Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
File: QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer (raw, json)
Hash identifier: TI7bgrXlyHmzS1Ps0+DcEM+Gdr2q6c7wyOKKbpwoHSg=
Subject key identifier: 40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021917
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 05 Nov 2024 12:57:33 +0000
Certificate not after: Mon 02 Mar 2026 00:00:00 +0000
Subordinate resources: AS: 4788
AS: 9986
AS: 17464
AS: 17971
AS: 18206
AS: 23736
AS: 38322
IP: 1.9.0.0/16
IP: 1.32.0.0/17
IP: 27.146.0.0/16
IP: 42.152.0.0/14
IP: 42.188.0.0/14
IP: 45.116.240.0/21
IP: 49.236.192.0/20
IP: 58.26.0.0 -- 58.27.127.255
IP: 58.139.0.0/16
IP: 60.48.0.0 -- 60.54.255.255
IP: 103.1.104.0/22
IP: 103.4.140.0/22
IP: 103.17.168.0/22
IP: 103.29.240.0/22
IP: 110.159.0.0/16
IP: 112.137.160.0/20
IP: 114.133.0.0/16
IP: 115.132.0.0/14
IP: 115.146.96.0/20
IP: 118.100.0.0/15
IP: 119.110.96.0/20
IP: 120.139.0.0 -- 120.141.255.255
IP: 122.255.96.0/19
IP: 124.13.0.0/16
IP: 124.82.0.0/16
IP: 124.197.224.0/19
IP: 175.136.0.0 -- 175.145.255.255
IP: 180.72.0.0/14
IP: 202.71.96.0/20
IP: 202.75.32.0/19
IP: 202.162.0.0/19
IP: 202.165.0.0/19
IP: 202.171.192.0/20
IP: 202.178.0.0 -- 202.178.79.255
IP: 202.188.0.0/16
IP: 203.106.0.0/16
IP: 203.153.80.0/20
IP: 210.48.144.0/20
IP: 210.186.0.0/15
IP: 210.195.0.0/16
IP: 218.100.22.0/24
IP: 218.111.0.0/16
IP: 218.208.0.0/16
IP: 219.92.0.0 -- 219.94.127.255
IP: 219.95.0.0/16
IP: 223.27.188.0/22
IP: 2001:e68::/32
IP: 2001:4470::/32
IP: 2401:3c00::/32
IP: 2401:b000::/32
IP: 2401:ed40::/32
IP: 2404:b8::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 18:50:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137495 (0x21917)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 5 12:57:33 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ad:a4:92:e1:7e:eb:f7:0e:b7:dd:9f:7c:56:
f1:5b:1c:56:d1:03:b2:dd:53:af:eb:8e:7e:5f:05:
f4:31:82:5c:32:f3:99:68:54:f7:99:b3:a1:33:9b:
f8:ad:6e:0d:16:8b:58:8f:17:7f:ac:8f:4c:e9:af:
74:38:3f:ec:01:00:e0:aa:2b:1e:31:70:f3:a2:06:
1f:08:b1:16:e4:ef:06:fa:cf:e5:67:59:3c:f0:90:
d7:65:f8:b6:83:ca:00:1e:4a:07:df:cc:82:10:6d:
56:57:8e:e8:f5:b3:7b:f7:de:4b:a0:4d:24:12:3c:
b4:e7:09:d9:81:32:57:22:c5:17:ef:3a:fb:83:4b:
ba:4c:43:d2:26:27:15:cb:56:f4:bb:a0:b0:c2:7a:
d5:cc:c5:ee:7b:ad:ce:76:88:e3:32:9c:6b:9b:68:
5c:f3:06:ef:26:7f:64:bc:9e:f1:0b:f7:52:69:67:
cd:66:7d:a4:fb:f7:5d:f3:10:87:9a:4d:17:93:fd:
91:2e:5b:6a:5f:85:43:42:d8:11:d0:c7:08:f3:45:
39:7e:21:60:f8:56:5f:e5:89:9c:3c:d3:d8:ee:ea:
a8:6c:a8:fb:62:64:17:fe:16:0b:f8:f6:50:da:63:
6d:72:03:e0:c6:39:ec:96:f8:cd:29:dc:03:93:e0:
61:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
4788
9986
17464
17971
18206
23736
38322
sbgp-ipAddrBlock: critical
IPv4:
1.9.0.0/16
1.32.0.0/17
27.146.0.0/16
42.152.0.0/14
42.188.0.0/14
45.116.240.0/21
49.236.192.0/20
58.26.0.0-58.27.127.255
58.139.0.0/16
60.48.0.0-60.54.255.255
103.1.104.0/22
103.4.140.0/22
103.17.168.0/22
103.29.240.0/22
110.159.0.0/16
112.137.160.0/20
114.133.0.0/16
115.132.0.0/14
115.146.96.0/20
118.100.0.0/15
119.110.96.0/20
120.139.0.0-120.141.255.255
122.255.96.0/19
124.13.0.0/16
124.82.0.0/16
124.197.224.0/19
175.136.0.0-175.145.255.255
180.72.0.0/14
202.71.96.0/20
202.75.32.0/19
202.162.0.0/19
202.165.0.0/19
202.171.192.0/20
202.178.0.0-202.178.79.255
202.188.0.0/16
203.106.0.0/16
203.153.80.0/20
210.48.144.0/20
210.186.0.0/15
210.195.0.0/16
218.100.22.0/24
218.111.0.0/16
218.208.0.0/16
219.92.0.0-219.94.127.255
219.95.0.0/16
223.27.188.0/22
IPv6:
2001:e68::/32
2001:4470::/32
2401:3c00::/32
2401:b000::/32
2401:ed40::/32
2404:b8::/32
Signature Algorithm: sha256WithRSAEncryption
59:2d:33:4c:6c:b8:17:4f:94:11:92:cf:bb:ed:6a:90:6c:54:
ff:cf:48:e3:51:35:37:28:9c:d9:e8:fd:95:df:70:25:84:b7:
ac:3f:7f:a6:b8:0d:60:d9:16:e9:30:8a:f8:9e:1b:70:2c:c8:
8d:09:1d:27:39:18:62:08:4a:39:59:e9:7b:2d:f6:a9:b8:49:
07:69:4e:ca:6a:41:06:6e:ab:56:cf:5c:b7:06:8e:e1:7f:0c:
74:58:bb:db:4b:83:7d:94:46:bb:9a:d5:c7:86:ea:8e:0e:6f:
21:99:c2:0e:f1:f0:7c:6c:7f:f8:c7:6b:63:8d:0c:44:75:9a:
0a:b2:be:7b:48:83:3a:76:3d:b2:22:54:66:ff:31:ff:a8:ac:
35:eb:68:85:79:95:43:b9:75:9a:a6:33:bc:74:ad:ff:cf:98:
b7:5c:05:f4:89:22:5f:aa:67:21:cb:c2:44:a2:01:21:22:9a:
53:b8:24:5c:f1:a9:1e:25:48:c3:dd:6f:54:1f:b9:92:1d:9f:
70:14:d1:d0:ea:98:ca:19:2d:cd:ed:91:e9:c1:d5:a9:5e:4b:
15:3f:5b:4a:cf:72:dd:ed:4e:83:ff:77:79:89:59:95:43:cf:
02:ab:76:da:22:b9:19:23:96:6f:39:9f:5b:59:f9:98:94:a1:
74:d6:fa:96
-----BEGIN CERTIFICATE-----
MIIHkDCCBnigAwIBAgIDAhkXMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTEwNTEyNTczM1oXDTI2MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMUNBNzgxMTAvBgNVBAUTKDQwNTYyQzE0M0EyOUNCMTlDNzBGRkM5
Qjk5QjYwQkJFQ0QxRDczQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCtraSS4X7r9w633Z98VvFbHFbRA7LdU6/rjn5fBfQxglwy85loVPeZs6Ezm/it
bg0Wi1iPF3+sj0zpr3Q4P+wBAOCqKx4xcPOiBh8IsRbk7wb6z+VnWTzwkNdl+LaD
ygAeSgffzIIQbVZXjuj1s3v33kugTSQSPLTnCdmBMlcixRfvOvuDS7pMQ9ImJxXL
VvS7oLDCetXMxe57rc52iOMynGubaFzzBu8mf2S8nvEL91JpZ81mfaT7913zEIea
TReT/ZEuW2pfhUNC2BHQxwjzRTl+IWD4Vl/liZw809ju6qhsqPtiZBf+Fgv49lDa
Y21yA+DGOeyW+M0p3AOT4GFPAgMBAAGjggSFMIIEgTAdBgNVHQ4EFgQUQFYsFDop
yxnHD/ybmbYLvs0dc7YwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTFDQTc4L0JFODg0NkQyMzVEODExRUFBNzMwRUM0NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExQ0E3OC9CRTg4NDZEMjM1RDgxMUVBQTczMEVDNDZDNEY5QUUwMi9RRllzRkRv
cHl4bkhEX3libWJZTHZzMGRjN1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMgYIKwYBBQUHAQgBAf8EIzAh
oB8wHQICErQCAicCAgJEOAICRjMCAkceAgJcuAIDAJWyMIIBewYIKwYBBQUHAQcB
Af8EggFqMIIBZjCCATAEAgABMIIBKAMDAAEJAwQHASAAAwMAG5IDAwIqmAMDAiq8
AwQDLXTwAwQEMezAMAsDAwE6GgMEBzobAAMDADqLMAoDAwQ8MAMDADw2AwQCZwFo
AwQCZwSMAwQCZxGoAwQCZx3wAwMAbp8DBARwiaADAwByhQMDAnOEAwQEc5JgAwMB
dmQDBAR3bmAwCgMDAHiLAwMBeIwDBAV6/2ADAwB8DQMDAHxSAwQFfMXgMAoDAwOv
iAMDAa+QAwMCtEgDBATKR2ADBAXKSyADBAXKogADBAXKpQADBATKq8AwCwMDAcqy
AwQEyrJAAwMAyrwDAwDLagMEBMuZUAMEBNIwkAMDAdK6AwMA0sMDBADaZBYDAwDa
bwMDANrQMAsDAwLbXAMEB9teAAMDANtfAwQC3xu8MDAEAgACMCoDBQAgAQ5oAwUA
IAFEcAMFACQBPAADBQAkAbAAAwUAJAHtQAMFACQEALgwDQYJKoZIhvcNAQELBQAD
ggEBAFktM0xsuBdPlBGSz7vtapBsVP/PSONRNTconNno/ZXfcCWEt6w/f6a4DWDZ
FukwivieG3AsyI0JHSc5GGIISjlZ6Xst9qm4SQdpTspqQQZuq1bPXLcGjuF/DHRY
u9tLg32URrua1ceG6o4ObyGZwg7x8Hxsf/jHa2ONDER1mgqyvntIgzp2PbIiVGb/
Mf+orDXraIV5lUO5dZqmM7x0rf/PmLdcBfSJIl+qZyHLwkSiASEimlO4JFzxqR4l
SMPdb1QfuZIdn3AU0dDqmMoZLc3tkenB1aleSxU/W0rPct3tToP/d3mJWZVDzwKr
dtoiuRkjlm85n1tZ+ZiUoXTW+pY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:45:28 2024 by rpki-client on console-fra.rpki-client.org