
Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
File: gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer (raw, json)
Hash identifier: JCWXN7NSQ0RKoLYgqKuTvblHn6w89O7ERC+kIIvL5tQ=
Subject key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01A503
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 24 May 2023 20:39:51 +0000
Certificate not after: Tue 30 Jul 2024 00:00:00 +0000
Subordinate resources: AS: 138241
IP: 43.226.224.0/22
IP: 43.254.12.0/22
IP: 103.11.60.0/22
IP: 103.11.68.0/22
IP: 103.151.26.0/23
IP: 113.203.208.0 -- 113.203.255.255
IP: 115.167.0.0/19
IP: 115.167.48.0 -- 115.167.79.255
IP: 115.167.96.0/19
IP: 175.110.64.0 -- 175.110.111.255
IP: 180.178.128.0/18
IP: 202.92.16.0/20
IP: 223.29.224.0/20
IP: 2400:9560::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 31 May 2023 20:39:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107779 (0x1a503)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 24 20:39:51 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4b:7a:81:f3:e8:b2:26:72:18:05:4a:98:96:
c3:84:af:18:a6:41:55:86:2c:68:18:15:cc:48:d0:
04:a5:50:72:b7:ec:7e:9e:5b:f0:6b:a2:d2:3f:7c:
62:e0:65:72:37:73:5a:67:55:69:72:19:0a:61:16:
46:d4:c1:71:c6:7d:4a:47:43:cf:7d:7c:9b:ce:5f:
08:35:a8:3a:e8:75:81:7b:ec:d2:bd:2c:34:12:8c:
ce:a3:eb:15:4a:46:9b:18:4d:ed:d1:0d:b4:d8:fd:
df:a6:15:c8:1f:71:3c:49:7c:bb:5c:dd:23:c8:fa:
2c:ae:68:3a:eb:b9:2d:4f:84:27:47:9e:ab:ad:59:
4e:97:41:ec:66:64:c4:52:40:11:55:ef:0a:b6:eb:
67:80:f1:23:24:ab:2d:08:9c:88:e1:18:64:9f:70:
8d:da:50:a9:44:1d:8c:1d:cc:92:05:53:24:7b:6d:
b2:9c:86:b1:55:09:fe:bd:57:5b:ff:24:6a:67:d3:
f0:ad:0a:d6:3b:b0:b4:7e:04:93:62:16:e9:b7:40:
51:96:f8:0f:71:bd:0d:56:d0:bd:de:95:b1:c5:41:
2f:41:a3:1b:ae:82:1e:da:6b:d1:28:2b:23:31:88:
83:25:fd:8e:c6:27:f5:2b:f7:c2:2d:6e:fe:33:ce:
53:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
138241
sbgp-ipAddrBlock: critical
IPv4:
43.226.224.0/22
43.254.12.0/22
103.11.60.0/22
103.11.68.0/22
103.151.26.0/23
113.203.208.0-113.203.255.255
115.167.0.0/19
115.167.48.0-115.167.79.255
115.167.96.0/19
175.110.64.0-175.110.111.255
180.178.128.0/18
202.92.16.0/20
223.29.224.0/20
IPv6:
2400:9560::/32
Signature Algorithm: sha256WithRSAEncryption
94:cd:45:d4:cc:b4:0e:21:1f:0e:90:b1:ba:b7:63:a8:78:18:
34:1c:3f:bc:01:7e:50:22:f7:55:16:6d:79:e8:45:3a:b2:3c:
4b:fd:16:73:5a:ef:ea:fd:c8:97:52:1d:e7:0a:97:9b:13:80:
86:15:c0:86:6f:e1:0c:04:1b:09:25:96:70:80:34:03:86:17:
b4:d2:e7:0b:fd:e7:d8:a9:60:b9:5e:f2:84:2e:d8:b8:1f:5e:
3a:b7:77:89:8e:0d:7c:4a:f7:be:2f:b9:cc:c3:51:7e:2d:fc:
b9:62:1a:33:66:be:23:bc:1e:82:9e:78:ed:23:4e:ec:c5:54:
2e:b3:f0:c8:91:28:3e:6e:c8:72:df:10:3e:2d:9a:62:c6:88:
f9:ef:62:67:bf:ca:bc:9f:a9:60:5c:70:44:4c:83:ad:16:e5:
4e:3c:29:a6:e3:17:8b:11:57:f8:63:7e:45:f4:e6:51:ce:3b:
10:b1:3b:c6:b8:ac:15:9e:0c:ed:c5:1b:7b:9b:cf:fd:d8:e5:
3d:40:31:83:9a:2a:82:35:94:ec:3c:48:37:21:7c:2c:d3:d9:
94:27:cc:c5:69:3d:a0:aa:d3:a9:5e:9d:e0:a3:72:b9:e3:55:
51:39:93:a0:02:c4:ba:15:4c:58:e0:53:ba:18:27:76:2a:50:
4d:2d:c8:02
-----BEGIN CERTIFICATE-----
MIIGiTCCBXGgAwIBAgIDAaUDMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDUyNDIwMzk1MVoXDTI0MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDky
NkIwMjI2QTUyMUU1QjM5QzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDES3qB8+iyJnIYBUqYlsOErximQVWGLGgYFcxI0ASlUHK37H6eW/BrotI/fGLg
ZXI3c1pnVWlyGQphFkbUwXHGfUpHQ899fJvOXwg1qDrodYF77NK9LDQSjM6j6xVK
RpsYTe3RDbTY/d+mFcgfcTxJfLtc3SPI+iyuaDrruS1PhCdHnqutWU6XQexmZMRS
QBFV7wq262eA8SMkqy0InIjhGGSfcI3aUKlEHYwdzJIFUyR7bbKchrFVCf69V1v/
JGpn0/CtCtY7sLR+BJNiFum3QFGW+A9xvQ1W0L3elbHFQS9Boxuugh7aa9EoKyMx
iIMl/Y7GJ/Ur98Itbv4zzlNnAgMBAAGjggN+MIIDejAdBgNVHQ4EFgQUgwgIeRHq
SeIV3EkmsCJqUh5bOcQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU2MTM0LzVGOUFBNEJFQzJBODExRUFBNzkxOEEyRUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFNjEzNC81RjlBQTRCRUMyQTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJI
cVNlSVYzRWttc0NKcVVoNWJPY1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhwBMIGNBggrBgEFBQcBBwEB/wR+MHwwawQCAAEwZQMEAivi4AMEAiv+
DAMEAmcLPAMEAmcLRAMEAWeXGjALAwQEccvQAwMCccgDBAVzpwAwDAMEBHOnMAME
BHOnQAMEBXOnYDAMAwQGr25AAwQEr25gAwQGtLKAAwQEylwQAwQE3x3gMA0EAgAC
MAcDBQAkAJVgMA0GCSqGSIb3DQEBCwUAA4IBAQCUzUXUzLQOIR8OkLG6t2OoeBg0
HD+8AX5QIvdVFm156EU6sjxL/RZzWu/q/ciXUh3nCpebE4CGFcCGb+EMBBsJJZZw
gDQDhhe00ucL/efYqWC5XvKELti4H146t3eJjg18Sve+L7nMw1F+Lfy5YhozZr4j
vB6CnnjtI07sxVQus/DIkSg+bshy3xA+LZpixoj572Jnv8q8n6lgXHBETIOtFuVO
PCmm4xeLEVf4Y35F9OZRzjsQsTvGuKwVngztxRt7m8/92OU9QDGDmiqCNZTsPEg3
IXws09mUJ8zFaT2gqtOpXp3go3K541VROZOgAsS6FUxY4FO6GCd2KlBNLcgC
-----END CERTIFICATE-----
Generated at Wed May 24 21:33:35 2023 by rpki-client on console-fra.rpki-client.org