Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XozcAfwJtFN0mgHuUjmzXt4kvmw.cer
File: XozcAfwJtFN0mgHuUjmzXt4kvmw.cer (raw, json)
Hash identifier: txTpUANDufKyl998jkzCSqVqcD14wvxJqKNAGCuGtuc=
Subject key identifier: 5E:8C:DC:01:FC:09:B4:53:74:9A:01:EE:52:39:B3:5E:DE:24:BE:6C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01E23E
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91F4CFA/1C2FAB2E305911EBB835C130C4F9AE02/XozcAfwJtFN0mgHuUjmzXt4kvmw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91F4CFA/1C2FAB2E305911EBB835C130C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sat 02 Mar 2024 04:22:53 +0000
Certificate not after: Wed 28 May 2025 00:00:00 +0000
Subordinate resources: AS: 136388
IP: 103.86.92.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123454 (0x1e23e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Mar 2 04:22:53 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=A91F4CFA/serialNumber=5E8CDC01FC09B453749A01EE5239B35EDE24BE6C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:32:c0:60:f6:12:2b:87:f4:df:68:3a:86:a3:
91:4a:06:60:ee:70:40:c3:32:27:5f:69:e9:02:25:
ca:58:81:15:01:96:35:66:7f:d1:fc:7d:85:0c:55:
5d:22:b8:35:99:99:1a:e8:dc:0c:5a:04:80:0b:8f:
d6:34:71:15:48:ca:0a:e0:77:f2:7b:8f:a6:07:be:
73:9c:ae:fb:4f:80:72:47:6b:51:fe:f4:c1:62:94:
c2:c6:c8:4c:ca:33:df:a6:51:1b:fa:6c:f5:1a:b1:
a6:62:b4:3d:3f:18:c2:1a:ee:e4:2f:44:9c:f0:88:
ea:6a:18:9d:e7:7e:58:30:10:69:8b:15:24:12:be:
35:e2:50:f0:e8:da:3b:75:e4:65:f6:e6:44:e1:c9:
a9:6d:6c:5e:f8:40:4e:c3:b8:de:da:97:bc:d7:29:
fc:9c:82:b2:09:85:1f:72:fe:f4:85:cb:9b:69:e0:
89:1d:88:d9:1c:5c:fc:13:43:34:20:d5:25:1c:36:
19:43:d0:10:cd:25:62:92:66:97:84:45:78:4c:a7:
83:20:c8:1e:18:e7:a3:3d:9f:3f:63:29:d8:37:61:
99:8a:61:3b:7a:16:a2:91:2c:4c:a3:37:f6:e1:a1:
66:87:35:cd:00:19:8d:0f:9a:23:e4:fa:d9:ed:2b:
5e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:8C:DC:01:FC:09:B4:53:74:9A:01:EE:52:39:B3:5E:DE:24:BE:6C
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F4CFA/1C2FAB2E305911EBB835C130C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F4CFA/1C2FAB2E305911EBB835C130C4F9AE02/XozcAfwJtFN0mgHuUjmzXt4kvmw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
136388
sbgp-ipAddrBlock: critical
IPv4:
103.86.92.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:38:38:8c:aa:43:c7:0e:2f:9f:ee:91:59:b8:11:cb:bc:08:
3c:fd:bd:04:58:b5:09:21:83:19:23:9e:33:44:6a:51:80:25:
33:63:b5:cd:cc:70:c4:5f:8b:58:ed:6f:95:1b:b4:3d:01:9d:
8d:a1:b6:55:b2:3b:b9:2e:42:fa:da:28:c9:95:7d:aa:73:fe:
45:f2:5c:02:9d:e0:12:f1:34:57:2a:0e:ad:da:a3:8f:4a:40:
28:32:3c:41:6b:52:c3:b3:da:3b:1c:6d:be:33:ad:67:59:de:
9f:4c:47:c9:9b:e1:07:24:e2:c5:6a:b8:0e:03:46:4d:5d:7f:
6c:e5:cf:f8:09:f7:d3:42:dc:78:ef:3d:de:a0:33:9e:36:18:
a8:6a:00:60:d7:68:08:b7:27:09:f1:13:b7:bd:af:62:7a:de:
a3:4f:4f:27:22:7d:29:43:5a:c1:03:0d:dd:52:1e:f1:a5:cc:
f4:70:a3:de:86:d6:d7:84:43:da:cf:1d:aa:ae:8f:93:76:b3:
f8:d1:33:58:1e:98:b1:53:bd:bd:89:e2:3e:88:59:7a:d8:18:
0e:9d:5d:31:0f:39:4f:72:41:16:43:f2:a6:b4:b5:67:06:fb:
85:a8:c0:3d:60:95:ea:6c:8c:9f:52:95:53:6c:06:7f:1e:c5:
16:27:32:24
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAeI+MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMwMjA0MjI1M1oXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRjRDRkExMTAvBgNVBAUTKDVFOENEQzAxRkMwOUI0NTM3NDlBMDFF
RTUyMzlCMzVFREUyNEJFNkMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3MsBg9hIrh/TfaDqGo5FKBmDucEDDMidfaekCJcpYgRUBljVmf9H8fYUMVV0i
uDWZmRro3AxaBIALj9Y0cRVIygrgd/J7j6YHvnOcrvtPgHJHa1H+9MFilMLGyEzK
M9+mURv6bPUasaZitD0/GMIa7uQvRJzwiOpqGJ3nflgwEGmLFSQSvjXiUPDo2jt1
5GX25kThyaltbF74QE7DuN7al7zXKfycgrIJhR9y/vSFy5tp4IkdiNkcXPwTQzQg
1SUcNhlD0BDNJWKSZpeERXhMp4MgyB4Y56M9nz9jKdg3YZmKYTt6FqKRLEyjN/bh
oWaHNc0AGY0PmiPk+tntK153AgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUXozcAfwJ
tFN0mgHuUjmzXt4kvmwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUY0Q0ZBLzFDMkZBQjJFMzA1OTExRUJCODM1QzEzMEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGNENGQS8xQzJGQUIyRTMwNTkxMUVCQjgzNUMxMzBDNEY5QUUwMi9Yb3pjQWZ3
SnRGTjBtZ0h1VWptelh0NGt2bXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhTEMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ1ZcMA0GCSqG
SIb3DQEBCwUAA4IBAQAPODiMqkPHDi+f7pFZuBHLvAg8/b0EWLUJIYMZI54zRGpR
gCUzY7XNzHDEX4tY7W+VG7Q9AZ2NobZVsju5LkL62ijJlX2qc/5F8lwCneAS8TRX
Kg6t2qOPSkAoMjxBa1LDs9o7HG2+M61nWd6fTEfJm+EHJOLFargOA0ZNXX9s5c/4
CffTQtx47z3eoDOeNhioagBg12gItycJ8RO3va9iet6jT08nIn0pQ1rBAw3dUh7x
pcz0cKPehtbXhEPazx2qro+TdrP40TNYHpixU729ieI+iFl62BgOnV0xDzlPckEW
Q/KmtLVnBvuFqMA9YJXqbIyfUpVTbAZ/HsUWJzIk
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:59:45 2024 by rpki-client on console-ams.rpki-client.org