Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDaEOcvF9aRXFdZHa-qmaG0JUbE.cer
File: XDaEOcvF9aRXFdZHa-qmaG0JUbE.cer (raw, json)
Hash identifier: sEdqxVg3WU1FWLOuI3meDlb91BYDaZcKaPFlMGNcFp8=
Subject key identifier: 5C:36:84:39:CB:C5:F5:A4:57:15:D6:47:6B:EA:A6:68:6D:09:51:B1
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021540
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91B23B3/E6465A108E9811EAAB58BD3AC4F9AE02/XDaEOcvF9aRXFdZHa-qmaG0JUbE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91B23B3/E6465A108E9811EAAB58BD3AC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 22 Oct 2024 17:16:32 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 131340
IP: 103.74.228.0/22
IP: 2407:3480::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136512 (0x21540)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 22 17:16:32 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A91B23B3/serialNumber=5C368439CBC5F5A45715D6476BEAA6686D0951B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6e:a8:ab:05:65:15:c7:27:78:09:ef:68:c9:
d1:9d:2d:55:20:35:57:30:1b:e0:81:c3:ac:d5:2d:
73:c1:66:b3:a7:cc:14:e3:84:8e:72:f6:ba:9c:41:
63:2a:6a:ea:7b:5e:16:c8:c0:d7:94:e2:a4:d6:01:
40:98:a8:ab:ea:76:5a:03:65:4d:00:af:98:7f:cf:
10:34:e5:9d:42:e9:e8:b8:12:05:37:19:56:1a:65:
00:d5:02:ce:d6:e7:38:73:84:0c:8e:09:4c:56:59:
c8:b7:f4:33:81:e1:9a:04:f2:7b:7e:0f:7b:cb:5c:
71:f8:66:e1:d7:7c:60:7b:e0:11:53:ae:86:e3:d6:
32:4d:76:8e:79:0e:57:f4:f0:52:c8:bc:82:16:e2:
30:0f:08:a1:2b:e4:9f:f4:b5:13:51:82:d7:26:98:
20:39:d9:2b:86:d7:b7:78:e3:a8:a2:e4:72:f8:df:
52:38:7b:f0:15:74:03:78:49:14:b1:78:11:8d:a8:
f3:01:70:ed:a3:80:5e:31:13:41:f8:be:0f:a8:09:
f4:17:ef:45:85:f0:61:9c:ee:d1:47:bb:b8:65:98:
ec:60:50:f3:b1:86:b4:84:a3:13:b8:45:37:89:b7:
9d:1d:f6:b8:69:58:16:53:e0:aa:c9:c7:d7:55:9a:
d1:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:36:84:39:CB:C5:F5:A4:57:15:D6:47:6B:EA:A6:68:6D:09:51:B1
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B23B3/E6465A108E9811EAAB58BD3AC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B23B3/E6465A108E9811EAAB58BD3AC4F9AE02/XDaEOcvF9aRXFdZHa-qmaG0JUbE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
131340
sbgp-ipAddrBlock: critical
IPv4:
103.74.228.0/22
IPv6:
2407:3480::/32
Signature Algorithm: sha256WithRSAEncryption
39:b8:e9:5e:b4:56:73:76:ad:53:77:16:ef:2a:56:20:66:f6:
61:e0:71:2d:68:56:6f:20:56:ab:03:ce:38:3c:30:db:1b:d6:
60:23:ff:97:66:f5:5b:b6:1a:67:bb:ba:c3:02:9f:cd:17:1c:
35:ab:48:24:08:56:f2:88:42:26:4a:92:fa:2f:2b:ee:c9:aa:
87:c6:05:d8:2c:b2:00:52:72:00:ea:ac:d4:5a:d9:22:d1:67:
8d:48:b1:ad:5a:6e:85:4e:38:76:ac:01:d6:af:79:e4:b5:9b:
d4:55:05:8c:37:4e:d9:a9:e3:c5:db:ad:b2:cd:36:04:ba:e2:
4c:96:46:eb:1a:04:6f:79:64:ba:cb:c5:13:27:c3:71:13:75:
c6:ae:cb:91:94:b2:1d:fd:df:9e:d4:de:0a:e1:93:4e:7c:25:
22:e5:a1:75:92:89:68:24:c1:e8:10:fe:9e:75:78:c2:45:06:
ba:d0:bc:44:8d:53:8a:d6:e2:90:4e:2d:2e:91:3d:28:25:c6:
5d:d2:d1:6d:ca:a5:2a:5e:0f:0f:a9:cd:82:2d:97:a2:02:1e:
99:1c:67:24:d9:50:67:d2:c1:9a:83:9a:0a:5d:a0:3f:73:40:
d7:34:e7:de:d6:73:4c:5a:0e:44:6a:5f:ac:02:2f:a8:a1:0e:
de:c3:7d:77
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAhVAMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTAyMjE3MTYzMloXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjIzQjMxMTAvBgNVBAUTKDVDMzY4NDM5Q0JDNUY1QTQ1NzE1RDY0
NzZCRUFBNjY4NkQwOTUxQjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCybqirBWUVxyd4Ce9oydGdLVUgNVcwG+CBw6zVLXPBZrOnzBTjhI5y9rqcQWMq
aup7XhbIwNeU4qTWAUCYqKvqdloDZU0Ar5h/zxA05Z1C6ei4EgU3GVYaZQDVAs7W
5zhzhAyOCUxWWci39DOB4ZoE8nt+D3vLXHH4ZuHXfGB74BFTrobj1jJNdo55Dlf0
8FLIvIIW4jAPCKEr5J/0tRNRgtcmmCA52SuG17d446ii5HL431I4e/AVdAN4SRSx
eBGNqPMBcO2jgF4xE0H4vg+oCfQX70WF8GGc7tFHu7hlmOxgUPOxhrSEoxO4RTeJ
t50d9rhpWBZT4KrJx9dVmtGjAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUXDaEOcvF
9aRXFdZHa+qmaG0JUbEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUIyM0IzL0U2NDY1QTEwOEU5ODExRUFBQjU4QkQzQUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCMjNCMy9FNjQ2NUExMDhFOTgxMUVBQUI1OEJEM0FDNEY5QUUwMi9YRGFFT2N2
RjlhUlhGZFpIYS1xbWFHMEpVYkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgEMMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ0rkMA0EAgAC
MAcDBQAkBzSAMA0GCSqGSIb3DQEBCwUAA4IBAQA5uOletFZzdq1TdxbvKlYgZvZh
4HEtaFZvIFarA844PDDbG9ZgI/+XZvVbthpnu7rDAp/NFxw1q0gkCFbyiEImSpL6
LyvuyaqHxgXYLLIAUnIA6qzUWtki0WeNSLGtWm6FTjh2rAHWr3nktZvUVQWMN07Z
qePF262yzTYEuuJMlkbrGgRveWS6y8UTJ8NxE3XGrsuRlLId/d+e1N4K4ZNOfCUi
5aF1koloJMHoEP6edXjCRQa60LxEjVOK1uKQTi0ukT0oJcZd0tFtyqUqXg8Pqc2C
LZeiAh6ZHGck2VBn0sGag5oKXaA/c0DXNOfe1nNMWg5Eal+sAi+ooQ7ew313
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:15:28 2024 by rpki-client on console-ams.rpki-client.org