Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAiQ-iAnxUadoMX9g3SPZqiJLrc.cer
File: NAiQ-iAnxUadoMX9g3SPZqiJLrc.cer (raw, json)
Hash identifier: TCZ+fVqtfu/+uhKdZjuvwjSiYi3nr2LU0VP5IbGebVo=
Subject key identifier: 34:08:90:FA:20:27:C5:46:9D:A0:C5:FD:83:74:8F:66:A8:89:2E:B7
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01D3FF
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911408F/AA604D4A08A011EA9C4AED5DC4F9AE02/NAiQ-iAnxUadoMX9g3SPZqiJLrc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911408F/AA604D4A08A011EA9C4AED5DC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 24 Dec 2023 19:17:27 +0000
Certificate not after: Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources: AS: 137385
IP: 103.106.240.0/22
IP: 2402:49c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 27 Apr 2024 02:50:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119807 (0x1d3ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Dec 24 19:17:27 2023 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=A911408F/serialNumber=340890FA2027C5469DA0C5FD83748F66A8892EB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ef:69:5f:d0:2a:14:da:d7:8d:c4:aa:53:62:
57:15:c5:67:86:b2:35:66:56:d7:02:77:6e:06:ea:
21:37:1d:8b:83:73:7f:0b:81:30:44:5f:e2:cc:49:
f1:c2:31:23:da:16:9d:b2:1b:1b:55:f2:59:ca:56:
e1:f8:51:ea:bb:19:98:6d:c8:f3:cf:94:f3:51:b1:
30:62:6c:7e:8e:de:7f:b0:10:2b:03:bf:f4:8e:47:
50:02:bd:10:64:0e:a5:f6:41:9a:1b:44:5a:16:fc:
ba:21:af:e5:c3:8d:ca:cf:f4:bc:1e:d7:5a:7f:2c:
60:1b:c8:18:5f:e0:b3:11:f2:ab:43:ea:a9:83:d4:
6c:6d:ec:39:f4:6c:6c:97:90:d4:29:87:ea:da:9b:
cc:2b:47:9b:c6:67:38:3d:ab:e2:93:31:5b:43:8b:
ad:77:85:7f:86:0c:ed:13:02:64:29:0c:ac:f4:5f:
f4:ba:80:c5:9a:b2:84:d8:05:fc:8b:32:88:ad:45:
ba:9b:98:86:7b:2b:9f:cf:e3:ab:6d:9e:54:22:a9:
6f:5f:1b:1e:f1:34:a6:92:fa:5a:67:f9:ad:6a:98:
43:cc:9c:29:63:72:b1:31:42:be:b4:fc:d9:c2:a9:
2b:0c:6c:33:83:21:6b:71:18:d6:ef:83:8e:b7:18:
8e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:08:90:FA:20:27:C5:46:9D:A0:C5:FD:83:74:8F:66:A8:89:2E:B7
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911408F/AA604D4A08A011EA9C4AED5DC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911408F/AA604D4A08A011EA9C4AED5DC4F9AE02/NAiQ-iAnxUadoMX9g3SPZqiJLrc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
137385
sbgp-ipAddrBlock: critical
IPv4:
103.106.240.0/22
IPv6:
2402:49c0::/32
Signature Algorithm: sha256WithRSAEncryption
cc:5a:97:e2:4a:7a:b0:e8:45:db:f2:84:d1:28:65:5f:c5:d7:
60:b8:75:c5:78:e5:65:04:26:cd:71:61:b6:b9:62:af:a4:2e:
a1:a0:ac:dc:12:8b:af:c9:fd:f4:fe:ed:74:39:db:79:7f:94:
f6:cc:b9:35:00:60:fd:8a:cc:75:51:e0:dc:83:fb:0c:ed:23:
e5:02:bb:06:9e:15:02:f8:0b:da:4f:72:a3:04:85:93:e4:19:
f4:3a:fa:c5:e7:ce:71:44:d0:14:a4:f3:3c:26:76:1c:52:d2:
f2:c9:3b:7f:8b:23:c7:81:37:8a:c5:9f:86:e9:ab:a7:60:58:
ee:46:4c:4f:f9:7b:63:7d:23:c4:ee:d5:07:26:bd:4d:c5:95:
77:f7:ea:54:6c:1e:24:92:2b:46:b5:9c:7b:a1:95:4d:91:8d:
27:27:45:fa:33:8a:af:d5:58:85:a8:c3:13:3c:ab:67:34:e8:
ed:95:eb:6e:33:2f:b6:c9:00:52:09:9a:56:ee:ae:2e:7d:a6:
38:f9:42:ff:85:14:22:2a:d6:01:38:44:f3:7d:93:ed:24:9d:
09:42:05:cd:9d:1a:79:09:c3:88:ce:54:ac:11:da:3e:86:06:
27:08:49:01:01:8b:fa:e1:28:37:cf:e0:12:80:67:81:82:48:
5c:6d:89:46
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAdP/MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIyNDE5MTcyN1oXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTQwOEYxMTAvBgNVBAUTKDM0MDg5MEZBMjAyN0M1NDY5REEwQzVG
RDgzNzQ4RjY2QTg4OTJFQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDA72lf0CoU2teNxKpTYlcVxWeGsjVmVtcCd24G6iE3HYuDc38LgTBEX+LMSfHC
MSPaFp2yGxtV8lnKVuH4Ueq7GZhtyPPPlPNRsTBibH6O3n+wECsDv/SOR1ACvRBk
DqX2QZobRFoW/Lohr+XDjcrP9Lwe11p/LGAbyBhf4LMR8qtD6qmD1Gxt7Dn0bGyX
kNQph+ram8wrR5vGZzg9q+KTMVtDi613hX+GDO0TAmQpDKz0X/S6gMWasoTYBfyL
MoitRbqbmIZ7K5/P46ttnlQiqW9fGx7xNKaS+lpn+a1qmEPMnCljcrExQr60/NnC
qSsMbDODIWtxGNbvg463GI6dAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUNAiQ+iAn
xUadoMX9g3SPZqiJLrcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTE0MDhGL0FBNjA0RDRBMDhBMDExRUE5QzRBRUQ1REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExNDA4Ri9BQTYwNEQ0QTA4QTAxMUVBOUM0QUVENURDNEY5QUUwMi9OQWlRLWlB
bnhVYWRvTVg5ZzNTUFpxaUpMcmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhipMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ2rwMA0EAgAC
MAcDBQAkAknAMA0GCSqGSIb3DQEBCwUAA4IBAQDMWpfiSnqw6EXb8oTRKGVfxddg
uHXFeOVlBCbNcWG2uWKvpC6hoKzcEouvyf30/u10Odt5f5T2zLk1AGD9isx1UeDc
g/sM7SPlArsGnhUC+AvaT3KjBIWT5Bn0OvrF585xRNAUpPM8JnYcUtLyyTt/iyPH
gTeKxZ+G6aunYFjuRkxP+XtjfSPE7tUHJr1NxZV39+pUbB4kkitGtZx7oZVNkY0n
J0X6M4qv1ViFqMMTPKtnNOjtletuMy+2yQBSCZpW7q4ufaY4+UL/hRQiKtYBOETz
fZPtJJ0JQgXNnRp5CcOIzlSsEdo+hgYnCEkBAYv64Sg3z+ASgGeBgkhcbYlG
-----END CERTIFICATE-----
Generated at Sat Apr 20 05:36:57 2024 by rpki-client on console-ams.rpki-client.org