Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer
File: LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer (raw, json)
Hash identifier: ODiXa0SwKeR3HrFTdQI1x3JW4GvbpuJudatpin2FfIo=
Subject key identifier: 2D:A2:51:C1:1A:C6:88:14:F5:27:F2:2E:55:DE:9A:C8:C5:7F:D6:6C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01E861
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/LaJRwRrGiBT1J_IuVd6ayMV_1mw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 01 Apr 2024 21:30:31 +0000
Certificate not after: Wed 28 May 2025 00:00:00 +0000
Subordinate resources: AS: 9902
AS: 133200
AS: 137966
AS: 138930
IP: 103.23.136.0/22
IP: 103.25.92.0/22
IP: 103.244.248.0/22
IP: 110.235.220.0/22
IP: 123.108.248.0/21
IP: 124.199.112.0/20
IP: 163.53.196.0/22
IP: 202.124.32.0/20
IP: 203.80.160.0/21
IP: 203.167.16.0/22
IP: 2402:5100::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 May 2024 17:23:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125025 (0x1e861)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 1 21:30:31 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=A9191436/serialNumber=2DA251C11AC68814F527F22E55DE9AC8C57FD66C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d6:a1:03:48:6a:6f:e6:43:53:71:81:a9:5d:
02:10:2e:2f:23:99:cd:45:bb:ef:79:e0:08:2e:54:
53:4b:e2:49:1c:c6:23:ac:ab:a7:a8:a9:7a:8b:ef:
c1:ef:5e:77:23:52:a7:6d:ad:46:c4:03:b3:99:9c:
5b:ef:c9:37:a2:ff:19:74:cd:e4:64:d1:0b:b8:00:
22:62:5a:9e:6c:ac:95:66:67:57:bc:30:46:79:11:
f6:4f:41:68:6f:70:58:f0:79:40:ee:a5:72:32:69:
50:f8:36:9a:29:a7:e7:a5:3b:d2:5c:9b:eb:f6:a5:
38:29:01:f0:eb:b4:8d:94:a5:98:e5:18:d2:23:d1:
74:66:84:6a:75:20:90:1f:80:aa:47:3d:64:0f:9a:
0e:a8:8f:c9:68:39:79:dc:ff:d4:4a:89:41:84:41:
94:f4:61:c4:fc:36:e8:78:8b:89:83:7f:a0:ae:3a:
61:6f:7f:d0:d8:1b:52:61:f5:25:7f:32:d9:73:f6:
bb:dc:7f:45:84:06:65:2a:00:0b:45:9a:94:b4:b0:
2d:66:e3:12:28:c3:f8:58:74:ae:a5:5b:95:36:e7:
c4:9c:40:aa:a6:c3:e6:0c:02:fc:dd:f8:21:0a:f5:
ed:d5:c3:3f:6d:8e:4b:b0:41:d5:6d:40:26:4f:4b:
be:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:A2:51:C1:1A:C6:88:14:F5:27:F2:2E:55:DE:9A:C8:C5:7F:D6:6C
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/LaJRwRrGiBT1J_IuVd6ayMV_1mw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9902
133200
137966
138930
sbgp-ipAddrBlock: critical
IPv4:
103.23.136.0/22
103.25.92.0/22
103.244.248.0/22
110.235.220.0/22
123.108.248.0/21
124.199.112.0/20
163.53.196.0/22
202.124.32.0/20
203.80.160.0/21
203.167.16.0/22
IPv6:
2402:5100::/32
Signature Algorithm: sha256WithRSAEncryption
70:5d:d9:17:2a:0e:95:77:f8:d2:39:ce:28:e4:7e:b4:2f:e9:
22:29:e2:5f:ba:e4:a7:8f:a8:39:92:fb:ba:2d:17:e8:ef:a1:
1e:24:92:0a:4d:59:50:c2:ea:29:3d:ca:00:66:df:85:09:50:
d1:7c:fb:51:3e:e3:ee:7e:19:09:8b:23:39:77:c2:f4:d4:68:
a1:3c:89:6b:d6:71:5c:ed:d1:e4:7c:1c:d2:38:d0:8b:c8:2e:
de:af:e3:17:b1:50:bb:16:80:03:d2:ec:40:8b:c3:ec:0d:9c:
ac:fd:d5:93:5a:d1:b3:39:18:6b:fd:5d:be:5b:72:5c:70:b2:
e9:80:d4:53:58:b5:46:55:50:ae:58:0a:8b:53:8d:00:d3:dd:
ee:c3:03:ab:8a:07:f9:09:36:29:60:12:12:56:35:2b:25:a5:
32:ae:b5:b0:f5:d9:50:2e:e6:ef:22:61:a0:bd:9a:15:72:68:
95:93:f1:f3:ba:6a:49:f0:81:b2:47:61:64:99:15:a1:22:70:
41:b6:b4:43:e2:86:cf:03:28:1b:f5:c4:b4:38:90:d0:c3:39:
7a:1e:e5:aa:fd:43:26:c9:0b:7a:92:a0:c3:34:7d:df:d8:f0:
61:f5:74:ed:26:50:48:bc:d2:0c:77:b2:ae:36:c6:89:69:8f:
18:9f:14:f4
-----BEGIN CERTIFICATE-----
MIIGbTCCBVWgAwIBAgIDAehhMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQwMTIxMzAzMVoXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTE0MzYxMTAvBgNVBAUTKDJEQTI1MUMxMUFDNjg4MTRGNTI3RjIy
RTU1REU5QUM4QzU3RkQ2NkMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCX1qEDSGpv5kNTcYGpXQIQLi8jmc1Fu+954AguVFNL4kkcxiOsq6eoqXqL78Hv
XncjUqdtrUbEA7OZnFvvyTei/xl0zeRk0Qu4ACJiWp5srJVmZ1e8MEZ5EfZPQWhv
cFjweUDupXIyaVD4Npopp+elO9Jcm+v2pTgpAfDrtI2UpZjlGNIj0XRmhGp1IJAf
gKpHPWQPmg6oj8loOXnc/9RKiUGEQZT0YcT8Nuh4i4mDf6CuOmFvf9DYG1Jh9SV/
Mtlz9rvcf0WEBmUqAAtFmpS0sC1m4xIow/hYdK6lW5U258ScQKqmw+YMAvzd+CEK
9e3Vwz9tjkuwQdVtQCZPS77jAgMBAAGjggNiMIIDXjAdBgNVHQ4EFgQULaJRwRrG
iBT1J/IuVd6ayMV/1mwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTkxNDM2L0FBQjgwMkU4Qzc4QzExRThBNzZDRDkxNEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5MTQzNi9BQUI4MDJFOEM3OEMxMUU4QTc2Q0Q5MTRDNEY5QUUwMi9MYUpSd1Jy
R2lCVDFKX0l1VmQ2YXlNVl8xbXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKAYIKwYBBQUHAQgBAf8EGTAX
oBUwEwICJq4CAwIIUAIDAhruAgMCHrIwZAYIKwYBBQUHAQcBAf8EVTBTMEIEAgAB
MDwDBAJnF4gDBAJnGVwDBAJn9PgDBAJu69wDBAN7bPgDBAR8x3ADBAKjNcQDBATK
fCADBAPLUKADBALLpxAwDQQCAAIwBwMFACQCUQAwDQYJKoZIhvcNAQELBQADggEB
AHBd2RcqDpV3+NI5zijkfrQv6SIp4l+65KePqDmS+7otF+jvoR4kkgpNWVDC6ik9
ygBm34UJUNF8+1E+4+5+GQmLIzl3wvTUaKE8iWvWcVzt0eR8HNI40IvILt6v4xex
ULsWgAPS7ECLw+wNnKz91ZNa0bM5GGv9Xb5bclxwsumA1FNYtUZVUK5YCotTjQDT
3e7DA6uKB/kJNilgEhJWNSslpTKutbD12VAu5u8iYaC9mhVyaJWT8fO6aknwgbJH
YWSZFaEicEG2tEPihs8DKBv1xLQ4kNDDOXoe5ar9QybJC3qSoMM0fd/Y8GH1dO0m
UEi80gx3sq42xolpjxifFPQ=
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:37:09 2024 by rpki-client on console-ams.rpki-client.org