Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PitYQ36GJEE5rkzQPZf0A0KFBzY.cer
File: PitYQ36GJEE5rkzQPZf0A0KFBzY.cer (raw, json)
Hash identifier: 0GkloQ4niEH9pa1xXKeELGFbrCd07CXMRWUizR1JEfU=
Subject key identifier: 3E:2B:58:43:7E:86:24:41:39:AE:4C:D0:3D:97:F4:03:42:85:07:36
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01B206
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A914EE0C/22D53652D67211E4A2122351C4F9AE02/PitYQ36GJEE5rkzQPZf0A0KFBzY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A914EE0C/22D53652D67211E4A2122351C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 25 Jul 2023 14:46:56 +0000
Certificate not after: Sat 31 Aug 2024 00:00:00 +0000
Subordinate resources: AS: 132917
IP: 43.226.8.0/22
IP: 103.250.48.0/22
IP: 2407:8300::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 27 Apr 2024 02:50:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111110 (0x1b206)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 25 14:46:56 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=A914EE0C/serialNumber=3E2B58437E86244139AE4CD03D97F40342850736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:25:c5:c8:f7:da:c9:89:8f:4c:1c:89:dd:d7:
72:38:69:0f:0e:95:ea:2c:0f:1b:ee:e3:1c:ef:fe:
59:06:ac:11:fc:65:f0:ff:e2:43:58:bc:5a:f2:84:
79:ea:6a:83:67:c4:73:24:1b:ad:a8:5d:62:03:9d:
e6:d0:8c:b1:c8:19:9d:25:8b:a0:e0:5e:89:fe:f3:
d2:4c:a9:e2:a9:97:d0:d6:91:a9:b4:e8:8d:7a:50:
1d:64:9a:06:0c:54:99:08:9e:26:5b:50:be:da:00:
e6:f0:91:fc:da:1a:59:ec:01:1b:44:76:f0:e1:bc:
68:c2:c9:07:7d:c5:a5:94:53:1d:21:ed:57:71:d7:
1d:fa:93:a7:75:eb:d1:76:c3:c7:46:dc:ac:94:87:
87:52:a1:6a:20:42:86:fd:f4:1e:70:11:19:46:c2:
bc:83:f5:6d:d1:02:d2:de:93:8a:31:c8:92:b2:e1:
62:e8:aa:aa:d5:e9:b4:48:af:3a:2e:a5:ef:a5:37:
f7:54:ca:51:5a:e3:45:08:7c:b8:7b:13:b0:a0:51:
53:91:7c:49:12:06:5a:4e:47:2c:bf:63:6d:69:e8:
52:fa:01:af:cc:57:0e:20:ba:68:1b:c3:fe:78:49:
6f:cc:7e:fb:d1:b9:a9:43:71:0e:83:85:52:dd:8b:
4f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:2B:58:43:7E:86:24:41:39:AE:4C:D0:3D:97:F4:03:42:85:07:36
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A914EE0C/22D53652D67211E4A2122351C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A914EE0C/22D53652D67211E4A2122351C4F9AE02/PitYQ36GJEE5rkzQPZf0A0KFBzY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
132917
sbgp-ipAddrBlock: critical
IPv4:
43.226.8.0/22
103.250.48.0/22
IPv6:
2407:8300::/32
Signature Algorithm: sha256WithRSAEncryption
0b:b7:e8:a5:5d:c7:c8:42:fa:67:27:fc:15:29:2e:45:b7:66:
42:e4:41:42:d9:31:57:22:52:d3:87:bc:b2:b9:0e:ef:69:ba:
25:83:a8:c2:46:23:69:e3:77:27:db:59:02:84:68:53:1d:01:
c5:bf:4f:7d:86:14:d7:94:5e:24:ba:89:dc:33:ae:08:63:30:
c6:82:42:0b:a2:1a:65:1f:c0:f8:ec:11:b9:1b:be:81:02:ee:
39:12:fc:ea:0f:5f:ec:bf:63:99:3e:c5:ab:69:1b:14:f4:b8:
d0:b9:48:8b:00:f6:4a:df:aa:f5:ff:f5:ba:3c:78:4b:e4:bb:
1a:01:2d:66:48:4d:55:1f:6f:7b:c1:08:6a:aa:84:06:41:18:
aa:39:ae:54:4a:cf:c2:a9:03:ac:0b:b3:34:d1:0e:64:9a:25:
8c:94:3c:02:98:7f:1d:f7:48:f8:8b:9e:aa:7c:63:b4:d6:20:
c8:fe:24:dd:e5:fb:9c:31:2f:cb:ad:54:84:83:64:fc:15:cb:
bb:0c:15:e4:9a:08:1b:27:ae:4e:76:78:47:fb:fc:da:af:dd:
55:ac:b8:a1:12:21:e8:77:55:18:09:92:e7:81:03:6e:60:bb:
1f:df:95:8b:9b:e7:af:48:14:e0:fb:46:aa:ad:ea:75:bb:7d:
88:56:ea:67
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAbIGMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDcyNTE0NDY1NloXDTI0MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNEVFMEMxMTAvBgNVBAUTKDNFMkI1ODQzN0U4NjI0NDEzOUFFNENE
MDNEOTdGNDAzNDI4NTA3MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3JcXI99rJiY9MHInd13I4aQ8OleosDxvu4xzv/lkGrBH8ZfD/4kNYvFryhHnq
aoNnxHMkG62oXWIDnebQjLHIGZ0li6DgXon+89JMqeKpl9DWkam06I16UB1kmgYM
VJkIniZbUL7aAObwkfzaGlnsARtEdvDhvGjCyQd9xaWUUx0h7Vdx1x36k6d169F2
w8dG3KyUh4dSoWogQob99B5wERlGwryD9W3RAtLek4oxyJKy4WLoqqrV6bRIrzou
pe+lN/dUylFa40UIfLh7E7CgUVORfEkSBlpORyy/Y21p6FL6Aa/MVw4gumgbw/54
SW/MfvvRualDcQ6DhVLdi0/3AgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUPitYQ36G
JEE5rkzQPZf0A0KFBzYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTRFRTBDLzIyRDUzNjUyRDY3MjExRTRBMjEyMjM1MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0RUUwQy8yMkQ1MzY1MkQ2NzIxMUU0QTIxMjIzNTFDNEY5QUUwMi9QaXRZUTM2
R0pFRTVya3pRUFpmMEEwS0ZCelkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgc1MDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCK+IIAwQCZ/ow
MA0EAgACMAcDBQAkB4MAMA0GCSqGSIb3DQEBCwUAA4IBAQALt+ilXcfIQvpnJ/wV
KS5Ft2ZC5EFC2TFXIlLTh7yyuQ7vabolg6jCRiNp43cn21kChGhTHQHFv099hhTX
lF4kuoncM64IYzDGgkILohplH8D47BG5G76BAu45EvzqD1/sv2OZPsWraRsU9LjQ
uUiLAPZK36r1//W6PHhL5LsaAS1mSE1VH297wQhqqoQGQRiqOa5USs/CqQOsC7M0
0Q5kmiWMlDwCmH8d90j4i56qfGO01iDI/iTd5fucMS/LrVSEg2T8Fcu7DBXkmggb
J65OdnhH+/zar91VrLihEiHod1UYCZLngQNuYLsf35WLm+evSBTg+0aqrep1u32I
Vupn
-----END CERTIFICATE-----
Generated at Sat Apr 20 05:36:59 2024 by rpki-client on console-ams.rpki-client.org