Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/arkK-23kPfPHzYpPWYfz5Essx_Q.cer
File: arkK-23kPfPHzYpPWYfz5Essx_Q.cer (raw, json)
Hash identifier: VRoCmhikr2pA/NOBeNjI86aJ1fAMZBjScQI7jFp/4io=
Subject key identifier: 6A:B9:0A:FB:6D:E4:3D:F3:C7:CD:8A:4F:59:87:F3:E4:4B:2C:C7:F4
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 020DDA
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91DB576/50A06AD0183B11EDBC13A573C4F9AE02/arkK-23kPfPHzYpPWYfz5Essx_Q.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91DB576/50A06AD0183B11EDBC13A573C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 16 Sep 2024 20:15:44 +0000
Certificate not after: Mon 01 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 45349
IP: 103.148.54.0/23
IP: 202.137.176.0/21
IP: 2406:f800::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134618 (0x20dda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Sep 16 20:15:44 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=A91DB576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:60:90:e9:65:b7:7b:89:fa:0f:54:ef:c8:92:
49:b6:9f:b7:7b:fb:a6:ce:08:db:13:74:ca:70:a0:
c9:c5:73:c7:51:53:3a:a9:e1:66:9b:16:fe:6c:e6:
5a:92:00:91:4f:b7:0d:7c:4d:41:22:1d:37:03:cf:
27:55:bd:64:8f:b6:71:d8:4f:37:da:63:b3:29:4c:
d2:0e:b2:9b:25:09:f2:ca:9d:c8:3b:fb:92:5f:6d:
db:7b:a1:9f:48:18:a4:e6:5d:6a:3b:5e:40:b3:c5:
09:ac:35:93:7d:02:a1:0f:4d:1f:56:b3:f6:be:50:
0b:7e:91:9a:73:95:60:7e:28:41:cc:82:78:bf:d5:
a2:fb:9b:a3:ca:ac:c7:4a:7d:c3:3d:89:3d:53:78:
4f:1a:2a:1f:2e:2c:ce:a4:92:9f:ef:c6:2f:f3:7b:
ea:4d:c6:df:67:4a:36:9f:19:e6:73:bb:fe:d9:50:
f3:a9:8d:0a:09:55:67:4e:b8:a8:a2:7a:bb:19:18:
b7:ad:a4:cb:7e:a0:6b:c5:13:10:ba:25:70:9a:71:
4f:a2:8e:2a:c9:37:ac:bb:79:ce:79:31:8b:d2:5d:
0d:d7:32:43:28:41:6a:f6:07:5d:54:c1:ed:4b:0a:
51:2b:c4:90:8f:5d:07:72:12:1c:24:88:02:40:2f:
81:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:B9:0A:FB:6D:E4:3D:F3:C7:CD:8A:4F:59:87:F3:E4:4B:2C:C7:F4
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91DB576/50A06AD0183B11EDBC13A573C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91DB576/50A06AD0183B11EDBC13A573C4F9AE02/arkK-23kPfPHzYpPWYfz5Essx_Q.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
45349
sbgp-ipAddrBlock: critical
IPv4:
103.148.54.0/23
202.137.176.0/21
IPv6:
2406:f800::/32
Signature Algorithm: sha256WithRSAEncryption
58:b8:13:ba:26:1d:c3:c6:d6:3b:15:4c:ec:78:bc:ac:eb:fd:
95:7f:c0:af:6c:d7:c7:be:d2:44:85:1e:a8:2b:49:5b:22:a2:
f1:bd:c8:dd:25:c2:4e:44:b8:ff:a4:c3:9d:15:7b:6e:f0:f0:
41:42:7a:5c:3d:99:5b:73:bb:d1:c9:c8:86:59:c1:c3:bf:1b:
0d:2a:7d:96:51:0f:b3:12:18:c8:67:cd:d8:fb:d9:86:b1:12:
c1:81:8b:3a:fc:bb:c3:33:30:68:f2:81:57:17:3a:de:3c:12:
79:c1:60:c4:de:1a:73:d1:10:c6:85:23:4f:e5:97:2d:97:9c:
9f:1b:ac:00:ac:e8:c9:93:df:0d:8a:82:33:ce:65:fe:0b:63:
c5:88:98:05:97:2d:5e:33:53:24:89:26:8b:6e:2f:ad:b5:16:
ce:d4:95:57:be:d9:7f:04:23:b4:15:7d:68:9a:85:86:d3:ec:
47:2a:1c:b0:48:cc:66:3e:8a:9b:27:ea:1b:d4:39:42:fc:a8:
33:66:d8:e9:bb:b2:ca:31:76:dc:a3:eb:71:cf:6a:c9:33:3b:
69:31:bd:38:a8:e3:78:a1:e9:28:ff:20:4b:8a:8c:28:41:15:
5b:37:c4:05:39:6f:6c:41:e1:48:27:4f:26:de:fd:c9:f9:f5:
e9:0b:f2:9b
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAg3aMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDkxNjIwMTU0NFoXDTI1MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxREI1NzYxMTAvBgNVBAUTKDZBQjkwQUZCNkRFNDNERjNDN0NEOEE0
RjU5ODdGM0U0NEIyQ0M3RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCYYJDpZbd7ifoPVO/Ikkm2n7d7+6bOCNsTdMpwoMnFc8dRUzqp4WabFv5s5lqS
AJFPtw18TUEiHTcDzydVvWSPtnHYTzfaY7MpTNIOspslCfLKncg7+5Jfbdt7oZ9I
GKTmXWo7XkCzxQmsNZN9AqEPTR9Ws/a+UAt+kZpzlWB+KEHMgni/1aL7m6PKrMdK
fcM9iT1TeE8aKh8uLM6kkp/vxi/ze+pNxt9nSjafGeZzu/7ZUPOpjQoJVWdOuKii
ersZGLetpMt+oGvFExC6JXCacU+ijirJN6y7ec55MYvSXQ3XMkMoQWr2B11Uwe1L
ClErxJCPXQdyEhwkiAJAL4E5AgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUarkK+23k
PfPHzYpPWYfz5Essx/QwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MURCNTc2LzUwQTA2QUQwMTgzQjExRURCQzEzQTU3M0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEQjU3Ni81MEEwNkFEMDE4M0IxMUVEQkMxM0E1NzNDNEY5QUUwMi9hcmtLLTIz
a1BmUEh6WXBQV1lmejVFc3N4X1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDALElMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBZ5Q2AwQDyomw
MA0EAgACMAcDBQAkBvgAMA0GCSqGSIb3DQEBCwUAA4IBAQBYuBO6Jh3DxtY7FUzs
eLys6/2Vf8CvbNfHvtJEhR6oK0lbIqLxvcjdJcJORLj/pMOdFXtu8PBBQnpcPZlb
c7vRyciGWcHDvxsNKn2WUQ+zEhjIZ83Y+9mGsRLBgYs6/LvDMzBo8oFXFzrePBJ5
wWDE3hpz0RDGhSNP5Zctl5yfG6wArOjJk98NioIzzmX+C2PFiJgFly1eM1MkiSaL
bi+ttRbO1JVXvtl/BCO0FX1omoWG0+xHKhywSMxmPoqbJ+ob1DlC/KgzZtjpu7LK
MXbco+txz2rJMztpMb04qON4oeko/yBLiowoQRVbN8QFOW9sQeFIJ08m3v3J+fXp
C/Kb
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:16 2025 by rpki-client