Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ks6UC13DAzfS5UIXIhkauSOqdcc.cer
File: Ks6UC13DAzfS5UIXIhkauSOqdcc.cer (raw, json)
Hash identifier: TeQhP5tiI5OlN6DsZGK6o8Nt0MGpjzQTmANcmcSyPUM=
Subject key identifier: 2A:CE:94:0B:5D:C3:03:37:D2:E5:42:17:22:19:1A:B9:23:AA:75:C7
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01EAEE
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9138A9F/82C67EA6C56D11EEB278534AC4F9AE02/Ks6UC13DAzfS5UIXIhkauSOqdcc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9138A9F/82C67EA6C56D11EEB278534AC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 10 Apr 2024 13:59:10 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 103.136.120.0/24
IP: 2001:df0:780::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 08 May 2024 20:59:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125678 (0x1eaee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 10 13:59:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A9138A9F/serialNumber=2ACE940B5DC30337D2E5421722191AB923AA75C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bf:fd:0f:06:d1:3f:61:2c:a9:7d:ac:d3:b3:
94:b3:5e:4b:1e:02:a1:54:93:4b:ab:9b:d5:3b:e8:
db:00:38:cb:2a:7a:9f:bd:77:9e:ac:04:1b:25:1f:
d2:25:6a:9f:a3:79:8b:c4:a4:4d:6a:7f:02:69:b3:
fa:09:4c:9a:a4:b6:6e:9a:71:5d:c5:50:45:84:76:
ba:d7:3c:3f:04:d8:72:a6:81:7f:55:49:cd:b0:a3:
49:b6:2a:c9:de:93:f0:cc:c8:e4:bb:aa:47:39:1b:
80:48:47:3b:b0:c6:56:05:fe:bc:ee:30:49:8a:23:
72:ac:13:c0:33:cb:65:84:39:81:30:03:61:79:e9:
db:54:01:21:e8:05:24:4c:56:95:a2:be:bd:a0:cd:
72:a1:7d:2c:39:e0:f5:61:ef:1e:5b:a7:4a:d8:5f:
f6:a5:42:cc:7a:48:1d:f3:5f:ae:a3:fd:97:3b:aa:
67:00:27:fe:24:f9:cb:da:49:81:63:c5:cc:66:f9:
9f:67:f6:e2:2e:80:07:c4:2d:1f:50:2e:80:af:77:
d4:93:47:1c:67:a5:13:3b:38:8a:2a:a3:93:57:8a:
8b:f1:1a:97:68:5f:06:1a:2b:53:d9:23:37:9d:94:
2e:bf:01:3f:94:cb:8f:f6:05:f0:77:98:ac:55:79:
9c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:CE:94:0B:5D:C3:03:37:D2:E5:42:17:22:19:1A:B9:23:AA:75:C7
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9138A9F/82C67EA6C56D11EEB278534AC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9138A9F/82C67EA6C56D11EEB278534AC4F9AE02/Ks6UC13DAzfS5UIXIhkauSOqdcc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.120.0/24
IPv6:
2001:df0:780::/48
Signature Algorithm: sha256WithRSAEncryption
7f:4f:fa:28:af:73:d3:54:d0:22:60:25:77:d6:d1:31:41:0c:
3a:4b:0b:a5:ad:73:3f:6b:6c:c9:45:fb:b4:1c:e9:c8:2d:de:
af:58:a2:36:30:76:59:fe:40:5b:c1:c8:c2:c0:63:7f:7b:e5:
5c:83:dd:ed:94:47:3e:d8:f3:42:ed:a7:01:8c:6e:33:54:bd:
c3:31:f6:47:75:14:0b:8e:60:0c:ea:77:1d:c8:08:ad:58:a8:
a2:de:ef:41:82:a5:59:b2:c4:32:6f:20:30:ad:70:00:82:ea:
4a:6f:de:34:cd:7f:9b:0f:48:9f:e3:86:23:7f:d1:17:c2:22:
19:0e:e4:0f:ac:a1:c3:ce:d2:ad:6b:1a:a4:84:9f:1a:84:7d:
c3:7a:24:87:20:9b:f1:3b:0e:90:64:de:a1:d2:0f:8e:dd:29:
a6:a2:84:af:19:c6:9c:49:32:ff:a9:e2:9e:2b:b3:26:30:a8:
1b:fa:b5:db:5b:48:6e:cf:54:7a:a6:69:c3:58:eb:e5:c9:a0:
86:fb:12:c2:f7:dc:25:d5:74:55:1e:dc:e3:e2:55:15:d4:fa:
30:ab:6f:7a:e3:42:1d:ef:16:cd:a9:28:4b:08:6c:cc:69:6f:
cb:f2:c7:e8:05:f5:b1:3d:1c:dd:39:6e:18:7e:46:6b:b0:8e:
4c:0f:09:52
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgIDAeruMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQxMDEzNTkxMFoXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzhBOUYxMTAvBgNVBAUTKDJBQ0U5NDBCNURDMzAzMzdEMkU1NDIx
NzIyMTkxQUI5MjNBQTc1QzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/v/0PBtE/YSypfazTs5SzXkseAqFUk0urm9U76NsAOMsqep+9d56sBBslH9Il
ap+jeYvEpE1qfwJps/oJTJqktm6acV3FUEWEdrrXPD8E2HKmgX9VSc2wo0m2Ksne
k/DMyOS7qkc5G4BIRzuwxlYF/rzuMEmKI3KsE8Azy2WEOYEwA2F56dtUASHoBSRM
VpWivr2gzXKhfSw54PVh7x5bp0rYX/alQsx6SB3zX66j/Zc7qmcAJ/4k+cvaSYFj
xcxm+Z9n9uIugAfELR9QLoCvd9STRxxnpRM7OIoqo5NXiovxGpdoXwYaK1PZIzed
lC6/AT+Uy4/2BfB3mKxVeZyvAgMBAAGjggMEMIIDADAdBgNVHQ4EFgQUKs6UC13D
AzfS5UIXIhkauSOqdccwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM4QTlGLzgyQzY3RUE2QzU2RDExRUVCMjc4NTM0QUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzOEE5Ri84MkM2N0VBNkM1NkQxMUVFQjI3ODUzNEFDNEY5QUUwMi9LczZVQzEz
REF6ZlM1VUlYSWhrYXVTT3FkY2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8EITAf
MAwEAgABMAYDBABniHgwDwQCAAIwCQMHACABDfAHgDANBgkqhkiG9w0BAQsFAAOC
AQEAf0/6KK9z01TQImAld9bRMUEMOksLpa1zP2tsyUX7tBzpyC3er1iiNjB2Wf5A
W8HIwsBjf3vlXIPd7ZRHPtjzQu2nAYxuM1S9wzH2R3UUC45gDOp3HcgIrVioot7v
QYKlWbLEMm8gMK1wAILqSm/eNM1/mw9In+OGI3/RF8IiGQ7kD6yhw87SrWsapISf
GoR9w3okhyCb8TsOkGTeodIPjt0ppqKErxnGnEky/6niniuzJjCoG/q121tIbs9U
eqZpw1jr5cmghvsSwvfcJdV0VR7c4+JVFdT6MKtveuNCHe8WzakoSwhszGlvy/LH
6AX1sT0c3TluGH5Ga7COTA8JUg==
-----END CERTIFICATE-----
Generated at Wed May 1 22:08:06 2024 by rpki-client on console-fra.rpki-client.org