Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer
File: IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer (raw, json)
Hash identifier: CAmbT5wDIahOrMTOrNneNQhZhGSGx9/FQXAjP+Vck4Y=
Subject key identifier: 21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01E1FD
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 01 Mar 2024 16:05:32 +0000
Certificate not after: Thu 01 May 2025 00:00:00 +0000
Subordinate resources: AS: 149449
IP: 103.179.198.0/23
IP: 2400:4e20::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123389 (0x1e1fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Mar 1 16:05:32 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=A9152DE4/serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:5b:17:f8:cf:ba:28:75:8a:92:fa:10:04:3d:
52:36:a8:47:00:83:ab:bb:8b:4b:a6:09:dc:bc:f1:
b4:fa:d1:49:10:ba:e9:f5:53:88:e7:29:4f:2e:2c:
53:fb:8b:68:a4:e8:a5:70:e1:85:17:2a:f0:eb:c4:
dd:c8:d6:b1:6e:0c:e9:24:81:8a:c0:5f:1f:a8:c0:
66:63:46:ea:2c:db:bd:4f:8b:ed:28:76:cd:23:67:
c9:81:64:f2:84:e6:90:5c:dc:44:98:43:07:6a:10:
e4:0e:ae:01:f3:7b:36:dc:f2:70:b0:6e:78:91:9f:
da:c6:f8:a6:13:42:d0:5a:1d:ee:2f:25:53:07:ff:
06:40:5d:aa:99:51:1a:fe:05:83:7f:46:c0:16:dc:
91:15:f6:84:79:1c:2f:64:db:40:2b:2c:24:01:04:
db:56:23:b2:f9:27:73:7e:95:c6:fa:d5:6f:f0:13:
8a:dc:4e:db:0c:18:a2:f0:17:46:00:2b:6e:6a:97:
9f:e9:36:3a:f1:fb:72:de:53:2c:38:6c:8d:af:8e:
f1:11:6e:ef:fd:e5:f0:75:ff:4d:f7:bb:23:6e:aa:
d6:0c:8b:e5:d2:56:d7:37:c9:a2:83:03:7c:b9:35:
20:ef:1a:5c:fd:17:ba:e5:b4:31:05:c7:68:5c:68:
dc:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
149449
sbgp-ipAddrBlock: critical
IPv4:
103.179.198.0/23
IPv6:
2400:4e20::/32
Signature Algorithm: sha256WithRSAEncryption
25:10:89:94:40:d6:5b:c3:97:bf:7a:0d:d5:d4:22:fb:5e:17:
54:c4:d1:73:ad:f7:ce:eb:1d:33:a5:db:86:2d:9e:8e:41:f0:
39:45:1e:12:d8:c8:04:d4:f7:62:96:a3:32:13:ca:7b:71:a2:
23:9a:44:66:7f:ab:7c:de:c8:2e:3e:e3:ea:03:f6:48:87:02:
11:7c:99:3e:22:56:c8:23:86:92:9c:0a:39:02:0f:12:fe:a8:
82:59:42:a7:09:b1:4c:a9:0b:32:e2:ef:33:18:89:fc:5c:72:
4e:e8:13:78:b7:a9:0e:c3:26:ba:29:20:57:4e:ea:f6:e0:68:
41:f6:31:31:5a:85:2f:e8:d6:b6:e4:98:13:51:56:b8:0d:4b:
eb:19:4a:b2:aa:e3:5e:a4:a0:d5:c2:d8:49:e3:c7:b6:d2:ee:
00:d9:a4:9d:f1:fe:10:7b:03:a5:2c:05:17:54:9d:6e:60:01:
49:c9:ba:06:b8:d8:d4:59:b7:c8:19:c0:79:89:4b:b4:c5:bf:
83:38:14:55:91:fd:3f:28:c1:8b:d9:e9:a7:8c:67:28:42:98:
5f:16:eb:28:4d:4f:b4:7d:f7:1f:56:7b:8e:2f:e6:fa:bc:52:
f3:a5:7c:bf:19:06:94:13:a6:17:dc:15:9d:40:b1:82:d2:d8:
f2:5d:b4:b1
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAeH9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMwMTE2MDUzMloXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTJERTQxMTAvBgNVBAUTKDIxN0MzRDhCRUQwQjQwQzBGQjA4OEI1
OUVFNkU2NUFFNkM2NjFGMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDRWxf4z7oodYqS+hAEPVI2qEcAg6u7i0umCdy88bT60UkQuun1U4jnKU8uLFP7
i2ik6KVw4YUXKvDrxN3I1rFuDOkkgYrAXx+owGZjRuos271Pi+0ods0jZ8mBZPKE
5pBc3ESYQwdqEOQOrgHzezbc8nCwbniRn9rG+KYTQtBaHe4vJVMH/wZAXaqZURr+
BYN/RsAW3JEV9oR5HC9k20ArLCQBBNtWI7L5J3N+lcb61W/wE4rcTtsMGKLwF0YA
K25ql5/pNjrx+3LeUyw4bI2vjvERbu/95fB1/033uyNuqtYMi+XSVtc3yaKDA3y5
NSDvGlz9F7rltDEFx2hcaNwDAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUIXw9i+0L
QMD7CItZ7m5lrmxmHw0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTUyREU0LzRDQ0NDMzMyNzkyQTExRUNCMEM1OTE2MkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1MkRFNC80Q0NDQzMzMjc5MkExMUVDQjBDNTkxNjJDNEY5QUUwMi9JWHc5aS0w
TFFNRDdDSXRaN201bHJteG1IdzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkfJMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ7PGMA0EAgAC
MAcDBQAkAE4gMA0GCSqGSIb3DQEBCwUAA4IBAQAlEImUQNZbw5e/eg3V1CL7XhdU
xNFzrffO6x0zpduGLZ6OQfA5RR4S2MgE1PdilqMyE8p7caIjmkRmf6t83sguPuPq
A/ZIhwIRfJk+IlbII4aSnAo5Ag8S/qiCWUKnCbFMqQsy4u8zGIn8XHJO6BN4t6kO
wya6KSBXTur24GhB9jExWoUv6Na25JgTUVa4DUvrGUqyquNepKDVwthJ48e20u4A
2aSd8f4QewOlLAUXVJ1uYAFJyboGuNjUWbfIGcB5iUu0xb+DOBRVkf0/KMGL2emn
jGcoQphfFusoTU+0ffcfVnuOL+b6vFLzpXy/GQaUE6YX3BWdQLGC0tjyXbSx
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:22 2024 by rpki-client on console-fra.rpki-client.org