Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
File: dF_08GOrXRceBSUbMeKUpLx5c7E.cer (raw, json)
Hash identifier: uigsEVKWjT4w+fatDGTWIZx01lVuzrHZgp7YfjaFfaI=
Subject key identifier: 74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021813
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/dF_08GOrXRceBSUbMeKUpLx5c7E.mft
caRepository: rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 01 Nov 2024 22:16:57 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 7585
AS: 7631
AS: 9499
AS: 9549
AS: 10143
AS: 17438
AS: 17498
AS: 17829
AS: 17907
AS: 18201
AS: 23677
AS: 23935
AS: 24001
AS: 24093
AS: 24129
AS: 24233
AS: 24240
AS: 38167
AS: 38195
AS: 38570
AS: 55411
AS: 132109
AS: 133123
AS: 133784
IP: 27.122.112.0/20
IP: 36.255.112.0/22
IP: 43.245.152.0/22
IP: 45.113.92.0/22
IP: 45.118.64.0/22
IP: 58.96.0.0/17
IP: 103.1.52.0/22
IP: 103.7.48.0/22
IP: 103.21.0.0/22
IP: 103.25.180.0/22
IP: 103.28.160.0/24
IP: 103.29.86.0/23
IP: 103.42.226.0/23
IP: 103.192.192.0/22
IP: 103.200.12.0/22
IP: 103.224.49.0/24
IP: 103.224.52.0/23
IP: 103.237.16.0/22
IP: 103.248.16.0/22
IP: 111.118.192.0/21
IP: 114.129.184.0/21
IP: 115.70.0.0/16
IP: 116.255.0.0/18
IP: 119.15.72.0/21
IP: 119.40.104.0/21
IP: 122.199.0.0/18
IP: 123.176.112.0/21
IP: 125.63.0.0/19
IP: 125.253.0.0/18
IP: 125.253.96.0/20
IP: 163.47.68.0/22
IP: 163.53.144.0/22
IP: 202.63.64.0/20
IP: 202.65.64.0/19
IP: 202.70.129.0/24
IP: 202.80.144.0/21
IP: 202.86.112.0/24
IP: 202.86.119.0/24
IP: 202.90.206.0/23
IP: 202.130.192.0 -- 202.130.194.255
IP: 202.130.196.0 -- 202.130.202.255
IP: 202.130.204.0/24
IP: 202.130.207.0 -- 202.130.213.255
IP: 202.130.215.0 -- 202.130.216.255
IP: 202.130.218.0 -- 202.130.223.255
IP: 202.137.160.0/20
IP: 202.144.160.0/20
IP: 202.169.96.0/19
IP: 202.171.160.0/19
IP: 202.177.40.0/22
IP: 203.10.77.0/24
IP: 203.14.230.0/24
IP: 203.24.182.0/24
IP: 203.25.102.0/24
IP: 203.27.116.0/24
IP: 203.32.82.0/24
IP: 203.33.254.0/24
IP: 203.123.96.0/19
IP: 203.132.64.0/19
IP: 203.153.16.0/22
IP: 203.189.4.0/24
IP: 203.212.16.0/21
IP: 210.5.32.0/21
IP: 220.233.0.0/16
IP: 223.27.64.0/22
IP: 2401:380::/32
IP: 2401:d000::/28
IP: 2404:c600::/32
IP: 2406:3400::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137235 (0x21813)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Nov 1 22:16:57 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A915E475
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:dc:11:a8:47:75:6a:f0:21:a7:7a:cc:c7:9e:
53:86:f1:20:f6:48:d3:92:d8:ea:94:9c:56:0a:3e:
b6:b2:0c:9f:09:84:25:51:db:ef:41:c5:dc:43:0c:
4a:a7:45:a3:8b:64:dc:d1:c7:ca:9e:fd:6c:f6:f1:
12:e6:60:3e:4d:86:44:b9:84:c2:db:2d:1a:ae:34:
03:b1:a4:7c:a1:a6:fe:1d:50:0b:d3:bb:b8:86:dd:
f1:45:38:54:1f:e9:b0:dd:03:4f:97:69:17:17:bd:
cd:86:14:7a:8a:08:5c:1f:cc:2f:a1:7c:1e:9d:d7:
c1:cd:67:b7:ae:a6:45:a5:f9:31:f3:22:60:c6:88:
11:db:36:47:e2:89:50:80:b2:e4:f1:f8:59:22:80:
a1:e1:27:9f:69:7f:7d:93:90:40:de:25:7a:8d:7b:
74:16:91:19:03:b5:e0:f2:04:05:16:e5:6d:3f:f4:
6b:d4:c7:17:3e:b7:e0:d5:c8:82:f4:cd:e4:94:5a:
ea:df:49:f7:fa:e4:9b:17:a7:95:79:6d:ba:bf:b6:
e3:af:25:98:4e:4d:48:21:6a:02:0f:2d:86:dc:ea:
64:07:0a:e0:60:7c:ba:30:d7:22:ed:a0:bd:90:91:
18:e6:75:70:1d:f1:82:c0:ad:b4:5f:f1:bd:22:d7:
4a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/dF_08GOrXRceBSUbMeKUpLx5c7E.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
7585
7631
9499
9549
10143
17438
17498
17829
17907
18201
23677
23935
24001
24093
24129
24233
24240
38167
38195
38570
55411
132109
133123
133784
sbgp-ipAddrBlock: critical
IPv4:
27.122.112.0/20
36.255.112.0/22
43.245.152.0/22
45.113.92.0/22
45.118.64.0/22
58.96.0.0/17
103.1.52.0/22
103.7.48.0/22
103.21.0.0/22
103.25.180.0/22
103.28.160.0/24
103.29.86.0/23
103.42.226.0/23
103.192.192.0/22
103.200.12.0/22
103.224.49.0/24
103.224.52.0/23
103.237.16.0/22
103.248.16.0/22
111.118.192.0/21
114.129.184.0/21
115.70.0.0/16
116.255.0.0/18
119.15.72.0/21
119.40.104.0/21
122.199.0.0/18
123.176.112.0/21
125.63.0.0/19
125.253.0.0/18
125.253.96.0/20
163.47.68.0/22
163.53.144.0/22
202.63.64.0/20
202.65.64.0/19
202.70.129.0/24
202.80.144.0/21
202.86.112.0/24
202.86.119.0/24
202.90.206.0/23
202.130.192.0-202.130.194.255
202.130.196.0-202.130.202.255
202.130.204.0/24
202.130.207.0-202.130.213.255
202.130.215.0-202.130.216.255
202.130.218.0-202.130.223.255
202.137.160.0/20
202.144.160.0/20
202.169.96.0/19
202.171.160.0/19
202.177.40.0/22
203.10.77.0/24
203.14.230.0/24
203.24.182.0/24
203.25.102.0/24
203.27.116.0/24
203.32.82.0/24
203.33.254.0/24
203.123.96.0/19
203.132.64.0/19
203.153.16.0/22
203.189.4.0/24
203.212.16.0/21
210.5.32.0/21
220.233.0.0/16
223.27.64.0/22
IPv6:
2401:380::/32
2401:d000::/28
2404:c600::/32
2406:3400::/32
Signature Algorithm: sha256WithRSAEncryption
4e:01:f3:72:39:a3:ed:41:b9:c5:a4:23:6d:cb:55:a7:d9:f5:
03:b5:88:46:bf:98:4c:a4:00:75:2c:b9:ff:92:19:57:9a:0f:
18:93:5d:79:8b:88:c0:59:ac:00:20:03:48:33:41:f7:21:30:
36:fc:0d:09:05:73:d0:5e:73:b8:e8:2c:56:eb:b7:a3:ef:14:
aa:cb:3d:87:0e:14:95:b5:e9:af:a0:a6:81:a1:16:b3:db:6f:
bf:56:1c:41:f8:f1:38:ab:67:7c:62:f1:14:38:28:8e:92:6d:
2a:78:7d:d8:51:30:01:d1:42:f6:a3:cd:00:61:be:79:04:47:
20:15:96:43:17:37:fd:fd:2f:23:78:b8:32:08:82:14:91:a9:
6a:c1:eb:6e:76:8a:3f:27:c0:37:7a:5f:bb:72:41:d1:b3:b1:
01:1c:8c:e0:bd:e4:27:00:51:92:6f:8d:49:fc:32:24:57:5a:
3e:87:3b:5a:a6:ce:51:7a:89:81:f7:93:90:50:63:0e:35:41:
ad:10:cf:79:54:7d:ce:a0:cb:3e:b0:22:3f:c2:e5:29:ba:79:
09:dd:f7:eb:fe:ad:30:d4:ea:32:e8:f3:79:de:4c:f6:c5:aa:
52:88:26:b0:30:d0:46:cf:a2:9d:5d:86:62:ea:70:a6:09:34:
aa:3f:de:68
-----BEGIN CERTIFICATE-----
MIIIUDCCBzigAwIBAgIDAhgTMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTEwMTIyMTY1N1oXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNUU0NzUxMTAvBgNVBAUTKDc0NUZGNEYwNjNBQjVEMTcxRTA1MjUx
QjMxRTI5NEE0QkM3OTczQjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDd3BGoR3Vq8CGneszHnlOG8SD2SNOS2OqUnFYKPrayDJ8JhCVR2+9BxdxDDEqn
RaOLZNzRx8qe/Wz28RLmYD5NhkS5hMLbLRquNAOxpHyhpv4dUAvTu7iG3fFFOFQf
6bDdA0+XaRcXvc2GFHqKCFwfzC+hfB6d18HNZ7eupkWl+THzImDGiBHbNkfiiVCA
suTx+FkigKHhJ59pf32TkEDeJXqNe3QWkRkDteDyBAUW5W0/9GvUxxc+t+DVyIL0
zeSUWurfSff65JsXp5V5bbq/tuOvJZhOTUghagIPLYbc6mQHCuBgfLow1yLtoL2Q
kRjmdXAd8YLArbRf8b0i10qJAgMBAAGjggVFMIIFQTAdBgNVHQ4EFgQUdF/08GOr
XRceBSUbMeKUpLx5c7EwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTVFNDc1L0RBODNBQTdBQ0ExMTExRUFBNDc5QzczNEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1RTQ3NS9EQTgzQUE3QUNBMTExMUVBQTQ3OUM3MzRDNEY5QUUwMi9kRl8wOEdP
clhSY2VCU1ViTWVLVXBMeDVjN0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfAYIKwYBBQUHAQgBAf8EbTBr
oGkwZwICHaECAh3PAgIlGwICJU0CAiefAgJEHgICRFoCAkWlAgJF8wICRxkCAlx9
AgJdfwICXcECAl4dAgJeQQICXqkCAl6wAgMAlRcCAwCVMwIDAJaqAgMA2HMCAwIE
DQIDAggDAgMCCpgwggHxBggrBgEFBQcBBwEB/wSCAeAwggHcMIIBtAQCAAEwggGs
AwQEG3pwAwQCJP9wAwQCK/WYAwQCLXFcAwQCLXZAAwQHOmAAAwQCZwE0AwQCZwcw
AwQCZxUAAwQCZxm0AwQAZxygAwQBZx1WAwQBZyriAwQCZ8DAAwQCZ8gMAwQAZ+Ax
AwQBZ+A0AwQCZ+0QAwQCZ/gQAwQDb3bAAwQDcoG4AwMAc0YDBAZ0/wADBAN3D0gD
BAN3KGgDBAZ6xwADBAN7sHADBAV9PwADBAZ9/QADBAR9/WADBAKjL0QDBAKjNZAD
BATKP0ADBAXKQUADBADKRoEDBAPKUJADBADKVnADBADKVncDBAHKWs4wDAMEBsqC
wAMEAMqCwjAMAwQCyoLEAwQAyoLKAwQAyoLMMAwDBADKgs8DBAHKgtQwDAMEAMqC
1wMEAMqC2DAMAwQByoLaAwQFyoLAAwQEyomgAwQEypCgAwQFyqlgAwQFyqugAwQC
yrEoAwQAywpNAwQAyw7mAwQAyxi2AwQAyxlmAwQAyxt0AwQAyyBSAwQAyyH+AwQF
y3tgAwQFy4RAAwQCy5kQAwQAy70EAwQDy9QQAwQD0gUgAwMA3OkDBALfG0AwIgQC
AAIwHAMFACQBA4ADBQQkAdAAAwUAJATGAAMFACQGNAAwDQYJKoZIhvcNAQELBQAD
ggEBAE4B83I5o+1BucWkI23LVafZ9QO1iEa/mEykAHUsuf+SGVeaDxiTXXmLiMBZ
rAAgA0gzQfchMDb8DQkFc9Bec7joLFbrt6PvFKrLPYcOFJW16a+gpoGhFrPbb79W
HEH48TirZ3xi8RQ4KI6SbSp4fdhRMAHRQvajzQBhvnkERyAVlkMXN/39LyN4uDII
ghSRqWrB6252ij8nwDd6X7tyQdGzsQEcjOC95CcAUZJvjUn8MiRXWj6HO1qmzlF6
iYH3k5BQYw41Qa0Qz3lUfc6gyz6wIj/C5Sm6eQnd9+v+rTDU6jLo83neTPbFqlKI
JrAw0EbPop1dhmLqcKYJNKo/3mg=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:19:36 2025 by rpki-client