Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-G3qHKaDsu-yLL9mpe3SCbM28U.cer
File: _-G3qHKaDsu-yLL9mpe3SCbM28U.cer (raw, json)
Hash identifier: XOSSUZHK8cfAceYboUU5GeKyI08faDPMIM6GgJbJedc=
Subject key identifier: FF:E1:B7:A8:72:9A:0E:CB:BE:C8:B2:FD:9A:97:B7:48:26:CC:DB:C5
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021A90
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91AE3F2/86A0FB28461611ED92EAAD20C4F9AE02/_-G3qHKaDsu-yLL9mpe3SCbM28U.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91AE3F2/86A0FB28461611ED92EAAD20C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 11 Nov 2024 01:44:33 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: AS: 150345
IP: 103.17.6.0/23
IP: 2400:b3a0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137872 (0x21a90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Nov 11 01:44:33 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A91AE3F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:91:9a:6d:ae:ae:83:e6:0d:1d:59:8c:7e:11:
23:a6:d7:f4:8f:05:42:de:fb:7f:92:37:2f:c6:87:
6e:cb:9e:e0:b3:6a:64:77:8c:16:b8:5e:76:9a:ca:
dd:d3:57:73:90:c9:5c:7d:4d:db:a0:9c:d2:f6:3a:
81:12:33:ff:6d:80:2a:36:c4:fb:d8:05:24:03:21:
af:a9:85:fe:3f:b8:81:58:03:5a:75:88:79:9f:e0:
f6:67:6b:36:25:cf:c5:b7:70:39:85:07:71:1d:aa:
11:26:2c:48:48:85:86:b6:48:b7:d7:1d:af:7a:46:
4b:2f:e6:9b:4b:6f:37:ab:e2:93:a6:2c:30:d1:dd:
ad:6a:68:53:df:99:ab:3e:cb:d5:d5:e5:3d:76:cb:
98:6b:9a:33:83:ba:b4:ed:b4:14:8d:df:83:19:fc:
76:94:25:15:04:39:17:bf:9f:8d:26:2c:2d:a9:80:
e3:25:8c:f5:9b:f4:55:04:9e:38:ab:d1:a9:42:8e:
95:16:bb:93:d9:4d:15:65:28:1a:ba:1a:f7:e6:b1:
e1:c7:4c:28:0c:55:63:49:bd:97:9e:9b:99:43:85:
a6:08:c0:42:ba:65:87:91:ca:c1:ac:0e:d8:27:70:
3f:81:46:35:59:8c:3c:72:80:ec:44:31:bb:63:ed:
91:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:E1:B7:A8:72:9A:0E:CB:BE:C8:B2:FD:9A:97:B7:48:26:CC:DB:C5
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91AE3F2/86A0FB28461611ED92EAAD20C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91AE3F2/86A0FB28461611ED92EAAD20C4F9AE02/_-G3qHKaDsu-yLL9mpe3SCbM28U.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
150345
sbgp-ipAddrBlock: critical
IPv4:
103.17.6.0/23
IPv6:
2400:b3a0::/32
Signature Algorithm: sha256WithRSAEncryption
da:90:ee:b6:43:b4:16:da:02:62:de:cd:86:ba:97:e9:bb:c8:
3b:05:b4:63:26:00:11:6d:49:e5:77:12:c3:63:f9:9b:03:23:
3c:57:9a:96:71:20:52:05:41:1a:39:c4:2e:24:9e:ac:ae:ee:
26:8d:8b:70:64:97:40:08:41:e9:77:a8:14:38:7b:25:68:ad:
32:72:e9:90:6f:5d:6f:db:69:14:4d:d9:23:f9:77:8f:75:4c:
9e:2b:6f:53:9c:99:d7:ef:b8:70:0a:c9:68:ef:bb:b6:62:f5:
19:5a:f4:68:de:68:84:7f:42:b8:c2:70:a6:19:fe:c3:2c:a8:
12:9b:04:73:c5:fc:51:3d:1f:7a:b4:e4:21:e3:7d:0e:1c:19:
e3:5c:5d:94:6b:97:60:dd:c4:8a:33:cd:b0:e3:72:92:5f:83:
c8:10:ff:b4:ef:7f:dd:89:74:51:bc:35:51:ea:a9:b9:c9:08:
70:f5:b4:c5:47:67:04:b3:ec:c7:ba:51:49:f7:da:ef:2a:26:
7f:58:75:e5:48:78:3a:9e:0c:d8:d6:8d:7a:4c:08:79:2b:5b:
98:48:1b:fc:b8:a2:84:b2:02:23:df:0f:97:69:d0:b2:f0:01:
09:dc:84:a2:61:fa:d5:2f:22:72:d5:6c:a1:ab:e6:58:af:60:
f4:32:3f:da
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAhqQMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTExMTAxNDQzM1oXDTI2MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQUUzRjIxMTAvBgNVBAUTKEZGRTFCN0E4NzI5QTBFQ0JCRUM4QjJG
RDlBOTdCNzQ4MjZDQ0RCQzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD6kZptrq6D5g0dWYx+ESOm1/SPBULe+3+SNy/Gh27LnuCzamR3jBa4Xnaayt3T
V3OQyVx9TdugnNL2OoESM/9tgCo2xPvYBSQDIa+phf4/uIFYA1p1iHmf4PZnazYl
z8W3cDmFB3EdqhEmLEhIhYa2SLfXHa96Rksv5ptLbzer4pOmLDDR3a1qaFPfmas+
y9XV5T12y5hrmjODurTttBSN34MZ/HaUJRUEORe/n40mLC2pgOMljPWb9FUEnjir
0alCjpUWu5PZTRVlKBq6GvfmseHHTCgMVWNJvZeem5lDhaYIwEK6ZYeRysGsDtgn
cD+BRjVZjDxygOxEMbtj7ZGrAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQU/+G3qHKa
Dsu+yLL9mpe3SCbM28UwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUFFM0YyLzg2QTBGQjI4NDYxNjExRUQ5MkVBQUQyMEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBRTNGMi84NkEwRkIyODQ2MTYxMUVEOTJFQUFEMjBDNEY5QUUwMi9fLUczcUhL
YURzdS15TEw5bXBlM1NDYk0yOFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAktJMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZxEGMA0EAgAC
MAcDBQAkALOgMA0GCSqGSIb3DQEBCwUAA4IBAQDakO62Q7QW2gJi3s2Gupfpu8g7
BbRjJgARbUnldxLDY/mbAyM8V5qWcSBSBUEaOcQuJJ6sru4mjYtwZJdACEHpd6gU
OHslaK0ycumQb11v22kUTdkj+XePdUyeK29TnJnX77hwCslo77u2YvUZWvRo3miE
f0K4wnCmGf7DLKgSmwRzxfxRPR96tOQh430OHBnjXF2Ua5dg3cSKM82w43KSX4PI
EP+073/diXRRvDVR6qm5yQhw9bTFR2cEs+zHulFJ99rvKiZ/WHXlSHg6ngzY1o16
TAh5K1uYSBv8uKKEsgIj3w+XadCy8AEJ3ISiYfrVLyJy1Wyhq+ZYr2D0Mj/a
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:33 2025 by rpki-client