Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ny8cd2Gx3cgyjFC60O7tzZny5PI.cer
File: Ny8cd2Gx3cgyjFC60O7tzZny5PI.cer (raw, json)
Hash identifier: inqON/yWBROjopM4dhjqT3+7avym5GHP01M8wBio7rc=
Subject key identifier: 37:2F:1C:77:61:B1:DD:C8:32:8C:50:BA:D0:EE:ED:CD:99:F2:E4:F2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01CEA7
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91142EA/F5332D7E84C311E6B9821A81C4F9AE02/Ny8cd2Gx3cgyjFC60O7tzZny5PI.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91142EA/F5332D7E84C311E6B9821A81C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 01 Dec 2023 12:27:39 +0000
Certificate not after: Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources: AS: 133866
IP: 103.76.44.0/22
IP: 116.206.88.0/22
IP: 2407:6280::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118439 (0x1cea7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Dec 1 12:27:39 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=A91142EA/serialNumber=372F1C7761B1DDC8328C50BAD0EEEDCD99F2E4F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:fb:4c:7d:1e:7a:3a:12:cc:bd:05:ae:a2:36:
31:45:4a:1d:d0:02:79:01:61:2a:44:ba:80:84:d2:
9e:01:9f:37:f5:7a:05:45:1a:56:0b:65:2c:44:53:
cb:fa:df:b5:97:c3:24:1a:7b:af:fd:04:f5:f2:63:
a4:b6:2f:1e:18:4f:35:4a:f4:b6:49:f3:96:36:4c:
88:68:bd:b5:ff:6d:5b:fb:6b:fe:c0:19:3a:b2:b1:
f8:70:4f:6b:2f:3d:f1:ce:c8:95:9e:3f:41:26:d2:
06:ac:84:98:33:03:3e:ec:bc:28:1f:c6:c0:fb:22:
b4:93:af:6d:9d:06:f7:ae:2b:bb:86:4a:f2:6f:1a:
ef:b0:21:20:ae:f1:77:af:7b:68:14:e7:69:20:8b:
15:85:df:cb:2e:6d:5a:06:28:f7:f4:10:11:d5:c1:
1b:22:76:0a:64:82:69:10:55:c6:60:dc:50:b1:6d:
ef:52:c1:9c:82:64:fb:69:2e:44:5d:bb:80:61:84:
01:bd:b0:5e:f3:d3:1c:d2:49:1c:35:a1:41:9d:81:
ee:2b:41:fd:bf:66:f6:7d:e5:2a:fa:90:a1:e6:5c:
05:8c:b7:d9:59:75:f0:bb:a3:ba:ee:df:bc:23:e8:
4e:0d:29:95:6b:3d:64:e9:a5:30:38:b9:9a:e2:ee:
c7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:2F:1C:77:61:B1:DD:C8:32:8C:50:BA:D0:EE:ED:CD:99:F2:E4:F2
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91142EA/F5332D7E84C311E6B9821A81C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91142EA/F5332D7E84C311E6B9821A81C4F9AE02/Ny8cd2Gx3cgyjFC60O7tzZny5PI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
133866
sbgp-ipAddrBlock: critical
IPv4:
103.76.44.0/22
116.206.88.0/22
IPv6:
2407:6280::/32
Signature Algorithm: sha256WithRSAEncryption
91:5a:9f:f9:0c:e9:9c:88:2a:df:05:ea:a9:0a:a4:e5:66:42:
ab:ae:c5:0d:9f:03:8d:7e:04:ac:fc:29:b4:34:b3:31:d0:dd:
d3:66:62:f3:90:f6:3d:88:2e:22:59:ac:c9:e5:83:41:6a:2d:
86:66:7b:dc:ec:83:fd:85:ea:5d:71:e0:ae:35:b9:a9:05:16:
a4:c0:cd:6c:bb:00:4d:28:f3:41:c2:6b:4b:48:cf:72:21:16:
93:b1:98:d5:a4:ac:eb:dc:8c:65:03:d3:d0:b4:35:f8:43:12:
68:ca:8d:62:4c:1a:b5:b7:d4:34:03:c9:06:fa:35:6c:88:b1:
0a:f6:d0:42:ac:65:63:f3:26:16:01:b5:5c:46:93:05:5c:92:
e8:95:9b:0d:7e:31:de:23:e0:8f:09:2e:ae:93:97:dd:ef:6b:
41:7f:56:f6:d4:c1:44:84:dd:01:67:6b:57:52:b1:48:be:46:
c6:63:ad:34:4a:01:ef:44:d9:4e:ed:cb:56:93:4d:9a:3e:6d:
eb:a1:05:36:1b:91:7b:5c:b8:ae:2d:f5:6c:e0:0b:ac:dd:04:
f9:ab:d5:7c:34:3e:0a:07:de:55:c5:3b:94:9b:9c:b7:cd:33:
9e:23:ed:2f:ce:bb:90:d7:88:d4:34:39:bf:f7:f3:86:b9:27:
d5:43:19:df
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAc6nMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIwMTEyMjczOVoXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTQyRUExMTAvBgNVBAUTKDM3MkYxQzc3NjFCMUREQzgzMjhDNTBC
QUQwRUVFRENEOTlGMkU0RjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDm+0x9Hno6Esy9Ba6iNjFFSh3QAnkBYSpEuoCE0p4Bnzf1egVFGlYLZSxEU8v6
37WXwyQae6/9BPXyY6S2Lx4YTzVK9LZJ85Y2TIhovbX/bVv7a/7AGTqysfhwT2sv
PfHOyJWeP0Em0gashJgzAz7svCgfxsD7IrSTr22dBveuK7uGSvJvGu+wISCu8Xev
e2gU52kgixWF38subVoGKPf0EBHVwRsidgpkgmkQVcZg3FCxbe9SwZyCZPtpLkRd
u4BhhAG9sF7z0xzSSRw1oUGdge4rQf2/ZvZ95Sr6kKHmXAWMt9lZdfC7o7ru37wj
6E4NKZVrPWTppTA4uZri7sd/AgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUNy8cd2Gx
3cgyjFC60O7tzZny5PIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTE0MkVBL0Y1MzMyRDdFODRDMzExRTZCOTgyMUE4MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExNDJFQS9GNTMzMkQ3RTg0QzMxMUU2Qjk4MjFBODFDNEY5QUUwMi9OeThjZDJH
eDNjZ3lqRkM2ME83dHpabnk1UEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgrqMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ0wsAwQCdM5Y
MA0EAgACMAcDBQAkB2KAMA0GCSqGSIb3DQEBCwUAA4IBAQCRWp/5DOmciCrfBeqp
CqTlZkKrrsUNnwONfgSs/Cm0NLMx0N3TZmLzkPY9iC4iWazJ5YNBai2GZnvc7IP9
hepdceCuNbmpBRakwM1suwBNKPNBwmtLSM9yIRaTsZjVpKzr3IxlA9PQtDX4QxJo
yo1iTBq1t9Q0A8kG+jVsiLEK9tBCrGVj8yYWAbVcRpMFXJLolZsNfjHeI+CPCS6u
k5fd72tBf1b21MFEhN0BZ2tXUrFIvkbGY600SgHvRNlO7ctWk02aPm3roQU2G5F7
XLiuLfVs4Aus3QT5q9V8ND4KB95VxTuUm5y3zTOeI+0vzruQ14jUNDm/9/OGuSfV
Qxnf
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:27 2024 by rpki-client on console-fra.rpki-client.org