Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer
File: KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer (raw, json)
Hash identifier: yK7qwYVtmLz9T4mU4/aIW7JKK15i6NRvpKXk+csIS4s=
Subject key identifier: 28:17:D4:A8:64:4A:EC:41:9A:DC:CE:E3:0C:4E:87:A2:4D:2F:F5:7B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01C665
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 27 Oct 2023 04:46:38 +0000
Certificate not after: Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources: AS: 45748
IP: 202.14.70.0/23
IP: 202.43.118.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 May 2024 03:16:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116325 (0x1c665)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 27 04:46:38 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=A9158650/serialNumber=2817D4A8644AEC419ADCCEE30C4E87A24D2FF57B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:29:72:6a:54:3f:28:1c:34:ca:59:46:35:0b:
a8:92:c5:98:c3:9e:18:b8:f7:2d:e4:bb:cb:4a:67:
d0:0d:b4:78:f5:d7:b2:00:f1:75:f1:a4:d8:01:22:
e8:50:43:e2:a8:91:38:29:83:f7:4e:2d:dc:23:af:
de:60:7b:c6:98:6d:17:ee:1a:ed:d0:24:42:64:f4:
b7:72:23:8a:4b:00:99:c9:f6:71:0f:73:f0:3f:4d:
0c:5c:87:6c:50:3f:43:46:58:bc:f0:e6:2f:ce:9d:
f2:38:e1:f4:8a:b6:7f:83:31:02:02:33:26:4e:d2:
99:de:66:e7:16:f2:40:4e:f2:d0:86:9a:7a:28:db:
f4:80:45:4a:65:13:5a:29:af:14:ef:68:0e:36:33:
e8:83:3e:1a:7f:1b:e4:1e:08:c5:46:e4:66:b7:ed:
4f:1e:04:2a:af:fa:57:f5:6f:e1:92:30:85:bb:da:
44:7c:9a:a5:1e:97:0a:a6:5a:e4:70:9d:38:ed:7e:
e9:50:ea:28:10:07:5f:15:91:a7:93:65:3a:f1:c5:
63:a9:2d:8e:ee:90:09:4f:37:50:d1:ec:a4:39:6e:
31:c3:02:45:44:8e:cb:00:d4:03:15:02:09:89:17:
b2:23:43:fa:9a:ad:55:ab:fb:38:a0:3a:6b:8a:10:
0a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:17:D4:A8:64:4A:EC:41:9A:DC:CE:E3:0C:4E:87:A2:4D:2F:F5:7B
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
45748
sbgp-ipAddrBlock: critical
IPv4:
202.14.70.0/23
202.43.118.0/23
Signature Algorithm: sha256WithRSAEncryption
46:73:cb:de:1e:fb:05:a7:bb:f1:6f:70:0f:69:70:62:b7:72:
8f:5b:06:70:8d:7d:48:26:d3:8d:e1:83:f4:22:9b:26:a7:89:
8c:bb:59:85:7e:60:e5:e0:5f:66:6c:ab:5d:a3:cd:61:a7:32:
a0:24:51:bf:94:4b:f5:6b:46:8f:24:49:b6:c3:2e:d8:e9:7c:
5d:9c:e1:8e:a0:4e:b7:29:80:ce:57:0c:04:9e:63:02:57:90:
e1:91:5b:1e:cc:75:dd:60:65:e2:c5:b2:57:e5:77:1f:63:c1:
af:38:63:09:6a:e5:93:a7:3a:27:d6:48:ca:43:2a:ce:b3:42:
06:10:f2:9e:3c:6c:09:5b:f0:93:81:40:13:62:63:50:6e:ee:
32:32:c7:f8:ae:d5:2d:a4:4f:aa:4f:7c:f5:40:e7:61:96:59:
b0:86:17:8c:d0:62:97:ba:4c:1f:2d:21:68:78:f3:eb:1d:9b:
ee:e3:01:3b:10:e5:c4:c6:e2:52:2b:9d:93:76:63:d4:18:07:
6b:f6:19:ee:f8:7f:76:e8:99:dd:b7:45:52:e9:35:35:ea:aa:
d8:75:2c:ca:b4:25:6e:c1:62:b7:ea:bd:3c:1e:45:91:86:29:
7a:1c:4d:fd:fe:b5:c3:1b:88:a5:86:56:52:67:ba:2d:f3:bc:
fe:2c:21:e1
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgIDAcZlMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTAyNzA0NDYzOFoXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTg2NTAxMTAvBgNVBAUTKDI4MTdENEE4NjQ0QUVDNDE5QURDQ0VF
MzBDNEU4N0EyNEQyRkY1N0IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCyKXJqVD8oHDTKWUY1C6iSxZjDnhi49y3ku8tKZ9ANtHj117IA8XXxpNgBIuhQ
Q+KokTgpg/dOLdwjr95ge8aYbRfuGu3QJEJk9LdyI4pLAJnJ9nEPc/A/TQxch2xQ
P0NGWLzw5i/OnfI44fSKtn+DMQICMyZO0pneZucW8kBO8tCGmnoo2/SARUplE1op
rxTvaA42M+iDPhp/G+QeCMVG5Ga37U8eBCqv+lf1b+GSMIW72kR8mqUelwqmWuRw
nTjtfulQ6igQB18VkaeTZTrxxWOpLY7ukAlPN1DR7KQ5bjHDAkVEjssA1AMVAgmJ
F7IjQ/qarVWr+zigOmuKEAplAgMBAAGjggMVMIIDETAdBgNVHQ4EFgQUKBfUqGRK
7EGa3M7jDE6Hok0v9XswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTU4NjUwLzc3NThEMkMyQkRBNzExRURBRUNENEE1REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1ODY1MC83NzU4RDJDMkJEQTcxMUVEQUVDRDRBNURDNEY5QUUwMi9LQmZVcUdS
SzdFR2EzTTdqREU2SG9rMHY5WHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDALK0MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQByg5GAwQByit2
MA0GCSqGSIb3DQEBCwUAA4IBAQBGc8veHvsFp7vxb3APaXBit3KPWwZwjX1IJtON
4YP0Ipsmp4mMu1mFfmDl4F9mbKtdo81hpzKgJFG/lEv1a0aPJEm2wy7Y6XxdnOGO
oE63KYDOVwwEnmMCV5DhkVsezHXdYGXixbJX5XcfY8GvOGMJauWTpzon1kjKQyrO
s0IGEPKePGwJW/CTgUATYmNQbu4yMsf4rtUtpE+qT3z1QOdhllmwhheM0GKXukwf
LSFoePPrHZvu4wE7EOXExuJSK52TdmPUGAdr9hnu+H926Jndt0VS6TU16qrYdSzK
tCVuwWK36r08HkWRhil6HE39/rXDG4ilhlZSZ7ot87z+LCHh
-----END CERTIFICATE-----
Generated at Thu Apr 25 04:06:58 2024 by rpki-client on console-ams.rpki-client.org