Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
File: RED2xCLpUAx9RqYtfetw0zqIdQ4.cer (raw, json)
Hash identifier: pfV8Mwxq3AMyj2n2VksWeG9MVijUswpqjFsyLh0AH9s=
Subject key identifier: 44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01DD96
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 05 Feb 2024 23:41:36 +0000
Certificate not after: Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources: AS: 4651 -- 4652
AS: 9335
AS: 9931
AS: 18252
AS: 131089 -- 131090
AS: 135566
AS: 139474
AS: 139591
AS: 152463
IP: 61.7.128.0/17
IP: 61.19.0.0/16
IP: 103.10.228.0/22
IP: 110.77.128.0 -- 110.78.255.255
IP: 114.131.0.0/16
IP: 116.58.224.0/19
IP: 119.42.64.0/18
IP: 122.154.0.0/15
IP: 202.3.68.0/22
IP: 202.6.107.0/24
IP: 202.47.224.0/19
IP: 202.129.0.0/18
IP: 202.139.192.0/19
IP: 2001:c38::/31
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 05:23:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122262 (0x1dd96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Feb 5 23:41:36 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=A9125475/serialNumber=4440F6C422E9500C7D46A62D7DEB70D33A88750E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:70:e0:83:f4:54:9a:aa:e3:e8:06:7f:9b:98:
70:d6:cb:27:f0:82:8c:51:b3:53:4c:07:8a:31:71:
e8:10:7c:02:12:49:cc:58:96:20:bc:88:00:71:5b:
05:4e:66:1a:36:ed:3a:06:97:2f:25:69:4f:c7:55:
7e:33:1b:d7:2b:27:1c:30:20:a9:a2:88:5e:17:83:
4b:c5:5f:af:ad:24:89:0c:17:49:a5:50:b0:68:01:
b6:d3:94:46:8b:1c:82:bf:cc:fb:3e:05:ca:3f:29:
b0:75:4a:64:3d:1a:a1:12:65:92:ef:ab:0c:16:cb:
43:06:cd:f1:73:06:6d:a0:12:21:35:1f:70:35:1b:
98:78:05:e9:eb:d4:5b:09:b4:c9:8e:26:96:a8:8a:
94:8a:92:aa:7a:55:8d:70:5c:28:63:3d:bc:1b:74:
0d:9b:d2:28:f1:78:fb:c7:e1:7d:11:d9:d1:6d:60:
d6:64:38:f7:28:82:b7:93:6c:1e:9e:49:a5:ca:a0:
42:9e:ae:c5:4c:08:c4:76:89:5f:aa:73:26:a8:57:
30:ad:62:3e:4b:be:a5:08:08:22:06:c5:8b:ac:e5:
9f:6b:cc:bd:bd:bc:1a:63:85:e8:c1:83:ca:03:43:
8c:f0:91:2d:e5:b5:ef:71:95:c3:be:28:2c:73:14:
26:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
4651-4652
9335
9931
18252
131089-131090
135566
139474
139591
152463
sbgp-ipAddrBlock: critical
IPv4:
61.7.128.0/17
61.19.0.0/16
103.10.228.0/22
110.77.128.0-110.78.255.255
114.131.0.0/16
116.58.224.0/19
119.42.64.0/18
122.154.0.0/15
202.3.68.0/22
202.6.107.0/24
202.47.224.0/19
202.129.0.0/18
202.139.192.0/19
IPv6:
2001:c38::/31
Signature Algorithm: sha256WithRSAEncryption
1b:e6:c2:97:ea:a6:bf:17:31:10:44:e5:fd:8b:6a:de:e5:df:
f8:59:21:c1:cf:ce:b8:18:17:bf:cd:07:1d:4b:05:d3:cf:a4:
aa:9b:7f:57:f5:73:b0:ab:ef:f1:5b:ad:7b:91:20:26:89:95:
aa:b7:b5:c3:14:b7:7b:47:19:72:0a:59:f2:98:34:74:1c:34:
7c:f3:ac:58:39:ed:cd:4c:45:6e:38:1b:0a:0a:ad:a6:d2:98:
cd:da:d9:88:8f:a7:3b:52:bf:e6:5e:86:13:da:36:7c:75:31:
ae:f9:fb:ee:e6:85:72:35:17:8f:59:9d:09:22:0d:df:b2:8a:
fd:57:e1:4e:3f:58:99:95:02:8f:64:bd:7f:f7:32:65:ea:87:
5d:78:b9:c3:a2:97:f3:44:77:46:b0:1f:32:c7:64:cc:32:97:
46:19:99:06:db:9c:eb:07:e4:4a:fd:f9:fe:76:63:c2:21:f0:
1b:e1:4c:b5:63:4d:13:1f:a1:ee:e5:e5:cc:c1:eb:3a:2f:7f:
d5:41:03:92:24:ee:ee:f0:4e:b0:de:02:bb:40:f6:56:2a:65:
53:a8:8c:86:67:70:90:1f:83:e4:d4:ca:92:64:34:ac:83:26:
4b:ea:74:c0:4a:a2:81:ed:0f:c8:65:0f:e4:0e:55:d1:16:84:
7e:c2:72:43
-----BEGIN CERTIFICATE-----
MIIGpjCCBY6gAwIBAgIDAd2WMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIwNTIzNDEzNloXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjU0NzUxMTAvBgNVBAUTKDQ0NDBGNkM0MjJFOTUwMEM3RDQ2QTYy
RDdERUI3MEQzM0E4ODc1MEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDlcOCD9FSaquPoBn+bmHDWyyfwgoxRs1NMB4oxcegQfAISScxYliC8iABxWwVO
Zho27ToGly8laU/HVX4zG9crJxwwIKmiiF4Xg0vFX6+tJIkMF0mlULBoAbbTlEaL
HIK/zPs+Bco/KbB1SmQ9GqESZZLvqwwWy0MGzfFzBm2gEiE1H3A1G5h4Benr1FsJ
tMmOJpaoipSKkqp6VY1wXChjPbwbdA2b0ijxePvH4X0R2dFtYNZkOPcogreTbB6e
SaXKoEKersVMCMR2iV+qcyaoVzCtYj5LvqUICCIGxYus5Z9rzL29vBpjhejBg8oD
Q4zwkS3lte9xlcO+KCxzFCb1AgMBAAGjggObMIIDlzAdBgNVHQ4EFgQURED2xCLp
UAx9RqYtfetw0zqIdQ4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTI1NDc1L0FCNDQ3OTcyMUQ3ODExRTJBREI2RjJDNDA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyNTQ3NS9BQjQ0Nzk3MjFENzgxMUUyQURCNkYyQzQwOEIwMkNEMi9SRUQyeENM
cFVBeDlScVl0ZmV0dzB6cUlkUTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQgBAf8EPDA6
oDgwNjAIAgISKwICEiwCAiR3AgImywICR0wwCgIDAgARAgMCABICAwIRjgIDAiDS
AgMCIUcCAwJTjzB6BggrBgEFBQcBBwEB/wRrMGkwWAQCAAEwUgMEBz0HgAMDAD0T
AwQCZwrkMAsDBAduTYADAwBuTgMDAHKDAwQFdDrgAwQGdypAAwMBepoDBALKA0QD
BADKBmsDBAXKL+ADBAbKgQADBAXKi8AwDQQCAAIwBwMFASABDDgwDQYJKoZIhvcN
AQELBQADggEBABvmwpfqpr8XMRBE5f2Lat7l3/hZIcHPzrgYF7/NBx1LBdPPpKqb
f1f1c7Cr7/FbrXuRICaJlaq3tcMUt3tHGXIKWfKYNHQcNHzzrFg57c1MRW44GwoK
rabSmM3a2YiPpztSv+ZehhPaNnx1Ma75++7mhXI1F49ZnQkiDd+yiv1X4U4/WJmV
Ao9kvX/3MmXqh114ucOil/NEd0awHzLHZMwyl0YZmQbbnOsH5Er9+f52Y8Ih8Bvh
TLVjTRMfoe7l5czB6zovf9VBA5Ik7u7wTrDeArtA9lYqZVOojIZncJAfg+TUypJk
NKyDJkvqdMBKooHtD8hlD+QOVdEWhH7CckM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:36:54 2024 by rpki-client on console-ams.rpki-client.org