Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c8DgGJD_MGdgEGKhLlS9VDeQkbY.cer
File: c8DgGJD_MGdgEGKhLlS9VDeQkbY.cer (raw, json)
Hash identifier: xX+OCI1J+3KG6jkHLiZKvJtNiVT/yIiJC8wCUuEfyvk=
Subject key identifier: 73:C0:E0:18:90:FF:30:67:60:10:62:A1:2E:54:BD:54:37:90:91:B6
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 020BBA
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91FAEE4/9C26E6C82FDE11ECAD747F68C4F9AE02/c8DgGJD_MGdgEGKhLlS9VDeQkbY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91FAEE4/9C26E6C82FDE11ECAD747F68C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 03 Sep 2024 23:14:14 +0000
Certificate not after: Fri 31 Oct 2025 00:00:00 +0000
Subordinate resources: AS: 9336
AS: 38790
AS: 55573
AS: 135513
AS: 137558
IP: 27.113.240.0/21
IP: 43.252.124.0/22
IP: 45.64.56.0/22
IP: 45.113.244.0/22
IP: 103.9.52.0/22
IP: 103.18.124.0/22
IP: 103.53.200.0/22
IP: 103.233.224.0/22
IP: 118.127.96.0/19
IP: 121.200.208.0/21
IP: 202.90.48.0/21
IP: 203.153.192.0/20
IP: 218.185.232.0/21
IP: 2403:3600::/32
IP: 2405:7d80::/32
IP: 2406:c000::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134074 (0x20bba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Sep 3 23:14:14 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=A91FAEE4/serialNumber=73C0E01890FF3067601062A12E54BD54379091B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ea:14:f5:bb:1d:21:5c:11:79:7e:7b:21:06:
89:d5:28:09:5b:e5:e9:2c:b8:10:7e:db:a4:d3:b4:
79:08:57:20:91:2e:55:70:bd:1b:32:3d:0d:ec:f7:
53:79:eb:42:27:bd:27:5d:df:02:d2:7d:67:e3:2c:
e6:87:58:03:dc:14:c4:8b:f8:ef:37:37:f5:fb:47:
c6:e7:11:d5:95:20:71:cf:0c:c7:20:0c:a2:e0:d0:
62:b6:6c:b0:f3:f6:b8:83:56:00:3f:2b:d5:89:9a:
6a:a9:ae:60:24:42:43:bc:38:cd:0b:9e:a7:fb:6a:
86:4d:3e:22:24:88:87:ef:7a:20:a5:3c:42:d8:a1:
f2:b7:7d:ef:75:9d:37:0c:a7:6e:c7:7c:fb:97:df:
23:95:ff:ca:ba:5d:88:50:28:20:1e:77:e4:77:f9:
e9:e4:35:4b:09:2f:75:87:30:00:97:ea:ee:d9:00:
7c:12:de:90:e0:44:a1:fe:04:bd:27:20:6f:e3:00:
da:ed:db:ef:95:4b:00:cf:0f:0f:f2:39:3b:80:48:
9b:7e:5d:1e:f1:24:ed:24:f3:61:9f:a3:6e:4a:80:
01:76:33:3f:7a:ac:df:72:f0:13:b2:1d:86:80:c1:
e8:a9:38:c3:84:95:6c:9f:b3:50:96:ec:8f:59:dd:
7a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:C0:E0:18:90:FF:30:67:60:10:62:A1:2E:54:BD:54:37:90:91:B6
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91FAEE4/9C26E6C82FDE11ECAD747F68C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91FAEE4/9C26E6C82FDE11ECAD747F68C4F9AE02/c8DgGJD_MGdgEGKhLlS9VDeQkbY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9336
38790
55573
135513
137558
sbgp-ipAddrBlock: critical
IPv4:
27.113.240.0/21
43.252.124.0/22
45.64.56.0/22
45.113.244.0/22
103.9.52.0/22
103.18.124.0/22
103.53.200.0/22
103.233.224.0/22
118.127.96.0/19
121.200.208.0/21
202.90.48.0/21
203.153.192.0/20
218.185.232.0/21
IPv6:
2403:3600::/32
2405:7d80::/32
2406:c000::/32
Signature Algorithm: sha256WithRSAEncryption
0f:59:07:8a:8e:4f:14:92:15:df:d8:bd:80:7b:fc:5c:44:ed:
91:03:2c:52:a1:01:ff:2c:62:a4:09:8d:02:70:3d:65:ec:fc:
b4:3b:7b:5f:10:8b:66:5f:53:cd:ac:5e:a7:0d:63:56:ec:7e:
e6:d3:5b:e3:9d:02:ce:df:54:eb:60:d1:bf:35:3c:a7:e6:f2:
f4:27:fe:eb:1f:c8:1d:7c:e6:dd:4c:94:17:2e:7f:cb:6e:6f:
25:af:3e:5d:cc:80:fc:a0:33:88:31:16:63:b2:15:85:6a:ec:
70:30:d0:fe:26:62:c6:5c:a0:d4:3e:35:5b:da:1b:e5:0a:84:
58:e5:d4:26:6e:af:0c:23:10:63:bf:56:f0:fb:b7:09:c5:f3:
58:ae:14:3e:56:fd:72:ce:2c:d4:bd:43:ee:ae:f9:b0:c6:c9:
ba:17:8c:1d:01:0b:ce:fa:b1:91:72:8f:a9:ad:01:e3:ed:e3:
89:b0:94:80:8d:7b:73:16:b7:2a:cb:f3:f7:05:94:ae:1a:af:
8d:4b:9d:22:e4:f6:20:27:62:1d:cd:71:51:17:e1:57:92:f7:
66:7b:91:eb:31:60:ca:ff:c2:ed:3f:ce:9f:0c:ef:b5:af:d3:
dd:6b:a0:8d:3d:f6:40:03:cc:6e:e7:e6:9d:6b:e6:30:e5:7b:
e5:8f:9b:f8
-----BEGIN CERTIFICATE-----
MIIGkzCCBXugAwIBAgIDAgu6MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDkwMzIzMTQxNFoXDTI1MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRkFFRTQxMTAvBgNVBAUTKDczQzBFMDE4OTBGRjMwNjc2MDEwNjJB
MTJFNTRCRDU0Mzc5MDkxQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQ6hT1ux0hXBF5fnshBonVKAlb5eksuBB+26TTtHkIVyCRLlVwvRsyPQ3s91N5
60InvSdd3wLSfWfjLOaHWAPcFMSL+O83N/X7R8bnEdWVIHHPDMcgDKLg0GK2bLDz
9riDVgA/K9WJmmqprmAkQkO8OM0Lnqf7aoZNPiIkiIfveiClPELYofK3fe91nTcM
p27HfPuX3yOV/8q6XYhQKCAed+R3+enkNUsJL3WHMACX6u7ZAHwS3pDgRKH+BL0n
IG/jANrt2++VSwDPDw/yOTuASJt+XR7xJO0k82Gfo25KgAF2Mz96rN9y8BOyHYaA
weipOMOElWyfs1CW7I9Z3Xq9AgMBAAGjggOIMIIDhDAdBgNVHQ4EFgQUc8DgGJD/
MGdgEGKhLlS9VDeQkbYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUZBRUU0LzlDMjZFNkM4MkZERTExRUNBRDc0N0Y2OEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGQUVFNC85QzI2RTZDODJGREUxMUVDQUQ3NDdGNjhDNEY5QUUwMi9jOERnR0pE
X01HZGdFR0toTGxTOVZEZVFrYlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQgBAf8EHjAc
oBowGAICJHgCAwCXhgIDANkVAgMCEVkCAwIZVjCBhAYIKwYBBQUHAQcBAf8EdTBz
MFQEAgABME4DBAMbcfADBAIr/HwDBAItQDgDBAItcfQDBAJnCTQDBAJnEnwDBAJn
NcgDBAJn6eADBAV2f2ADBAN5yNADBAPKWjADBATLmcADBAPauegwGwQCAAIwFQMF
ACQDNgADBQAkBX2AAwUAJAbAADANBgkqhkiG9w0BAQsFAAOCAQEAD1kHio5PFJIV
39i9gHv8XETtkQMsUqEB/yxipAmNAnA9Zez8tDt7XxCLZl9Tzaxepw1jVux+5tNb
450Czt9U62DRvzU8p+by9Cf+6x/IHXzm3UyUFy5/y25vJa8+XcyA/KAziDEWY7IV
hWrscDDQ/iZixlyg1D41W9ob5QqEWOXUJm6vDCMQY79W8Pu3CcXzWK4UPlb9cs4s
1L1D7q75sMbJuheMHQELzvqxkXKPqa0B4+3jibCUgI17cxa3Ksvz9wWUrhqvjUud
IuT2ICdiHc1xURfhV5L3ZnuR6zFgyv/C7T/Onwzvta/T3WugjT32QAPMbufmnWvm
MOV75Y+b+A==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:59:51 2024 by rpki-client on console-ams.rpki-client.org