Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QgBM9ryh-lZCT17qJPYqkrJc3s8.cer
File: QgBM9ryh-lZCT17qJPYqkrJc3s8.cer (raw, json)
Hash identifier: y/uIbkglBuvcTtu4SW7LB/z4SsAfbHgDHBbE/AuUCNs=
Subject key identifier: 42:00:4C:F6:BC:A1:FA:56:42:4F:5E:EA:24:F6:2A:92:B2:5C:DE:CF
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021DB3
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.mft
caRepository: rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 26 Nov 2024 17:22:45 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: AS: 141342
AS: 152638
IP: 103.157.40.0/23
IP: 2400:8220::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138675 (0x21db3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Nov 26 17:22:45 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A919960D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:98:b2:6e:f0:ca:b1:cb:79:11:6b:7f:21:db:
5c:27:5f:65:22:d0:37:89:61:fe:40:8f:ab:66:b3:
69:64:f6:00:f1:d1:37:e4:f5:b1:cc:5e:13:d6:91:
77:ea:0f:de:c6:fb:55:c2:83:78:e8:90:c3:89:d1:
ee:00:ba:8c:f6:25:0f:bc:e0:ac:fd:41:c5:34:0c:
f3:13:08:5a:4a:9e:55:13:e2:5d:e3:6e:c9:ad:44:
10:5a:4c:2c:59:78:e7:74:85:20:9b:e2:24:bb:50:
32:c7:f5:de:25:fa:05:83:bd:1a:01:bd:9f:a2:23:
aa:4f:ba:aa:9f:73:55:05:8a:5a:61:b8:55:dc:ba:
04:6a:5a:4a:87:87:9d:e5:4d:b1:33:aa:75:3a:65:
68:c8:b6:d9:96:52:8e:81:75:ec:92:af:a3:4c:86:
11:84:d1:23:d9:0e:52:6e:69:27:b9:7f:3f:99:82:
85:d6:5d:39:d3:f7:e1:8a:e7:8f:e8:0d:0f:27:4f:
5a:96:0f:f6:b7:ca:94:24:07:3e:4e:96:69:2a:4f:
ed:5a:11:e4:f3:66:42:07:d5:d0:6b:d1:1b:ef:b9:
8a:ea:91:53:62:53:7e:54:bc:fc:f1:7c:1c:00:17:
e8:97:9a:29:3a:fd:77:12:70:9f:ca:84:23:5c:1d:
60:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:00:4C:F6:BC:A1:FA:56:42:4F:5E:EA:24:F6:2A:92:B2:5C:DE:CF
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
141342
152638
sbgp-ipAddrBlock: critical
IPv4:
103.157.40.0/23
IPv6:
2400:8220::/32
Signature Algorithm: sha256WithRSAEncryption
b0:ce:0e:3f:92:ca:50:c0:91:b8:da:d6:b0:39:75:8e:e4:7b:
31:f1:6b:3d:a2:28:74:4c:ae:90:78:6b:d2:0b:ca:85:ab:3d:
c4:38:6c:26:15:dd:94:56:69:4c:47:64:be:00:7a:00:51:e2:
a2:60:b0:fd:7b:22:c7:fe:69:68:82:72:9d:af:db:ca:57:39:
0e:16:b9:cb:a0:70:65:f1:a8:82:06:18:8e:88:72:18:71:68:
0f:17:0b:22:ef:95:ad:f0:43:a5:25:58:76:e3:74:55:fe:ef:
3d:e9:88:d0:07:5f:45:4f:7b:6b:bd:1c:37:8a:76:27:88:5d:
50:97:c8:4c:8d:72:d7:1f:99:ea:61:49:33:1b:e6:65:6a:0e:
d6:63:30:51:d5:04:9d:a7:c4:e5:a9:c1:3f:c8:14:48:c0:28:
b3:95:09:a6:dc:85:0e:41:b5:94:78:dc:ea:a6:a0:11:2e:94:
b2:4d:41:91:77:56:16:73:94:cd:40:47:24:f8:d3:59:67:9e:
94:25:4c:59:10:50:60:27:ed:34:94:2f:c3:93:e3:56:6d:62:
9c:af:5a:7b:15:69:0a:4c:cf:db:50:0f:f9:3d:9d:68:bb:55:
e9:30:55:44:b5:b2:45:b5:97:41:dc:c9:93:27:e0:15:de:30:
0a:31:0e:14
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgIDAh2zMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTEyNjE3MjI0NVoXDTI2MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTk2MEQxMTAvBgNVBAUTKDQyMDA0Q0Y2QkNBMUZBNTY0MjRGNUVF
QTI0RjYyQTkyQjI1Q0RFQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC9mLJu8Mqxy3kRa38h21wnX2Ui0DeJYf5Aj6tms2lk9gDx0Tfk9bHMXhPWkXfq
D97G+1XCg3jokMOJ0e4Auoz2JQ+84Kz9QcU0DPMTCFpKnlUT4l3jbsmtRBBaTCxZ
eOd0hSCb4iS7UDLH9d4l+gWDvRoBvZ+iI6pPuqqfc1UFilphuFXcugRqWkqHh53l
TbEzqnU6ZWjIttmWUo6BdeySr6NMhhGE0SPZDlJuaSe5fz+ZgoXWXTnT9+GK54/o
DQ8nT1qWD/a3ypQkBz5OlmkqT+1aEeTzZkIH1dBr0RvvuYrqkVNiU35UvPzxfBwA
F+iXmik6/XcScJ/KhCNcHWCtAgMBAAGjggMjMIIDHzAdBgNVHQ4EFgQUQgBM9ryh
+lZCT17qJPYqkrJc3s8wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTk5NjBEL0JEMEI2NEM2OEREQTExRUQ4NzNBNzQ4N0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5OTYwRC9CRDBCNjRDNjhEREExMUVEODczQTc0ODdDNEY5QUUwMi9RZ0JNOXJ5
aC1sWkNUMTdxSlBZcWtySmMzczgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDAigeAgMCVD4wLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAFnnSgw
DQQCAAIwBwMFACQAgiAwDQYJKoZIhvcNAQELBQADggEBALDODj+SylDAkbja1rA5
dY7kezHxaz2iKHRMrpB4a9ILyoWrPcQ4bCYV3ZRWaUxHZL4AegBR4qJgsP17Isf+
aWiCcp2v28pXOQ4WucugcGXxqIIGGI6IchhxaA8XCyLvla3wQ6UlWHbjdFX+7z3p
iNAHX0VPe2u9HDeKdieIXVCXyEyNctcfmephSTMb5mVqDtZjMFHVBJ2nxOWpwT/I
FEjAKLOVCabchQ5BtZR43OqmoBEulLJNQZF3VhZzlM1ARyT401lnnpQlTFkQUGAn
7TSUL8OT41ZtYpyvWnsVaQpMz9tQD/k9nWi7VekwVUS1skW1l0HcyZMn4BXeMAox
DhQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:26 2025 by rpki-client