Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cVZfLXuSTNcrRVtotmcZQBC7Gp8.cer
File: cVZfLXuSTNcrRVtotmcZQBC7Gp8.cer (raw, json)
Hash identifier: HzIRQNyEW89zzzX+uSxKF1GFoVrV1gcgqTmTBb2o7lc=
Subject key identifier: 71:56:5F:2D:7B:92:4C:D7:2B:45:5B:68:B6:67:19:40:10:BB:1A:9F
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01B47D
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/cVZfLXuSTNcrRVtotmcZQBC7Gp8.mft
caRepository: rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 02 Aug 2023 16:34:27 +0000
Certificate not after: Mon 30 Sep 2024 00:00:00 +0000
Subordinate resources: AS: 1221
AS: 4632
AS: 9514
AS: 37978
AS: 132029
AS: 132292
AS: 133859
AS: 133931
AS: 135052
AS: 135083
AS: 135313
AS: 135599
AS: 135887
AS: 141886
AS: 149288
AS: 150689
IP: 1.120.0.0 -- 1.159.255.255
IP: 58.160.0.0/12
IP: 60.224.0.0/13
IP: 61.8.0.0/19
IP: 61.9.128.0/17
IP: 101.103.0.0/16
IP: 101.160.0.0/11
IP: 103.43.176.0/24
IP: 103.70.56.0/24
IP: 103.101.135.0/24
IP: 103.207.92.0/24
IP: 110.140.0.0 -- 110.151.255.255
IP: 120.144.0.0/12
IP: 121.208.0.0/12
IP: 123.208.0.0/14
IP: 124.176.0.0/12
IP: 125.255.0.0/16
IP: 202.7.64.0/19
IP: 202.12.128.0 -- 202.12.242.255
IP: 203.2.228.0/24
IP: 203.9.190.0/23
IP: 203.12.42.0/24
IP: 203.12.97.0/24
IP: 203.12.144.0/21
IP: 203.13.21.0/24
IP: 203.14.0.0/20
IP: 203.15.68.0/24
IP: 203.16.180.0/22
IP: 203.17.40.0/21
IP: 203.17.162.0/24
IP: 203.18.76.0/23
IP: 203.18.112.0/20
IP: 203.22.129.0/24
IP: 203.24.134.0/23
IP: 203.24.170.0/24
IP: 203.26.8.0/22
IP: 203.26.175.0/24
IP: 203.27.69.0/24
IP: 203.27.128.0/18
IP: 203.27.237.0/24
IP: 203.29.160.0/20
IP: 203.34.33.0/24
IP: 203.34.68.0/24
IP: 203.35.0.0 -- 203.54.255.255
IP: 203.58.32.0 -- 203.58.255.255
IP: 203.62.148.0/22
IP: 203.62.248.0/21
IP: 203.92.224.0/19
IP: 203.100.224.0/19
IP: 203.143.192.0/18
IP: 210.23.128.0/19
IP: 2001:360::/32
IP: 2001:df2:b880::/48
IP: 2001:8000::/20
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 26 Apr 2024 23:35:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111741 (0x1b47d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 2 16:34:27 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=A916A983/serialNumber=71565F2D7B924CD72B455B68B667194010BB1A9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8d:b9:6e:b3:f0:65:a5:e2:5e:9b:7a:96:06:
ea:a5:f1:64:35:10:a7:f7:05:c7:32:3a:98:9b:8e:
e5:75:13:b2:d8:65:ff:9f:b4:66:f3:d9:bc:a6:cf:
e7:74:f8:03:b3:44:b1:d5:2c:f1:f6:cd:20:dc:68:
9a:fb:06:1e:5c:c1:55:ed:d1:e1:1b:35:29:d8:04:
ef:1a:3b:61:d1:4e:44:6a:a9:a2:66:6e:64:31:b6:
a7:14:e7:f5:3f:19:bb:99:7b:2c:25:81:13:ae:50:
5d:84:9f:ac:a9:cb:51:79:2f:99:30:d7:f4:64:b7:
41:d5:b8:40:e0:36:5d:93:fb:62:73:e9:d8:2f:71:
f8:83:04:6d:58:9e:9f:ab:8f:f4:df:b7:67:d2:88:
fd:b2:8f:7b:e3:41:e0:e7:04:5a:6c:e4:ae:e4:b5:
8f:91:8d:98:06:8b:26:5e:e4:79:0e:74:24:c5:d2:
1f:01:3c:b0:41:f9:39:14:2b:8f:68:3d:30:3e:53:
29:05:b1:5d:b5:74:82:c6:76:38:e6:15:70:6f:9e:
ad:55:39:5b:e9:e8:df:2d:f6:54:bc:e4:f6:95:5a:
30:20:63:26:41:52:27:34:8f:81:34:71:43:6f:ee:
c2:65:06:bf:2a:f2:7a:57:cd:24:f3:27:e1:c0:67:
b6:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:56:5F:2D:7B:92:4C:D7:2B:45:5B:68:B6:67:19:40:10:BB:1A:9F
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/cVZfLXuSTNcrRVtotmcZQBC7Gp8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
1221
4632
9514
37978
132029
132292
133859
133931
135052
135083
135313
135599
135887
141886
149288
150689
sbgp-ipAddrBlock: critical
IPv4:
1.120.0.0-1.159.255.255
58.160.0.0/12
60.224.0.0/13
61.8.0.0/19
61.9.128.0/17
101.103.0.0/16
101.160.0.0/11
103.43.176.0/24
103.70.56.0/24
103.101.135.0/24
103.207.92.0/24
110.140.0.0-110.151.255.255
120.144.0.0/12
121.208.0.0/12
123.208.0.0/14
124.176.0.0/12
125.255.0.0/16
202.7.64.0/19
202.12.128.0-202.12.242.255
203.2.228.0/24
203.9.190.0/23
203.12.42.0/24
203.12.97.0/24
203.12.144.0/21
203.13.21.0/24
203.14.0.0/20
203.15.68.0/24
203.16.180.0/22
203.17.40.0/21
203.17.162.0/24
203.18.76.0/23
203.18.112.0/20
203.22.129.0/24
203.24.134.0/23
203.24.170.0/24
203.26.8.0/22
203.26.175.0/24
203.27.69.0/24
203.27.128.0/18
203.27.237.0/24
203.29.160.0/20
203.34.33.0/24
203.34.68.0/24
203.35.0.0-203.54.255.255
203.58.32.0-203.58.255.255
203.62.148.0/22
203.62.248.0/21
203.92.224.0/19
203.100.224.0/19
203.143.192.0/18
210.23.128.0/19
IPv6:
2001:360::/32
2001:df2:b880::/48
2001:8000::/20
Signature Algorithm: sha256WithRSAEncryption
61:52:b7:9f:6c:0b:42:a6:b1:d9:68:85:a4:37:bc:6c:02:bc:
db:0b:49:09:fe:ef:3e:15:13:a6:c5:98:b9:06:76:ac:62:2c:
df:27:86:84:cc:4a:ac:8d:0a:a8:6d:95:ce:f3:65:b2:5a:1f:
b7:f6:ea:87:0c:f0:7e:a3:d4:37:36:da:f4:dc:52:4f:3b:0a:
a9:02:ed:f4:26:4f:dd:18:43:e3:64:75:ac:32:48:00:cf:85:
ee:68:c2:68:bc:f0:a0:32:43:67:28:95:16:9a:0c:23:12:1d:
36:e4:ae:24:ea:ab:4c:0c:c3:cc:90:cb:e6:a7:38:93:3f:ad:
d0:70:68:f7:1f:2b:8a:e9:a3:60:22:70:c5:db:bb:5c:31:0f:
e8:6d:ee:64:b3:ef:35:45:70:75:54:bd:ee:d6:28:21:0c:5c:
a2:7b:d9:d8:0e:85:03:28:c9:98:18:48:30:ea:65:35:73:26:
d4:18:c7:e9:f0:6e:ec:89:f1:66:ce:4f:0a:cc:6a:1c:50:e8:
a1:5a:71:b7:a9:4d:75:d7:89:27:fe:bb:fa:98:24:ec:d9:0f:
3a:e9:91:35:4a:c1:d6:bd:59:da:51:ac:49:8c:6a:bb:b4:32:
9f:8f:38:c8:a7:f6:51:de:54:3d:96:76:b9:f7:9c:fc:e0:a3:
69:5d:54:58
-----BEGIN CERTIFICATE-----
MIIHzjCCBragAwIBAgIDAbR9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDgwMjE2MzQyN1oXDTI0MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNkE5ODMxMTAvBgNVBAUTKDcxNTY1RjJEN0I5MjRDRDcyQjQ1NUI2
OEI2NjcxOTQwMTBCQjFBOUYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6jblus/BlpeJem3qWBuql8WQ1EKf3BccyOpibjuV1E7LYZf+ftGbz2bymz+d0
+AOzRLHVLPH2zSDcaJr7Bh5cwVXt0eEbNSnYBO8aO2HRTkRqqaJmbmQxtqcU5/U/
GbuZeywlgROuUF2En6ypy1F5L5kw1/Rkt0HVuEDgNl2T+2Jz6dgvcfiDBG1Ynp+r
j/Tft2fSiP2yj3vjQeDnBFps5K7ktY+RjZgGiyZe5HkOdCTF0h8BPLBB+TkUK49o
PTA+UykFsV21dILGdjjmFXBvnq1VOVvp6N8t9lS85PaVWjAgYyZBUic0j4E0cUNv
7sJlBr8q8npXzSTzJ+HAZ7Z/AgMBAAGjggTDMIIEvzAdBgNVHQ4EFgQUcVZfLXuS
TNcrRVtotmcZQBC7Gp8wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTZBOTgzLzE2NzMwRDIwQ0QwRjExRTg5RDlGRjE2NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2QTk4My8xNjczMEQyMENEMEYxMUU4OUQ5RkYxNjVDNEY5QUUwMi9jVlpmTFh1
U1ROY3JSVnRvdG1jWlFCQzdHcDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYgYIKwYBBQUHAQgBAf8EUzBR
oE8wTQICBMUCAhIYAgIlKgIDAJRaAgMCA70CAwIExAIDAgrjAgMCCysCAwIPjAID
Ag+rAgMCEJECAwIRrwIDAhLPAgMCKj4CAwJHKAIDAkyhMIIBiQYIKwYBBQUHAQcB
Af8EggF4MIIBdDCCAVIEAgABMIIBSjAKAwMDAXgDAwUBgAMDBDqgAwMDPOADBAU9
CAADBAc9CYADAwBlZwMDBWWgAwQAZyuwAwQAZ0Y4AwQAZ2WHAwQAZ89cMAoDAwJu
jAMDA26QAwMEeJADAwR50AMDAnvQAwMEfLADAwB9/wMEBcoHQDAMAwQHygyAAwQA
ygzyAwQAywLkAwQBywm+AwQAywwqAwQAywxhAwQDywyQAwQAyw0VAwQEyw4AAwQA
yw9EAwQCyxC0AwQDyxEoAwQAyxGiAwQByxJMAwQEyxJwAwQAyxaBAwQByxiGAwQA
yxiqAwQCyxoIAwQAyxqvAwQAyxtFAwQGyxuAAwQAyxvtAwQEyx2gAwQAyyIhAwQA
yyJEMAoDAwDLIwMDAMs2MAsDBAXLOiADAwDLOgMEAss+lAMEA8s++AMEBctc4AME
Bctk4AMEBsuPwAMEBdIXgDAcBAIAAjAWAwUAIAEDYAMHACABDfK4gAMEBCABgDAN
BgkqhkiG9w0BAQsFAAOCAQEAYVK3n2wLQqax2WiFpDe8bAK82wtJCf7vPhUTpsWY
uQZ2rGIs3yeGhMxKrI0KqG2VzvNlsloft/bqhwzwfqPUNzba9NxSTzsKqQLt9CZP
3RhD42R1rDJIAM+F7mjCaLzwoDJDZyiVFpoMIxIdNuSuJOqrTAzDzJDL5qc4kz+t
0HBo9x8riumjYCJwxdu7XDEP6G3uZLPvNUVwdVS97tYoIQxconvZ2A6FAyjJmBhI
MOplNXMm1BjH6fBu7InxZs5PCsxqHFDooVpxt6lNddeJJ/67+pgk7NkPOumRNUrB
1r1Z2lGsSYxqu7Qyn484yKf2Ud5UPZZ2ufec/OCjaV1UWA==
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:10:25 2024 by rpki-client on console-ams.rpki-client.org