Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cVZfLXuSTNcrRVtotmcZQBC7Gp8.cer
File: cVZfLXuSTNcrRVtotmcZQBC7Gp8.cer (raw, json)
Hash identifier: fEKF/wspH7XcA4im80b3et9mcFOzncFOHAX8k4+CM3k=
Subject key identifier: 71:56:5F:2D:7B:92:4C:D7:2B:45:5B:68:B6:67:19:40:10:BB:1A:9F
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0201D5
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/cVZfLXuSTNcrRVtotmcZQBC7Gp8.mft
caRepository: rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 23 Jul 2024 17:27:51 +0000
Certificate not after: Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources: AS: 1221
AS: 4632
AS: 9514
AS: 37978
AS: 132029
AS: 132292
AS: 133859
AS: 133931
AS: 135052
AS: 135083
AS: 135313
AS: 135599
AS: 135887
AS: 141886
AS: 149288
AS: 150689
IP: 1.120.0.0 -- 1.159.255.255
IP: 58.160.0.0/12
IP: 60.224.0.0/13
IP: 61.8.0.0/19
IP: 61.9.128.0/17
IP: 101.103.0.0/16
IP: 101.160.0.0/11
IP: 103.43.176.0/24
IP: 103.70.56.0/24
IP: 103.101.135.0/24
IP: 103.207.92.0/24
IP: 110.140.0.0 -- 110.151.255.255
IP: 120.144.0.0/12
IP: 121.208.0.0/12
IP: 123.208.0.0/14
IP: 124.176.0.0/12
IP: 125.255.0.0/16
IP: 202.7.64.0/19
IP: 202.12.128.0 -- 202.12.242.255
IP: 203.2.228.0/24
IP: 203.9.190.0/23
IP: 203.12.42.0/24
IP: 203.12.97.0/24
IP: 203.12.144.0/21
IP: 203.13.21.0/24
IP: 203.14.0.0/20
IP: 203.15.68.0/24
IP: 203.16.180.0/22
IP: 203.17.40.0/21
IP: 203.17.162.0/24
IP: 203.18.76.0/23
IP: 203.18.112.0/20
IP: 203.22.129.0/24
IP: 203.24.134.0/23
IP: 203.24.170.0/24
IP: 203.26.8.0/22
IP: 203.26.175.0/24
IP: 203.27.69.0/24
IP: 203.27.128.0/18
IP: 203.27.237.0/24
IP: 203.29.160.0/20
IP: 203.34.33.0/24
IP: 203.34.68.0/24
IP: 203.35.0.0 -- 203.54.255.255
IP: 203.58.32.0 -- 203.58.255.255
IP: 203.62.148.0/22
IP: 203.62.248.0/21
IP: 203.92.224.0/19
IP: 203.100.224.0/19
IP: 203.143.192.0/18
IP: 210.23.128.0/19
IP: 2001:360::/32
IP: 2001:df2:b880::/48
IP: 2001:8000::/20
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 18:35:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131541 (0x201d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 23 17:27:51 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=A916A983/serialNumber=71565F2D7B924CD72B455B68B667194010BB1A9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8d:b9:6e:b3:f0:65:a5:e2:5e:9b:7a:96:06:
ea:a5:f1:64:35:10:a7:f7:05:c7:32:3a:98:9b:8e:
e5:75:13:b2:d8:65:ff:9f:b4:66:f3:d9:bc:a6:cf:
e7:74:f8:03:b3:44:b1:d5:2c:f1:f6:cd:20:dc:68:
9a:fb:06:1e:5c:c1:55:ed:d1:e1:1b:35:29:d8:04:
ef:1a:3b:61:d1:4e:44:6a:a9:a2:66:6e:64:31:b6:
a7:14:e7:f5:3f:19:bb:99:7b:2c:25:81:13:ae:50:
5d:84:9f:ac:a9:cb:51:79:2f:99:30:d7:f4:64:b7:
41:d5:b8:40:e0:36:5d:93:fb:62:73:e9:d8:2f:71:
f8:83:04:6d:58:9e:9f:ab:8f:f4:df:b7:67:d2:88:
fd:b2:8f:7b:e3:41:e0:e7:04:5a:6c:e4:ae:e4:b5:
8f:91:8d:98:06:8b:26:5e:e4:79:0e:74:24:c5:d2:
1f:01:3c:b0:41:f9:39:14:2b:8f:68:3d:30:3e:53:
29:05:b1:5d:b5:74:82:c6:76:38:e6:15:70:6f:9e:
ad:55:39:5b:e9:e8:df:2d:f6:54:bc:e4:f6:95:5a:
30:20:63:26:41:52:27:34:8f:81:34:71:43:6f:ee:
c2:65:06:bf:2a:f2:7a:57:cd:24:f3:27:e1:c0:67:
b6:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:56:5F:2D:7B:92:4C:D7:2B:45:5B:68:B6:67:19:40:10:BB:1A:9F
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/cVZfLXuSTNcrRVtotmcZQBC7Gp8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
1221
4632
9514
37978
132029
132292
133859
133931
135052
135083
135313
135599
135887
141886
149288
150689
sbgp-ipAddrBlock: critical
IPv4:
1.120.0.0-1.159.255.255
58.160.0.0/12
60.224.0.0/13
61.8.0.0/19
61.9.128.0/17
101.103.0.0/16
101.160.0.0/11
103.43.176.0/24
103.70.56.0/24
103.101.135.0/24
103.207.92.0/24
110.140.0.0-110.151.255.255
120.144.0.0/12
121.208.0.0/12
123.208.0.0/14
124.176.0.0/12
125.255.0.0/16
202.7.64.0/19
202.12.128.0-202.12.242.255
203.2.228.0/24
203.9.190.0/23
203.12.42.0/24
203.12.97.0/24
203.12.144.0/21
203.13.21.0/24
203.14.0.0/20
203.15.68.0/24
203.16.180.0/22
203.17.40.0/21
203.17.162.0/24
203.18.76.0/23
203.18.112.0/20
203.22.129.0/24
203.24.134.0/23
203.24.170.0/24
203.26.8.0/22
203.26.175.0/24
203.27.69.0/24
203.27.128.0/18
203.27.237.0/24
203.29.160.0/20
203.34.33.0/24
203.34.68.0/24
203.35.0.0-203.54.255.255
203.58.32.0-203.58.255.255
203.62.148.0/22
203.62.248.0/21
203.92.224.0/19
203.100.224.0/19
203.143.192.0/18
210.23.128.0/19
IPv6:
2001:360::/32
2001:df2:b880::/48
2001:8000::/20
Signature Algorithm: sha256WithRSAEncryption
2e:81:da:e8:06:f3:1a:64:83:0a:02:13:a3:c3:dd:1c:ec:29:
84:ef:80:38:1a:86:e7:06:9e:f4:26:ae:07:2a:f0:ce:bd:ea:
6c:f3:bf:d2:1e:00:98:ec:e4:f2:cf:64:45:c4:c2:b8:86:3f:
8c:01:34:a2:04:f6:60:05:22:1d:6c:53:ab:d9:41:29:25:35:
5b:41:ab:6a:88:c3:e2:a7:9d:97:7e:35:ef:24:15:d2:4d:91:
ce:7a:c6:66:32:83:18:95:ab:2c:fc:4a:84:4c:40:41:15:4c:
c5:0e:11:da:80:c1:08:3e:07:fa:bb:52:da:aa:d8:99:d2:ad:
62:3a:56:86:45:ad:ad:0d:37:fe:76:e6:1c:00:3b:85:38:3c:
7b:16:2b:22:45:2c:76:95:61:fa:58:7c:07:58:9f:cf:14:a7:
20:8b:63:83:bd:f3:63:f6:0f:73:b1:55:51:6a:c2:ce:2c:c0:
34:a0:1b:2c:e7:93:3c:1b:36:32:2c:25:0a:ea:60:1f:c1:68:
db:d1:b3:1e:54:b0:63:99:04:1b:9d:47:a7:9e:10:13:ce:be:
61:d5:a0:f9:e1:1c:2b:12:68:30:89:80:bd:ca:ca:c1:15:15:
a9:2f:0e:e9:c0:6c:92:ee:88:02:e9:b5:82:3a:dd:0c:79:43:
f9:26:77:9d
-----BEGIN CERTIFICATE-----
MIIHzjCCBragAwIBAgIDAgHVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDcyMzE3Mjc1MVoXDTI1MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNkE5ODMxMTAvBgNVBAUTKDcxNTY1RjJEN0I5MjRDRDcyQjQ1NUI2
OEI2NjcxOTQwMTBCQjFBOUYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6jblus/BlpeJem3qWBuql8WQ1EKf3BccyOpibjuV1E7LYZf+ftGbz2bymz+d0
+AOzRLHVLPH2zSDcaJr7Bh5cwVXt0eEbNSnYBO8aO2HRTkRqqaJmbmQxtqcU5/U/
GbuZeywlgROuUF2En6ypy1F5L5kw1/Rkt0HVuEDgNl2T+2Jz6dgvcfiDBG1Ynp+r
j/Tft2fSiP2yj3vjQeDnBFps5K7ktY+RjZgGiyZe5HkOdCTF0h8BPLBB+TkUK49o
PTA+UykFsV21dILGdjjmFXBvnq1VOVvp6N8t9lS85PaVWjAgYyZBUic0j4E0cUNv
7sJlBr8q8npXzSTzJ+HAZ7Z/AgMBAAGjggTDMIIEvzAdBgNVHQ4EFgQUcVZfLXuS
TNcrRVtotmcZQBC7Gp8wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTZBOTgzLzE2NzMwRDIwQ0QwRjExRTg5RDlGRjE2NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2QTk4My8xNjczMEQyMENEMEYxMUU4OUQ5RkYxNjVDNEY5QUUwMi9jVlpmTFh1
U1ROY3JSVnRvdG1jWlFCQzdHcDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYgYIKwYBBQUHAQgBAf8EUzBR
oE8wTQICBMUCAhIYAgIlKgIDAJRaAgMCA70CAwIExAIDAgrjAgMCCysCAwIPjAID
Ag+rAgMCEJECAwIRrwIDAhLPAgMCKj4CAwJHKAIDAkyhMIIBiQYIKwYBBQUHAQcB
Af8EggF4MIIBdDCCAVIEAgABMIIBSjAKAwMDAXgDAwUBgAMDBDqgAwMDPOADBAU9
CAADBAc9CYADAwBlZwMDBWWgAwQAZyuwAwQAZ0Y4AwQAZ2WHAwQAZ89cMAoDAwJu
jAMDA26QAwMEeJADAwR50AMDAnvQAwMEfLADAwB9/wMEBcoHQDAMAwQHygyAAwQA
ygzyAwQAywLkAwQBywm+AwQAywwqAwQAywxhAwQDywyQAwQAyw0VAwQEyw4AAwQA
yw9EAwQCyxC0AwQDyxEoAwQAyxGiAwQByxJMAwQEyxJwAwQAyxaBAwQByxiGAwQA
yxiqAwQCyxoIAwQAyxqvAwQAyxtFAwQGyxuAAwQAyxvtAwQEyx2gAwQAyyIhAwQA
yyJEMAoDAwDLIwMDAMs2MAsDBAXLOiADAwDLOgMEAss+lAMEA8s++AMEBctc4AME
Bctk4AMEBsuPwAMEBdIXgDAcBAIAAjAWAwUAIAEDYAMHACABDfK4gAMEBCABgDAN
BgkqhkiG9w0BAQsFAAOCAQEALoHa6AbzGmSDCgITo8PdHOwphO+AOBqG5wae9Cau
Byrwzr3qbPO/0h4AmOzk8s9kRcTCuIY/jAE0ogT2YAUiHWxTq9lBKSU1W0GraojD
4qedl3417yQV0k2RznrGZjKDGJWrLPxKhExAQRVMxQ4R2oDBCD4H+rtS2qrYmdKt
YjpWhkWtrQ03/nbmHAA7hTg8exYrIkUsdpVh+lh8B1ifzxSnIItjg73zY/YPc7FV
UWrCzizANKAbLOeTPBs2MiwlCupgH8Fo29GzHlSwY5kEG51Hp54QE86+YdWg+eEc
KxJoMImAvcrKwRUVqS8O6cBsku6IAum1gjrdDHlD+SZ3nQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:51:05 2024 by rpki-client on console-ams.rpki-client.org