Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
File: Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer (raw, json)
Hash identifier: TBw61Bk7ToooGIelBiLc2C6e517adMg2JD/WC1VlZzc=
Subject key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 020784
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 19 Aug 2024 03:23:11 +0000
Certificate not after: Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources: AS: 7470
AS: 17468
AS: 17552
AS: 17556
AS: 18197
AS: 23717
AS: 23891
AS: 24042
AS: 24067
AS: 24128
AS: 37977
AS: 38002
AS: 38081 -- 38082
AS: 38543
AS: 38554
AS: 38599
AS: 45199 -- 45200
AS: 45805 -- 45807
AS: 55476
AS: 55498
AS: 55538
AS: 55549
AS: 55554
AS: 55646
AS: 55790
AS: 55844
AS: 55867 -- 55868
AS: 58544
AS: 58692
AS: 58806
AS: 131162
AS: 132009
AS: 132013
AS: 132063
AS: 132545
AS: 132605
AS: 133063
AS: 133167
AS: 133376
AS: 133529
AS: 133761
AS: 133791
AS: 133907
AS: 133956
AS: 134095
AS: 134438
AS: 134682
AS: 136182
AS: 136579
AS: 139295
AS: 140689
AS: 151337
AS: 151808
AS: 151825
AS: 152130
IP: 27.123.16.0/22
IP: 27.145.0.0/16
IP: 58.8.0.0/14
IP: 58.97.0.0/17
IP: 61.90.0.0/15
IP: 103.3.176.0/22
IP: 110.168.0.0/14
IP: 113.21.240.0/21
IP: 114.109.0.0/16
IP: 115.87.0.0/16
IP: 116.206.112.0/22
IP: 119.46.0.0/16
IP: 119.76.0.0/16
IP: 122.144.24.0/21
IP: 124.120.0.0 -- 124.122.255.255
IP: 171.96.0.0/13
IP: 182.17.0.0/16
IP: 202.71.112.0/20
IP: 202.93.48.0/20
IP: 202.133.128.0/18
IP: 202.176.64.0 -- 202.176.191.255
IP: 203.118.64.0/18
IP: 203.144.128.0/17
IP: 203.153.128.0/20
IP: 210.86.128.0 -- 210.86.223.255
IP: 210.213.0.0/18
IP: 2001:fb0::/31
IP: 2405:4000::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 05:23:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132996 (0x20784)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 19 03:23:11 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f9:05:65:b8:0b:29:02:55:db:25:62:a8:4a:
3f:18:a7:cc:c7:59:7b:bc:c7:13:20:f5:43:fe:7c:
dc:70:5c:e8:ef:22:ef:46:e1:80:24:af:b7:c5:a3:
fd:b6:40:d9:40:e1:3a:02:da:d6:06:e8:2d:d4:01:
1b:eb:9a:27:c3:1e:a2:bf:b8:66:4e:c3:43:29:93:
61:ab:62:b4:6d:f5:07:fe:66:97:4c:9d:f8:1c:a0:
6a:d2:a9:f6:2c:56:75:0c:62:ea:3e:61:48:24:27:
07:ed:73:0d:89:6e:1a:41:c6:fd:02:b5:eb:4c:ec:
9f:53:9f:5d:03:9b:de:59:81:aa:07:6b:69:b4:d1:
bf:48:d4:64:ef:bc:e1:a3:fc:1b:0a:75:12:b6:d5:
55:14:c5:f9:4c:bd:59:21:43:9f:ab:c7:ec:aa:bb:
3b:60:6f:b5:8f:20:5b:4e:c0:aa:de:62:f1:4e:ec:
43:f4:f5:d1:a6:81:6b:11:5c:88:26:94:10:98:df:
63:7c:30:6b:04:52:f7:13:cd:4e:f7:7c:b7:7e:8e:
c8:c9:32:9e:09:ef:f4:54:99:5e:2d:73:74:d1:31:
35:0c:17:8b:72:a0:5a:b1:a4:02:49:cb:28:04:00:
4e:8c:cd:40:59:c2:af:c3:fb:19:92:9f:ca:20:55:
4f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
7470
17468
17552
17556
18197
23717
23891
24042
24067
24128
37977
38002
38081-38082
38543
38554
38599
45199-45200
45805-45807
55476
55498
55538
55549
55554
55646
55790
55844
55867-55868
58544
58692
58806
131162
132009
132013
132063
132545
132605
133063
133167
133376
133529
133761
133791
133907
133956
134095
134438
134682
136182
136579
139295
140689
151337
151808
151825
152130
sbgp-ipAddrBlock: critical
IPv4:
27.123.16.0/22
27.145.0.0/16
58.8.0.0/14
58.97.0.0/17
61.90.0.0/15
103.3.176.0/22
110.168.0.0/14
113.21.240.0/21
114.109.0.0/16
115.87.0.0/16
116.206.112.0/22
119.46.0.0/16
119.76.0.0/16
122.144.24.0/21
124.120.0.0-124.122.255.255
171.96.0.0/13
182.17.0.0/16
202.71.112.0/20
202.93.48.0/20
202.133.128.0/18
202.176.64.0-202.176.191.255
203.118.64.0/18
203.144.128.0/17
203.153.128.0/20
210.86.128.0-210.86.223.255
210.213.0.0/18
IPv6:
2001:fb0::/31
2405:4000::/32
Signature Algorithm: sha256WithRSAEncryption
44:52:d5:63:2a:22:40:f9:6e:f3:c4:1a:bd:5a:00:27:66:82:
70:53:60:01:3c:34:62:df:b2:b7:43:39:0c:9e:77:97:d9:1f:
be:07:5a:c5:e3:ea:ae:32:24:7e:11:ce:cd:91:b8:db:dd:f8:
f0:3a:af:bf:71:8f:8c:c5:6d:1b:db:76:6d:26:5d:79:ea:2e:
e0:46:cf:23:f7:59:1c:28:ca:a5:ed:81:9d:dc:89:ab:59:73:
6b:ec:70:06:66:56:43:b3:b7:f4:ae:e4:96:a1:48:e7:bd:05:
67:99:a3:d1:1a:17:81:52:3a:ec:ba:42:03:33:ac:c6:36:38:
6c:6e:ac:e1:a4:89:d3:b3:c3:e2:2c:9c:39:7c:da:02:1d:ba:
13:83:b8:53:83:fe:60:4e:66:19:49:4c:2d:46:56:41:1e:0b:
51:e7:9a:bd:f4:92:74:91:da:40:fb:5e:81:5e:71:bf:1b:4c:
f9:8a:7c:6a:46:dc:7d:39:7f:86:9e:77:27:52:13:91:d6:c8:
7b:b7:8d:70:e2:cb:a8:a8:4d:32:f2:ca:da:9a:77:0d:0c:8c:
4b:5b:55:31:8f:11:0d:5a:25:6b:f2:8c:99:5d:48:33:36:50:
18:ba:3c:dc:8d:6a:6d:39:be:0b:42:65:b9:9d:4e:2c:9e:e2:
19:05:8d:94
-----BEGIN CERTIFICATE-----
MIIIATCCBumgAwIBAgIDAgeEMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDgxOTAzMjMxMVoXDTI1MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4
MEFBRkYyMjJBNDM3QUYwMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC4+QVluAspAlXbJWKoSj8Yp8zHWXu8xxMg9UP+fNxwXOjvIu9G4YAkr7fFo/22
QNlA4ToC2tYG6C3UARvrmifDHqK/uGZOw0Mpk2GrYrRt9Qf+ZpdMnfgcoGrSqfYs
VnUMYuo+YUgkJwftcw2JbhpBxv0CtetM7J9Tn10Dm95ZgaoHa2m00b9I1GTvvOGj
/BsKdRK21VUUxflMvVkhQ5+rx+yquztgb7WPIFtOwKreYvFO7EP09dGmgWsRXIgm
lBCY32N8MGsEUvcTzU73fLd+jsjJMp4J7/RUmV4tc3TRMTUMF4tyoFqxpAJJyygE
AE6MzUBZwq/D+xmSn8ogVU8RAgMBAAGjggT2MIIE8jAdBgNVHQ4EFgQUYb8+1MO/
vAkW75SAqv8iKkN68CwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM3QUJDLzcxM0Q5RkIwMUQ3ODExRTI4Mjg2OERDNDA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzN0FCQy83MTNEOUZCMDFENzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1P
X3ZBa1c3NVNBcXY4aUtrTjY4Q3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFCBggrBgEFBQcBCAEB/wSC
ATEwggEtoIIBKTCCASUCAh0uAgJEPAICRJACAkSUAgJHFQICXKUCAl1TAgJd6gIC
XgMCAl5AAgMAlFkCAwCUcjAKAgMAlMECAwCUwgIDAJaPAgMAlpoCAwCWxzAKAgMA
sI8CAwCwkDAKAgMAsu0CAwCy7wIDANi0AgMA2MoCAwDY8gIDANj9AgMA2QICAwDZ
XgIDANnuAgMA2iQwCgIDANo7AgMA2jwCAwDksAIDAOVEAgMA5bYCAwIAWgIDAgOp
AgMCA60CAwID3wIDAgXBAgMCBf0CAwIHxwIDAggvAgMCCQACAwIJmQIDAgqBAgMC
Cp8CAwILEwIDAgtEAgMCC88CAwINJgIDAg4aAgMCE/YCAwIVgwIDAiAfAgMCJZEC
AwJPKQIDAlEAAgMCURECAwJSQjCB2wYIKwYBBQUHAQcBAf8Egcswgcgwga8EAgAB
MIGoAwQCG3sQAwMAG5EDAwI6CAMEBzphAAMDAT1aAwQCZwOwAwMCbqgDBANxFfAD
AwBybQMDAHNXAwQCdM5wAwMAdy4DAwB3TAMEA3qQGDAKAwMDfHgDAwB8egMDA6tg
AwMAthEDBATKR3ADBATKXTADBAbKhYAwDAMEBsqwQAMEBsqwgAMEBst2QAMEB8uQ
gAMEBMuZgDAMAwQH0laAAwQF0lbAAwQG0tUAMBQEAgACMA4DBQEgAQ+wAwUAJAVA
ADANBgkqhkiG9w0BAQsFAAOCAQEARFLVYyoiQPlu88QavVoAJ2aCcFNgATw0Yt+y
t0M5DJ53l9kfvgdaxePqrjIkfhHOzZG429348Dqvv3GPjMVtG9t2bSZdeeou4EbP
I/dZHCjKpe2BndyJq1lza+xwBmZWQ7O39K7klqFI570FZ5mj0RoXgVI67LpCAzOs
xjY4bG6s4aSJ07PD4iycOXzaAh26E4O4U4P+YE5mGUlMLUZWQR4LUeeavfSSdJHa
QPtegV5xvxtM+Yp8akbcfTl/hp53J1ITkdbIe7eNcOLLqKhNMvLK2pp3DQyMS1tV
MY8RDVola/KMmV1IMzZQGLo83I1qbTm+C0JluZ1OLJ7iGQWNlA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:36:59 2024 by rpki-client on console-ams.rpki-client.org