Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
File: dF_08GOrXRceBSUbMeKUpLx5c7E.cer (raw, json)
Hash identifier: xiohCYhCYva/G5/cHftHWcRzv2GVf6Ze4h6enIztWs0=
Subject key identifier: 74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01C869
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/dF_08GOrXRceBSUbMeKUpLx5c7E.mft
caRepository: rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 02 Nov 2023 16:18:16 +0000
Certificate not after: Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources: AS: 7585
AS: 7631
AS: 9499
AS: 9549
AS: 10143
AS: 17438
AS: 17498
AS: 17829
AS: 17907
AS: 18201
AS: 23677
AS: 23935
AS: 24001
AS: 24093
AS: 24129
AS: 24233
AS: 24240
AS: 38167
AS: 38195
AS: 38570
AS: 55411
AS: 132109
AS: 133123
AS: 133784
IP: 27.122.112.0/20
IP: 36.255.112.0/22
IP: 43.245.152.0/22
IP: 45.113.92.0/22
IP: 45.118.64.0/22
IP: 58.96.0.0/17
IP: 103.1.52.0/22
IP: 103.7.48.0/22
IP: 103.21.0.0/22
IP: 103.25.180.0/22
IP: 103.28.160.0/24
IP: 103.29.86.0/23
IP: 103.42.226.0/23
IP: 103.192.192.0/22
IP: 103.200.12.0/22
IP: 103.224.49.0/24
IP: 103.224.52.0/23
IP: 103.237.16.0/22
IP: 103.248.16.0/22
IP: 111.118.192.0/21
IP: 114.129.184.0/21
IP: 115.70.0.0/16
IP: 116.255.0.0/18
IP: 119.15.72.0/21
IP: 119.40.104.0/21
IP: 122.199.0.0/18
IP: 123.176.112.0/21
IP: 125.63.0.0/19
IP: 125.253.0.0/18
IP: 125.253.96.0/20
IP: 163.47.68.0/22
IP: 163.53.144.0/22
IP: 202.63.64.0/20
IP: 202.65.64.0/19
IP: 202.70.129.0/24
IP: 202.80.144.0/21
IP: 202.86.112.0/24
IP: 202.86.119.0/24
IP: 202.90.206.0/23
IP: 202.130.192.0 -- 202.130.194.255
IP: 202.130.196.0 -- 202.130.202.255
IP: 202.130.204.0/24
IP: 202.130.207.0 -- 202.130.213.255
IP: 202.130.215.0 -- 202.130.216.255
IP: 202.130.218.0 -- 202.130.223.255
IP: 202.137.160.0/20
IP: 202.144.160.0/20
IP: 202.169.96.0/19
IP: 202.171.160.0/19
IP: 202.177.40.0/22
IP: 203.10.77.0/24
IP: 203.14.230.0/24
IP: 203.24.182.0/24
IP: 203.25.102.0/24
IP: 203.27.116.0/24
IP: 203.32.82.0/24
IP: 203.33.254.0/24
IP: 203.123.96.0/19
IP: 203.132.64.0/19
IP: 203.153.16.0/22
IP: 203.189.4.0/24
IP: 203.212.16.0/21
IP: 210.5.32.0/21
IP: 220.233.0.0/16
IP: 223.27.64.0/22
IP: 2401:380::/32
IP: 2401:d000::/28
IP: 2404:c600::/32
IP: 2406:3400::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 23 Apr 2024 21:40:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116841 (0x1c869)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 2 16:18:16 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:dc:11:a8:47:75:6a:f0:21:a7:7a:cc:c7:9e:
53:86:f1:20:f6:48:d3:92:d8:ea:94:9c:56:0a:3e:
b6:b2:0c:9f:09:84:25:51:db:ef:41:c5:dc:43:0c:
4a:a7:45:a3:8b:64:dc:d1:c7:ca:9e:fd:6c:f6:f1:
12:e6:60:3e:4d:86:44:b9:84:c2:db:2d:1a:ae:34:
03:b1:a4:7c:a1:a6:fe:1d:50:0b:d3:bb:b8:86:dd:
f1:45:38:54:1f:e9:b0:dd:03:4f:97:69:17:17:bd:
cd:86:14:7a:8a:08:5c:1f:cc:2f:a1:7c:1e:9d:d7:
c1:cd:67:b7:ae:a6:45:a5:f9:31:f3:22:60:c6:88:
11:db:36:47:e2:89:50:80:b2:e4:f1:f8:59:22:80:
a1:e1:27:9f:69:7f:7d:93:90:40:de:25:7a:8d:7b:
74:16:91:19:03:b5:e0:f2:04:05:16:e5:6d:3f:f4:
6b:d4:c7:17:3e:b7:e0:d5:c8:82:f4:cd:e4:94:5a:
ea:df:49:f7:fa:e4:9b:17:a7:95:79:6d:ba:bf:b6:
e3:af:25:98:4e:4d:48:21:6a:02:0f:2d:86:dc:ea:
64:07:0a:e0:60:7c:ba:30:d7:22:ed:a0:bd:90:91:
18:e6:75:70:1d:f1:82:c0:ad:b4:5f:f1:bd:22:d7:
4a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/dF_08GOrXRceBSUbMeKUpLx5c7E.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
7585
7631
9499
9549
10143
17438
17498
17829
17907
18201
23677
23935
24001
24093
24129
24233
24240
38167
38195
38570
55411
132109
133123
133784
sbgp-ipAddrBlock: critical
IPv4:
27.122.112.0/20
36.255.112.0/22
43.245.152.0/22
45.113.92.0/22
45.118.64.0/22
58.96.0.0/17
103.1.52.0/22
103.7.48.0/22
103.21.0.0/22
103.25.180.0/22
103.28.160.0/24
103.29.86.0/23
103.42.226.0/23
103.192.192.0/22
103.200.12.0/22
103.224.49.0/24
103.224.52.0/23
103.237.16.0/22
103.248.16.0/22
111.118.192.0/21
114.129.184.0/21
115.70.0.0/16
116.255.0.0/18
119.15.72.0/21
119.40.104.0/21
122.199.0.0/18
123.176.112.0/21
125.63.0.0/19
125.253.0.0/18
125.253.96.0/20
163.47.68.0/22
163.53.144.0/22
202.63.64.0/20
202.65.64.0/19
202.70.129.0/24
202.80.144.0/21
202.86.112.0/24
202.86.119.0/24
202.90.206.0/23
202.130.192.0-202.130.194.255
202.130.196.0-202.130.202.255
202.130.204.0/24
202.130.207.0-202.130.213.255
202.130.215.0-202.130.216.255
202.130.218.0-202.130.223.255
202.137.160.0/20
202.144.160.0/20
202.169.96.0/19
202.171.160.0/19
202.177.40.0/22
203.10.77.0/24
203.14.230.0/24
203.24.182.0/24
203.25.102.0/24
203.27.116.0/24
203.32.82.0/24
203.33.254.0/24
203.123.96.0/19
203.132.64.0/19
203.153.16.0/22
203.189.4.0/24
203.212.16.0/21
210.5.32.0/21
220.233.0.0/16
223.27.64.0/22
IPv6:
2401:380::/32
2401:d000::/28
2404:c600::/32
2406:3400::/32
Signature Algorithm: sha256WithRSAEncryption
73:63:82:9b:57:e6:b8:c4:4a:48:2a:76:e5:83:4a:10:6e:4d:
9a:93:c9:09:f1:0e:a4:6e:c7:7a:79:ed:04:9b:81:5d:eb:55:
07:80:af:18:08:8e:0d:8f:fd:7d:58:66:3e:88:40:25:97:90:
0b:fb:44:09:ca:8a:18:8c:46:3c:e2:6e:f7:7d:96:ad:b4:2d:
59:2b:15:86:e2:92:91:cf:b9:b8:c0:b8:e2:88:c9:68:21:54:
65:18:4b:cd:a4:80:c3:25:87:b5:05:85:fc:a0:18:0a:bd:c1:
56:03:de:82:b2:19:31:16:43:f8:ac:52:b7:f6:4e:82:d7:ef:
34:9e:04:71:56:5e:ae:56:04:04:89:b9:1f:ec:07:96:2c:fe:
c8:98:9c:21:0b:65:c0:11:42:24:63:76:a5:65:8d:6e:db:d7:
77:01:fc:9f:e4:35:b8:5c:ef:e2:b0:c3:41:25:90:e0:fe:62:
cb:2f:81:ce:e1:6f:a4:87:b9:4f:d4:4a:c9:c8:e3:93:b8:4f:
c8:38:d4:38:07:ff:78:e6:f1:f1:73:1b:56:68:b6:88:08:56:
4b:6e:f0:69:4d:25:47:40:27:be:e3:b5:9b:67:41:f5:6a:2b:
ff:46:8c:2f:14:6a:69:ae:8e:14:6f:b9:fa:b4:4d:99:81:1a:
46:7d:ba:f9
-----BEGIN CERTIFICATE-----
MIIIUDCCBzigAwIBAgIDAchpMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEwMjE2MTgxNloXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNUU0NzUxMTAvBgNVBAUTKDc0NUZGNEYwNjNBQjVEMTcxRTA1MjUx
QjMxRTI5NEE0QkM3OTczQjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDd3BGoR3Vq8CGneszHnlOG8SD2SNOS2OqUnFYKPrayDJ8JhCVR2+9BxdxDDEqn
RaOLZNzRx8qe/Wz28RLmYD5NhkS5hMLbLRquNAOxpHyhpv4dUAvTu7iG3fFFOFQf
6bDdA0+XaRcXvc2GFHqKCFwfzC+hfB6d18HNZ7eupkWl+THzImDGiBHbNkfiiVCA
suTx+FkigKHhJ59pf32TkEDeJXqNe3QWkRkDteDyBAUW5W0/9GvUxxc+t+DVyIL0
zeSUWurfSff65JsXp5V5bbq/tuOvJZhOTUghagIPLYbc6mQHCuBgfLow1yLtoL2Q
kRjmdXAd8YLArbRf8b0i10qJAgMBAAGjggVFMIIFQTAdBgNVHQ4EFgQUdF/08GOr
XRceBSUbMeKUpLx5c7EwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTVFNDc1L0RBODNBQTdBQ0ExMTExRUFBNDc5QzczNEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1RTQ3NS9EQTgzQUE3QUNBMTExMUVBQTQ3OUM3MzRDNEY5QUUwMi9kRl8wOEdP
clhSY2VCU1ViTWVLVXBMeDVjN0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfAYIKwYBBQUHAQgBAf8EbTBr
oGkwZwICHaECAh3PAgIlGwICJU0CAiefAgJEHgICRFoCAkWlAgJF8wICRxkCAlx9
AgJdfwICXcECAl4dAgJeQQICXqkCAl6wAgMAlRcCAwCVMwIDAJaqAgMA2HMCAwIE
DQIDAggDAgMCCpgwggHxBggrBgEFBQcBBwEB/wSCAeAwggHcMIIBtAQCAAEwggGs
AwQEG3pwAwQCJP9wAwQCK/WYAwQCLXFcAwQCLXZAAwQHOmAAAwQCZwE0AwQCZwcw
AwQCZxUAAwQCZxm0AwQAZxygAwQBZx1WAwQBZyriAwQCZ8DAAwQCZ8gMAwQAZ+Ax
AwQBZ+A0AwQCZ+0QAwQCZ/gQAwQDb3bAAwQDcoG4AwMAc0YDBAZ0/wADBAN3D0gD
BAN3KGgDBAZ6xwADBAN7sHADBAV9PwADBAZ9/QADBAR9/WADBAKjL0QDBAKjNZAD
BATKP0ADBAXKQUADBADKRoEDBAPKUJADBADKVnADBADKVncDBAHKWs4wDAMEBsqC
wAMEAMqCwjAMAwQCyoLEAwQAyoLKAwQAyoLMMAwDBADKgs8DBAHKgtQwDAMEAMqC
1wMEAMqC2DAMAwQByoLaAwQFyoLAAwQEyomgAwQEypCgAwQFyqlgAwQFyqugAwQC
yrEoAwQAywpNAwQAyw7mAwQAyxi2AwQAyxlmAwQAyxt0AwQAyyBSAwQAyyH+AwQF
y3tgAwQFy4RAAwQCy5kQAwQAy70EAwQDy9QQAwQD0gUgAwMA3OkDBALfG0AwIgQC
AAIwHAMFACQBA4ADBQQkAdAAAwUAJATGAAMFACQGNAAwDQYJKoZIhvcNAQELBQAD
ggEBAHNjgptX5rjESkgqduWDShBuTZqTyQnxDqRux3p57QSbgV3rVQeArxgIjg2P
/X1YZj6IQCWXkAv7RAnKihiMRjzibvd9lq20LVkrFYbikpHPubjAuOKIyWghVGUY
S82kgMMlh7UFhfygGAq9wVYD3oKyGTEWQ/isUrf2ToLX7zSeBHFWXq5WBASJuR/s
B5Ys/siYnCELZcARQiRjdqVljW7b13cB/J/kNbhc7+Kww0ElkOD+Yssvgc7hb6SH
uU/USsnI45O4T8g41DgH/3jm8fFzG1ZotogIVktu8GlNJUdAJ77jtZtnQfVqK/9G
jC8UammujhRvufq0TZmBGkZ9uvk=
-----END CERTIFICATE-----
Generated at Tue Apr 16 22:47:47 2024 by rpki-client on console-ams.rpki-client.org