Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
File: QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer (raw, json)
Hash identifier: mAo1i8r2UjhpihKaGGQo6B4wKLTo7DSm7tdv4b1jntw=
Subject key identifier: 40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01CF88
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 04 Dec 2023 12:43:08 +0000
Certificate not after: Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources: AS: 4788
AS: 9986
AS: 17464
AS: 17971
AS: 18206
AS: 23736
AS: 38322
IP: 1.9.0.0/16
IP: 1.32.0.0/17
IP: 27.146.0.0/16
IP: 42.152.0.0/14
IP: 42.188.0.0/14
IP: 45.116.240.0/21
IP: 49.236.192.0/20
IP: 58.26.0.0 -- 58.27.127.255
IP: 58.139.0.0/16
IP: 60.48.0.0 -- 60.54.255.255
IP: 103.1.104.0/22
IP: 103.4.140.0/22
IP: 103.17.168.0/22
IP: 103.29.240.0/22
IP: 110.159.0.0/16
IP: 112.137.160.0/20
IP: 114.133.0.0/16
IP: 115.132.0.0/14
IP: 115.146.96.0/20
IP: 118.100.0.0/15
IP: 119.110.96.0/20
IP: 120.139.0.0 -- 120.141.255.255
IP: 122.255.96.0/19
IP: 124.13.0.0/16
IP: 124.82.0.0/16
IP: 124.197.224.0/19
IP: 175.136.0.0 -- 175.145.255.255
IP: 180.72.0.0/14
IP: 202.71.96.0/20
IP: 202.75.32.0/19
IP: 202.162.0.0/19
IP: 202.165.0.0/19
IP: 202.171.192.0/20
IP: 202.178.0.0 -- 202.178.79.255
IP: 202.188.0.0/16
IP: 203.106.0.0/16
IP: 203.153.80.0/20
IP: 210.48.144.0/20
IP: 210.186.0.0/15
IP: 210.195.0.0/16
IP: 218.100.22.0/24
IP: 218.111.0.0/16
IP: 218.208.0.0/16
IP: 219.92.0.0 -- 219.94.127.255
IP: 219.95.0.0/16
IP: 223.27.188.0/22
IP: 2001:e68::/32
IP: 2001:4470::/32
IP: 2401:3c00::/32
IP: 2401:b000::/32
IP: 2401:ed40::/32
IP: 2404:b8::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 30 Apr 2024 20:53:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118664 (0x1cf88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Dec 4 12:43:08 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ad:a4:92:e1:7e:eb:f7:0e:b7:dd:9f:7c:56:
f1:5b:1c:56:d1:03:b2:dd:53:af:eb:8e:7e:5f:05:
f4:31:82:5c:32:f3:99:68:54:f7:99:b3:a1:33:9b:
f8:ad:6e:0d:16:8b:58:8f:17:7f:ac:8f:4c:e9:af:
74:38:3f:ec:01:00:e0:aa:2b:1e:31:70:f3:a2:06:
1f:08:b1:16:e4:ef:06:fa:cf:e5:67:59:3c:f0:90:
d7:65:f8:b6:83:ca:00:1e:4a:07:df:cc:82:10:6d:
56:57:8e:e8:f5:b3:7b:f7:de:4b:a0:4d:24:12:3c:
b4:e7:09:d9:81:32:57:22:c5:17:ef:3a:fb:83:4b:
ba:4c:43:d2:26:27:15:cb:56:f4:bb:a0:b0:c2:7a:
d5:cc:c5:ee:7b:ad:ce:76:88:e3:32:9c:6b:9b:68:
5c:f3:06:ef:26:7f:64:bc:9e:f1:0b:f7:52:69:67:
cd:66:7d:a4:fb:f7:5d:f3:10:87:9a:4d:17:93:fd:
91:2e:5b:6a:5f:85:43:42:d8:11:d0:c7:08:f3:45:
39:7e:21:60:f8:56:5f:e5:89:9c:3c:d3:d8:ee:ea:
a8:6c:a8:fb:62:64:17:fe:16:0b:f8:f6:50:da:63:
6d:72:03:e0:c6:39:ec:96:f8:cd:29:dc:03:93:e0:
61:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
4788
9986
17464
17971
18206
23736
38322
sbgp-ipAddrBlock: critical
IPv4:
1.9.0.0/16
1.32.0.0/17
27.146.0.0/16
42.152.0.0/14
42.188.0.0/14
45.116.240.0/21
49.236.192.0/20
58.26.0.0-58.27.127.255
58.139.0.0/16
60.48.0.0-60.54.255.255
103.1.104.0/22
103.4.140.0/22
103.17.168.0/22
103.29.240.0/22
110.159.0.0/16
112.137.160.0/20
114.133.0.0/16
115.132.0.0/14
115.146.96.0/20
118.100.0.0/15
119.110.96.0/20
120.139.0.0-120.141.255.255
122.255.96.0/19
124.13.0.0/16
124.82.0.0/16
124.197.224.0/19
175.136.0.0-175.145.255.255
180.72.0.0/14
202.71.96.0/20
202.75.32.0/19
202.162.0.0/19
202.165.0.0/19
202.171.192.0/20
202.178.0.0-202.178.79.255
202.188.0.0/16
203.106.0.0/16
203.153.80.0/20
210.48.144.0/20
210.186.0.0/15
210.195.0.0/16
218.100.22.0/24
218.111.0.0/16
218.208.0.0/16
219.92.0.0-219.94.127.255
219.95.0.0/16
223.27.188.0/22
IPv6:
2001:e68::/32
2001:4470::/32
2401:3c00::/32
2401:b000::/32
2401:ed40::/32
2404:b8::/32
Signature Algorithm: sha256WithRSAEncryption
a3:85:50:cd:f0:93:48:a6:c4:c5:90:10:51:c3:b2:ff:38:62:
46:93:66:6b:b0:ab:6d:4f:e8:1b:b5:b5:3a:43:d2:77:c5:1c:
84:1b:91:b0:62:89:2f:19:b8:55:1b:62:8b:6a:b3:98:8f:e9:
18:d9:c2:bc:ed:c2:c6:dd:d8:3d:a3:29:69:13:cd:49:64:a5:
1f:c8:7f:76:d1:49:05:77:51:09:19:79:89:88:4f:23:b7:16:
e7:d0:10:89:8d:c5:3d:80:af:26:d5:59:36:96:24:d6:c4:8a:
eb:8b:26:94:f4:2e:63:84:6b:48:bc:b7:f5:b6:12:43:4e:be:
71:88:cc:93:c6:fa:b2:ce:f2:6d:86:70:c7:64:50:c3:37:69:
22:95:bb:0f:dd:e9:17:cc:20:ba:0e:23:40:a3:1b:36:40:94:
f7:b4:ad:6e:0c:2a:3c:33:f5:1a:2f:e4:d1:25:29:f0:76:e4:
04:ee:2a:a3:91:bd:80:87:a9:2f:53:eb:de:4b:f7:de:26:0e:
91:08:82:f2:ae:81:01:58:2e:3f:a0:9a:36:33:64:bc:ab:b9:
12:0f:b1:a2:09:89:68:e2:3d:f4:ec:6d:b6:c1:8d:5c:d9:30:
61:f6:30:0e:37:71:0f:b6:e3:f0:5e:0f:ba:ef:9d:1c:85:2b:
8b:4d:d1:55
-----BEGIN CERTIFICATE-----
MIIHkDCCBnigAwIBAgIDAc+IMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIwNDEyNDMwOFoXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMUNBNzgxMTAvBgNVBAUTKDQwNTYyQzE0M0EyOUNCMTlDNzBGRkM5
Qjk5QjYwQkJFQ0QxRDczQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCtraSS4X7r9w633Z98VvFbHFbRA7LdU6/rjn5fBfQxglwy85loVPeZs6Ezm/it
bg0Wi1iPF3+sj0zpr3Q4P+wBAOCqKx4xcPOiBh8IsRbk7wb6z+VnWTzwkNdl+LaD
ygAeSgffzIIQbVZXjuj1s3v33kugTSQSPLTnCdmBMlcixRfvOvuDS7pMQ9ImJxXL
VvS7oLDCetXMxe57rc52iOMynGubaFzzBu8mf2S8nvEL91JpZ81mfaT7913zEIea
TReT/ZEuW2pfhUNC2BHQxwjzRTl+IWD4Vl/liZw809ju6qhsqPtiZBf+Fgv49lDa
Y21yA+DGOeyW+M0p3AOT4GFPAgMBAAGjggSFMIIEgTAdBgNVHQ4EFgQUQFYsFDop
yxnHD/ybmbYLvs0dc7YwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTFDQTc4L0JFODg0NkQyMzVEODExRUFBNzMwRUM0NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExQ0E3OC9CRTg4NDZEMjM1RDgxMUVBQTczMEVDNDZDNEY5QUUwMi9RRllzRkRv
cHl4bkhEX3libWJZTHZzMGRjN1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMgYIKwYBBQUHAQgBAf8EIzAh
oB8wHQICErQCAicCAgJEOAICRjMCAkceAgJcuAIDAJWyMIIBewYIKwYBBQUHAQcB
Af8EggFqMIIBZjCCATAEAgABMIIBKAMDAAEJAwQHASAAAwMAG5IDAwIqmAMDAiq8
AwQDLXTwAwQEMezAMAsDAwE6GgMEBzobAAMDADqLMAoDAwQ8MAMDADw2AwQCZwFo
AwQCZwSMAwQCZxGoAwQCZx3wAwMAbp8DBARwiaADAwByhQMDAnOEAwQEc5JgAwMB
dmQDBAR3bmAwCgMDAHiLAwMBeIwDBAV6/2ADAwB8DQMDAHxSAwQFfMXgMAoDAwOv
iAMDAa+QAwMCtEgDBATKR2ADBAXKSyADBAXKogADBAXKpQADBATKq8AwCwMDAcqy
AwQEyrJAAwMAyrwDAwDLagMEBMuZUAMEBNIwkAMDAdK6AwMA0sMDBADaZBYDAwDa
bwMDANrQMAsDAwLbXAMEB9teAAMDANtfAwQC3xu8MDAEAgACMCoDBQAgAQ5oAwUA
IAFEcAMFACQBPAADBQAkAbAAAwUAJAHtQAMFACQEALgwDQYJKoZIhvcNAQELBQAD
ggEBAKOFUM3wk0imxMWQEFHDsv84YkaTZmuwq21P6Bu1tTpD0nfFHIQbkbBiiS8Z
uFUbYotqs5iP6RjZwrztwsbd2D2jKWkTzUlkpR/If3bRSQV3UQkZeYmITyO3FufQ
EImNxT2ArybVWTaWJNbEiuuLJpT0LmOEa0i8t/W2EkNOvnGIzJPG+rLO8m2GcMdk
UMM3aSKVuw/d6RfMILoOI0CjGzZAlPe0rW4MKjwz9Rov5NElKfB25ATuKqORvYCH
qS9T695L994mDpEIgvKugQFYLj+gmjYzZLyruRIPsaIJiWjiPfTsbbbBjVzZMGH2
MA43cQ+24/BeD7rvnRyFK4tN0VU=
-----END CERTIFICATE-----
Generated at Tue Apr 23 21:34:10 2024 by rpki-client on console-fra.rpki-client.org