Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PB_di6MB3OPbPwvMJchpTOG83H0.cer
File: PB_di6MB3OPbPwvMJchpTOG83H0.cer (raw, json)
Hash identifier: b99qFY6clVuomOmyBTcg0zeUnIhRNIMD7Q6P2KGIiPc=
Subject key identifier: 3C:1F:DD:8B:A3:01:DC:E3:DB:3F:0B:CC:25:C8:69:4C:E1:BC:DC:7D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021856
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sat 02 Nov 2024 06:13:18 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 135589
IP: 103.129.76.0/22
IP: 2403:79c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137302 (0x21856)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 2 06:13:18 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A91A08FD/serialNumber=3C1FDD8BA301DCE3DB3F0BCC25C8694CE1BCDC7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:52:96:4c:60:16:70:f8:ed:27:3d:c4:ef:64:
ab:d8:89:b3:c2:f2:b6:b4:57:7e:3a:6a:95:ca:4d:
47:98:3f:c1:2c:39:1c:11:ef:bd:ff:70:1f:b3:69:
d9:fe:83:a7:cc:4d:a2:fd:c8:b1:02:86:b0:51:0f:
50:c8:71:c0:65:54:d5:bf:87:86:1c:92:3b:75:c9:
ed:06:86:4c:f4:f6:ae:83:e7:f1:87:b0:20:28:c4:
9c:7e:82:fc:44:a2:8a:f3:cb:4f:dc:b2:a2:f5:0f:
32:ea:79:4b:77:35:a5:53:9e:74:f1:c5:a0:8d:16:
b7:53:02:b4:3e:5a:80:c4:1b:43:94:be:52:a6:6f:
8e:e0:45:4a:77:aa:d6:bb:21:b4:db:a4:ff:6c:58:
32:a4:f9:ed:b6:02:3c:6e:30:87:5c:f2:dd:d2:56:
90:32:03:3c:31:9c:19:d2:38:be:2b:34:d1:01:72:
2c:92:a6:99:20:1f:d3:43:6b:09:74:ca:9a:93:e2:
9e:44:3b:79:67:02:60:9f:16:1f:d1:6b:4b:5d:f3:
02:22:ed:10:60:3a:9f:ad:26:77:11:b1:89:f4:ed:
75:f8:5c:a4:b8:1b:9f:3a:77:fe:2e:f4:8e:d4:6d:
bf:74:e6:9c:cd:73:c7:53:c2:d7:4a:d1:5d:1e:fa:
83:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:1F:DD:8B:A3:01:DC:E3:DB:3F:0B:CC:25:C8:69:4C:E1:BC:DC:7D
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
135589
sbgp-ipAddrBlock: critical
IPv4:
103.129.76.0/22
IPv6:
2403:79c0::/32
Signature Algorithm: sha256WithRSAEncryption
9e:c4:b2:a1:80:f5:46:cd:be:c2:b8:ce:ba:1e:3c:1e:c8:07:
c6:64:95:1a:c4:90:c3:ea:6c:b2:10:bd:e4:86:19:a7:c6:b1:
2e:51:a4:e3:35:36:41:f5:22:ce:13:82:e4:26:b5:75:64:88:
c6:a6:43:6d:92:ee:18:32:f3:4d:93:7c:08:12:cc:f6:8f:84:
6a:5e:60:30:2b:eb:ab:6a:c3:7b:16:3c:9c:4f:09:03:b5:0d:
7d:89:d2:8e:c5:15:18:cc:22:c5:02:6f:d2:d6:03:14:a9:34:
22:98:43:51:bd:7e:4a:36:ef:20:a1:00:c1:b8:c0:f2:4a:ff:
1f:ac:4c:a4:be:fd:cb:74:1a:cd:1b:ad:02:a0:1b:26:51:4a:
0e:e9:d8:bc:ff:49:2f:92:31:f0:75:5a:d0:6e:ff:c5:60:1c:
3a:ea:9d:c3:bc:99:74:c5:46:43:b4:28:d4:0b:7b:77:8a:a5:
af:71:55:4e:7f:2d:8b:e7:33:71:21:11:9d:d4:07:6e:2e:84:
ea:ce:00:0b:1d:1f:cb:d0:68:e1:0a:7a:16:40:63:3d:73:bd:
12:97:1a:27:a8:80:05:4f:20:e3:ea:de:e8:6d:c7:a0:44:f3:
e9:d6:09:5d:a5:42:c1:3f:45:4e:a9:2e:98:bb:d0:ca:64:41:
e7:30:b2:fd
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAhhWMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTEwMjA2MTMxOFoXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTA4RkQxMTAvBgNVBAUTKDNDMUZERDhCQTMwMURDRTNEQjNGMEJD
QzI1Qzg2OTRDRTFCQ0RDN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5UpZMYBZw+O0nPcTvZKvYibPC8ra0V346apXKTUeYP8EsORwR773/cB+zadn+
g6fMTaL9yLEChrBRD1DIccBlVNW/h4Yckjt1ye0Ghkz09q6D5/GHsCAoxJx+gvxE
oorzy0/csqL1DzLqeUt3NaVTnnTxxaCNFrdTArQ+WoDEG0OUvlKmb47gRUp3qta7
IbTbpP9sWDKk+e22AjxuMIdc8t3SVpAyAzwxnBnSOL4rNNEBciySppkgH9NDawl0
ypqT4p5EO3lnAmCfFh/Ra0td8wIi7RBgOp+tJncRsYn07XX4XKS4G586d/4u9I7U
bb905pzNc8dTwtdK0V0e+oNHAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUPB/di6MB
3OPbPwvMJchpTOG83H0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUEwOEZELzlGNDJFQUQ4QzhBQjExRTk4MjlEMjgyRkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBMDhGRC85RjQyRUFEOEM4QUIxMUU5ODI5RDI4MkZDNEY5QUUwMi9QQl9kaTZN
QjNPUGJQd3ZNSmNocFRPRzgzSDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhGlMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ4FMMA0EAgAC
MAcDBQAkA3nAMA0GCSqGSIb3DQEBCwUAA4IBAQCexLKhgPVGzb7CuM66HjweyAfG
ZJUaxJDD6myyEL3khhmnxrEuUaTjNTZB9SLOE4LkJrV1ZIjGpkNtku4YMvNNk3wI
Esz2j4RqXmAwK+urasN7FjycTwkDtQ19idKOxRUYzCLFAm/S1gMUqTQimENRvX5K
Nu8goQDBuMDySv8frEykvv3LdBrNG60CoBsmUUoO6di8/0kvkjHwdVrQbv/FYBw6
6p3DvJl0xUZDtCjUC3t3iqWvcVVOfy2L5zNxIRGd1AduLoTqzgALHR/L0GjhCnoW
QGM9c70SlxonqIAFTyDj6t7obcegRPPp1gldpULBP0VOqS6Yu9DKZEHnMLL9
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:28 2024 by rpki-client on console-fra.rpki-client.org