Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wd3DlpuYY8-1oVUoqko5GvIzf0M.cer
File: Wd3DlpuYY8-1oVUoqko5GvIzf0M.cer (raw, json)
Hash identifier: d+2GFaLh7J3OR2TE0V8tD6gSmXJKpiVTidjEhCR0FKE=
Subject key identifier: 59:DD:C3:96:9B:98:63:CF:B5:A1:55:28:AA:4A:39:1A:F2:33:7F:43
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01CFA8
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/Wd3DlpuYY8-1oVUoqko5GvIzf0M.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 04 Dec 2023 18:14:12 +0000
Certificate not after: Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources: AS: 45139
AS: 132348
IP: 111.221.16.0 -- 111.221.27.255
IP: 111.221.29.0 -- 111.221.31.255
IP: 111.221.64.0/18
IP: 163.57.0.0/16
IP: 202.89.224.0/21
IP: 2001:df0:7::/48
IP: 2001:df0:d7:: -- 2001:df0:d9:ffff:ffff:ffff:ffff:ffff
IP: 2404:f800::/30
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118696 (0x1cfa8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Dec 4 18:14:12 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=A91A3E3F/serialNumber=59DDC3969B9863CFB5A15528AA4A391AF2337F43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2f:a8:32:33:81:e9:f1:68:65:32:30:f6:dc:
31:de:17:6b:c2:59:78:b0:53:3e:64:c2:ec:ea:7f:
6c:f3:89:f3:e6:b8:ba:3b:6c:7b:7f:a8:80:0a:90:
ed:31:6a:ef:8a:a2:ff:36:94:b5:2b:7f:48:60:d9:
71:cf:6f:73:2f:e1:60:fc:d0:b8:35:f7:db:74:29:
fc:49:ee:05:75:3b:cf:f3:50:a5:5d:ce:e5:15:eb:
56:11:2e:2c:02:0f:fb:7f:22:ed:c2:2f:fa:7e:17:
51:56:44:e3:e0:fa:29:2f:98:00:28:f5:f5:d3:b5:
ae:b6:bb:3d:21:74:35:00:dc:78:49:d3:1c:00:74:
8d:19:fe:b5:24:0d:0a:aa:66:b2:ec:5c:b7:d0:ff:
b6:8c:63:58:09:4f:60:f2:43:c2:e1:6e:52:a7:9e:
21:c5:a0:13:78:55:fe:27:85:4d:79:f9:f3:20:49:
3f:95:31:8f:21:f7:a2:ed:00:83:e6:2d:55:8b:83:
07:d0:07:af:ca:fe:34:ee:5c:94:20:76:fc:0f:fa:
8f:d5:82:63:ef:48:9c:c3:5b:67:7d:55:cd:99:c3:
da:d8:b3:d9:ee:2e:03:84:67:e6:9d:db:98:70:f5:
42:26:40:0c:ea:91:c4:ac:1b:5d:01:0f:56:0e:10:
b8:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:DD:C3:96:9B:98:63:CF:B5:A1:55:28:AA:4A:39:1A:F2:33:7F:43
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/Wd3DlpuYY8-1oVUoqko5GvIzf0M.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
45139
132348
sbgp-ipAddrBlock: critical
IPv4:
111.221.16.0-111.221.27.255
111.221.29.0-111.221.31.255
111.221.64.0/18
163.57.0.0/16
202.89.224.0/21
IPv6:
2001:df0:7::/48
2001:df0:d7::-2001:df0:d9:ffff:ffff:ffff:ffff:ffff
2404:f800::/30
Signature Algorithm: sha256WithRSAEncryption
ae:82:05:4a:14:00:03:17:30:c2:40:78:c0:9c:11:cc:63:65:
65:49:37:29:ad:e9:2e:ef:81:80:87:12:a8:a6:26:1f:d5:2b:
0b:80:9f:36:f6:d0:fe:42:6b:2b:84:21:d7:72:c2:c5:a8:34:
b9:a1:ee:c5:fa:eb:4d:d8:7e:04:65:49:82:60:b8:63:d0:3e:
46:1a:d9:99:22:aa:6a:a8:db:a7:bc:d0:18:7d:fc:d2:81:ab:
cb:83:ea:8e:61:66:ad:03:73:71:ec:16:6f:d7:c8:7d:7f:db:
49:40:33:5d:3b:de:a2:5b:b2:31:e3:f1:d2:92:fe:d6:5c:b3:
9e:5e:59:72:20:97:bc:6a:d2:3b:99:bf:b4:dd:ee:40:da:af:
d2:7f:59:e1:56:60:56:72:3b:d6:25:78:e1:d2:f4:7a:32:f9:
78:4c:17:c2:7d:7e:f1:c6:61:da:eb:85:30:60:6e:9e:0b:6c:
77:e9:0b:43:1f:e1:34:d0:2d:b6:16:99:2a:fa:be:33:c0:8f:
58:79:10:fa:16:b7:cc:b0:f7:bf:c1:47:51:be:31:b0:7a:aa:
96:72:25:30:08:cb:47:4c:6f:8a:72:e9:75:14:74:94:77:b3:
f2:7c:61:53:5e:3f:33:97:b1:3f:7a:ca:d5:ba:72:0e:8b:4b:
2f:ed:49:98
-----BEGIN CERTIFICATE-----
MIIGcjCCBVqgAwIBAgIDAc+oMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIwNDE4MTQxMloXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTNFM0YxMTAvBgNVBAUTKDU5RERDMzk2OUI5ODYzQ0ZCNUExNTUy
OEFBNEEzOTFBRjIzMzdGNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+L6gyM4Hp8WhlMjD23DHeF2vCWXiwUz5kwuzqf2zzifPmuLo7bHt/qIAKkO0x
au+Kov82lLUrf0hg2XHPb3Mv4WD80Lg199t0KfxJ7gV1O8/zUKVdzuUV61YRLiwC
D/t/Iu3CL/p+F1FWROPg+ikvmAAo9fXTta62uz0hdDUA3HhJ0xwAdI0Z/rUkDQqq
ZrLsXLfQ/7aMY1gJT2DyQ8LhblKnniHFoBN4Vf4nhU15+fMgST+VMY8h96LtAIPm
LVWLgwfQB6/K/jTuXJQgdvwP+o/VgmPvSJzDW2d9Vc2Zw9rYs9nuLgOEZ+ad25hw
9UImQAzqkcSsG10BD1YOELjvAgMBAAGjggNnMIIDYzAdBgNVHQ4EFgQUWd3DlpuY
Y8+1oVUoqko5GvIzf0MwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUEzRTNGL0ZCREZGRUMwNzY4NjExRURBNkNCM0Y0MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBM0UzRi9GQkRGRkVDMDc2ODYxMUVEQTZDQjNGNDFDNEY5QUUwMi9XZDNEbHB1
WVk4LTFvVlVvcWtvNUd2SXpmME0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDALBTAgMCBPwwcgYIKwYBBQUHAQcBAf8EYzBhMDMEAgABMC0wDAMEBG/d
EAMEAm/dGDAMAwQAb90dAwQFb90AAwQGb91AAwMAozkDBAPKWeAwKgQCAAIwJAMH
ACABDfAABzASAwcAIAEN8ADXAwcBIAEN8ADYAwUCJAT4ADANBgkqhkiG9w0BAQsF
AAOCAQEAroIFShQAAxcwwkB4wJwRzGNlZUk3Ka3pLu+BgIcSqKYmH9UrC4CfNvbQ
/kJrK4Qh13LCxag0uaHuxfrrTdh+BGVJgmC4Y9A+RhrZmSKqaqjbp7zQGH380oGr
y4PqjmFmrQNzcewWb9fIfX/bSUAzXTveoluyMePx0pL+1lyznl5ZciCXvGrSO5m/
tN3uQNqv0n9Z4VZgVnI71iV44dL0ejL5eEwXwn1+8cZh2uuFMGBungtsd+kLQx/h
NNAtthaZKvq+M8CPWHkQ+ha3zLD3v8FHUb4xsHqqlnIlMAjLR0xvinLpdRR0lHez
8nxhU14/M5exP3rK1bpyDotLL+1JmA==
-----END CERTIFICATE-----
Generated at Wed May 8 10:08:57 2024 by rpki-client on console-ams.rpki-client.org