Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cS61otcGnxjunGXzsBMnGtvx9UA.cer
File: cS61otcGnxjunGXzsBMnGtvx9UA.cer (raw, json)
Hash identifier: KnMEIoK3hyJUwIYBodmI8kL38oxoxzFQchsCfSm8Myg=
Subject key identifier: 71:2E:B5:A2:D7:06:9F:18:EE:9C:65:F3:B0:13:27:1A:DB:F1:F5:40
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01D957
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A8A52/FB7E4BDE70B511ED93F0DD16C4F9AE02/cS61otcGnxjunGXzsBMnGtvx9UA.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A8A52/FB7E4BDE70B511ED93F0DD16C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 19 Jan 2024 04:49:41 +0000
Certificate not after: Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources: AS: 150451
IP: 103.42.228.0/23
IP: 2001:df1:97c0::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 04 Dec 2024 01:13:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121175 (0x1d957)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jan 19 04:49:41 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=A91A8A52/serialNumber=712EB5A2D7069F18EE9C65F3B013271ADBF1F540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:32:8c:4d:bb:c3:0f:55:b8:bc:c6:72:a0:0a:
54:72:14:6d:bc:7b:ab:a0:6e:1d:1d:54:96:98:9f:
0f:7d:5b:7d:fc:e0:b6:a8:9d:6d:bd:d8:54:f8:44:
02:1a:97:47:e4:e6:de:3c:36:08:e4:e1:6c:fd:8b:
9c:73:4a:55:d1:a0:ce:c2:57:39:9a:26:96:50:6a:
f6:27:7d:e7:4b:df:8b:2e:f0:bf:48:61:ee:c8:93:
fe:80:3b:93:77:76:09:ff:3c:d3:a3:ea:da:c5:3d:
d1:1f:33:03:dd:fc:08:81:1d:ba:be:55:60:39:6a:
03:49:9d:5d:7a:e3:01:8d:cc:02:ef:1d:59:6a:d4:
16:ff:88:34:64:d0:11:f2:e7:32:67:61:c6:71:2e:
69:b6:1a:a7:9d:b6:e8:49:77:da:a6:41:b7:82:66:
c9:13:98:5a:c2:55:9d:4e:1d:17:87:c6:53:5e:a9:
41:bd:56:14:bd:58:0d:fa:05:a2:a9:52:99:a4:fc:
27:f7:fc:7c:02:10:31:43:b6:66:5b:a0:6a:30:77:
21:83:d5:fc:c6:26:a0:6d:7c:1d:90:9e:d7:89:e9:
89:6b:57:98:2e:64:11:31:ca:29:40:9b:e0:6a:9d:
a8:ab:b2:4b:d5:94:e7:cb:ca:6e:9e:59:e2:50:26:
72:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:2E:B5:A2:D7:06:9F:18:EE:9C:65:F3:B0:13:27:1A:DB:F1:F5:40
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A8A52/FB7E4BDE70B511ED93F0DD16C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A8A52/FB7E4BDE70B511ED93F0DD16C4F9AE02/cS61otcGnxjunGXzsBMnGtvx9UA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
150451
sbgp-ipAddrBlock: critical
IPv4:
103.42.228.0/23
IPv6:
2001:df1:97c0::/48
Signature Algorithm: sha256WithRSAEncryption
8e:e5:8b:69:f1:7a:69:98:f2:94:95:40:64:94:ce:26:44:64:
d0:ad:79:eb:52:c3:f9:8e:32:f7:63:53:ca:66:35:a7:95:e5:
2f:85:75:d2:23:fa:d9:16:a5:63:86:44:5e:56:16:b5:03:03:
59:82:15:17:4a:9d:49:f9:22:c0:03:60:90:a3:15:e5:c9:0d:
62:d6:d9:14:f2:78:df:a5:c2:72:0c:24:c1:f0:03:59:ac:71:
4f:a7:c9:cd:1d:3e:22:5c:55:3d:b3:39:54:a1:15:c3:20:ca:
f3:e7:eb:49:0a:90:5a:ab:dc:0a:ce:90:46:e6:47:c9:90:fa:
fb:7f:1d:1d:aa:e1:b6:d9:13:d7:3e:0e:64:24:e1:ff:4f:6f:
e0:13:80:24:24:b8:a9:76:69:d6:49:7b:9e:32:10:9c:cd:97:
34:d0:2b:fa:77:06:e5:c7:4d:b3:60:6d:60:9c:c4:0e:db:37:
dc:b5:93:bf:37:3b:71:97:de:7a:fd:ee:52:3a:f5:1d:fa:b1:
00:54:09:0a:5c:57:e7:88:73:2c:ad:47:a6:5e:2a:c1:32:9a:
6c:54:98:5a:0f:67:8f:3e:e9:7d:90:c6:ec:73:d6:b6:20:3e:
d6:a1:49:bc:7b:eb:80:80:24:33:c9:86:02:3e:d8:90:a8:b5:
c0:13:cd:26
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAdlXMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDExOTA0NDk0MVoXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQThBNTIxMTAvBgNVBAUTKDcxMkVCNUEyRDcwNjlGMThFRTlDNjVG
M0IwMTMyNzFBREJGMUY1NDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCrMoxNu8MPVbi8xnKgClRyFG28e6ugbh0dVJaYnw99W3384LaonW292FT4RAIa
l0fk5t48Ngjk4Wz9i5xzSlXRoM7CVzmaJpZQavYnfedL34su8L9IYe7Ik/6AO5N3
dgn/PNOj6trFPdEfMwPd/AiBHbq+VWA5agNJnV164wGNzALvHVlq1Bb/iDRk0BHy
5zJnYcZxLmm2GqedtuhJd9qmQbeCZskTmFrCVZ1OHReHxlNeqUG9VhS9WA36BaKp
Upmk/Cf3/HwCEDFDtmZboGowdyGD1fzGJqBtfB2QnteJ6YlrV5guZBExyilAm+Bq
nairskvVlOfLym6eWeJQJnIzAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUcS61otcG
nxjunGXzsBMnGtvx9UAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE4QTUyL0ZCN0U0QkRFNzBCNTExRUQ5M0YwREQxNkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBOEE1Mi9GQjdFNEJERTcwQjUxMUVEOTNGMEREMTZDNEY5QUUwMi9jUzYxb3Rj
R254anVuR1h6c0JNbkd0dng5VUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkuzMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZyrkMA8EAgAC
MAkDBwAgAQ3xl8AwDQYJKoZIhvcNAQELBQADggEBAI7li2nxemmY8pSVQGSUziZE
ZNCteetSw/mOMvdjU8pmNaeV5S+FddIj+tkWpWOGRF5WFrUDA1mCFRdKnUn5IsAD
YJCjFeXJDWLW2RTyeN+lwnIMJMHwA1mscU+nyc0dPiJcVT2zOVShFcMgyvPn60kK
kFqr3ArOkEbmR8mQ+vt/HR2q4bbZE9c+DmQk4f9Pb+ATgCQkuKl2adZJe54yEJzN
lzTQK/p3BuXHTbNgbWCcxA7bN9y1k783O3GX3nr97lI69R36sQBUCQpcV+eIcyyt
R6ZeKsEymmxUmFoPZ48+6X2Qxuxz1rYgPtahSbx764CAJDPJhgI+2JCotcATzSY=
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:21:57 2024 by rpki-client on console-fra.rpki-client.org