Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bywgdVh2TqtQ74UGb3hZDOWxxWE.cer
File: bywgdVh2TqtQ74UGb3hZDOWxxWE.cer (raw, json)
Hash identifier: 3UjBHwfWuce9uIjavSbPQ05FFxHbqzzXR3GPLU18A/g=
Subject key identifier: 6F:2C:20:75:58:76:4E:AB:50:EF:85:06:6F:78:59:0C:E5:B1:C5:61
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01D61A
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91995D5/163B1E7C2AAE11E9AA574E4EC4F9AE02/bywgdVh2TqtQ74UGb3hZDOWxxWE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91995D5/163B1E7C2AAE11E9AA574E4EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 02 Jan 2024 18:00:32 +0000
Certificate not after: Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources: AS: 138443
IP: 103.125.136.0/22
IP: 2403:f540::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120346 (0x1d61a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jan 2 18:00:32 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=A91995D5/serialNumber=6F2C207558764EAB50EF85066F78590CE5B1C561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ab:25:1e:74:13:5b:b1:dd:75:f4:44:2e:6e:
4c:20:d5:51:37:e9:69:bb:3e:ca:bb:82:f6:3d:93:
a0:6f:26:e4:3c:eb:0e:ff:c7:0c:8f:64:53:b9:5a:
9f:48:95:3a:f3:ce:76:7e:40:c5:d2:fd:c1:44:c1:
0c:07:a8:ee:b5:a6:d9:4a:88:b5:99:c0:ed:02:86:
cb:3b:a5:8e:94:25:6a:d6:a3:5e:41:3e:6e:e3:4e:
75:50:31:c3:1e:a2:6a:9e:82:58:34:47:0a:f4:81:
31:c2:f2:bf:18:cf:0e:f8:d5:a2:98:34:a2:e1:c9:
86:81:d3:37:f2:3c:14:d1:d2:b6:2a:d6:11:e0:1c:
f7:fb:19:ce:f4:66:93:7a:89:4c:62:38:01:27:5f:
f4:06:0a:f2:a5:ee:8d:87:04:80:07:99:7b:4a:2e:
c7:35:c9:62:37:6e:c3:bd:30:00:b9:2c:9d:ac:a0:
22:b0:6f:b3:12:6e:f3:fb:d2:8a:17:b4:7b:bf:bf:
14:2d:fa:31:54:1e:29:b0:f9:91:bc:62:e6:e8:75:
63:03:c6:f0:5c:a3:8a:a7:a2:b9:cd:26:b2:4a:bd:
0d:b7:61:b2:70:3b:a9:8a:41:28:ec:e3:c3:75:30:
ea:bf:fa:04:51:db:fd:27:0c:11:7c:9a:3e:44:1c:
e4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:2C:20:75:58:76:4E:AB:50:EF:85:06:6F:78:59:0C:E5:B1:C5:61
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91995D5/163B1E7C2AAE11E9AA574E4EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91995D5/163B1E7C2AAE11E9AA574E4EC4F9AE02/bywgdVh2TqtQ74UGb3hZDOWxxWE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
138443
sbgp-ipAddrBlock: critical
IPv4:
103.125.136.0/22
IPv6:
2403:f540::/32
Signature Algorithm: sha256WithRSAEncryption
b3:4c:49:19:20:17:6b:cb:91:e8:31:97:53:62:52:cc:e7:a5:
9c:eb:d8:a6:bb:43:ad:30:f2:58:f7:33:4a:7d:f4:a1:c7:9d:
63:fe:65:67:32:70:3d:37:e7:10:77:f5:c4:7f:4d:b5:81:fe:
e2:f7:46:40:38:b8:3f:fb:3c:6c:6c:8a:54:98:9a:16:e0:85:
d9:7c:3b:ff:57:a3:70:5b:0e:1d:01:31:e8:99:ad:19:95:22:
e5:ad:74:00:99:89:04:5c:68:13:2e:7b:b6:47:83:a1:9c:43:
5f:3b:c4:96:ea:1a:4e:ed:33:63:88:ef:28:60:5a:3f:5b:f4:
9c:77:2e:a6:80:35:06:9c:5a:99:45:45:2d:68:3a:a2:a2:88:
f6:38:02:d8:43:df:af:64:a4:86:2f:2b:d8:7e:76:fb:c8:09:
4d:4f:7b:c8:d9:ca:2e:7a:8f:f2:7a:5d:a8:05:23:4b:79:4f:
d4:f6:53:cd:80:b0:f0:13:ef:16:df:27:b6:78:6a:94:27:bb:
d4:cc:33:b6:3c:d1:7c:a0:c0:3b:48:49:68:33:db:3f:0c:3c:
f9:ff:5f:30:11:02:2e:73:4e:7f:42:e4:20:7f:e9:24:63:98:
b4:42:39:42:f3:c3:6d:c8:c9:71:b1:ef:a7:e8:d3:ae:df:85:
87:a5:ff:d8
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAdYaMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEwMjE4MDAzMloXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTk1RDUxMTAvBgNVBAUTKDZGMkMyMDc1NTg3NjRFQUI1MEVGODUw
NjZGNzg1OTBDRTVCMUM1NjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCnqyUedBNbsd119EQubkwg1VE36Wm7Psq7gvY9k6BvJuQ86w7/xwyPZFO5Wp9I
lTrzznZ+QMXS/cFEwQwHqO61ptlKiLWZwO0Chss7pY6UJWrWo15BPm7jTnVQMcMe
omqeglg0Rwr0gTHC8r8Yzw741aKYNKLhyYaB0zfyPBTR0rYq1hHgHPf7Gc70ZpN6
iUxiOAEnX/QGCvKl7o2HBIAHmXtKLsc1yWI3bsO9MAC5LJ2soCKwb7MSbvP70ooX
tHu/vxQt+jFUHimw+ZG8YubodWMDxvBco4qnornNJrJKvQ23YbJwO6mKQSjs48N1
MOq/+gRR2/0nDBF8mj5EHOQpAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUbywgdVh2
TqtQ74UGb3hZDOWxxWEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTk5NUQ1LzE2M0IxRTdDMkFBRTExRTlBQTU3NEU0RUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5OTVENS8xNjNCMUU3QzJBQUUxMUU5QUE1NzRFNEVDNEY5QUUwMi9ieXdnZFZo
MlRxdFE3NFVHYjNoWkRPV3h4V0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhzLMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ32IMA0EAgAC
MAcDBQAkA/VAMA0GCSqGSIb3DQEBCwUAA4IBAQCzTEkZIBdry5HoMZdTYlLM56Wc
69imu0OtMPJY9zNKffShx51j/mVnMnA9N+cQd/XEf021gf7i90ZAOLg/+zxsbIpU
mJoW4IXZfDv/V6NwWw4dATHoma0ZlSLlrXQAmYkEXGgTLnu2R4OhnENfO8SW6hpO
7TNjiO8oYFo/W/Scdy6mgDUGnFqZRUUtaDqiooj2OALYQ9+vZKSGLyvYfnb7yAlN
T3vI2coueo/yel2oBSNLeU/U9lPNgLDwE+8W3ye2eGqUJ7vUzDO2PNF8oMA7SElo
M9s/DDz5/18wEQIuc05/QuQgf+kkY5i0QjlC88NtyMlxse+n6NOu34WHpf/Y
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:38 2024 by rpki-client on console-fra.rpki-client.org