Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GYxDZM8DLHMNlYWDSYIJbVCnUsk.cer
File: GYxDZM8DLHMNlYWDSYIJbVCnUsk.cer (raw, json)
Hash identifier: JfuZ4sNq+r2r5mHrwaHRw37FkwBO6m4nXwZTJ46WTDM=
Subject key identifier: 19:8C:43:64:CF:03:2C:73:0D:95:85:83:49:82:09:6D:50:A7:52:C9
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01EA62
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91DC931/4A25B6A0F55D11EE9BE19780C4F9AE02/GYxDZM8DLHMNlYWDSYIJbVCnUsk.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91DC931/4A25B6A0F55D11EE9BE19780C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 08 Apr 2024 04:05:58 +0000
Certificate not after: Wed 30 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 152668
IP: 117.55.254.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 09 May 2024 05:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125538 (0x1ea62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 8 04:05:58 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=A91DC931/serialNumber=198C4364CF032C730D9585834982096D50A752C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2b:1a:aa:3f:80:1f:4d:f6:6f:e8:40:64:2d:
2a:32:60:3f:8c:02:cf:97:88:9f:8c:c7:78:62:cf:
5f:e7:57:df:a9:da:a0:3f:a7:bc:84:53:32:85:f9:
20:09:ac:79:d4:09:22:77:7f:ad:f6:7c:06:5b:8f:
b6:e7:81:2f:03:d8:c9:6f:3e:d2:1f:03:a0:07:db:
a9:b3:b4:cf:c2:82:44:92:89:80:38:2d:c2:e3:af:
4b:44:55:fe:3d:23:e3:69:17:64:4d:f5:e6:7f:db:
1d:d3:46:2d:62:3f:b7:ab:28:fe:16:33:b1:64:d4:
0d:13:6e:85:ce:95:67:99:94:7b:3c:fa:d7:2f:66:
69:b3:8e:e2:01:13:ee:97:f3:c3:c9:ae:c8:32:0a:
59:72:5b:ba:36:17:11:47:e2:4c:b7:8f:b6:0d:2d:
b0:0f:c9:68:c9:48:57:d5:1f:9e:dc:93:c3:61:b2:
18:54:fe:5b:14:72:44:cf:ed:2a:4c:db:d0:c6:73:
db:03:c1:35:c2:c9:0a:32:3e:fb:d0:5e:ca:72:8f:
85:0f:cf:f2:06:5b:10:35:11:f2:d8:dd:40:5c:28:
f8:ef:ef:d5:24:a2:61:8b:51:a2:78:ab:52:af:1e:
89:0b:8f:0c:44:f9:fc:10:21:a3:09:a6:a1:72:11:
39:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:8C:43:64:CF:03:2C:73:0D:95:85:83:49:82:09:6D:50:A7:52:C9
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91DC931/4A25B6A0F55D11EE9BE19780C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91DC931/4A25B6A0F55D11EE9BE19780C4F9AE02/GYxDZM8DLHMNlYWDSYIJbVCnUsk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
152668
sbgp-ipAddrBlock: critical
IPv4:
117.55.254.0/23
Signature Algorithm: sha256WithRSAEncryption
ca:98:4a:45:66:f7:b3:8a:bd:b3:2c:09:df:9b:d4:a0:08:22:
3b:4b:06:9e:47:aa:04:24:09:28:74:db:3b:42:f3:86:b2:98:
a1:b5:fe:13:fa:89:8b:83:79:8e:8c:82:19:29:48:dc:69:bc:
80:c6:c7:dd:4d:dc:59:f1:44:be:3e:33:74:bd:9d:eb:85:69:
42:03:67:09:e7:10:c8:56:c1:32:e4:e3:ba:8f:f0:a3:c4:24:
ad:cd:1d:f0:39:9b:51:a2:77:d8:6d:71:73:e3:57:67:ed:08:
bb:c8:e1:07:d6:99:1c:39:87:7d:94:b3:c3:90:96:c2:ad:4e:
04:ac:8c:7a:b3:7b:23:f6:cd:74:6f:a0:e5:79:3c:37:d5:53:
f0:4d:68:bd:83:e2:8a:26:e3:00:5b:83:e6:5a:53:f4:b5:f0:
28:f2:1c:a1:fc:01:08:82:b0:ad:59:c9:12:b7:cd:8f:b2:e2:
d2:34:a8:48:6a:c8:72:00:91:da:d3:f3:4a:52:96:f9:43:95:
f9:47:b9:85:fe:23:de:60:18:d9:3c:12:eb:f0:4c:32:c0:90:
ce:61:97:b6:cd:28:94:e5:af:37:f4:26:10:49:55:4f:51:85:
a8:77:27:f6:c9:c2:43:8e:2d:f3:03:57:f3:6c:46:f5:75:e6:
9c:55:f8:2a
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAepiMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQwODA0MDU1OFoXDTI1MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxREM5MzExMTAvBgNVBAUTKDE5OEM0MzY0Q0YwMzJDNzMwRDk1ODU4
MzQ5ODIwOTZENTBBNzUyQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5KxqqP4AfTfZv6EBkLSoyYD+MAs+XiJ+Mx3hiz1/nV9+p2qA/p7yEUzKF+SAJ
rHnUCSJ3f632fAZbj7bngS8D2MlvPtIfA6AH26mztM/CgkSSiYA4LcLjr0tEVf49
I+NpF2RN9eZ/2x3TRi1iP7erKP4WM7Fk1A0TboXOlWeZlHs8+tcvZmmzjuIBE+6X
88PJrsgyCllyW7o2FxFH4ky3j7YNLbAPyWjJSFfVH57ck8NhshhU/lsUckTP7SpM
29DGc9sDwTXCyQoyPvvQXspyj4UPz/IGWxA1EfLY3UBcKPjv79UkomGLUaJ4q1Kv
HokLjwxE+fwQIaMJpqFyETlRAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUGYxDZM8D
LHMNlYWDSYIJbVCnUskwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MURDOTMxLzRBMjVCNkEwRjU1RDExRUU5QkUxOTc4MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEQzkzMS80QTI1QjZBMEY1NUQxMUVFOUJFMTk3ODBDNEY5QUUwMi9HWXhEWk04
RExITU5sWVdEU1lJSmJWQ25Vc2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlRcMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBdTf+MA0GCSqG
SIb3DQEBCwUAA4IBAQDKmEpFZvezir2zLAnfm9SgCCI7SwaeR6oEJAkodNs7QvOG
spihtf4T+omLg3mOjIIZKUjcabyAxsfdTdxZ8US+PjN0vZ3rhWlCA2cJ5xDIVsEy
5OO6j/CjxCStzR3wOZtRonfYbXFz41dn7Qi7yOEH1pkcOYd9lLPDkJbCrU4ErIx6
s3sj9s10b6DleTw31VPwTWi9g+KKJuMAW4PmWlP0tfAo8hyh/AEIgrCtWckSt82P
suLSNKhIashyAJHa0/NKUpb5Q5X5R7mF/iPeYBjZPBLr8EwywJDOYZe2zSiU5a83
9CYQSVVPUYWodyf2ycJDji3zA1fzbEb1deacVfgq
-----END CERTIFICATE-----
Generated at Thu May 2 06:14:01 2024 by rpki-client on console-fra.rpki-client.org