Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WLTfjkdXyv3lRi9KGvhw_iFE3Fs.cer
File: WLTfjkdXyv3lRi9KGvhw_iFE3Fs.cer (raw, json)
Hash identifier: hvOQQTupmfRY1ky/zKKUpXd8QGCcUzsfgIViaRJbbkE=
Subject key identifier: 58:B4:DF:8E:47:57:CA:FD:E5:46:2F:4A:1A:F8:70:FE:21:44:DC:5B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01CD41
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A912C72C/8EC6140EC3AA11EB870EA91CC4F9AE02/WLTfjkdXyv3lRi9KGvhw_iFE3Fs.mft
caRepository: rsync://rpki.apnic.net/member_repository/A912C72C/8EC6140EC3AA11EB870EA91CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 28 Nov 2023 13:55:17 +0000
Certificate not after: Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources: AS: 59210
AS: 136899
IP: 103.243.172.0/22
IP: 2401:bc40::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 08 May 2024 18:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118081 (0x1cd41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 28 13:55:17 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=A912C72C/serialNumber=58B4DF8E4757CAFDE5462F4A1AF870FE2144DC5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:86:0b:65:26:e0:8c:70:5e:61:f6:71:ce:a1:
aa:50:5b:ca:76:af:f6:46:9b:e1:03:4d:92:97:b1:
2d:a0:a9:0c:4f:6c:cd:1f:7f:d7:bf:ea:4b:2c:b3:
fb:1d:45:fc:61:72:47:67:42:75:2f:53:b6:d4:d7:
b2:6e:cd:1a:fe:fa:11:50:13:35:5e:6c:d0:b0:ff:
40:10:c6:22:10:f2:f8:a2:bc:bf:f9:2d:90:09:aa:
12:72:5d:b2:df:19:e1:7b:9a:d0:07:42:b2:1b:1a:
8c:7c:02:ec:39:51:32:67:a1:d4:cd:f1:fc:95:5e:
de:4f:04:34:ff:44:99:c1:be:19:61:03:9c:67:4f:
6d:cf:df:45:b0:35:e4:2a:8f:26:3d:34:84:6c:4d:
e9:68:48:7a:2d:f6:e7:47:15:97:34:80:42:77:da:
49:cc:f0:4f:a9:7b:1e:4d:06:5f:e2:ee:b0:7d:f1:
c8:d8:a2:a1:2a:b5:a7:97:8b:80:01:4e:b3:d8:21:
18:ca:60:cf:c9:01:e8:ee:ec:32:99:79:ac:fb:7f:
2d:d2:42:6e:e8:ee:2f:47:7e:ac:83:0b:f4:7f:1e:
69:f3:b1:8a:ca:a1:fd:71:c0:9f:64:23:33:99:49:
8c:20:06:98:0b:ae:95:e7:90:29:6e:8d:c3:58:45:
27:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:B4:DF:8E:47:57:CA:FD:E5:46:2F:4A:1A:F8:70:FE:21:44:DC:5B
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912C72C/8EC6140EC3AA11EB870EA91CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912C72C/8EC6140EC3AA11EB870EA91CC4F9AE02/WLTfjkdXyv3lRi9KGvhw_iFE3Fs.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
59210
136899
sbgp-ipAddrBlock: critical
IPv4:
103.243.172.0/22
IPv6:
2401:bc40::/32
Signature Algorithm: sha256WithRSAEncryption
27:c2:a7:20:f3:a9:6b:c9:fe:9d:01:f1:ce:f0:2b:e5:34:38:
bc:54:96:96:3a:dc:e2:e2:2c:20:68:2e:de:ff:2e:c5:b6:5b:
4a:8b:99:2f:0a:0e:15:ff:a2:1b:97:b9:97:e0:cb:71:3a:33:
3b:26:2e:b0:82:62:d1:20:d9:43:cc:f5:0c:91:5d:71:c5:d2:
a5:b0:40:e8:da:05:7c:c2:3a:41:70:6f:f5:ab:19:01:70:db:
93:d5:9f:a9:1a:4f:38:52:1e:ac:ee:2a:22:90:65:51:4e:06:
17:24:c4:da:dd:44:4c:f6:31:e7:7a:1e:89:ac:e1:e9:ce:da:
11:98:e5:e3:8a:a4:17:8b:ad:ef:00:7d:6c:12:ca:4c:54:f1:
4d:6c:64:a4:e0:e1:ce:d5:f4:74:2d:3e:85:ed:ac:f2:0c:38:
23:11:f8:79:08:2b:12:77:9d:65:a9:36:69:9f:62:4d:ad:09:
91:38:38:84:fc:13:1c:20:8c:e4:b5:0a:cf:16:d4:28:5d:00:
e0:cc:5a:9f:6d:80:45:5e:b1:a8:7a:a1:08:ab:1c:ab:15:ba:
4d:1f:2c:e8:df:89:78:de:10:b5:76:20:41:d3:f4:aa:00:e8:
ba:46:b3:e1:ee:c4:a2:c7:fa:00:84:1f:77:28:7d:e5:b0:c6:
ee:03:42:60
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgIDAc1BMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEyODEzNTUxN1oXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMkM3MkMxMTAvBgNVBAUTKDU4QjRERjhFNDc1N0NBRkRFNTQ2MkY0
QTFBRjg3MEZFMjE0NERDNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCyhgtlJuCMcF5h9nHOoapQW8p2r/ZGm+EDTZKXsS2gqQxPbM0ff9e/6ksss/sd
RfxhckdnQnUvU7bU17JuzRr++hFQEzVebNCw/0AQxiIQ8viivL/5LZAJqhJyXbLf
GeF7mtAHQrIbGox8Auw5UTJnodTN8fyVXt5PBDT/RJnBvhlhA5xnT23P30WwNeQq
jyY9NIRsTeloSHot9udHFZc0gEJ32knM8E+pex5NBl/i7rB98cjYoqEqtaeXi4AB
TrPYIRjKYM/JAeju7DKZeaz7fy3SQm7o7i9HfqyDC/R/HmnzsYrKof1xwJ9kIzOZ
SYwgBpgLrpXnkClujcNYRSfFAgMBAAGjggMjMIIDHzAdBgNVHQ4EFgQUWLTfjkdX
yv3lRi9KGvhw/iFE3FswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTJDNzJDLzhFQzYxNDBFQzNBQTExRUI4NzBFQTkxQ0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyQzcyQy84RUM2MTQwRUMzQUExMUVCODcwRUE5MUNDNEY5QUUwMi9XTFRmamtk
WHl2M2xSaTlLR3Zod19pRkUzRnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDAOdKAgMCFsMwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJn86ww
DQQCAAIwBwMFACQBvEAwDQYJKoZIhvcNAQELBQADggEBACfCpyDzqWvJ/p0B8c7w
K+U0OLxUlpY63OLiLCBoLt7/LsW2W0qLmS8KDhX/ohuXuZfgy3E6MzsmLrCCYtEg
2UPM9QyRXXHF0qWwQOjaBXzCOkFwb/WrGQFw25PVn6kaTzhSHqzuKiKQZVFOBhck
xNrdREz2Med6Homs4enO2hGY5eOKpBeLre8AfWwSykxU8U1sZKTg4c7V9HQtPoXt
rPIMOCMR+HkIKxJ3nWWpNmmfYk2tCZE4OIT8ExwgjOS1Cs8W1ChdAODMWp9tgEVe
sah6oQirHKsVuk0fLOjfiXjeELV2IEHT9KoA6LpGs+HuxKLH+gCEH3cofeWwxu4D
QmA=
-----END CERTIFICATE-----
Generated at Wed May 1 19:14:03 2024 by rpki-client on console-fra.rpki-client.org