Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dfDxcTIKeOUHAm-fL1T0smcMYhE.cer
File: dfDxcTIKeOUHAm-fL1T0smcMYhE.cer (raw, json)
Hash identifier: 1Zko8l9t5KePz2+o5pZ1gzreJDJuJewBp22kPrtUR2c=
Subject key identifier: 75:F0:F1:71:32:0A:78:E5:07:02:6F:9F:2F:54:F4:B2:67:0C:62:11
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01CD1D
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91C9161/70CC24863F8B11E7A9E67244C4F9AE02/dfDxcTIKeOUHAm-fL1T0smcMYhE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91C9161/70CC24863F8B11E7A9E67244C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 27 Nov 2023 19:24:05 +0000
Certificate not after: Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources: AS: 55862
IP: 43.252.100.0/22
IP: 49.128.160.0/20
IP: 103.29.96.0/22
IP: 2401:8900::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118045 (0x1cd1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 27 19:24:05 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=A91C9161/serialNumber=75F0F171320A78E507026F9F2F54F4B2670C6211
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:09:b7:44:96:57:2e:1f:98:7d:48:bd:0c:1c:
df:09:e7:50:c7:27:54:bd:67:9c:d0:1b:c6:6d:83:
d5:2d:64:b0:6e:d8:11:f6:9e:aa:f1:06:27:fb:5a:
67:9e:59:6c:6c:9a:44:40:dd:b5:6f:62:ef:ac:d4:
cd:21:86:ba:48:24:3e:bd:45:09:e1:73:f6:49:0f:
0f:03:83:64:22:45:56:6b:f4:98:dd:7c:ac:bb:97:
a2:03:3a:2c:81:07:2a:aa:b0:cb:64:ba:32:43:18:
16:68:cc:1c:d3:a8:d3:d9:42:be:39:07:47:00:4c:
72:a4:1f:c7:62:21:1b:89:0d:31:cc:90:2c:73:92:
62:f1:e3:dd:b4:8a:da:53:35:08:8b:93:aa:e6:62:
94:a3:e2:97:6e:36:b8:76:04:7e:c1:a0:4a:d0:9f:
7b:13:c6:a6:3e:f3:94:34:6d:9b:b2:a6:56:0b:80:
b4:15:5e:98:df:2b:fd:85:56:46:7d:4c:a5:a1:36:
97:b6:85:d4:f3:91:2d:72:72:66:c8:36:4c:96:cc:
33:81:b2:6a:68:4a:f0:33:69:bb:f9:b7:2e:bb:5b:
d6:93:31:8b:d5:43:5a:36:ea:56:ac:d5:17:41:77:
ca:c7:b4:dd:e2:2c:12:22:f6:a8:6a:30:c9:9f:d6:
53:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:F0:F1:71:32:0A:78:E5:07:02:6F:9F:2F:54:F4:B2:67:0C:62:11
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C9161/70CC24863F8B11E7A9E67244C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C9161/70CC24863F8B11E7A9E67244C4F9AE02/dfDxcTIKeOUHAm-fL1T0smcMYhE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
55862
sbgp-ipAddrBlock: critical
IPv4:
43.252.100.0/22
49.128.160.0/20
103.29.96.0/22
IPv6:
2401:8900::/32
Signature Algorithm: sha256WithRSAEncryption
a2:0a:d7:13:37:26:54:1a:94:fc:36:e8:54:fe:f5:77:bf:fa:
7a:20:14:0c:43:06:11:8c:5c:78:10:3f:b3:e3:95:f3:c9:ef:
81:05:4e:7d:85:86:f2:18:b1:5d:83:e9:ca:64:fe:0f:db:03:
57:80:83:44:2e:05:f7:80:4a:73:91:33:5f:53:5a:89:aa:4e:
32:7e:2b:4e:87:0e:b8:2d:8c:19:29:2f:3c:af:43:6c:41:30:
4e:10:bc:c5:76:be:0e:cb:52:35:9d:e9:31:ed:68:4f:ff:0f:
76:6c:6f:22:39:8c:7e:9a:d0:e2:fb:86:9f:00:91:56:0f:e5:
d0:20:d2:78:b3:ad:db:8b:e6:1f:73:da:0d:20:40:1e:5c:e4:
b0:db:d5:e7:af:fe:98:a5:af:a8:77:94:07:e1:46:4c:52:c7:
a2:05:e3:5c:56:eb:08:ce:fb:f3:0d:6a:d4:ab:aa:ab:c8:a2:
62:b6:1b:76:66:5e:2d:ef:d1:b8:7e:14:d4:cc:57:7a:bb:0e:
5d:69:33:2e:9d:44:51:48:7a:e7:5a:c3:8e:da:ab:94:3e:ce:
76:b9:78:9c:2e:91:04:85:44:44:e2:10:22:90:72:6e:db:e5:
7d:1e:5c:71:42:1a:bf:57:74:44:8d:f7:7b:59:6e:53:ab:cb:
a2:b9:8d:1c
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgIDAc0dMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEyNzE5MjQwNVoXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzkxNjExMTAvBgNVBAUTKDc1RjBGMTcxMzIwQTc4RTUwNzAyNkY5
RjJGNTRGNEIyNjcwQzYyMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5CbdEllcuH5h9SL0MHN8J51DHJ1S9Z5zQG8Ztg9UtZLBu2BH2nqrxBif7Wmee
WWxsmkRA3bVvYu+s1M0hhrpIJD69RQnhc/ZJDw8Dg2QiRVZr9JjdfKy7l6IDOiyB
ByqqsMtkujJDGBZozBzTqNPZQr45B0cATHKkH8diIRuJDTHMkCxzkmLx4920itpT
NQiLk6rmYpSj4pduNrh2BH7BoErQn3sTxqY+85Q0bZuyplYLgLQVXpjfK/2FVkZ9
TKWhNpe2hdTzkS1ycmbINkyWzDOBsmpoSvAzabv5ty67W9aTMYvVQ1o26las1RdB
d8rHtN3iLBIi9qhqMMmf1lORAgMBAAGjggMqMIIDJjAdBgNVHQ4EFgQUdfDxcTIK
eOUHAm+fL1T0smcMYhEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM5MTYxLzcwQ0MyNDg2M0Y4QjExRTdBOUU2NzI0NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDOTE2MS83MENDMjQ4NjNGOEIxMUU3QTlFNjcyNDRDNEY5QUUwMi9kZkR4Y1RJ
S2VPVUhBbS1mTDFUMHNtY01ZaEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDANo2MDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCK/xkAwQEMYCg
AwQCZx1gMA0EAgACMAcDBQAkAYkAMA0GCSqGSIb3DQEBCwUAA4IBAQCiCtcTNyZU
GpT8NuhU/vV3v/p6IBQMQwYRjFx4ED+z45Xzye+BBU59hYbyGLFdg+nKZP4P2wNX
gINELgX3gEpzkTNfU1qJqk4yfitOhw64LYwZKS88r0NsQTBOELzFdr4Oy1I1nekx
7WhP/w92bG8iOYx+mtDi+4afAJFWD+XQINJ4s63bi+Yfc9oNIEAeXOSw29Xnr/6Y
pa+od5QH4UZMUseiBeNcVusIzvvzDWrUq6qryKJitht2Zl4t79G4fhTUzFd6uw5d
aTMunURRSHrnWsOO2quUPs52uXicLpEEhURE4hAikHJu2+V9HlxxQhq/V3REjfd7
WW5Tq8uiuY0c
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:59:54 2024 by rpki-client on console-ams.rpki-client.org