Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.cer
File: KuYzMfcZmlWiutnLFPg_q1Bm6Vg.cer (raw, json)
Hash identifier: 02tMpTE7Xbfq39vWahDbB72Z+Ce1VcrzqF3h4ooljOo=
Subject key identifier: 2A:E6:33:31:F7:19:9A:55:A2:BA:D9:CB:14:F8:3F:AB:50:66:E9:58
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01C3C1
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 12 Oct 2023 16:35:16 +0000
Certificate not after: Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources: AS: 55743
IP: 202.59.232.0/23
IP: 2001:df0:2e9::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 26 Apr 2024 06:50:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115649 (0x1c3c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 12 16:35:16 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=A91EE1FB/serialNumber=2AE63331F7199A55A2BAD9CB14F83FAB5066E958
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:9f:cb:b2:39:22:cf:db:42:24:e8:4f:62:ca:
fd:3c:39:8a:24:d8:5a:ae:aa:fb:fa:db:bc:c7:7f:
9e:56:66:ad:c9:2d:b9:ca:36:6b:02:65:bf:b0:cb:
b2:a2:43:6c:09:fb:49:87:51:6f:1d:b0:a5:2d:da:
4c:a3:1e:f9:eb:52:26:b1:32:de:df:cf:ed:75:c8:
00:d9:b4:91:4b:1f:9c:c7:08:e8:10:2a:03:40:a2:
7f:4b:3a:8d:81:f7:8f:17:73:74:40:94:5a:f7:c6:
bd:4f:6d:b2:29:71:67:68:d1:7d:53:50:26:93:f3:
84:1b:6b:5a:4b:6e:26:8c:35:62:42:80:0f:96:e0:
ce:82:2f:7d:3d:e3:a5:c1:b2:8a:34:aa:da:aa:45:
8e:5d:7d:dd:78:cf:d4:c5:c4:9e:d3:93:bb:2f:d6:
4c:6f:69:0f:70:3b:95:7d:a8:51:b5:4e:fb:6b:72:
61:b1:e4:a4:9c:34:56:b0:2a:11:b5:a8:34:f7:a9:
19:f9:47:8c:db:b4:f9:22:a6:3d:7a:cc:ec:28:ff:
5b:e0:7c:65:ce:e6:be:2e:4e:55:40:e6:e0:75:43:
a6:7d:4e:29:dd:d2:33:04:bb:30:5e:8b:71:0c:41:
40:aa:b2:b9:32:c2:75:8a:60:5e:28:8b:fd:3f:a8:
31:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:E6:33:31:F7:19:9A:55:A2:BA:D9:CB:14:F8:3F:AB:50:66:E9:58
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
55743
sbgp-ipAddrBlock: critical
IPv4:
202.59.232.0/23
IPv6:
2001:df0:2e9::/48
Signature Algorithm: sha256WithRSAEncryption
9f:73:31:4a:c3:d3:de:02:89:38:fb:9a:49:46:7e:56:18:b3:
fc:4f:56:5a:69:0d:7b:8f:17:25:03:5a:a6:03:d9:23:e2:1d:
63:6b:b9:e8:b3:30:35:cb:e3:49:a3:ab:ca:3f:79:89:9d:9c:
d4:90:ca:aa:cb:8e:60:17:ac:bf:f2:81:9b:21:6c:6b:0f:3f:
75:c7:cd:38:42:06:e5:2f:3f:0b:32:14:95:a7:d5:e7:4e:10:
f2:ef:0a:2c:40:f7:77:4a:c1:41:8e:7f:11:de:de:7f:4b:e1:
4d:36:02:1c:98:a7:18:8c:97:77:bb:0b:1c:91:95:8c:47:44:
84:8c:a6:e8:af:a9:a5:9b:3b:f1:78:79:83:02:ff:8c:57:d5:
8c:03:17:8f:53:bf:ff:ec:7a:5e:16:7d:70:08:ad:9b:92:5e:
61:06:60:08:3e:dd:06:03:9a:32:49:f0:39:85:92:42:b6:ed:
ed:74:8b:cb:f9:76:ca:94:5f:a7:b4:27:17:dd:72:e2:e6:54:
77:4b:4b:fc:4d:c7:1a:ca:b6:03:2b:83:11:34:1c:43:9e:69:
cd:88:42:27:17:2f:c9:cf:92:1f:61:c4:75:16:cb:49:dc:74:
05:03:da:bf:1a:3b:c2:de:9a:0f:af:27:df:80:cf:1a:c3:17:
54:a9:73:f6
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAcPBMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTAxMjE2MzUxNloXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRUUxRkIxMTAvBgNVBAUTKDJBRTYzMzMxRjcxOTlBNTVBMkJBRDlD
QjE0RjgzRkFCNTA2NkU5NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDsn8uyOSLP20Ik6E9iyv08OYok2Fquqvv627zHf55WZq3JLbnKNmsCZb+wy7Ki
Q2wJ+0mHUW8dsKUt2kyjHvnrUiaxMt7fz+11yADZtJFLH5zHCOgQKgNAon9LOo2B
948Xc3RAlFr3xr1PbbIpcWdo0X1TUCaT84Qba1pLbiaMNWJCgA+W4M6CL30946XB
soo0qtqqRY5dfd14z9TFxJ7Tk7sv1kxvaQ9wO5V9qFG1TvtrcmGx5KScNFawKhG1
qDT3qRn5R4zbtPkipj16zOwo/1vgfGXO5r4uTlVA5uB1Q6Z9Tind0jMEuzBei3EM
QUCqsrkywnWKYF4oi/0/qDGZAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUKuYzMfcZ
mlWiutnLFPg/q1Bm6VgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUVFMUZCLzQ1ODRDMTQ4RkE1RDExRTZCODgxNEYxOUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFRTFGQi80NTg0QzE0OEZBNUQxMUU2Qjg4MTRGMTlDNEY5QUUwMi9LdVl6TWZj
Wm1sV2l1dG5MRlBnX3ExQm02VmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDANm/MDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQByjvoMA8EAgAC
MAkDBwAgAQ3wAukwDQYJKoZIhvcNAQELBQADggEBAJ9zMUrD094CiTj7mklGflYY
s/xPVlppDXuPFyUDWqYD2SPiHWNrueizMDXL40mjq8o/eYmdnNSQyqrLjmAXrL/y
gZshbGsPP3XHzThCBuUvPwsyFJWn1edOEPLvCixA93dKwUGOfxHe3n9L4U02AhyY
pxiMl3e7CxyRlYxHRISMpuivqaWbO/F4eYMC/4xX1YwDF49Tv//sel4WfXAIrZuS
XmEGYAg+3QYDmjJJ8DmFkkK27e10i8v5dsqUX6e0JxfdcuLmVHdLS/xNxxrKtgMr
gxE0HEOeac2IQicXL8nPkh9hxHUWy0ncdAUD2r8aO8Lemg+vJ9+AzxrDF1Spc/Y=
-----END CERTIFICATE-----
Generated at Fri Apr 19 07:43:19 2024 by rpki-client on console-fra.rpki-client.org