Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YG7oXcPEZ_xGSolO1HqfG9MhtEE.cer
File: YG7oXcPEZ_xGSolO1HqfG9MhtEE.cer (raw, json)
Hash identifier: OFB/9N9kHPsROyxEouWz6/AS4DMtqWxZSR07Y7521K0=
Subject key identifier: 60:6E:E8:5D:C3:C4:67:FC:46:4A:89:4E:D4:7A:9F:1B:D3:21:B4:41
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0226E0
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91AF3C6/631CC160F33811EAA63D4154C4F9AE02/YG7oXcPEZ_xGSolO1HqfG9MhtEE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91AF3C6/631CC160F33811EAA63D4154C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 02 Jan 2025 20:12:53 +0000
Certificate not after: Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources: AS: 132857
IP: 43.243.56.0/23
IP: 2407:2b00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141024 (0x226e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 2 20:12:53 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=A91AF3C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:67:07:5a:3d:b1:92:79:21:07:3d:b4:b6:3f:
86:e3:fc:f8:fb:0d:3c:c7:45:52:13:e1:78:56:7c:
ba:02:c0:a3:38:84:4a:7d:78:81:6d:ac:7e:33:96:
39:1e:02:37:ba:a1:08:f3:1c:d5:9e:42:62:cb:8e:
c0:8a:70:10:73:10:73:24:e5:e2:1b:c5:9d:79:61:
8a:7b:f7:93:d4:8c:cd:16:df:5c:09:ca:c0:61:17:
76:57:b5:03:c2:fd:75:f5:b2:28:83:86:02:f2:bc:
f3:62:6f:39:00:89:5a:fe:31:2a:ea:fd:fa:42:f1:
c8:33:0d:c6:35:d5:59:ad:8e:f6:e9:81:7c:26:1b:
fd:0c:d6:0b:c4:5c:cc:a4:72:6b:05:34:a0:5f:47:
ba:9e:bb:0b:eb:61:d8:60:35:96:21:8e:88:47:ad:
5d:a9:7c:62:c4:78:97:d0:17:55:c2:05:4a:20:6a:
b9:c7:aa:d2:83:4d:12:33:f4:56:42:e5:c0:36:d5:
c8:d0:e6:ce:ed:9e:71:99:9e:77:e2:65:e3:48:ee:
a9:99:80:86:14:d5:29:22:2b:d6:49:d0:8f:a7:e9:
92:fb:42:2b:8c:0c:37:0f:19:df:60:c5:99:6a:c6:
c6:1c:c0:65:a5:17:5d:0c:bc:14:f3:5a:5c:e7:5d:
e1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:6E:E8:5D:C3:C4:67:FC:46:4A:89:4E:D4:7A:9F:1B:D3:21:B4:41
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91AF3C6/631CC160F33811EAA63D4154C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91AF3C6/631CC160F33811EAA63D4154C4F9AE02/YG7oXcPEZ_xGSolO1HqfG9MhtEE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
132857
sbgp-ipAddrBlock: critical
IPv4:
43.243.56.0/23
IPv6:
2407:2b00::/32
Signature Algorithm: sha256WithRSAEncryption
87:d0:9b:bd:bf:62:86:e6:56:9e:75:1e:46:c8:52:8d:22:90:
cd:7d:a5:98:ca:12:3f:9a:45:e5:d5:8f:93:ec:2d:b7:b2:a5:
a1:6b:51:d7:7e:2b:7e:b5:68:81:90:64:96:6e:a5:af:74:74:
61:fd:c1:b2:bc:32:bf:41:25:19:32:10:ae:00:0a:07:05:9c:
9e:35:2d:d9:dc:c1:e5:7d:e8:5b:15:67:99:9e:b0:9e:cd:0b:
19:52:61:61:ef:24:a1:e9:b9:ad:ad:05:b5:c0:17:d6:2b:b3:
92:7f:0d:3d:3e:06:8f:d4:e8:ae:b3:3a:70:18:be:93:33:20:
d3:80:3d:2a:11:44:04:c7:cf:54:5b:d8:f1:4b:52:d0:b7:0e:
7a:f2:a2:b1:d9:c8:b6:a1:35:34:2d:ae:d0:af:5a:c5:cf:19:
90:c0:9e:e2:45:ca:83:41:a5:21:77:e4:bc:ed:b8:f7:2a:ca:
f0:35:f6:09:83:c7:d3:27:01:9b:f6:9f:79:67:7e:69:76:82:
89:46:fd:9f:4b:97:89:2b:5a:3e:a7:5a:5c:a5:20:21:81:61:
ea:f8:1a:c5:35:17:9a:93:a5:9a:99:2b:4d:4f:b2:e3:29:34:
0a:1f:12:5b:9c:a7:9e:23:2b:29:22:24:96:7d:f2:4b:95:fd:
6b:42:95:95
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAibgMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDEwMjIwMTI1M1oXDTI1MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQUYzQzYxMTAvBgNVBAUTKDYwNkVFODVEQzNDNDY3RkM0NjRBODk0
RUQ0N0E5RjFCRDMyMUI0NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCkZwdaPbGSeSEHPbS2P4bj/Pj7DTzHRVIT4XhWfLoCwKM4hEp9eIFtrH4zljke
Aje6oQjzHNWeQmLLjsCKcBBzEHMk5eIbxZ15YYp795PUjM0W31wJysBhF3ZXtQPC
/XX1siiDhgLyvPNibzkAiVr+MSrq/fpC8cgzDcY11VmtjvbpgXwmG/0M1gvEXMyk
cmsFNKBfR7qeuwvrYdhgNZYhjohHrV2pfGLEeJfQF1XCBUogarnHqtKDTRIz9FZC
5cA21cjQ5s7tnnGZnnfiZeNI7qmZgIYU1SkiK9ZJ0I+n6ZL7QiuMDDcPGd9gxZlq
xsYcwGWlF10MvBTzWlznXeEpAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUYG7oXcPE
Z/xGSolO1HqfG9MhtEEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUFGM0M2LzYzMUNDMTYwRjMzODExRUFBNjNENDE1NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBRjNDNi82MzFDQzE2MEYzMzgxMUVBQTYzRDQxNTRDNEY5QUUwMi9ZRzdvWGNQ
RVpfeEdTb2xPMUhxZkc5TWh0RUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgb5MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBK/M4MA0EAgAC
MAcDBQAkBysAMA0GCSqGSIb3DQEBCwUAA4IBAQCH0Ju9v2KG5laedR5GyFKNIpDN
faWYyhI/mkXl1Y+T7C23sqWha1HXfit+tWiBkGSWbqWvdHRh/cGyvDK/QSUZMhCu
AAoHBZyeNS3Z3MHlfehbFWeZnrCezQsZUmFh7ySh6bmtrQW1wBfWK7OSfw09PgaP
1OiuszpwGL6TMyDTgD0qEUQEx89UW9jxS1LQtw568qKx2ci2oTU0La7Qr1rFzxmQ
wJ7iRcqDQaUhd+S87bj3KsrwNfYJg8fTJwGb9p95Z35pdoKJRv2fS5eJK1o+p1pc
pSAhgWHq+BrFNReak6WamStNT7LjKTQKHxJbnKeeIyspIiSWffJLlf1rQpWV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:36 2025 by rpki-client