Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PitYQ36GJEE5rkzQPZf0A0KFBzY.cer
File: PitYQ36GJEE5rkzQPZf0A0KFBzY.cer (raw, json)
Hash identifier: /c5+/9xdR81ljoIuYP5qVAIRTIbNgMN02jQ8+0RTCJQ=
Subject key identifier: 3E:2B:58:43:7E:86:24:41:39:AE:4C:D0:3D:97:F4:03:42:85:07:36
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01FE80
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A914EE0C/22D53652D67211E4A2122351C4F9AE02/PitYQ36GJEE5rkzQPZf0A0KFBzY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A914EE0C/22D53652D67211E4A2122351C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 05 Jul 2024 15:17:16 +0000
Certificate not after: Sun 31 Aug 2025 00:00:00 +0000
Subordinate resources: AS: 132917
IP: 43.226.8.0/22
IP: 103.250.48.0/22
IP: 2407:8300::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130688 (0x1fe80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jul 5 15:17:16 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=A914EE0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:25:c5:c8:f7:da:c9:89:8f:4c:1c:89:dd:d7:
72:38:69:0f:0e:95:ea:2c:0f:1b:ee:e3:1c:ef:fe:
59:06:ac:11:fc:65:f0:ff:e2:43:58:bc:5a:f2:84:
79:ea:6a:83:67:c4:73:24:1b:ad:a8:5d:62:03:9d:
e6:d0:8c:b1:c8:19:9d:25:8b:a0:e0:5e:89:fe:f3:
d2:4c:a9:e2:a9:97:d0:d6:91:a9:b4:e8:8d:7a:50:
1d:64:9a:06:0c:54:99:08:9e:26:5b:50:be:da:00:
e6:f0:91:fc:da:1a:59:ec:01:1b:44:76:f0:e1:bc:
68:c2:c9:07:7d:c5:a5:94:53:1d:21:ed:57:71:d7:
1d:fa:93:a7:75:eb:d1:76:c3:c7:46:dc:ac:94:87:
87:52:a1:6a:20:42:86:fd:f4:1e:70:11:19:46:c2:
bc:83:f5:6d:d1:02:d2:de:93:8a:31:c8:92:b2:e1:
62:e8:aa:aa:d5:e9:b4:48:af:3a:2e:a5:ef:a5:37:
f7:54:ca:51:5a:e3:45:08:7c:b8:7b:13:b0:a0:51:
53:91:7c:49:12:06:5a:4e:47:2c:bf:63:6d:69:e8:
52:fa:01:af:cc:57:0e:20:ba:68:1b:c3:fe:78:49:
6f:cc:7e:fb:d1:b9:a9:43:71:0e:83:85:52:dd:8b:
4f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:2B:58:43:7E:86:24:41:39:AE:4C:D0:3D:97:F4:03:42:85:07:36
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A914EE0C/22D53652D67211E4A2122351C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A914EE0C/22D53652D67211E4A2122351C4F9AE02/PitYQ36GJEE5rkzQPZf0A0KFBzY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
132917
sbgp-ipAddrBlock: critical
IPv4:
43.226.8.0/22
103.250.48.0/22
IPv6:
2407:8300::/32
Signature Algorithm: sha256WithRSAEncryption
28:90:df:38:c7:8a:aa:46:0f:7e:6b:e9:d5:dd:91:c9:8e:90:
89:eb:8b:84:83:e1:3c:7d:8f:ab:c0:97:f0:f0:54:71:b5:ba:
1a:20:c0:35:5a:40:c2:51:91:69:9a:94:32:23:09:e3:7b:05:
00:97:40:1f:0f:41:75:1b:88:2f:59:eb:74:b5:08:ab:c8:3b:
87:b8:a6:19:cd:dd:89:9b:bf:2a:f7:c1:ad:f1:bb:80:b0:6e:
e7:e5:1d:81:01:78:57:7e:52:0e:04:a8:e0:fc:cd:a9:79:2b:
17:4f:36:c4:22:64:5b:af:8a:bf:dd:67:4a:6f:75:00:10:a0:
ba:e0:3e:b7:57:d7:9a:3a:ee:94:40:44:4b:e2:4b:23:da:a8:
b5:b7:6d:d0:4d:95:95:62:33:dc:18:39:d7:9c:c0:f0:a3:43:
fe:a4:97:5c:61:fd:29:6d:82:c5:d8:11:99:6f:d1:66:fd:55:
1d:67:e8:4c:18:42:e4:99:1a:a5:7a:cb:8c:44:39:e8:c2:1d:
13:cb:6e:07:9a:a5:11:33:cf:02:c2:2b:ea:ca:dc:1b:14:e2:
6f:69:89:39:7e:65:a6:57:d3:96:19:ca:77:48:dd:8a:e6:a4:
14:38:52:a7:de:41:d9:e8:4b:25:88:c8:f8:0b:dc:39:82:2b:
a2:05:10:32
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAf6AMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDcwNTE1MTcxNloXDTI1MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNEVFMEMxMTAvBgNVBAUTKDNFMkI1ODQzN0U4NjI0NDEzOUFFNENE
MDNEOTdGNDAzNDI4NTA3MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3JcXI99rJiY9MHInd13I4aQ8OleosDxvu4xzv/lkGrBH8ZfD/4kNYvFryhHnq
aoNnxHMkG62oXWIDnebQjLHIGZ0li6DgXon+89JMqeKpl9DWkam06I16UB1kmgYM
VJkIniZbUL7aAObwkfzaGlnsARtEdvDhvGjCyQd9xaWUUx0h7Vdx1x36k6d169F2
w8dG3KyUh4dSoWogQob99B5wERlGwryD9W3RAtLek4oxyJKy4WLoqqrV6bRIrzou
pe+lN/dUylFa40UIfLh7E7CgUVORfEkSBlpORyy/Y21p6FL6Aa/MVw4gumgbw/54
SW/MfvvRualDcQ6DhVLdi0/3AgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUPitYQ36G
JEE5rkzQPZf0A0KFBzYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTRFRTBDLzIyRDUzNjUyRDY3MjExRTRBMjEyMjM1MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0RUUwQy8yMkQ1MzY1MkQ2NzIxMUU0QTIxMjIzNTFDNEY5QUUwMi9QaXRZUTM2
R0pFRTVya3pRUFpmMEEwS0ZCelkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgc1MDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCK+IIAwQCZ/ow
MA0EAgACMAcDBQAkB4MAMA0GCSqGSIb3DQEBCwUAA4IBAQAokN84x4qqRg9+a+nV
3ZHJjpCJ64uEg+E8fY+rwJfw8FRxtboaIMA1WkDCUZFpmpQyIwnjewUAl0AfD0F1
G4gvWet0tQiryDuHuKYZzd2Jm78q98Gt8buAsG7n5R2BAXhXflIOBKjg/M2peSsX
TzbEImRbr4q/3WdKb3UAEKC64D63V9eaOu6UQERL4ksj2qi1t23QTZWVYjPcGDnX
nMDwo0P+pJdcYf0pbYLF2BGZb9Fm/VUdZ+hMGELkmRqlesuMRDnowh0Ty24HmqUR
M88CwivqytwbFOJvaYk5fmWmV9OWGcp3SN2K5qQUOFKn3kHZ6EsliMj4C9w5giui
BRAy
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:44 2025 by rpki-client