Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer
File: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer (raw, json)
Hash identifier: s5rj/IT0ybVTeAdQPjEJmzkten9t0EUaeI+m6e3SFqY=
Subject key identifier: 28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01C453
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 16 Oct 2023 17:25:57 +0000
Certificate not after: Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources: AS: 133778
IP: 103.42.92.0/22
IP: 2401:40c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 09 May 2024 05:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115795 (0x1c453)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 16 17:25:57 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=A9194677/serialNumber=2876825F77C24A167DC41215350F688792981A67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0d:2d:9f:e4:3a:98:5b:02:c7:70:9d:b7:e2:
d3:26:1f:07:f4:9f:cc:f1:de:3e:8f:f7:69:09:75:
1c:eb:10:92:09:72:f0:b7:0f:b4:5a:00:87:c6:78:
55:da:e3:f1:b2:df:4f:f5:14:44:8a:c9:3d:79:80:
c9:81:0a:14:50:63:cc:fe:74:eb:d6:57:5c:b1:3a:
a5:b3:b9:a9:73:fe:8e:ac:5f:b3:02:ea:75:b9:be:
67:4e:b6:9c:9c:0d:5a:7d:e3:aa:67:2b:41:14:4c:
c7:dc:e0:95:37:9c:03:4b:14:0f:5e:27:38:32:91:
6a:3a:ab:b2:c3:9a:38:a5:75:c0:0e:9c:b0:fb:1a:
ea:ba:ef:24:db:99:31:28:94:a0:44:7a:44:b4:5a:
17:1b:f3:83:7f:6a:58:ec:d1:f3:68:dc:19:0c:de:
0a:13:7c:01:b5:39:82:4f:35:f1:e7:4b:54:8c:af:
45:94:59:09:f1:f5:20:4a:21:57:ef:1d:9c:ed:c5:
0d:00:e0:a7:36:75:18:95:f2:f1:bf:f2:79:4d:fa:
8e:76:8e:b2:d9:ec:d1:d7:e2:2c:e7:a1:37:7b:e4:
87:7a:e7:25:ae:aa:ed:d3:9e:80:8a:45:7d:fb:ad:
f4:3e:3c:f5:c9:23:25:11:3a:0e:e4:e9:f3:f3:74:
d0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
133778
sbgp-ipAddrBlock: critical
IPv4:
103.42.92.0/22
IPv6:
2401:40c0::/32
Signature Algorithm: sha256WithRSAEncryption
d1:11:41:aa:e9:da:51:c4:a8:ff:62:31:22:fb:40:2c:31:20:
35:63:97:c6:0c:52:58:33:6f:a1:21:75:a3:55:3a:8f:dd:66:
38:b0:d1:da:3d:d3:76:47:66:90:69:ec:44:99:e0:69:82:ac:
66:ad:0d:54:98:a0:ac:8d:4c:26:ea:e1:d9:ef:31:8b:c6:62:
85:9b:85:a5:a8:4f:96:d1:d0:74:61:81:71:cc:12:3c:65:79:
28:8f:64:5a:c5:e4:c0:cc:5b:de:64:77:2e:f6:61:77:d2:23:
cc:29:77:e1:11:40:d5:a8:fd:7a:f5:7e:5c:75:76:ed:cf:52:
7d:5d:45:a7:66:18:86:b8:61:0b:ea:52:2a:18:86:25:57:29:
52:4a:9e:68:ce:de:d6:f0:bc:5e:b5:1e:fb:34:b9:57:58:19:
3e:59:4c:09:e7:bc:71:5c:e7:65:79:10:2d:0d:cb:94:2d:49:
c3:01:b2:8f:f3:dc:94:a7:af:8b:2a:2d:78:8c:2f:78:5c:a9:
10:cf:f8:51:c9:22:dc:8b:db:16:7e:c5:bb:d1:76:3b:17:ff:
a4:94:69:93:fa:8a:f0:0c:d0:c6:ae:f2:ca:70:f9:07:69:0b:
8e:d0:1f:35:ec:1e:06:56:93:7a:9d:e4:50:b6:11:6f:f7:a1:
b5:97:06:ad
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAcRTMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTAxNjE3MjU1N1oXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTQ2NzcxMTAvBgNVBAUTKDI4NzY4MjVGNzdDMjRBMTY3REM0MTIx
NTM1MEY2ODg3OTI5ODFBNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLDS2f5DqYWwLHcJ234tMmHwf0n8zx3j6P92kJdRzrEJIJcvC3D7RaAIfGeFXa
4/Gy30/1FESKyT15gMmBChRQY8z+dOvWV1yxOqWzualz/o6sX7MC6nW5vmdOtpyc
DVp946pnK0EUTMfc4JU3nANLFA9eJzgykWo6q7LDmjildcAOnLD7Guq67yTbmTEo
lKBEekS0Whcb84N/aljs0fNo3BkM3goTfAG1OYJPNfHnS1SMr0WUWQnx9SBKIVfv
HZztxQ0A4Kc2dRiV8vG/8nlN+o52jrLZ7NHX4iznoTd75Id65yWuqu3TnoCKRX37
rfQ+PPXJIyUROg7k6fPzdND5AgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUKHaCX3fC
ShZ9xBIVNQ9oh5KYGmcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTk0Njc3LzAyMjdGNzg2NTc3NTExRUU5MkFDQTc1OUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5NDY3Ny8wMjI3Rjc4NjU3NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNm
Q1NoWjl4QklWTlE5b2g1S1lHbWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgqSMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZypcMA0EAgAC
MAcDBQAkAUDAMA0GCSqGSIb3DQEBCwUAA4IBAQDREUGq6dpRxKj/YjEi+0AsMSA1
Y5fGDFJYM2+hIXWjVTqP3WY4sNHaPdN2R2aQaexEmeBpgqxmrQ1UmKCsjUwm6uHZ
7zGLxmKFm4WlqE+W0dB0YYFxzBI8ZXkoj2RaxeTAzFveZHcu9mF30iPMKXfhEUDV
qP169X5cdXbtz1J9XUWnZhiGuGEL6lIqGIYlVylSSp5ozt7W8LxetR77NLlXWBk+
WUwJ57xxXOdleRAtDcuULUnDAbKP89yUp6+LKi14jC94XKkQz/hRySLci9sWfsW7
0XY7F/+klGmT+orwDNDGrvLKcPkHaQuO0B817B4GVpN6neRQthFv96G1lwat
-----END CERTIFICATE-----
Generated at Thu May 2 06:14:04 2024 by rpki-client on console-fra.rpki-client.org