Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PqTXApDMqv5dzJxdpfW-J_7d5F4.cer
File: PqTXApDMqv5dzJxdpfW-J_7d5F4.cer (raw, json)
Hash identifier: ucw0MIAxopgb1TG9hyB/ttt0FPIW/vOgxsOivB7oTng=
Subject key identifier: 3E:A4:D7:02:90:CC:AA:FE:5D:CC:9C:5D:A5:F5:BE:27:FE:DD:E4:5E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 020542
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911FA74/6101B5B61D8F11E2847C5FEE08B02CD2/PqTXApDMqv5dzJxdpfW-J_7d5F4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911FA74/6101B5B61D8F11E2847C5FEE08B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 06 Aug 2024 12:58:22 +0000
Certificate not after: Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources: AS: 24543
IP: 202.14.196.0/22
IP: 203.17.32.0/22
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 11:16:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132418 (0x20542)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 6 12:58:22 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=A911FA74/serialNumber=3EA4D70290CCAAFE5DCC9C5DA5F5BE27FEDDE45E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:eb:fc:b9:c1:7e:bc:65:5c:4d:41:ba:3c:d7:
d5:c4:f8:62:05:20:91:46:61:df:ed:ba:a6:b6:38:
50:99:46:2c:80:70:48:75:c6:38:9f:73:eb:a9:0e:
ea:c5:3b:6b:e4:6d:4f:95:dc:36:cf:75:90:84:4a:
5f:4f:a1:c8:9a:e8:f5:98:15:b1:23:90:69:2c:e2:
d7:6c:4a:ba:88:15:79:49:f2:c1:3f:63:e9:eb:ea:
c2:17:8a:63:f1:f9:ba:02:e0:93:fc:84:06:25:32:
df:62:6d:2b:8b:bc:da:6b:88:90:a5:83:46:34:09:
79:28:e6:05:e6:16:11:41:92:f5:a0:b9:1e:9a:04:
43:ad:ce:c3:34:8b:b8:a4:63:e2:4a:96:6d:47:6b:
1d:c8:01:a5:d9:ce:7e:1a:32:30:ce:02:f9:1f:6e:
8d:83:1b:29:78:7e:b6:fd:06:35:da:9e:c9:33:ee:
06:dc:ab:b8:a9:cf:5b:3b:4d:fe:93:d3:98:72:71:
37:f8:2c:bc:09:69:c4:58:a5:de:99:69:e6:02:81:
8c:f8:2c:c8:b4:6e:85:a8:ea:52:56:b1:b0:77:ab:
e4:9a:51:e9:09:ec:ae:5c:10:1b:8e:d1:51:d3:36:
59:54:af:69:9b:d1:e8:5b:eb:3f:aa:73:46:6f:0f:
53:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A4:D7:02:90:CC:AA:FE:5D:CC:9C:5D:A5:F5:BE:27:FE:DD:E4:5E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911FA74/6101B5B61D8F11E2847C5FEE08B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911FA74/6101B5B61D8F11E2847C5FEE08B02CD2/PqTXApDMqv5dzJxdpfW-J_7d5F4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24543
sbgp-ipAddrBlock: critical
IPv4:
202.14.196.0/22
203.17.32.0/22
Signature Algorithm: sha256WithRSAEncryption
29:ae:95:c9:0b:f0:5a:56:be:8b:83:c6:e6:41:f1:d6:a5:72:
24:49:25:a8:37:72:7b:e8:99:d5:4c:bd:dd:f0:4d:97:05:c0:
cb:a4:81:d4:eb:66:d5:3a:02:66:28:a1:36:af:29:12:47:2e:
a9:58:29:d8:c9:a8:dc:4a:72:b7:13:ff:00:0d:69:3c:47:d1:
53:e6:6a:bc:0e:1b:b7:14:d8:64:a4:29:9d:73:ba:1d:dc:13:
96:ab:0e:f8:54:f5:fa:53:d5:9c:80:34:8b:53:65:18:92:3b:
57:d9:c2:3c:46:3e:c5:51:30:31:45:0a:9d:41:10:d9:32:52:
e1:0f:c7:22:10:fe:4e:49:f9:01:df:86:c5:98:17:6d:99:3f:
a6:4c:fa:38:33:aa:fa:09:37:8e:21:0b:62:d8:c2:dc:7a:91:
3d:1d:38:33:fd:a3:5b:5e:e3:3f:3c:dd:f3:da:15:a7:4a:1d:
7a:5a:9c:6c:bf:1b:24:be:72:f1:f5:eb:d1:61:2b:de:89:17:
b8:56:e6:e8:d2:cc:f2:cc:5c:26:1b:3f:9c:b2:f5:cd:71:52:
49:48:ed:2f:d7:72:ba:82:7e:ad:45:39:7d:c4:ea:d1:28:e3:
0d:f2:45:56:a3:94:9f:3b:3c:e1:57:1f:31:bc:df:ec:ae:56:
13:0a:88:0a
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgIDAgVCMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDgwNjEyNTgyMloXDTI1MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMUZBNzQxMTAvBgNVBAUTKDNFQTRENzAyOTBDQ0FBRkU1RENDOUM1
REE1RjVCRTI3RkVEREU0NUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCy6/y5wX68ZVxNQbo819XE+GIFIJFGYd/tuqa2OFCZRiyAcEh1xjifc+upDurF
O2vkbU+V3DbPdZCESl9Pocia6PWYFbEjkGks4tdsSrqIFXlJ8sE/Y+nr6sIXimPx
+boC4JP8hAYlMt9ibSuLvNpriJClg0Y0CXko5gXmFhFBkvWguR6aBEOtzsM0i7ik
Y+JKlm1Hax3IAaXZzn4aMjDOAvkfbo2DGyl4frb9BjXanskz7gbcq7ipz1s7Tf6T
05hycTf4LLwJacRYpd6ZaeYCgYz4LMi0boWo6lJWsbB3q+SaUekJ7K5cEBuO0VHT
NllUr2mb0ehb6z+qc0ZvD1OXAgMBAAGjggMUMIIDEDAdBgNVHQ4EFgQUPqTXApDM
qv5dzJxdpfW+J/7d5F4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTFGQTc0LzYxMDFCNUI2MUQ4RjExRTI4NDdDNUZFRTA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExRkE3NC82MTAxQjVCNjFEOEYxMUUyODQ3QzVGRUUwOEIwMkNEMi9QcVRYQXBE
TXF2NWR6SnhkcGZXLUpfN2Q1RjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICX98wJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBALKDsQDBALLESAw
DQYJKoZIhvcNAQELBQADggEBACmulckL8FpWvouDxuZB8dalciRJJag3cnvomdVM
vd3wTZcFwMukgdTrZtU6AmYooTavKRJHLqlYKdjJqNxKcrcT/wANaTxH0VPmarwO
G7cU2GSkKZ1zuh3cE5arDvhU9fpT1ZyANItTZRiSO1fZwjxGPsVRMDFFCp1BENky
UuEPxyIQ/k5J+QHfhsWYF22ZP6ZM+jgzqvoJN44hC2LYwtx6kT0dODP9o1te4z88
3fPaFadKHXpanGy/GyS+cvH169FhK96JF7hW5ujSzPLMXCYbP5yy9c1xUklI7S/X
crqCfq1FOX3E6tEo4w3yRVajlJ87POFXHzG83+yuVhMKiAo=
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:37:29 2024 by rpki-client on console-ams.rpki-client.org