Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ntd-kkOrui_VSWopGDC304sLy8Q.cer
File: Ntd-kkOrui_VSWopGDC304sLy8Q.cer (raw, json)
Hash identifier: 2Q+0VNK1O71j224yd7EE06Cx9fl/ATL9Da/2T6Ta6iY=
Subject key identifier: 36:D7:7E:92:43:AB:BA:2F:D5:49:6A:29:18:30:B7:D3:8B:0B:CB:C4
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02192C
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/Ntd-kkOrui_VSWopGDC304sLy8Q.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 05 Nov 2024 15:39:14 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: AS: 133115
IP: 43.249.28.0/22
IP: 45.249.92.0/22
IP: 103.43.160.0/22
IP: 103.80.24.0/22
IP: 103.97.0.0/22
IP: 103.210.236.0/22
IP: 103.218.0.0/22
IP: 103.243.180.0/22
IP: 160.20.56.0/22
IP: 202.3.134.0/24
IP: 202.43.232.0/21
IP: 202.52.144.0/24
IP: 202.58.101.0/24
IP: 202.94.68.0/24
IP: 2400:51c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137516 (0x2192c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 5 15:39:14 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A91452AC/serialNumber=36D77E9243ABBA2FD5496A291830B7D38B0BCBC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:29:94:96:f8:36:d2:36:24:16:d8:ea:ed:b1:
5e:47:73:f6:a9:9c:5c:80:b7:cb:c0:d5:b0:8c:4d:
82:45:e3:d2:36:6e:6d:eb:66:89:c5:1f:b5:45:cd:
e3:31:da:e3:6e:bc:c3:91:7c:e3:ed:59:60:b8:76:
62:13:10:2e:1e:dd:29:82:bd:f5:61:4a:3e:98:17:
0d:d6:1f:db:f5:5a:82:96:78:e2:0c:b1:3b:15:a2:
a8:54:b8:cd:25:82:e4:37:8b:2f:c9:0f:40:d1:02:
03:50:02:54:c1:1f:94:61:ce:62:9f:5a:74:0c:ce:
ad:6e:bc:d7:b6:9f:42:bb:d4:39:30:07:ab:83:7e:
cc:dd:67:20:50:91:d4:91:c7:71:b9:ee:b9:a0:0e:
71:3e:7a:51:ae:44:ba:96:5d:56:fa:77:87:88:d5:
82:27:3c:b3:a0:37:eb:4b:1f:3a:d3:99:5e:b2:91:
f7:09:d5:32:4f:5b:7b:0f:a3:7c:da:78:2c:a1:f3:
70:3c:71:58:3d:c8:87:80:1c:de:ee:dd:b1:f7:1b:
4f:a7:14:68:18:47:26:76:77:58:73:0a:d5:29:1c:
9a:63:2d:2c:99:2f:d2:4e:aa:49:71:ba:84:ea:97:
0a:00:9a:c4:fc:e5:45:5a:32:be:b1:fe:67:bf:12:
a7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D7:7E:92:43:AB:BA:2F:D5:49:6A:29:18:30:B7:D3:8B:0B:CB:C4
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/Ntd-kkOrui_VSWopGDC304sLy8Q.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
133115
sbgp-ipAddrBlock: critical
IPv4:
43.249.28.0/22
45.249.92.0/22
103.43.160.0/22
103.80.24.0/22
103.97.0.0/22
103.210.236.0/22
103.218.0.0/22
103.243.180.0/22
160.20.56.0/22
202.3.134.0/24
202.43.232.0/21
202.52.144.0/24
202.58.101.0/24
202.94.68.0/24
IPv6:
2400:51c0::/32
Signature Algorithm: sha256WithRSAEncryption
08:f3:45:50:7d:86:10:66:6b:d0:42:ff:af:03:86:cd:0a:9f:
b0:d0:1e:a0:ff:14:bd:da:37:3a:cf:b1:43:1c:ef:6e:dc:63:
2e:65:ba:d5:0a:57:3a:08:5c:fa:bc:42:5f:fc:d9:c2:d2:54:
76:98:c1:05:14:71:88:d5:17:7a:e4:07:33:fd:aa:1d:ed:5e:
f2:15:ec:25:71:6d:6d:9e:fb:a6:76:c6:ab:38:1b:b4:c6:97:
f6:93:93:d8:df:fa:31:a2:c0:46:5c:8f:c1:57:5b:91:8c:de:
3b:fb:01:9f:9c:a7:f1:af:0a:20:1b:bd:8b:5f:e0:45:cc:ef:
07:68:c0:d2:24:46:34:03:bc:fd:e8:1b:77:3f:a2:5f:a5:c8:
88:5e:f0:4b:a5:c1:56:32:cd:55:9e:46:09:75:f4:b2:f6:d0:
f9:0f:62:17:b7:50:11:81:1a:18:73:d6:b7:22:ca:f1:1d:90:
ab:79:bd:fb:8b:77:57:0f:4a:c3:8f:b7:a7:13:7a:a9:9d:96:
c6:05:5f:8f:c0:c3:4e:f8:1a:1c:34:b2:ec:d1:4d:de:12:f3:
89:88:73:7d:e4:1e:de:27:5d:e3:34:a0:ff:3c:f7:0b:32:77:
90:c2:2b:24:fc:a5:49:fb:94:78:ee:ee:55:f4:66:d4:6c:2b:
9d:27:2a:18
-----BEGIN CERTIFICATE-----
MIIGdzCCBV+gAwIBAgIDAhksMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTEwNTE1MzkxNFoXDTI2MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNDUyQUMxMTAvBgNVBAUTKDM2RDc3RTkyNDNBQkJBMkZENTQ5NkEy
OTE4MzBCN0QzOEIwQkNCQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDHKZSW+DbSNiQW2OrtsV5Hc/apnFyAt8vA1bCMTYJF49I2bm3rZonFH7VFzeMx
2uNuvMORfOPtWWC4dmITEC4e3SmCvfVhSj6YFw3WH9v1WoKWeOIMsTsVoqhUuM0l
guQ3iy/JD0DRAgNQAlTBH5RhzmKfWnQMzq1uvNe2n0K71DkwB6uDfszdZyBQkdSR
x3G57rmgDnE+elGuRLqWXVb6d4eI1YInPLOgN+tLHzrTmV6ykfcJ1TJPW3sPo3za
eCyh83A8cVg9yIeAHN7u3bH3G0+nFGgYRyZ2d1hzCtUpHJpjLSyZL9JOqklxuoTq
lwoAmsT85UVaMr6x/me/Eqe7AgMBAAGjggNsMIIDaDAdBgNVHQ4EFgQUNtd+kkOr
ui/VSWopGDC304sLy8QwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTQ1MkFDL0E0OEQ1OTY2QkIzRTExRUFBMjlFRTMyMUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0NTJBQy9BNDhENTk2NkJCM0UxMUVBQTI5RUUzMjFDNEY5QUUwMi9OdGQta2tP
cnVpX1ZTV29wR0RDMzA0c0x5OFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgf7MHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQCK/kcAwQCLflc
AwQCZyugAwQCZ1AYAwQCZ2EAAwQCZ9LsAwQCZ9oAAwQCZ/O0AwQCoBQ4AwQAygOG
AwQDyivoAwQAyjSQAwQAyjplAwQAyl5EMA0EAgACMAcDBQAkAFHAMA0GCSqGSIb3
DQEBCwUAA4IBAQAI80VQfYYQZmvQQv+vA4bNCp+w0B6g/xS92jc6z7FDHO9u3GMu
ZbrVClc6CFz6vEJf/NnC0lR2mMEFFHGI1Rd65Acz/aod7V7yFewlcW1tnvumdsar
OBu0xpf2k5PY3/oxosBGXI/BV1uRjN47+wGfnKfxrwogG72LX+BFzO8HaMDSJEY0
A7z96Bt3P6JfpciIXvBLpcFWMs1VnkYJdfSy9tD5D2IXt1ARgRoYc9a3IsrxHZCr
eb37i3dXD0rDj7enE3qpnZbGBV+PwMNO+BocNLLs0U3eEvOJiHN95B7eJ13jNKD/
PPcLMneQwisk/KVJ+5R47u5V9GbUbCudJyoY
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:24:39 2024 by rpki-client on console-fra.rpki-client.org