Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a5tdFBgYlY1zBFgvJU6hddhD4_0.cer
File: a5tdFBgYlY1zBFgvJU6hddhD4_0.cer (raw, json)
Hash identifier: 4uaGPy1NwWuyYdQwo/UbbH8wSmEgTTaPdFSIczwAwWk=
Subject key identifier: 6B:9B:5D:14:18:18:95:8D:73:04:58:2F:25:4E:A1:75:D8:43:E3:FD
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01EAAE
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91359CD/185FFC2882DB11EAAC2CD60AC4F9AE02/a5tdFBgYlY1zBFgvJU6hddhD4_0.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91359CD/185FFC2882DB11EAAC2CD60AC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 09 Apr 2024 13:31:37 +0000
Certificate not after: Thu 01 May 2025 00:00:00 +0000
Subordinate resources: AS: 136029
IP: 103.149.23.0/24
IP: 2001:df3:a80::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 30 Apr 2024 21:54:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125614 (0x1eaae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 9 13:31:37 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=A91359CD/serialNumber=6B9B5D141818958D7304582F254EA175D843E3FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6f:ca:aa:be:eb:52:59:6e:20:a1:51:ad:07:
58:ad:59:18:30:27:ef:e0:04:00:0e:fe:ac:64:75:
13:03:fd:38:74:9a:d4:c8:ce:f3:2f:1f:7a:b0:bb:
56:05:b9:cb:50:a0:1e:15:58:59:ff:e7:4f:bf:d2:
d9:4e:6a:02:c6:b4:17:54:10:84:87:78:1d:c7:7c:
c6:f9:02:ea:26:46:8c:32:bb:84:12:9f:7c:9b:a5:
57:38:41:5f:fc:62:7c:28:2c:c4:db:79:df:f5:04:
ca:9b:5a:72:45:64:4d:dd:52:28:5d:09:07:fb:4e:
92:93:79:67:16:48:38:64:a5:89:9c:be:b0:6b:8d:
a9:da:e8:27:72:c3:24:9f:50:23:5e:e0:59:f0:ba:
4a:c0:14:9e:9c:0b:d3:f2:da:cb:5d:15:53:d3:42:
94:c0:80:f4:78:2a:ca:28:95:0f:34:30:d5:e9:8e:
2a:d3:8a:f0:44:cd:5f:23:df:15:e3:25:04:9a:ee:
75:7d:e0:19:ea:58:b1:97:7f:e7:21:82:3d:2f:84:
6e:40:ea:ad:2e:df:1b:2b:31:d2:10:a5:8a:c0:bc:
2b:6a:65:0b:c6:0b:30:6a:ca:3c:f6:af:85:87:60:
b2:9d:e4:ce:73:67:85:5c:b7:ce:58:36:0b:e5:d4:
f6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:9B:5D:14:18:18:95:8D:73:04:58:2F:25:4E:A1:75:D8:43:E3:FD
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91359CD/185FFC2882DB11EAAC2CD60AC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91359CD/185FFC2882DB11EAAC2CD60AC4F9AE02/a5tdFBgYlY1zBFgvJU6hddhD4_0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
136029
sbgp-ipAddrBlock: critical
IPv4:
103.149.23.0/24
IPv6:
2001:df3:a80::/48
Signature Algorithm: sha256WithRSAEncryption
07:d1:15:3f:fe:dd:f3:52:43:d7:11:fa:55:ff:5e:85:19:47:
2d:59:8b:d5:7b:9e:f0:98:43:0f:86:b7:cf:04:3b:a0:58:c8:
b6:8a:fe:62:94:bb:66:33:c9:e7:da:b3:4b:34:17:cc:fa:d7:
82:65:f3:7e:cd:2b:7d:96:19:8b:e0:45:48:95:8e:e0:23:e6:
6e:17:ce:34:32:3b:20:81:f3:e0:b7:2f:e8:82:f7:c3:50:a8:
80:49:5d:a2:62:76:a4:ff:bd:2e:a3:e8:68:da:47:e1:c0:a5:
46:e3:d6:6f:81:d3:f8:29:38:f7:ef:80:ef:65:1a:ab:49:e6:
34:bb:7d:d3:ed:8d:92:fb:4a:0e:67:f2:e5:d6:5f:ee:b7:c4:
38:a4:43:87:cb:37:8e:11:88:ee:db:03:5a:3c:07:9f:fb:59:
05:67:82:04:c2:df:5b:8d:c8:8c:14:4c:6f:e9:80:9e:be:05:
f9:96:86:67:11:c0:9f:13:95:62:33:aa:fb:3c:3f:e7:a7:b2:
b6:25:f0:88:55:d8:90:a1:6b:69:a1:b8:35:fe:a1:4f:d6:41:
9e:b3:f6:c5:5b:fd:84:68:b7:33:28:47:2f:0a:14:63:fa:9e:
03:fa:49:f6:1f:7e:0e:7d:ad:5f:0b:2b:f9:ed:64:d4:ec:84:
42:f7:d8:db
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAequMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQwOTEzMzEzN1oXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzU5Q0QxMTAvBgNVBAUTKDZCOUI1RDE0MTgxODk1OEQ3MzA0NTgy
RjI1NEVBMTc1RDg0M0UzRkQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCzb8qqvutSWW4goVGtB1itWRgwJ+/gBAAO/qxkdRMD/Th0mtTIzvMvH3qwu1YF
uctQoB4VWFn/50+/0tlOagLGtBdUEISHeB3HfMb5AuomRowyu4QSn3ybpVc4QV/8
YnwoLMTbed/1BMqbWnJFZE3dUihdCQf7TpKTeWcWSDhkpYmcvrBrjana6CdywySf
UCNe4FnwukrAFJ6cC9Py2stdFVPTQpTAgPR4KsoolQ80MNXpjirTivBEzV8j3xXj
JQSa7nV94BnqWLGXf+chgj0vhG5A6q0u3xsrMdIQpYrAvCtqZQvGCzBqyjz2r4WH
YLKd5M5zZ4Vct85YNgvl1PYLAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUa5tdFBgY
lY1zBFgvJU6hddhD4/0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM1OUNELzE4NUZGQzI4ODJEQjExRUFBQzJDRDYwQUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzNTlDRC8xODVGRkMyODgyREIxMUVBQUMyQ0Q2MEFDNEY5QUUwMi9hNXRkRkJn
WWxZMXpCRmd2SlU2aGRkaEQ0XzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhNdMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAZ5UXMA8EAgAC
MAkDBwAgAQ3zCoAwDQYJKoZIhvcNAQELBQADggEBAAfRFT/+3fNSQ9cR+lX/XoUZ
Ry1Zi9V7nvCYQw+Gt88EO6BYyLaK/mKUu2Yzyefas0s0F8z614Jl837NK32WGYvg
RUiVjuAj5m4XzjQyOyCB8+C3L+iC98NQqIBJXaJidqT/vS6j6GjaR+HApUbj1m+B
0/gpOPfvgO9lGqtJ5jS7fdPtjZL7Sg5n8uXWX+63xDikQ4fLN44RiO7bA1o8B5/7
WQVnggTC31uNyIwUTG/pgJ6+BfmWhmcRwJ8TlWIzqvs8P+ensrYl8IhV2JCha2mh
uDX+oU/WQZ6z9sVb/YRotzMoRy8KFGP6ngP6SfYffg59rV8LK/ntZNTshEL32Ns=
-----END CERTIFICATE-----
Generated at Tue Apr 23 22:56:22 2024 by rpki-client on console-ams.rpki-client.org