Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer
File: He4XpqM4DuSI7ztuISW4eOZAckg.cer (raw, json)
Hash identifier: Q+VZegPliWc9gL+9ovBGw+aAWjbqX8Pw5yJgtIt4GO8=
Subject key identifier: 1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01E7FF
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 01 Apr 2024 03:31:25 +0000
Certificate not after: Wed 28 May 2025 00:00:00 +0000
Subordinate resources: AS: 133053
IP: 103.120.219.0/24
IP: 103.251.171.0/24
IP: 203.24.26.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 May 2024 21:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124927 (0x1e7ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 1 03:31:25 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=A91E8D22/serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cf:f2:42:d8:fe:08:99:2d:2d:09:87:70:20:
7e:7a:ba:a3:94:00:68:21:3a:2f:c7:3d:c7:49:74:
52:09:73:8b:a5:3d:79:2b:78:0f:54:54:e3:18:e6:
a2:b1:b3:b0:3e:0f:a3:b2:28:0b:4a:15:c9:7f:9d:
50:12:90:1e:e3:7e:fa:85:ea:97:78:e0:ac:fc:1c:
64:59:a4:72:56:43:f6:92:b7:5e:78:7b:67:90:3c:
1f:76:57:99:09:8e:87:95:2e:6c:fa:61:86:4e:91:
d8:b0:fd:a8:cf:f2:1b:b3:22:95:cf:84:30:03:07:
75:b6:5e:89:5e:d2:08:91:bb:55:c6:22:bd:23:4c:
c3:ee:0f:6b:ee:80:47:1b:d1:f0:76:01:6c:69:78:
31:a6:ee:99:ce:13:dc:02:d9:6f:3f:17:08:2a:f0:
1c:41:6d:c9:2a:32:23:aa:4d:06:0e:9a:b7:ec:59:
e1:cf:97:a2:5d:36:06:43:8c:00:c2:8d:0f:d3:c5:
73:b5:36:66:f8:59:1b:0e:e3:f4:4d:c6:01:2c:b6:
a7:67:c3:20:30:e0:a2:eb:98:45:36:8b:37:70:d7:
20:f7:d6:4c:09:82:21:c3:1e:2f:03:a1:00:b0:a3:
bc:6c:f9:b9:19:e2:bd:55:59:41:71:87:ce:39:72:
54:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
133053
sbgp-ipAddrBlock: critical
IPv4:
103.120.219.0/24
103.251.171.0/24
203.24.26.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:06:e6:97:24:a1:70:7a:9e:28:32:36:48:1c:40:ce:73:1c:
96:4b:18:5a:08:fd:99:cd:5b:ab:36:1e:ed:14:0c:15:1a:09:
2e:ea:5d:27:9c:7b:2f:5a:43:bd:8b:2a:ba:8a:4d:36:1c:3d:
ca:d7:de:83:58:d8:f9:f2:f2:10:72:15:9e:91:39:bc:a1:e3:
9c:f4:c4:01:de:8b:db:ce:80:76:1b:39:92:ba:f0:bf:af:c6:
72:ff:2b:88:a6:58:32:d1:b1:81:31:e2:d2:3f:6e:46:99:cd:
04:71:b6:a2:c0:ec:7f:d5:62:f2:13:01:b3:31:30:e3:cf:5c:
2f:db:cf:11:36:6d:a0:f0:ae:ae:b4:fe:de:c6:cd:b9:59:57:
f2:af:bd:bc:6f:eb:83:1b:3e:f7:e0:f0:d2:67:fa:0e:6d:d3:
22:02:47:bd:0f:ae:27:35:e4:70:d5:9a:44:dc:42:f5:75:2a:
b3:1d:5a:ae:5f:e6:7c:10:b0:19:33:71:29:fb:fc:ec:9d:2c:
1c:2a:d5:84:51:49:ec:68:70:30:c6:83:b9:ab:0c:28:7b:d6:
00:81:93:13:9d:bc:4c:98:d3:3a:4f:7c:b7:50:f8:6f:2a:2f:
b9:61:d4:07:5b:7f:4b:ea:24:bc:33:bd:4b:65:35:47:f5:dd:
80:d4:6b:b0
-----BEGIN CERTIFICATE-----
MIIGJjCCBQ6gAwIBAgIDAef/MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQwMTAzMzEyNVoXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRThEMjIxMTAvBgNVBAUTKDFERUUxN0E2QTMzODBFRTQ4OEVGM0I2
RTIxMjVCODc4RTY0MDcyNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC1z/JC2P4ImS0tCYdwIH56uqOUAGghOi/HPcdJdFIJc4ulPXkreA9UVOMY5qKx
s7A+D6OyKAtKFcl/nVASkB7jfvqF6pd44Kz8HGRZpHJWQ/aSt154e2eQPB92V5kJ
joeVLmz6YYZOkdiw/ajP8huzIpXPhDADB3W2Xole0giRu1XGIr0jTMPuD2vugEcb
0fB2AWxpeDGm7pnOE9wC2W8/Fwgq8BxBbckqMiOqTQYOmrfsWeHPl6JdNgZDjADC
jQ/TxXO1Nmb4WRsO4/RNxgEstqdnwyAw4KLrmEU2izdw1yD31kwJgiHDHi8DoQCw
o7xs+bkZ4r1VWUFxh845clRtAgMBAAGjggMbMIIDFzAdBgNVHQ4EFgQUHe4XpqM4
DuSI7ztuISW4eOZAckgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU4RDIyLzNGN0Q2OEE4RkRFNTExRUQ4Nzg0MTc3MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFOEQyMi8zRjdENjhBOEZERTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFN
NER1U0k3enR1SVNXNGVPWkFja2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAge9MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAZ3jbAwQAZ/ur
AwQAyxgaMA0GCSqGSIb3DQEBCwUAA4IBAQDMBuaXJKFwep4oMjZIHEDOcxyWSxha
CP2ZzVurNh7tFAwVGgku6l0nnHsvWkO9iyq6ik02HD3K196DWNj58vIQchWekTm8
oeOc9MQB3ovbzoB2GzmSuvC/r8Zy/yuIplgy0bGBMeLSP25Gmc0EcbaiwOx/1WLy
EwGzMTDjz1wv288RNm2g8K6utP7exs25WVfyr728b+uDGz734PDSZ/oObdMiAke9
D64nNeRw1ZpE3EL1dSqzHVquX+Z8ELAZM3Ep+/zsnSwcKtWEUUnsaHAwxoO5qwwo
e9YAgZMTnbxMmNM6T3y3UPhvKi+5YdQHW39L6iS8M71LZTVH9d2A1Guw
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:34:18 2024 by rpki-client on console-fra.rpki-client.org