Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAcahjo8bvLdNnlfRVQOL7aJUKA.cer
File: NAcahjo8bvLdNnlfRVQOL7aJUKA.cer (raw, json)
Hash identifier: kAb1ePY6V12UWXPTtAAA0liAx0tsJ+KEzJQCyVts4Hc=
Subject key identifier: 34:07:1A:86:3A:3C:6E:F2:DD:36:79:5F:45:54:0E:2F:B6:89:50:A0
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 022AEF
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.owl.net/rrdp/owl/0/34071A863A3C6EF2DD36795F45540E2FB68950A0.mft
caRepository: rsync://rpki.owl.net/rrdp/owl/0/
Notify URL: https://rpki.owl.net/rrdp/notification.xml
Certificate not before: Wed 22 Jan 2025 20:56:57 +0000
Certificate not after: Mon 02 Mar 2026 00:00:00 +0000
Subordinate resources: AS: 23959
IP: 103.125.232.0/22
IP: 2403:fbc0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142063 (0x22aef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 22 20:56:57 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=A91FA6830000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:aa:3c:f4:dd:42:d0:04:c1:b3:5c:46:6a:32:
76:35:c5:02:2c:44:c5:79:8d:3c:b5:c0:8b:1e:2f:
3e:48:cc:fb:9a:ce:e2:7c:1e:2e:fa:09:47:31:08:
96:ca:2b:7f:80:7a:29:51:98:65:1c:48:7c:31:c4:
e4:e3:bd:f9:78:21:2e:c9:76:34:40:4e:48:d4:d1:
da:3b:ea:db:9e:7e:18:1a:15:46:e3:1d:c2:59:a3:
f9:dc:13:2b:19:8d:5c:2e:1d:c6:29:27:d3:53:36:
21:8b:22:3d:ec:31:6c:82:bb:d3:7f:70:b0:1e:78:
10:8e:8e:f5:52:64:d0:8c:50:a0:fc:17:81:a6:b6:
9b:ab:95:af:c3:a7:48:4d:b0:6f:1e:4d:17:42:29:
ad:31:20:73:33:82:d8:6f:5f:88:61:92:40:0f:e2:
e5:dc:c9:7b:9b:85:99:14:dd:24:2b:ac:05:17:ac:
1a:84:10:b7:1a:bc:12:bc:29:c4:83:e9:b5:2d:3f:
db:5e:11:c7:bb:86:f1:46:53:26:a1:74:16:58:a3:
1f:d9:13:21:d2:56:31:a3:53:1d:f2:b5:af:e3:49:
65:2e:51:e2:8d:fc:c2:3e:09:1b:9b:4a:f0:20:9c:
b9:be:63:e1:55:70:f2:01:9b:44:b9:7e:38:4c:ed:
5c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:07:1A:86:3A:3C:6E:F2:DD:36:79:5F:45:54:0E:2F:B6:89:50:A0
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.owl.net/rrdp/owl/0/
RPKI Manifest - URI:rsync://rpki.owl.net/rrdp/owl/0/34071A863A3C6EF2DD36795F45540E2FB68950A0.mft
RPKI Notify - URI:https://rpki.owl.net/rrdp/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
23959
sbgp-ipAddrBlock: critical
IPv4:
103.125.232.0/22
IPv6:
2403:fbc0::/32
Signature Algorithm: sha256WithRSAEncryption
a8:ca:13:40:ba:f5:59:8d:b8:48:11:9d:85:11:37:9e:05:83:
a8:1e:53:a5:03:6f:2f:96:4a:d3:e8:08:9e:03:9a:1c:62:a0:
b8:99:b4:0f:87:b9:45:6d:6d:c5:db:fd:f9:d9:3f:01:19:f4:
88:c7:58:95:e0:5f:d4:56:e2:63:5f:70:38:3a:91:9f:5e:4d:
ba:24:d9:84:7f:fb:01:fa:46:f9:52:68:50:a6:9b:2a:af:91:
32:f0:19:37:0f:e3:aa:38:c7:3d:c8:20:40:f7:eb:3e:d2:95:
b9:56:70:26:71:05:12:4d:60:21:98:13:22:12:9f:07:9b:1b:
ae:2f:6d:19:b4:77:a3:be:07:f6:77:79:54:f0:45:07:11:29:
80:49:12:83:14:dd:25:56:20:38:0b:47:42:31:6a:94:00:4e:
0b:5b:97:61:91:21:37:5d:e3:f2:a0:1e:18:b5:96:68:a9:b7:
22:52:15:3e:59:80:48:a8:2e:df:b2:86:cf:71:d7:da:3c:09:
20:ca:f3:98:23:53:d4:13:cc:53:a6:d4:57:57:17:fb:71:cf:
49:b1:25:aa:2a:07:14:0d:3d:35:8d:19:c0:23:5e:1b:6f:ac:
b7:a7:38:62:fe:23:96:db:66:cf:10:33:21:62:57:49:76:e6:
14:b2:bf:84
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgIDAirvMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDEyMjIwNTY1N1oXDTI2MDMwMjAwMDAwMFowSjEVMBMG
A1UEAxMMQTkxRkE2ODMwMDAwMTEwLwYDVQQFEygzNDA3MUE4NjNBM0M2RUYyREQz
Njc5NUY0NTU0MEUyRkI2ODk1MEEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0Ko89N1C0ATBs1xGajJ2NcUCLETFeY08tcCLHi8+SMz7ms7ifB4u+glH
MQiWyit/gHopUZhlHEh8McTk4735eCEuyXY0QE5I1NHaO+rbnn4YGhVG4x3CWaP5
3BMrGY1cLh3GKSfTUzYhiyI97DFsgrvTf3CwHngQjo71UmTQjFCg/BeBprabq5Wv
w6dITbBvHk0XQimtMSBzM4LYb1+IYZJAD+Ll3Ml7m4WZFN0kK6wFF6wahBC3GrwS
vCnEg+m1LT/bXhHHu4bxRlMmoXQWWKMf2RMh0lYxo1Md8rWv40llLlHijfzCPgkb
m0rwIJy5vmPhVXDyAZtEuX44TO1c1QIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFDQH
GoY6PG7y3TZ5X0VUDi+2iVCgMB8GA1UdIwQYMBaAFA5lpPX9NrW9aOs8kjQIl4yQ
eqefMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1
ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9EbVdrOWYwMnRiMW82enlTTkFpWGpK
QjZwNTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3RTExRTdBOTZBMzk1
MjFBNEY0RkI0L0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1OC5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMIHQBggrBgEFBQcBCwSBwzCBwDAsBggrBgEF
BQcwBYYgcnN5bmM6Ly9ycGtpLm93bC5uZXQvcnJkcC9vd2wvMC8wWAYIKwYBBQUH
MAqGTHJzeW5jOi8vcnBraS5vd2wubmV0L3JyZHAvb3dsLzAvMzQwNzFBODYzQTND
NkVGMkREMzY3OTVGNDU1NDBFMkZCNjg5NTBBMC5tZnQwNgYIKwYBBQUHMA2GKmh0
dHBzOi8vcnBraS5vd2wubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAZBggrBgEF
BQcBCAEB/wQKMAigBjAEAgJdlzAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgME
Amd96DANBAIAAjAHAwUAJAP7wDANBgkqhkiG9w0BAQsFAAOCAQEAqMoTQLr1WY24
SBGdhRE3ngWDqB5TpQNvL5ZK0+gIngOaHGKguJm0D4e5RW1txdv9+dk/ARn0iMdY
leBf1FbiY19wODqRn15NuiTZhH/7AfpG+VJoUKabKq+RMvAZNw/jqjjHPcggQPfr
PtKVuVZwJnEFEk1gIZgTIhKfB5sbri9tGbR3o74H9nd5VPBFBxEpgEkSgxTdJVYg
OAtHQjFqlABOC1uXYZEhN13j8qAeGLWWaKm3IlIVPlmASKgu37KGz3HX2jwJIMrz
mCNT1BPMU6bUV1cX+3HPSbElqioHFA09NY0ZwCNeG2+st6c4Yv4jlttmzxAzIWJX
SXbmFLK/hA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:49:25 2025 by rpki-client