Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ud1ef6bEFkQcstiqGJX8SfP5a3o.cer
File: Ud1ef6bEFkQcstiqGJX8SfP5a3o.cer (raw, json)
Hash identifier: rYFc/UYvNfQANHtlwJvlzRKY0ZkxT8AMXdkNaHnDZ3Q=
Subject key identifier: 51:DD:5E:7F:A6:C4:16:44:1C:B2:D8:AA:18:95:FC:49:F3:F9:6B:7A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01D4E1
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91324F2/FA37C846124A11ED9DD30F62C4F9AE02/Ud1ef6bEFkQcstiqGJX8SfP5a3o.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91324F2/FA37C846124A11ED9DD30F62C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 29 Dec 2023 03:46:11 +0000
Certificate not after: Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources: AS: 137211
AS: 138439
IP: 103.105.36.0/22
IP: 2402:2740::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 May 2024 21:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120033 (0x1d4e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Dec 29 03:46:11 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=A91324F2/serialNumber=51DD5E7FA6C416441CB2D8AA1895FC49F3F96B7A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:17:72:69:72:e9:1d:92:e9:9f:de:f7:91:86:
ef:ae:ca:67:66:1a:71:e4:70:8d:80:56:09:b8:a5:
58:9f:ed:b4:2a:58:ca:90:c5:42:2e:31:88:b8:ca:
03:d7:fc:01:27:7b:8f:75:23:48:78:61:6f:40:53:
e0:50:91:70:77:bb:92:3c:24:6a:97:3f:ce:d0:94:
02:1b:7d:29:c8:46:af:62:ff:93:ff:4a:87:2e:eb:
01:11:41:a5:9f:65:99:0d:e9:1f:db:4f:ec:38:0b:
24:a5:56:e7:1f:00:6e:86:83:02:7b:70:02:30:5d:
a3:2a:43:d2:1c:da:04:e5:92:21:23:f0:26:75:4e:
45:50:d2:0b:4e:25:de:0a:8a:22:c8:bf:eb:39:fc:
5b:61:ee:02:b1:50:a8:1b:eb:4b:ca:01:63:f7:c9:
d8:52:44:52:35:25:09:12:eb:51:d0:08:8e:4d:98:
31:fb:5a:91:de:50:fd:98:fd:02:88:be:fa:55:6a:
46:47:db:49:f0:4c:a3:09:03:09:fb:bb:3b:53:2a:
1f:26:a2:fe:b2:12:84:00:b7:4f:5b:1c:da:ae:c0:
0b:24:17:9e:04:70:ff:3d:f4:8d:e5:68:05:98:3f:
83:d1:4c:f5:d2:b5:f6:26:db:84:ea:e2:c4:c9:4e:
37:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:DD:5E:7F:A6:C4:16:44:1C:B2:D8:AA:18:95:FC:49:F3:F9:6B:7A
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91324F2/FA37C846124A11ED9DD30F62C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91324F2/FA37C846124A11ED9DD30F62C4F9AE02/Ud1ef6bEFkQcstiqGJX8SfP5a3o.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
137211
138439
sbgp-ipAddrBlock: critical
IPv4:
103.105.36.0/22
IPv6:
2402:2740::/32
Signature Algorithm: sha256WithRSAEncryption
8e:dc:2a:5e:5a:d0:d9:ab:aa:6d:76:23:43:fc:e7:df:e4:98:
07:1b:b2:5a:fb:0c:0b:a6:16:32:07:65:43:a5:d8:1e:8d:59:
fc:0b:24:bb:94:23:8a:8c:c8:4b:cb:42:0d:0e:52:b3:aa:7c:
d8:79:2e:05:e2:28:0f:49:14:5c:79:21:a7:eb:14:2e:b5:d4:
40:35:3a:6a:04:37:25:a3:f1:33:77:8e:65:62:43:40:4d:24:
92:fc:72:7a:07:73:2f:b6:1d:07:5c:22:99:9c:a8:bf:1d:19:
8c:6a:50:70:e8:bb:21:fc:e9:2e:a4:1a:57:a9:88:db:b6:61:
a3:14:36:45:49:dc:5f:d3:5f:5a:2f:23:51:2b:61:52:55:b6:
ae:c1:3b:45:19:59:b7:d3:6a:cb:c8:42:3e:e3:62:6f:61:ef:
5f:58:b2:b7:57:43:d6:9b:ef:e2:ff:3a:53:83:8e:ec:16:7e:
3f:bf:4e:73:e1:ac:8d:da:de:b4:ca:3a:72:55:3b:63:76:22:
50:bc:14:0a:77:29:61:98:0b:57:ed:88:8d:ea:0a:89:13:6a:
86:4a:84:5b:6e:96:43:a8:08:d9:a3:ea:e5:44:3f:2a:ed:c7:
1b:22:4c:b7:ec:1a:5e:80:c5:ae:14:e8:a5:62:42:57:0e:62:
20:89:97:7f
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgIDAdThMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIyOTAzNDYxMVoXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzI0RjIxMTAvBgNVBAUTKDUxREQ1RTdGQTZDNDE2NDQxQ0IyRDhB
QTE4OTVGQzQ5RjNGOTZCN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDEF3Jpcukdkumf3veRhu+uymdmGnHkcI2AVgm4pVif7bQqWMqQxUIuMYi4ygPX
/AEne491I0h4YW9AU+BQkXB3u5I8JGqXP87QlAIbfSnIRq9i/5P/Socu6wERQaWf
ZZkN6R/bT+w4CySlVucfAG6GgwJ7cAIwXaMqQ9Ic2gTlkiEj8CZ1TkVQ0gtOJd4K
iiLIv+s5/Fth7gKxUKgb60vKAWP3ydhSRFI1JQkS61HQCI5NmDH7WpHeUP2Y/QKI
vvpVakZH20nwTKMJAwn7uztTKh8mov6yEoQAt09bHNquwAskF54EcP899I3laAWY
P4PRTPXStfYm24Tq4sTJTjefAgMBAAGjggMjMIIDHzAdBgNVHQ4EFgQUUd1ef6bE
FkQcstiqGJX8SfP5a3owHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTMyNEYyL0ZBMzdDODQ2MTI0QTExRUQ5REQzMEY2MkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzMjRGMi9GQTM3Qzg0NjEyNEExMUVEOUREMzBGNjJDNEY5QUUwMi9VZDFlZjZi
RUZrUWNzdGlxR0pYOFNmUDVhM28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDAhf7AgMCHMcwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJnaSQw
DQQCAAIwBwMFACQCJ0AwDQYJKoZIhvcNAQELBQADggEBAI7cKl5a0Nmrqm12I0P8
59/kmAcbslr7DAumFjIHZUOl2B6NWfwLJLuUI4qMyEvLQg0OUrOqfNh5LgXiKA9J
FFx5IafrFC611EA1OmoENyWj8TN3jmViQ0BNJJL8cnoHcy+2HQdcIpmcqL8dGYxq
UHDouyH86S6kGlepiNu2YaMUNkVJ3F/TX1ovI1ErYVJVtq7BO0UZWbfTasvIQj7j
Ym9h719YsrdXQ9ab7+L/OlODjuwWfj+/TnPhrI3a3rTKOnJVO2N2IlC8FAp3KWGY
C1ftiI3qCokTaoZKhFtulkOoCNmj6uVEPyrtxxsiTLfsGl6Axa4U6KViQlcOYiCJ
l38=
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:34:24 2024 by rpki-client on console-fra.rpki-client.org