Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I7lgN6uK0jfmMm9-0PgeMY6KFKs.cer
File: I7lgN6uK0jfmMm9-0PgeMY6KFKs.cer (raw, json)
Hash identifier: Htcc1MS4W+jgE3GwNJMOAfbHT3fkfKN1Wndj5FeMpVM=
Subject key identifier: 23:B9:60:37:AB:8A:D2:37:E6:32:6F:7E:D0:F8:1E:31:8E:8A:14:AB
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01C1D5
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E892A/F810E9A4881511E78BF7D14EC4F9AE02/I7lgN6uK0jfmMm9-0PgeMY6KFKs.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E892A/F810E9A4881511E78BF7D14EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 03 Oct 2023 22:06:16 +0000
Certificate not after: Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources: AS: 136926
IP: 103.99.42.0/24
IP: 2001:df2:4700::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 00:59:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115157 (0x1c1d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 3 22:06:16 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=A91E892A/serialNumber=23B96037AB8AD237E6326F7ED0F81E318E8A14AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:04:9d:6f:88:14:08:37:ae:15:dc:5d:68:2c:
0d:58:55:f9:74:41:1c:5e:30:68:a4:d6:03:58:57:
a0:37:c0:f1:3f:ac:bc:d3:dd:ba:9f:d6:bf:49:bd:
56:9d:5f:47:53:fd:b6:1d:ca:65:45:31:a9:84:d6:
6d:0b:33:fa:12:50:68:58:2e:59:b5:2b:16:56:53:
d8:cf:9b:8d:bc:37:10:dd:18:d4:0d:11:9b:88:46:
fb:65:4a:6a:76:f0:29:18:c3:e8:5b:bb:bd:9c:05:
6c:7b:bc:fd:18:d5:ac:03:29:c2:d9:b7:ad:b4:ad:
78:c5:d6:98:f9:3b:01:15:a0:4b:42:eb:29:5f:c9:
74:2a:86:bd:9c:d5:4d:d0:60:1c:40:b6:e0:5b:17:
11:e3:04:1b:d0:af:12:92:37:48:8a:99:d3:59:c2:
f6:81:22:83:d0:e4:88:80:07:81:fd:7d:13:f6:ea:
8f:0c:cf:cb:de:11:81:5f:43:f3:98:7d:3a:7a:72:
38:63:a8:7c:ed:17:62:ef:a9:42:eb:fa:db:7d:f0:
0a:4f:25:10:e8:7a:7b:e3:c6:3a:9f:d3:23:ca:eb:
b7:71:88:6f:05:de:f9:6b:9c:05:37:be:19:68:38:
dc:16:94:04:d0:d9:47:6e:7e:3a:84:e5:51:eb:a1:
16:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:B9:60:37:AB:8A:D2:37:E6:32:6F:7E:D0:F8:1E:31:8E:8A:14:AB
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E892A/F810E9A4881511E78BF7D14EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E892A/F810E9A4881511E78BF7D14EC4F9AE02/I7lgN6uK0jfmMm9-0PgeMY6KFKs.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
136926
sbgp-ipAddrBlock: critical
IPv4:
103.99.42.0/24
IPv6:
2001:df2:4700::/48
Signature Algorithm: sha256WithRSAEncryption
57:57:20:55:6d:7f:7b:d1:d8:03:62:48:4c:fb:6a:fd:92:09:
4a:37:7a:54:2b:4a:f2:65:2f:3c:34:8c:0f:ea:53:3d:82:c4:
b2:e8:b2:0d:6e:44:04:69:21:f2:ba:99:79:dd:7a:a8:6f:73:
a7:38:df:c3:d5:cd:c6:e0:03:2c:50:3d:f8:27:ef:12:a4:c4:
13:5d:3b:ac:ea:b3:88:f1:13:ab:f2:5f:00:56:89:f1:f6:f5:
6a:d1:f6:fb:b5:3f:80:4b:93:c4:c2:56:30:0c:62:0b:6b:76:
0f:59:dd:28:5f:21:a2:c1:41:3e:0b:40:f4:0f:dc:eb:fc:8f:
8b:db:86:29:c6:80:82:1f:77:d3:91:5c:d3:fc:78:54:60:8b:
c6:6e:8b:4e:d3:7c:16:9d:26:87:29:22:f4:f7:12:a2:9c:d8:
eb:7f:73:91:06:4d:e7:87:9d:16:d3:d9:77:bf:23:9b:c2:4f:
65:c0:4f:94:f7:1f:b9:44:c5:3c:f8:f8:cd:ee:36:6f:2d:72:
39:8e:f3:08:51:86:ae:f2:5d:fb:f2:e1:ca:0d:bc:de:84:e8:
03:19:60:ef:96:55:a1:0c:d0:77:f2:88:a2:d2:69:91:e7:d3:
ab:b7:61:98:d5:4d:dc:c0:f6:fc:55:18:65:db:7d:b7:af:7e:
e0:a1:eb:ec
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAcHVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTAwMzIyMDYxNloXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTg5MkExMTAvBgNVBAUTKDIzQjk2MDM3QUI4QUQyMzdFNjMyNkY3
RUQwRjgxRTMxOEU4QTE0QUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDUBJ1viBQIN64V3F1oLA1YVfl0QRxeMGik1gNYV6A3wPE/rLzT3bqf1r9JvVad
X0dT/bYdymVFMamE1m0LM/oSUGhYLlm1KxZWU9jPm428NxDdGNQNEZuIRvtlSmp2
8CkYw+hbu72cBWx7vP0Y1awDKcLZt620rXjF1pj5OwEVoEtC6ylfyXQqhr2c1U3Q
YBxAtuBbFxHjBBvQrxKSN0iKmdNZwvaBIoPQ5IiAB4H9fRP26o8Mz8veEYFfQ/OY
fTp6cjhjqHztF2LvqULr+tt98ApPJRDoenvjxjqf0yPK67dxiG8F3vlrnAU3vhlo
ONwWlATQ2UdufjqE5VHroRYTAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUI7lgN6uK
0jfmMm9+0PgeMY6KFKswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU4OTJBL0Y4MTBFOUE0ODgxNTExRTc4QkY3RDE0RUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFODkyQS9GODEwRTlBNDg4MTUxMUU3OEJGN0QxNEVDNEY5QUUwMi9JN2xnTjZ1
SzBqZm1NbTktMFBnZU1ZNktGS3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhbeMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAZ2MqMA8EAgAC
MAkDBwAgAQ3yRwAwDQYJKoZIhvcNAQELBQADggEBAFdXIFVtf3vR2ANiSEz7av2S
CUo3elQrSvJlLzw0jA/qUz2CxLLosg1uRARpIfK6mXndeqhvc6c438PVzcbgAyxQ
Pfgn7xKkxBNdO6zqs4jxE6vyXwBWifH29WrR9vu1P4BLk8TCVjAMYgtrdg9Z3Shf
IaLBQT4LQPQP3Ov8j4vbhinGgIIfd9ORXNP8eFRgi8Zui07TfBadJocpIvT3EqKc
2Ot/c5EGTeeHnRbT2Xe/I5vCT2XAT5T3H7lExTz4+M3uNm8tcjmO8whRhq7yXfvy
4coNvN6E6AMZYO+WVaEM0HfyiKLSaZHn06u3YZjVTdzA9vxVGGXbfbevfuCh6+w=
-----END CERTIFICATE-----
Generated at Wed May 8 01:50:42 2024 by rpki-client on console-fra.rpki-client.org