Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LDTzNZTMO-PAfo54N2v8QzJjFUg.cer
File: LDTzNZTMO-PAfo54N2v8QzJjFUg.cer (raw, json)
Hash identifier: K85lo0c+FQgdMjMO4VrDgNEQRSBd7oB5Hif9ZdTCNLc=
Subject key identifier: 2C:34:F3:35:94:CC:3B:E3:C0:7E:8E:78:37:6B:FC:43:32:63:15:48
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01CD49
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A914ADD8/A4D8104E1D8711E2834CB9DF08B02CD2/LDTzNZTMO-PAfo54N2v8QzJjFUg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A914ADD8/A4D8104E1D8711E2834CB9DF08B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 28 Nov 2023 14:31:59 +0000
Certificate not after: Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources: AS: 17554
AS: 38864
IP: 202.68.192.0/20
IP: 2001:4480::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118089 (0x1cd49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 28 14:31:59 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=A914ADD8/serialNumber=2C34F33594CC3BE3C07E8E78376BFC4332631548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b8:5b:7a:cf:8b:51:f8:c7:6e:8e:fe:63:bd:
34:35:e1:1e:bc:47:ab:d0:f4:71:3f:db:49:5b:a9:
6c:5a:90:92:20:55:87:4d:21:89:1f:ef:4c:0e:f2:
f4:c4:0e:fb:ab:16:7a:16:8f:88:59:8b:bf:58:23:
07:68:0d:67:b8:08:5d:f6:eb:ca:58:d7:78:2c:b3:
09:65:47:4d:40:b0:92:56:21:af:eb:d3:5c:6a:8e:
c9:ba:f5:1b:92:c9:6b:9d:b7:d3:90:e1:bb:22:d5:
f1:92:98:96:e1:ec:77:1f:63:f0:49:eb:8a:20:e4:
ca:3c:7d:66:8c:e7:9f:43:62:41:86:84:b6:46:80:
b1:0e:d1:05:07:86:bd:0a:79:20:87:19:bf:cf:59:
df:b4:29:e1:bf:46:a8:56:7e:1d:b1:c5:03:e5:6b:
13:44:6b:a9:5c:50:be:7a:a9:f6:3b:a9:a7:be:35:
ec:82:11:f8:c3:f4:3c:7f:40:b3:10:fc:58:78:88:
fd:1b:24:20:b6:69:c9:b0:da:bd:79:fc:57:70:90:
a6:86:86:d1:95:00:32:2a:b1:d9:81:c6:66:4c:9d:
fb:66:29:1e:49:d2:6f:df:68:19:4a:e0:11:6a:12:
56:2f:f6:d5:61:4b:53:c2:e1:c3:9a:91:f8:d4:0a:
85:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:34:F3:35:94:CC:3B:E3:C0:7E:8E:78:37:6B:FC:43:32:63:15:48
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A914ADD8/A4D8104E1D8711E2834CB9DF08B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A914ADD8/A4D8104E1D8711E2834CB9DF08B02CD2/LDTzNZTMO-PAfo54N2v8QzJjFUg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
17554
38864
sbgp-ipAddrBlock: critical
IPv4:
202.68.192.0/20
IPv6:
2001:4480::/32
Signature Algorithm: sha256WithRSAEncryption
89:7d:14:a3:ff:16:a8:a1:cf:fc:16:10:72:b9:f1:1b:02:e0:
4c:6e:02:bb:6a:f5:38:65:7c:78:73:47:1d:90:58:28:32:12:
64:7b:63:c4:26:6a:87:65:f7:c2:06:d0:55:4e:f6:6f:58:4a:
fd:f3:71:b9:3e:e8:12:9e:54:49:d6:c6:ae:d3:1e:dc:05:cd:
59:9e:46:84:33:06:8a:34:a6:b3:ca:de:e6:94:05:75:23:16:
14:d7:c5:dd:c4:b6:c1:8b:b2:e2:91:6d:41:13:02:d8:89:a7:
9a:1e:9e:b3:1f:fc:be:b5:03:65:75:53:a9:fb:33:d4:60:4d:
66:8a:3b:de:f2:f3:2a:ba:47:90:81:30:0d:16:41:67:dc:13:
94:75:d9:d7:5c:95:8b:17:c1:a0:83:83:a2:ef:49:a0:ed:aa:
1a:ac:a3:a2:3a:7a:99:27:70:da:12:31:0e:28:59:01:30:89:
dd:78:38:dd:e7:e2:40:06:64:85:4c:9b:25:89:d2:9a:23:c7:
ae:bd:10:3d:ba:9f:b9:cc:18:6c:b0:5a:8a:48:86:ef:7c:a0:
0e:ae:a5:96:69:34:a8:60:9b:1d:e4:ab:3f:f1:a7:10:98:0a:
3c:89:d8:61:12:aa:6f:a1:a4:e8:95:fb:e6:c9:9f:7b:b1:24:
dd:81:d4:6d
-----BEGIN CERTIFICATE-----
MIIGLTCCBRWgAwIBAgIDAc1JMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEyODE0MzE1OVoXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNEFERDgxMTAvBgNVBAUTKDJDMzRGMzM1OTRDQzNCRTNDMDdFOEU3
ODM3NkJGQzQzMzI2MzE1NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCuFt6z4tR+Mdujv5jvTQ14R68R6vQ9HE/20lbqWxakJIgVYdNIYkf70wO8vTE
DvurFnoWj4hZi79YIwdoDWe4CF3268pY13gsswllR01AsJJWIa/r01xqjsm69RuS
yWudt9OQ4bsi1fGSmJbh7HcfY/BJ64og5Mo8fWaM559DYkGGhLZGgLEO0QUHhr0K
eSCHGb/PWd+0KeG/RqhWfh2xxQPlaxNEa6lcUL56qfY7qae+NeyCEfjD9Dx/QLMQ
/Fh4iP0bJCC2acmw2r15/FdwkKaGhtGVADIqsdmBxmZMnftmKR5J0m/faBlK4BFq
ElYv9tVhS1PC4cOakfjUCoUxAgMBAAGjggMiMIIDHjAdBgNVHQ4EFgQULDTzNZTM
O+PAfo54N2v8QzJjFUgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTRBREQ4L0E0RDgxMDRFMUQ4NzExRTI4MzRDQjlERjA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0QUREOC9BNEQ4MTA0RTFEODcxMUUyODM0Q0I5REYwOEIwMkNEMi9MRFR6TlpU
TU8tUEFmbzU0TjJ2OFF6SmpGVWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQgBAf8EDzAN
oAswCQICRJICAwCX0DAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBMpEwDAN
BAIAAjAHAwUAIAFEgDANBgkqhkiG9w0BAQsFAAOCAQEAiX0Uo/8WqKHP/BYQcrnx
GwLgTG4Cu2r1OGV8eHNHHZBYKDISZHtjxCZqh2X3wgbQVU72b1hK/fNxuT7oEp5U
SdbGrtMe3AXNWZ5GhDMGijSms8re5pQFdSMWFNfF3cS2wYuy4pFtQRMC2Imnmh6e
sx/8vrUDZXVTqfsz1GBNZoo73vLzKrpHkIEwDRZBZ9wTlHXZ11yVixfBoIODou9J
oO2qGqyjojp6mSdw2hIxDihZATCJ3Xg43efiQAZkhUybJYnSmiPHrr0QPbqfucwY
bLBaikiG73ygDq6llmk0qGCbHeSrP/GnEJgKPInYYRKqb6Gk6JX75smfe7Ek3YHU
bQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:25 2024 by rpki-client on console-fra.rpki-client.org