Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer
File: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer (raw, json)
Hash identifier: RrtQbIQMOPAevfxi9x7GAx2honqG3sqwlDzbwbYT7B8=
Subject key identifier: 28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0212F7
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 09 Oct 2024 04:18:44 +0000
Certificate not after: Mon 01 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 133778
IP: 103.42.92.0/22
IP: 2401:40c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 04 Dec 2024 01:13:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 135927 (0x212f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 9 04:18:44 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=A9194677/serialNumber=2876825F77C24A167DC41215350F688792981A67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0d:2d:9f:e4:3a:98:5b:02:c7:70:9d:b7:e2:
d3:26:1f:07:f4:9f:cc:f1:de:3e:8f:f7:69:09:75:
1c:eb:10:92:09:72:f0:b7:0f:b4:5a:00:87:c6:78:
55:da:e3:f1:b2:df:4f:f5:14:44:8a:c9:3d:79:80:
c9:81:0a:14:50:63:cc:fe:74:eb:d6:57:5c:b1:3a:
a5:b3:b9:a9:73:fe:8e:ac:5f:b3:02:ea:75:b9:be:
67:4e:b6:9c:9c:0d:5a:7d:e3:aa:67:2b:41:14:4c:
c7:dc:e0:95:37:9c:03:4b:14:0f:5e:27:38:32:91:
6a:3a:ab:b2:c3:9a:38:a5:75:c0:0e:9c:b0:fb:1a:
ea:ba:ef:24:db:99:31:28:94:a0:44:7a:44:b4:5a:
17:1b:f3:83:7f:6a:58:ec:d1:f3:68:dc:19:0c:de:
0a:13:7c:01:b5:39:82:4f:35:f1:e7:4b:54:8c:af:
45:94:59:09:f1:f5:20:4a:21:57:ef:1d:9c:ed:c5:
0d:00:e0:a7:36:75:18:95:f2:f1:bf:f2:79:4d:fa:
8e:76:8e:b2:d9:ec:d1:d7:e2:2c:e7:a1:37:7b:e4:
87:7a:e7:25:ae:aa:ed:d3:9e:80:8a:45:7d:fb:ad:
f4:3e:3c:f5:c9:23:25:11:3a:0e:e4:e9:f3:f3:74:
d0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
133778
sbgp-ipAddrBlock: critical
IPv4:
103.42.92.0/22
IPv6:
2401:40c0::/32
Signature Algorithm: sha256WithRSAEncryption
2a:10:82:48:d5:74:cc:b5:82:a5:29:05:0b:49:56:a3:eb:be:
0f:e7:bb:e2:24:8e:3d:f7:72:d4:5c:f9:52:cc:5f:60:52:41:
81:98:22:86:87:4e:2c:7a:70:d3:60:02:f0:ef:61:60:0f:d0:
ec:72:82:e4:a8:01:3d:0e:e8:2b:d2:14:f5:41:93:5f:dd:f4:
c6:0d:3a:72:45:31:ae:7c:2b:36:1e:06:eb:95:18:89:55:b0:
8a:d6:2f:d7:d3:9e:a2:c6:92:50:d2:e0:d8:89:8e:0d:74:2b:
73:c0:10:b0:83:1d:25:e7:5c:b9:73:3e:d4:5d:c3:30:36:4f:
91:60:bb:79:1c:d7:e1:f1:45:a2:cb:46:13:7b:61:59:a6:6b:
43:f5:70:c6:cc:04:a3:1f:3a:23:25:cf:44:e0:a7:85:9c:97:
30:aa:2c:61:2d:9e:b8:fb:b1:29:b0:85:23:dc:42:a5:00:d7:
f2:d5:6d:5d:08:b6:e3:b5:5a:a6:52:7b:63:c6:91:5b:3a:6d:
83:f4:12:4f:fb:13:3d:b0:4f:c8:4b:12:83:5f:9e:68:89:68:
a7:aa:46:c4:c2:3b:41:3d:c6:00:e5:ba:81:af:b8:ff:28:6c:
ad:20:08:b4:7d:d4:41:64:4c:32:72:99:98:f1:4a:dd:e6:90:
55:b0:5b:9a
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAhL3MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTAwOTA0MTg0NFoXDTI1MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTQ2NzcxMTAvBgNVBAUTKDI4NzY4MjVGNzdDMjRBMTY3REM0MTIx
NTM1MEY2ODg3OTI5ODFBNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLDS2f5DqYWwLHcJ234tMmHwf0n8zx3j6P92kJdRzrEJIJcvC3D7RaAIfGeFXa
4/Gy30/1FESKyT15gMmBChRQY8z+dOvWV1yxOqWzualz/o6sX7MC6nW5vmdOtpyc
DVp946pnK0EUTMfc4JU3nANLFA9eJzgykWo6q7LDmjildcAOnLD7Guq67yTbmTEo
lKBEekS0Whcb84N/aljs0fNo3BkM3goTfAG1OYJPNfHnS1SMr0WUWQnx9SBKIVfv
HZztxQ0A4Kc2dRiV8vG/8nlN+o52jrLZ7NHX4iznoTd75Id65yWuqu3TnoCKRX37
rfQ+PPXJIyUROg7k6fPzdND5AgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUKHaCX3fC
ShZ9xBIVNQ9oh5KYGmcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTk0Njc3LzAyMjdGNzg2NTc3NTExRUU5MkFDQTc1OUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5NDY3Ny8wMjI3Rjc4NjU3NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNm
Q1NoWjl4QklWTlE5b2g1S1lHbWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgqSMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZypcMA0EAgAC
MAcDBQAkAUDAMA0GCSqGSIb3DQEBCwUAA4IBAQAqEIJI1XTMtYKlKQULSVaj674P
57viJI4993LUXPlSzF9gUkGBmCKGh04senDTYALw72FgD9DscoLkqAE9Dugr0hT1
QZNf3fTGDTpyRTGufCs2HgbrlRiJVbCK1i/X056ixpJQ0uDYiY4NdCtzwBCwgx0l
51y5cz7UXcMwNk+RYLt5HNfh8UWiy0YTe2FZpmtD9XDGzASjHzojJc9E4KeFnJcw
qixhLZ64+7EpsIUj3EKlANfy1W1dCLbjtVqmUntjxpFbOm2D9BJP+xM9sE/ISxKD
X55oiWinqkbEwjtBPcYA5bqBr7j/KGytIAi0fdRBZEwycpmY8Urd5pBVsFua
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:04:57 2024 by rpki-client on console-ams.rpki-client.org