Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JI9ViOqPx90KO02h4VWAMcDZJ-Q.cer
File: JI9ViOqPx90KO02h4VWAMcDZJ-Q.cer (raw, json)
Hash identifier: xear7RPbfL0brHhjk+IWuyLxUbe6co2HBgER9IVDIa0=
Subject key identifier: 24:8F:55:88:EA:8F:C7:DD:0A:3B:4D:A1:E1:55:80:31:C0:D9:27:E4
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01EB81
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911E008/DD88C3AEF1D311E797ED4240C4F9AE02/JI9ViOqPx90KO02h4VWAMcDZJ-Q.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911E008/DD88C3AEF1D311E797ED4240C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 15 Apr 2024 12:59:33 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 23749
IP: 112.213.64.0/20
IP: 202.122.96.0/20
IP: 2401:3c60::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 May 2024 21:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125825 (0x1eb81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 15 12:59:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A911E008/serialNumber=248F5588EA8FC7DD0A3B4DA1E1558031C0D927E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:35:c9:89:9a:cf:bd:2c:d6:f7:b3:22:49:42:
0a:da:07:b0:63:ac:2e:8a:83:c3:a4:cb:be:33:2c:
12:97:d8:77:3b:c8:76:43:62:80:94:bd:32:3a:51:
19:5b:a7:6c:31:a2:b6:5b:19:61:39:c1:3b:78:f6:
17:1d:4c:1c:48:20:e7:f4:08:ee:50:46:e6:3d:f9:
4f:ae:34:e7:62:c4:71:bc:ee:df:03:8e:eb:2f:43:
4f:96:86:67:42:c1:c4:d3:a5:d5:dd:40:fa:ba:a0:
b8:69:f0:9c:4e:55:76:75:7b:38:74:9d:68:19:01:
6c:9e:ed:ec:2a:2b:24:6f:33:8a:81:6a:53:38:69:
4e:6c:b4:f5:5f:10:76:a9:05:2a:01:72:16:78:c4:
74:49:26:c6:3b:48:70:4a:38:90:a2:39:36:c4:4f:
9f:5d:c0:dc:63:2e:bc:f0:02:91:e7:ca:b2:cc:4b:
01:a4:16:43:29:8e:8b:df:3a:78:c3:70:ed:36:6e:
e1:b6:93:1a:f5:3d:88:6b:42:06:92:22:7e:b7:f4:
66:6e:b1:e1:29:71:a0:42:34:67:ce:23:c9:fa:b7:
fb:17:4f:d1:ee:d0:38:2c:e1:ca:06:12:77:58:f2:
33:3b:44:f0:24:3b:57:9a:18:48:06:3c:12:95:c9:
92:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8F:55:88:EA:8F:C7:DD:0A:3B:4D:A1:E1:55:80:31:C0:D9:27:E4
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911E008/DD88C3AEF1D311E797ED4240C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911E008/DD88C3AEF1D311E797ED4240C4F9AE02/JI9ViOqPx90KO02h4VWAMcDZJ-Q.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
23749
sbgp-ipAddrBlock: critical
IPv4:
112.213.64.0/20
202.122.96.0/20
IPv6:
2401:3c60::/32
Signature Algorithm: sha256WithRSAEncryption
80:4e:92:c6:9a:fd:2c:11:cd:65:f6:ed:e2:98:ce:04:e5:6e:
a2:c0:09:54:4a:84:c2:08:fb:fb:0d:bf:bb:64:27:3c:a3:12:
5a:19:aa:ba:a1:26:2b:3c:87:22:65:e5:91:cf:2b:41:c3:73:
75:81:a5:dc:0e:ba:28:3c:82:70:80:2a:17:b5:8d:f2:8a:92:
d1:d0:f8:2e:7e:62:96:2c:cf:48:c9:aa:bc:5b:af:c0:f7:d5:
51:5f:5d:f4:3c:18:db:14:c9:95:bb:3d:06:c3:81:80:d2:d4:
8d:1a:76:0d:b1:3f:d2:34:ef:1d:1b:1f:7a:90:ba:c9:bb:40:
6e:5c:db:c0:9d:8b:3d:ea:81:ae:3e:f9:8f:5a:d0:c7:5f:c8:
e6:05:02:b5:2a:9c:8a:94:2a:60:54:69:d7:86:cb:13:f8:42:
e5:46:9f:b8:2b:31:d6:28:2f:36:d5:10:c4:76:4e:2b:31:61:
13:91:8d:59:cd:01:26:7f:08:f0:5d:f3:c3:72:3d:f7:a2:1e:
01:a4:9c:9f:32:5a:23:27:2b:f9:29:3f:ee:08:18:fa:aa:0d:
b9:ae:b8:97:16:14:3f:3d:06:fa:4b:e5:81:7c:e1:35:56:42:
a3:a3:91:0d:05:70:d5:a2:5c:52:0c:53:d8:c5:19:9b:03:69:
df:56:66:a3
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgIDAeuBMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQxNTEyNTkzM1oXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMUUwMDgxMTAvBgNVBAUTKDI0OEY1NTg4RUE4RkM3REQwQTNCNERB
MUUxNTU4MDMxQzBEOTI3RTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDRNcmJms+9LNb3syJJQgraB7BjrC6Kg8Oky74zLBKX2Hc7yHZDYoCUvTI6URlb
p2wxorZbGWE5wTt49hcdTBxIIOf0CO5QRuY9+U+uNOdixHG87t8DjusvQ0+WhmdC
wcTTpdXdQPq6oLhp8JxOVXZ1ezh0nWgZAWye7ewqKyRvM4qBalM4aU5stPVfEHap
BSoBchZ4xHRJJsY7SHBKOJCiOTbET59dwNxjLrzwApHnyrLMSwGkFkMpjovfOnjD
cO02buG2kxr1PYhrQgaSIn639GZuseEpcaBCNGfOI8n6t/sXT9Hu0Dgs4coGEndY
8jM7RPAkO1eaGEgGPBKVyZK7AgMBAAGjggMjMIIDHzAdBgNVHQ4EFgQUJI9ViOqP
x90KO02h4VWAMcDZJ+QwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTFFMDA4L0REODhDM0FFRjFEMzExRTc5N0VENDI0MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExRTAwOC9ERDg4QzNBRUYxRDMxMUU3OTdFRDQyNDBDNEY5QUUwMi9KSTlWaU9x
UHg5MEtPMDJoNFZXQU1jRFpKLVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICXMUwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBARw1UADBATKemAw
DQQCAAIwBwMFACQBPGAwDQYJKoZIhvcNAQELBQADggEBAIBOksaa/SwRzWX27eKY
zgTlbqLACVRKhMII+/sNv7tkJzyjEloZqrqhJis8hyJl5ZHPK0HDc3WBpdwOuig8
gnCAKhe1jfKKktHQ+C5+YpYsz0jJqrxbr8D31VFfXfQ8GNsUyZW7PQbDgYDS1I0a
dg2xP9I07x0bH3qQusm7QG5c28Cdiz3qga4++Y9a0MdfyOYFArUqnIqUKmBUadeG
yxP4QuVGn7grMdYoLzbVEMR2TisxYRORjVnNASZ/CPBd88NyPfeiHgGknJ8yWiMn
K/kpP+4IGPqqDbmuuJcWFD89BvpL5YF84TVWQqOjkQ0FcNWiXFIMU9jFGZsDad9W
ZqM=
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:34:19 2024 by rpki-client on console-fra.rpki-client.org