a5:e0:c2:71:9c:bf:48:b8:d9:1e:df:
9e:0c:60:fb:10:4e:45:76:9a:37:9b:98:a7:01:a7:
54:9f:4a:f3:b0:d6:19:f3:8e:36:02:a4:be:44:9f:
18:98:7c:b3:27:1f:a3:1e:22:e5:85:08:6e:32:75:
f5:fa:b1:2c:de:2e:05:2d:bb:88:36:db:e0:59:aa:
e7:2f:20:36:27:f7:4a:2d:b8:51:d3:04:c2:e2:99:
40:cb:9d:f6:72:e3:0a:73:23:f5:c2:b2:6e:e8:3e:
23:ff:d2:b7:60:04:ff:56:64:86:46:70:e8:8d:31:
c8:e9:d6:2f:d5:7e:60:0f:e8:66:bf:05:68:00:bf:
58:bf:bd:0b:96:98:11:ff:64:a8:41:51:4e:d0:5e:
0f:d1:38:10:b4:d0:4a:f2:e5:25:95:05:8a:a4:ab:
88:7b:e1:c8:e1:b9:c2:f0:79:4d:10:5f:2c:80:64:
c6:de:99:52:62:50:82:63:81:c1:75:4d:3e:62:6d:
9d:09:81:24:3f:d6:52:f6:7f:48:9e:89:97:17:1d:
6f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:1E:02:2A:E8:97:51:12:EE:75:89:D4:9B:31:66:0C:A9:0A:04:10
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A865F/BF966E4A1C8911EAA9B95761C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A865F/BF966E4A1C8911EAA9B95761C4F9AE02/Fh4CKuiXURLudYnUmzFmDKkKBBA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.123.104.0/22
103.63.228.0/22
IPv6:
2403:4e80::/32
Signature Algorithm: sha256WithRSAEncryption
4b:00:f1:92:ba:c9:55:e2:db:c4:01:9a:0a:65:5c:c8:1f:35:
b3:93:e0:03:23:28:3f:d2:ac:58:48:95:26:af:36:ea:f9:e6:
48:5d:84:78:05:b5:a6:4f:c1:f9:fc:d7:d8:41:f7:e1:6f:08:
6c:0d:f0:ce:55:98:23:f7:4f:65:4f:d2:ef:85:19:51:ca:27:
11:68:a0:35:90:15:f5:f7:59:40:9a:09:c2:48:e1:d1:41:d4:
4f:32:96:65:51:7c:1d:e9:b4:15:17:c1:ef:29:f5:d7:b3:cd:
08:b0:79:73:8b:b4:34:eb:c1:96:93:5d:9d:19:f1:45:a8:87:
f1:aa:d6:0e:72:f1:f2:a7:4a:3c:2f:a6:5a:43:a2:77:83:27:
82:cf:e9:cb:f9:27:1b:7f:61:1d:3d:5b:3a:51:bb:b2:60:db:
73:45:69:67:78:67:ef:27:7c:c9:76:b8:0b:ac:7c:d2:9b:e4:
a8:9b:05:e8:34:a8:7d:ed:46:18:c8:85:5c:e5:a2:36:4b:25:
91:b9:19:f5:4a:a8:88:80:ab:78:4d:0c:53:f8:2c:d5:d3:ae:
f8:99:c0:a2:52:0b:d3:5b:ed:b6:0e:7e:76:82:c7:88:f3:97:
2b:af:5b:2e:98:42:79:80:54:11:5a:b4:11:28:82:b1:8e:c1:
8f:10:d3:78
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgIDAgnTMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDgyOTE5NDgxMVoXDTI1MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTg2NUYxMTAvBgNVBAUTKDE2MUUwMjJBRTg5NzUxMTJFRTc1ODlE
NDlCMzE2NjBDQTkwQTA0MTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFKSw3lDLvbHeXPMY9/Tl1P1L2RTnJI5oIIVk2XEcif1Nd96oApGRCamAYSKet
LOGl4MJxnL9IuNke354MYPsQTkV2mjebmKcBp1SfSvOw1hnzjjYCpL5EnxiYfLMn
H6MeIuWFCG4ydfX6sSzeLgUtu4g22+BZqucvIDYn90otuFHTBMLimUDLnfZy4wpz
I/XCsm7oPiP/0rdgBP9WZIZGcOiNMcjp1i/VfmAP6Ga/BWgAv1i/vQuWmBH/ZKhB
UU7QXg/ROBC00Ery5SWVBYqkq4h74cjhucLweU0QXyyAZMbemVJiUIJjgcF1TT5i
bZ0JgSQ/1lL2f0ieiZcXHW8HAgMBAAGjggMIMIIDBDAdBgNVHQ4EFgQUFh4CKuiX
URLudYnUmzFmDKkKBBAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE4NjVGL0JGOTY2RTRBMUM4OTExRUFBOUI5NTc2MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBODY1Ri9CRjk2NkU0QTFDODkxMUVBQTlCOTU3NjFDNEY5QUUwMi9GaDRDS3Vp
WFVSTHVkWW5VbXpGbURLa0tCQkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8EJTAj
MBIEAgABMAwDBAIte2gDBAJnP+QwDQQCAAIwBwMFACQDToAwDQYJKoZIhvcNAQEL
BQADggEBAEsA8ZK6yVXi28QBmgplXMgfNbOT4AMjKD/SrFhIlSavNur55khdhHgF
taZPwfn819hB9+FvCGwN8M5VmCP3T2VP0u+FGVHKJxFooDWQFfX3WUCaCcJI4dFB
1E8ylmVRfB3ptBUXwe8p9dezzQiweXOLtDTrwZaTXZ0Z8UWoh/Gq1g5y8fKnSjwv
plpDoneDJ4LP6cv5Jxt/YR09WzpRu7Jg23NFaWd4Z+8nfMl2uAusfNKb5KibBeg0
qH3tRhjIhVzlojZLJZG5GfVKqIiAq3hNDFP4LNXTrviZwKJSC9Nb7bYOfnaCx4jz
lyuvWy6YQnmAVBFatBEogrGOwY8Q03g=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:19 2024 by rpki-client on console-fra.rpki-client.org