Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QpEbEJ1G6IZh-oVhbIEoA8WrPGQ.cer
File: QpEbEJ1G6IZh-oVhbIEoA8WrPGQ.cer (raw, json)
Hash identifier: xxUkuGVFITo5kbca3w2aVlMacsXiGUKsSh/OE/rkVlc=
Subject key identifier: 42:91:1B:10:9D:46:E8:86:61:FA:85:61:6C:81:28:03:C5:AB:3C:64
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021FC1
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E0435/D2885BC4445D11EBA517457EC4F9AE02/QpEbEJ1G6IZh-oVhbIEoA8WrPGQ.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E0435/D2885BC4445D11EBA517457EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 02 Dec 2024 21:51:29 +0000
Certificate not after: Mon 02 Mar 2026 00:00:00 +0000
Subordinate resources: AS: 141456
IP: 103.160.8.0/24
IP: 103.160.20.0/24
IP: 2001:df1:3a40::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139201 (0x21fc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Dec 2 21:51:29 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=A91E0435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:74:3b:85:df:b5:cf:8a:87:8f:f4:19:e0:fc:
6f:90:38:b2:70:db:84:ca:6b:83:fa:2f:08:fc:eb:
13:cb:2b:b4:d7:4b:f2:9d:6e:b8:e2:34:b4:ab:56:
19:2b:d7:60:86:65:3b:8c:07:ae:99:e3:9f:35:b3:
09:b2:91:7c:6d:49:ca:7f:13:50:df:25:a7:38:95:
46:7e:5a:b3:c2:b1:b0:fe:c3:7d:0f:b8:c7:67:1c:
ca:bf:98:44:ef:20:ba:52:bb:11:52:a2:10:f3:6f:
65:3f:83:24:81:e1:0f:0f:88:55:c4:d7:cf:22:94:
e8:c8:b6:c9:97:3f:a5:e3:23:9b:44:63:c5:b8:02:
13:18:ce:06:da:15:e8:ce:16:34:bf:e9:11:62:22:
dd:7e:db:65:90:33:d4:f0:7a:2e:f6:72:db:59:33:
d4:57:94:90:9c:74:72:f7:4e:20:ce:11:ce:20:4c:
bd:7d:ad:11:f1:7b:c6:9c:97:31:2d:79:2f:a4:0b:
97:c4:e2:7f:da:b4:43:3a:41:1c:c3:ba:88:ff:93:
49:f2:ac:e0:13:10:84:86:ac:78:33:92:29:41:0f:
bd:d1:62:bd:4d:a0:66:86:47:f5:44:e4:78:02:0a:
d7:4c:ce:70:2d:cf:d4:fa:c0:5e:0f:fd:76:db:70:
06:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:91:1B:10:9D:46:E8:86:61:FA:85:61:6C:81:28:03:C5:AB:3C:64
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E0435/D2885BC4445D11EBA517457EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E0435/D2885BC4445D11EBA517457EC4F9AE02/QpEbEJ1G6IZh-oVhbIEoA8WrPGQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
141456
sbgp-ipAddrBlock: critical
IPv4:
103.160.8.0/24
103.160.20.0/24
IPv6:
2001:df1:3a40::/48
Signature Algorithm: sha256WithRSAEncryption
11:11:ef:f2:54:26:12:7a:27:a5:1a:a7:11:fd:98:e3:08:6c:
96:a3:39:b4:07:c8:f4:28:e9:f3:77:89:49:6c:3a:79:43:76:
19:94:c2:54:a8:46:90:a5:e0:bb:81:fa:2a:78:a7:58:f1:b4:
a5:07:ef:29:3c:9c:c1:24:c4:fd:24:99:fb:9f:55:90:81:d1:
fb:9b:e0:c2:01:56:c8:f1:30:a2:a3:91:fa:36:ac:c3:38:ea:
01:2f:fd:fe:ce:dc:89:6a:f0:bf:d7:fb:a1:80:0e:8b:1e:04:
c7:10:1a:80:a5:89:97:3d:87:a8:7d:90:36:2f:5f:d9:d0:f6:
67:ed:86:ce:09:48:fd:1b:55:e8:bd:cc:a1:03:fb:42:18:f9:
f2:a7:ff:90:46:fc:89:7e:b2:ba:05:cf:98:91:fc:83:a5:7e:
87:ee:fe:44:e6:7b:a7:26:a4:69:46:29:05:f8:7e:4e:c5:3e:
01:72:66:3b:92:d2:7b:40:64:42:34:61:83:04:36:4f:f0:e7:
55:1e:0a:79:1b:a6:d0:cb:aa:b9:76:bd:b5:91:ba:85:04:51:
26:02:2b:26:67:a2:dd:96:56:3b:1e:80:cc:a3:e8:39:c2:ef:
e9:07:93:be:30:a7:7a:5a:52:c0:20:1b:c7:dc:57:03:0c:7d:
71:36:ec:65
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIDAh/BMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTIwMjIxNTEyOVoXDTI2MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTA0MzUxMTAvBgNVBAUTKDQyOTExQjEwOUQ0NkU4ODY2MUZBODU2
MTZDODEyODAzQzVBQjNDNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCkdDuF37XPioeP9Bng/G+QOLJw24TKa4P6Lwj86xPLK7TXS/KdbrjiNLSrVhkr
12CGZTuMB66Z4581swmykXxtScp/E1DfJac4lUZ+WrPCsbD+w30PuMdnHMq/mETv
ILpSuxFSohDzb2U/gySB4Q8PiFXE188ilOjItsmXP6XjI5tEY8W4AhMYzgbaFejO
FjS/6RFiIt1+22WQM9Twei72cttZM9RXlJCcdHL3TiDOEc4gTL19rRHxe8aclzEt
eS+kC5fE4n/atEM6QRzDuoj/k0nyrOATEISGrHgzkilBD73RYr1NoGaGR/VE5HgC
CtdMznAtz9T6wF4P/XbbcAafAgMBAAGjggMmMIIDIjAdBgNVHQ4EFgQUQpEbEJ1G
6IZh+oVhbIEoA8WrPGQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUUwNDM1L0QyODg1QkM0NDQ1RDExRUJBNTE3NDU3RUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFMDQzNS9EMjg4NUJDNDQ0NUQxMUVCQTUxNzQ1N0VDNEY5QUUwMi9RcEViRUox
RzZJWmgtb1ZoYklFb0E4V3JQR1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiiQMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAZ6AIAwQAZ6AU
MA8EAgACMAkDBwAgAQ3xOkAwDQYJKoZIhvcNAQELBQADggEBABER7/JUJhJ6J6Ua
pxH9mOMIbJajObQHyPQo6fN3iUlsOnlDdhmUwlSoRpCl4LuB+ip4p1jxtKUH7yk8
nMEkxP0kmfufVZCB0fub4MIBVsjxMKKjkfo2rMM46gEv/f7O3Ilq8L/X+6GADose
BMcQGoCliZc9h6h9kDYvX9nQ9mfths4JSP0bVei9zKED+0IY+fKn/5BG/Il+sroF
z5iR/IOlfofu/kTme6cmpGlGKQX4fk7FPgFyZjuS0ntAZEI0YYMENk/w51UeCnkb
ptDLqrl2vbWRuoUEUSYCKyZnot2WVjsegMyj6DnC7+kHk74wp3paUsAgG8fcVwMM
fXE27GU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:08 2025 by rpki-client