Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Tbro2kD5Pa7Vun3MvW_VjbYYTMk.cer
File: Tbro2kD5Pa7Vun3MvW_VjbYYTMk.cer (raw, json)
Hash identifier: +xpSTVQGT4bwagaDRwA4CG3ntaqAIKQgtt1KRikdaho=
Subject key identifier: 4D:BA:E8:DA:40:F9:3D:AE:D5:BA:7D:CC:BD:6F:D5:8D:B6:18:4C:C9
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 020BCC
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911155C/A958E30EE62F11EA8E4A324BC4F9AE02/Tbro2kD5Pa7Vun3MvW_VjbYYTMk.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911155C/A958E30EE62F11EA8E4A324BC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 04 Sep 2024 12:22:42 +0000
Certificate not after: Fri 31 Oct 2025 00:00:00 +0000
Subordinate resources: AS: 138001
IP: 103.153.230.0/23
IP: 2406:64c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 04 Dec 2024 01:13:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134092 (0x20bcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Sep 4 12:22:42 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=A911155C/serialNumber=4DBAE8DA40F93DAED5BA7DCCBD6FD58DB6184CC9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:71:9f:c9:63:42:8f:df:32:00:3a:5b:9d:4c:
bf:0a:4a:20:9b:d3:3a:b1:35:1f:23:21:e8:d9:e6:
a3:e0:67:f5:d1:35:92:92:7b:dc:d2:5d:16:c3:6d:
cc:b5:cf:c1:13:e5:f1:bc:54:52:1f:6c:e3:42:ec:
ec:06:bf:5b:dc:bf:d8:05:36:e6:88:9b:1e:06:56:
31:bd:37:ab:85:6b:d1:96:fb:2e:14:2d:9d:2f:11:
53:74:b6:5f:3e:d4:e8:ac:12:3d:04:ad:76:d6:e8:
b7:fc:31:54:ff:31:a7:a9:30:71:68:05:b9:8d:d5:
34:e7:98:ad:4a:29:a7:10:a5:f6:6b:ca:e2:f9:8a:
7a:65:88:e3:f6:70:e5:96:8d:69:75:55:1e:d2:13:
c6:d3:e1:9e:af:1f:c7:3c:b2:c4:df:bf:0a:a6:72:
3b:8c:6d:8c:15:ea:8b:c0:e3:56:cc:82:5a:3b:5a:
8d:5a:10:93:f4:13:5e:24:0e:f1:19:7c:95:92:7a:
d6:bb:0d:69:f7:99:27:84:8a:8f:27:45:4d:88:06:
f1:4e:16:62:7f:cb:41:3d:a7:4f:dc:cb:42:e7:66:
7a:73:2c:49:e6:4e:10:a4:95:69:a7:d4:e5:21:81:
f3:71:a0:d5:74:51:e1:a6:8c:3a:5f:fa:04:8a:d9:
2a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:BA:E8:DA:40:F9:3D:AE:D5:BA:7D:CC:BD:6F:D5:8D:B6:18:4C:C9
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911155C/A958E30EE62F11EA8E4A324BC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911155C/A958E30EE62F11EA8E4A324BC4F9AE02/Tbro2kD5Pa7Vun3MvW_VjbYYTMk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
138001
sbgp-ipAddrBlock: critical
IPv4:
103.153.230.0/23
IPv6:
2406:64c0::/32
Signature Algorithm: sha256WithRSAEncryption
c7:2a:c3:7d:e1:9a:74:1a:da:41:d7:fc:46:c9:f9:84:31:85:
4e:d0:4a:66:f8:f9:9a:dd:60:31:d4:f8:7a:60:14:52:80:85:
ed:17:c1:29:3e:e2:ff:e2:3b:5f:46:e9:8f:07:0a:de:27:86:
eb:de:e5:aa:7d:5d:dc:5e:ee:26:28:07:f3:52:7e:90:46:2d:
f6:25:94:92:17:2a:37:77:1c:7f:83:3d:ee:d3:36:7c:f9:f4:
d7:9c:f7:7a:26:c8:6f:80:95:0e:15:b1:62:d7:44:3e:c3:a9:
6f:57:a4:58:7b:f3:6b:91:15:f8:af:0d:ae:59:01:0c:8f:54:
7b:4a:e5:65:08:9a:fe:34:0f:9e:7f:c7:db:f4:68:d0:e0:bf:
a8:c5:78:55:32:9e:f6:d9:0b:e2:45:91:e2:37:f5:6d:65:93:
0a:23:c6:5a:6a:e3:b0:27:21:c4:4e:2f:c3:27:4b:f0:dc:83:
b0:cf:3a:4b:1f:7b:08:c5:72:19:1d:50:f6:97:97:18:fe:de:
41:2b:95:09:0f:7b:4a:60:b5:81:3d:10:05:5b:0c:47:07:4f:
a1:90:e3:ab:71:83:08:93:37:a1:1a:19:cb:cc:f7:db:6e:93:
e3:35:22:76:55:6e:14:de:04:49:b3:44:61:50:33:18:67:75:
b4:66:c9:c8
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAgvMMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDkwNDEyMjI0MloXDTI1MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTE1NUMxMTAvBgNVBAUTKDREQkFFOERBNDBGOTNEQUVENUJBN0RD
Q0JENkZENThEQjYxODRDQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDRcZ/JY0KP3zIAOludTL8KSiCb0zqxNR8jIejZ5qPgZ/XRNZKSe9zSXRbDbcy1
z8ET5fG8VFIfbONC7OwGv1vcv9gFNuaImx4GVjG9N6uFa9GW+y4ULZ0vEVN0tl8+
1OisEj0ErXbW6Lf8MVT/MaepMHFoBbmN1TTnmK1KKacQpfZryuL5inpliOP2cOWW
jWl1VR7SE8bT4Z6vH8c8ssTfvwqmcjuMbYwV6ovA41bMglo7Wo1aEJP0E14kDvEZ
fJWSeta7DWn3mSeEio8nRU2IBvFOFmJ/y0E9p0/cy0LnZnpzLEnmThCklWmn1OUh
gfNxoNV0UeGmjDpf+gSK2SqFAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUTbro2kD5
Pa7Vun3MvW/VjbYYTMkwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTExNTVDL0E5NThFMzBFRTYyRjExRUE4RTRBMzI0QkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExMTU1Qy9BOTU4RTMwRUU2MkYxMUVBOEU0QTMyNEJDNEY5QUUwMi9UYnJvMmtE
NVBhN1Z1bjNNdldfVmpiWVlUTWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhsRMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ5nmMA0EAgAC
MAcDBQAkBmTAMA0GCSqGSIb3DQEBCwUAA4IBAQDHKsN94Zp0GtpB1/xGyfmEMYVO
0Epm+Pma3WAx1Ph6YBRSgIXtF8EpPuL/4jtfRumPBwreJ4br3uWqfV3cXu4mKAfz
Un6QRi32JZSSFyo3dxx/gz3u0zZ8+fTXnPd6JshvgJUOFbFi10Q+w6lvV6RYe/Nr
kRX4rw2uWQEMj1R7SuVlCJr+NA+ef8fb9GjQ4L+oxXhVMp722QviRZHiN/VtZZMK
I8ZaauOwJyHETi/DJ0vw3IOwzzpLH3sIxXIZHVD2l5cY/t5BK5UJD3tKYLWBPRAF
WwxHB0+hkOOrcYMIkzehGhnLzPfbbpPjNSJ2VW4U3gRJs0RhUDMYZ3W0ZsnI
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:05:07 2024 by rpki-client on console-ams.rpki-client.org