Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3Z_4wTU8n9REYZLp0O5R5zhSns.cer
File: S3Z_4wTU8n9REYZLp0O5R5zhSns.cer (raw, json)
Hash identifier: uJP27TMVJWVGnzbOhvKP69VPAfRRU9/MtQ7UCWTCDy0=
Subject key identifier: 4B:76:7F:E3:04:D4:F2:7F:51:11:86:4B:A7:43:B9:47:9C:E1:4A:7B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0220EC
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D53AC/03168C4E1D9711E28B6C008008B02CD2/S3Z_4wTU8n9REYZLp0O5R5zhSns.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D53AC/03168C4E1D9711E28B6C008008B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 05 Dec 2024 20:55:50 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: AS: 38891
IP: 103.198.84.0/22
IP: 103.242.16.0/22
IP: 202.176.12.0/24
IP: 203.99.136.0/22
IP: 223.25.248.0/22
IP: 2407:9400::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139500 (0x220ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Dec 5 20:55:50 2024 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=A91D53AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7f:6a:08:62:08:a9:52:84:a7:16:59:19:16:
59:db:4f:98:52:d2:33:9b:35:0c:33:16:05:e1:2f:
5b:fc:95:bf:7d:fa:64:0c:81:f8:cb:1f:10:01:b6:
35:40:bd:2a:cf:ee:1b:3c:75:a6:8f:5d:22:54:c7:
40:f8:57:25:f0:77:41:bb:61:22:51:b1:93:b8:7a:
6d:23:88:b2:5e:f7:3d:e1:12:6d:0c:94:b2:47:77:
33:72:2f:dc:1e:ac:ec:48:7a:02:09:c9:a8:64:e4:
6f:57:0f:e9:83:9b:fb:d1:4d:3d:78:14:17:e0:7a:
53:f3:46:8e:fd:04:c8:44:43:69:5a:d2:aa:4a:b9:
66:ea:a6:14:f3:92:46:97:16:ea:72:59:4a:6e:ae:
09:13:56:1a:08:c6:e2:0b:69:fc:61:a6:03:c6:82:
44:17:9a:5e:36:30:d1:a1:87:36:83:e5:e1:15:3a:
34:59:25:3a:72:a5:17:d3:bc:60:af:d5:ef:07:70:
1e:77:16:2d:7b:dc:58:49:44:22:65:f6:2f:3e:92:
cb:24:4f:c6:cb:7e:d3:fe:87:73:6e:fc:8c:42:73:
ba:71:bb:28:1c:63:de:dd:b5:3c:36:fb:9d:1c:32:
b4:72:d3:99:32:64:9a:d1:a6:dc:21:fe:0e:9f:c5:
f7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:76:7F:E3:04:D4:F2:7F:51:11:86:4B:A7:43:B9:47:9C:E1:4A:7B
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D53AC/03168C4E1D9711E28B6C008008B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D53AC/03168C4E1D9711E28B6C008008B02CD2/S3Z_4wTU8n9REYZLp0O5R5zhSns.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
38891
sbgp-ipAddrBlock: critical
IPv4:
103.198.84.0/22
103.242.16.0/22
202.176.12.0/24
203.99.136.0/22
223.25.248.0/22
IPv6:
2407:9400::/32
Signature Algorithm: sha256WithRSAEncryption
11:05:1b:e5:ec:fe:f5:67:c7:52:cb:af:38:91:49:e3:54:99:
7e:4a:41:6f:56:1d:3e:d0:71:ff:80:45:cb:9e:b8:5a:e8:12:
e9:85:f6:c0:76:12:1d:a4:39:6f:46:85:6e:ad:d4:10:1c:9c:
d7:7e:24:40:5a:ad:a7:d7:bd:46:c6:59:9d:de:93:5a:8a:38:
67:5a:8c:9d:48:57:88:6d:13:15:52:46:08:63:b2:89:21:67:
89:e0:5e:73:e2:77:c6:45:c2:e9:34:2f:87:ca:e9:c1:a2:74:
b0:f7:2e:c1:3d:73:54:d8:80:93:33:28:b9:18:34:4e:b0:0f:
77:75:1c:0d:7d:c6:d3:7c:d0:26:e2:94:8f:58:4d:cd:3b:66:
ff:d1:bd:3e:ed:d2:2e:1f:b5:6a:c3:89:61:fa:7c:af:1a:53:
9e:55:08:71:63:69:14:f1:69:fb:a0:90:45:14:af:c5:52:10:
50:8b:40:02:46:04:20:6b:29:d1:50:58:0a:b9:a8:30:40:ed:
18:48:50:2f:b9:9d:f6:35:11:a6:47:00:16:cf:8b:fb:e7:32:
37:e8:cc:8f:cd:6e:d9:41:33:ce:0e:b0:2d:7c:c7:d9:25:06:
3f:01:01:e8:15:af:9b:6e:cd:02:26:4d:09:48:37:bd:f0:26:
44:d6:b1:e8
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgIDAiDsMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTIwNTIwNTU1MFoXDTI2MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDUzQUMxMTAvBgNVBAUTKDRCNzY3RkUzMDRENEYyN0Y1MTExODY0
QkE3NDNCOTQ3OUNFMTRBN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCrf2oIYgipUoSnFlkZFlnbT5hS0jObNQwzFgXhL1v8lb99+mQMgfjLHxABtjVA
vSrP7hs8daaPXSJUx0D4VyXwd0G7YSJRsZO4em0jiLJe9z3hEm0MlLJHdzNyL9we
rOxIegIJyahk5G9XD+mDm/vRTT14FBfgelPzRo79BMhEQ2la0qpKuWbqphTzkkaX
FupyWUpurgkTVhoIxuILafxhpgPGgkQXml42MNGhhzaD5eEVOjRZJTpypRfTvGCv
1e8HcB53Fi173FhJRCJl9i8+ksskT8bLftP+h3Nu/IxCc7pxuygcY97dtTw2+50c
MrRy05kyZJrRptwh/g6fxfdrAgMBAAGjggM2MIIDMjAdBgNVHQ4EFgQUS3Z/4wTU
8n9REYZLp0O5R5zhSnswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQ1M0FDLzAzMTY4QzRFMUQ5NzExRTI4QjZDMDA4MDA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFENTNBQy8wMzE2OEM0RTFEOTcxMUUyOEI2QzAwODAwOEIwMkNEMi9TM1pfNHdU
VThuOVJFWVpMcDBPNVI1emhTbnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAJfrMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCZ8ZUAwQCZ/IQ
AwQAyrAMAwQCy2OIAwQC3xn4MA0EAgACMAcDBQAkB5QAMA0GCSqGSIb3DQEBCwUA
A4IBAQARBRvl7P71Z8dSy684kUnjVJl+SkFvVh0+0HH/gEXLnrha6BLphfbAdhId
pDlvRoVurdQQHJzXfiRAWq2n171Gxlmd3pNaijhnWoydSFeIbRMVUkYIY7KJIWeJ
4F5z4nfGRcLpNC+HyunBonSw9y7BPXNU2ICTMyi5GDROsA93dRwNfcbTfNAm4pSP
WE3NO2b/0b0+7dIuH7Vqw4lh+nyvGlOeVQhxY2kU8Wn7oJBFFK/FUhBQi0ACRgQg
aynRUFgKuagwQO0YSFAvuZ32NRGmRwAWz4v75zI36MyPzW7ZQTPODrAtfMfZJQY/
AQHoFa+bbs0CJk0JSDe98CZE1rHo
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:19 2025 by rpki-client