Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer
File: hIWjnta2ISjt9PmbLCqBH1wgFXA.cer (raw, json)
Hash identifier: hbagJ4lQ8ShsmyJEx3d9+kL/Uy7QWqL+Jk0ziveWr4g=
Subject key identifier: 84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01FDF0
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.mft
caRepository: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 04 Jul 2024 00:07:11 +0000
Certificate not after: Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources: AS: 23892
AS: 38794
AS: 45197
AS: 45248
AS: 45764
AS: 45788
AS: 45796
AS: 55325
AS: 55927
AS: 56085
AS: 132062
AS: 132086
AS: 132821
AS: 132838
AS: 134402
AS: 135617
AS: 135670
AS: 135676
AS: 137423
AS: 137489
AS: 137885
AS: 138691
AS: 138911
AS: 139191
AS: 140032
AS: 140662
AS: 141715
AS: 150119
AS: 150432
AS: 150703
AS: 152461
IP: 43.240.112.0/22
IP: 43.249.56.0 -- 43.249.71.255
IP: 43.249.104.0 -- 43.249.115.255
IP: 43.251.204.0/22
IP: 43.252.180.0/22
IP: 45.64.88.0/22
IP: 45.117.208.0/22
IP: 45.122.48.0/22
IP: 45.127.60.0/22
IP: 103.4.228.0/22
IP: 103.23.120.0/22
IP: 103.28.240.0/23
IP: 103.40.132.0 -- 103.40.151.255
IP: 103.40.180.0 -- 103.40.191.255
IP: 103.225.24.0/22
IP: 103.240.60.0/22
IP: 103.245.112.0/22
IP: 115.31.128.0/18
IP: 116.193.144.0/21
IP: 117.121.208.0/20
IP: 119.13.24.0/21
IP: 119.63.64.0/19
IP: 125.254.52.0/22
IP: 150.107.220.0/22
IP: 202.27.110.0/24
IP: 202.94.240.0/20
IP: 202.148.176.0/20
IP: 203.114.68.0/22
IP: 223.27.192.0/18
IP: 2001:df0:1e::/48
IP: 2400:3480::/32
IP: 2400:cd00::/32
IP: 2402:9b00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130544 (0x1fdf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 4 00:07:11 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=A912442A/serialNumber=8485A39ED6B62128EDF4F99B2C2A811F5C201570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6f:10:13:ce:ca:0e:e7:5b:7b:e4:73:a6:b4:
07:b2:7d:d6:da:02:33:b6:95:bb:34:2e:cd:69:50:
bc:7a:10:23:53:12:dc:e4:59:f3:6d:d7:cf:95:f6:
3b:e9:8f:c2:12:60:a3:63:ea:34:c7:57:4e:2e:4b:
32:a5:5e:8f:f2:5d:00:44:ea:30:22:63:74:bc:ba:
9a:5f:5e:0d:04:55:f3:a8:9c:c1:f6:70:40:e1:77:
90:a9:c1:11:b7:28:2b:ba:5b:91:17:ab:87:a9:48:
0c:8c:8d:f1:17:fa:ad:ab:a0:66:8d:7c:4d:32:35:
ae:59:2b:ab:9a:7b:d2:b6:39:89:d9:9d:fb:a9:94:
c6:08:63:b5:00:95:ff:e3:db:93:1e:65:94:32:1a:
f9:35:9e:ce:f1:fd:df:2d:38:41:9a:16:de:2b:0b:
ae:66:a8:b0:32:af:37:78:bc:5b:bd:db:8b:7c:24:
14:07:f2:12:d8:29:a5:f4:6d:f9:44:84:13:1c:f2:
40:97:27:8f:67:16:4e:bb:d8:ca:5c:70:94:87:56:
d4:a4:61:16:e3:57:bd:43:95:6b:f4:4e:34:12:35:
be:61:7d:d2:d1:95:49:4b:51:86:29:aa:89:8f:64:
e3:69:62:34:3c:eb:05:14:3a:77:55:cc:0f:3e:38:
f1:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
23892
38794
45197
45248
45764
45788
45796
55325
55927
56085
132062
132086
132821
132838
134402
135617
135670
135676
137423
137489
137885
138691
138911
139191
140032
140662
141715
150119
150432
150703
152461
sbgp-ipAddrBlock: critical
IPv4:
43.240.112.0/22
43.249.56.0-43.249.71.255
43.249.104.0-43.249.115.255
43.251.204.0/22
43.252.180.0/22
45.64.88.0/22
45.117.208.0/22
45.122.48.0/22
45.127.60.0/22
103.4.228.0/22
103.23.120.0/22
103.28.240.0/23
103.40.132.0-103.40.151.255
103.40.180.0-103.40.191.255
103.225.24.0/22
103.240.60.0/22
103.245.112.0/22
115.31.128.0/18
116.193.144.0/21
117.121.208.0/20
119.13.24.0/21
119.63.64.0/19
125.254.52.0/22
150.107.220.0/22
202.27.110.0/24
202.94.240.0/20
202.148.176.0/20
203.114.68.0/22
223.27.192.0/18
IPv6:
2001:df0:1e::/48
2400:3480::/32
2400:cd00::/32
2402:9b00::/32
Signature Algorithm: sha256WithRSAEncryption
27:3b:ef:fc:7a:06:55:a6:cc:df:a1:a6:eb:8e:b6:08:78:cd:
b4:9e:8d:70:3a:fc:fb:85:b3:7a:31:dd:1d:c9:a9:6f:8a:59:
1b:f5:f5:28:3a:f1:df:b1:a0:d6:29:71:2a:96:79:59:5d:cf:
75:cb:3f:07:14:ec:85:97:b4:bb:04:7d:d2:ba:17:cf:e4:f0:
66:04:8a:b2:06:6d:b7:ba:ce:41:6c:6d:a3:31:23:29:43:dd:
f3:a3:b9:73:44:9b:cb:45:27:77:b2:51:d6:84:c6:25:66:de:
71:50:d2:d0:7a:f1:27:71:2f:7a:75:17:12:89:c2:e3:bc:a7:
f8:21:9b:bd:13:d1:fd:d6:75:50:e2:4a:89:9d:39:b1:e7:bd:
51:e5:ed:84:c0:9b:16:0f:38:0f:11:a0:40:1d:68:ea:de:c5:
59:e1:30:e3:8a:7c:aa:95:c4:ad:0c:fe:7e:dd:ac:dc:3b:88:
e3:09:a3:3e:78:a0:0f:09:5a:9f:6a:7c:2d:c7:ff:48:a6:5c:
5f:68:b5:98:e6:9a:f3:e7:6c:d2:e0:68:05:85:ae:a0:5a:80:
59:9c:98:54:a7:30:9d:75:be:94:a9:f8:cf:26:0f:70:68:26:
38:46:8e:83:3a:2a:53:fb:3d:a0:f1:68:70:b6:fa:94:c6:fd:
91:c7:0e:f4
-----BEGIN CERTIFICATE-----
MIIHqTCCBpGgAwIBAgIDAf3wMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDcwNDAwMDcxMVoXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjQ0MkExMTAvBgNVBAUTKDg0ODVBMzlFRDZCNjIxMjhFREY0Rjk5
QjJDMkE4MTFGNUMyMDE1NzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCvbxATzsoO51t75HOmtAeyfdbaAjO2lbs0Ls1pULx6ECNTEtzkWfNt18+V9jvp
j8ISYKNj6jTHV04uSzKlXo/yXQBE6jAiY3S8uppfXg0EVfOonMH2cEDhd5CpwRG3
KCu6W5EXq4epSAyMjfEX+q2roGaNfE0yNa5ZK6uae9K2OYnZnfuplMYIY7UAlf/j
25MeZZQyGvk1ns7x/d8tOEGaFt4rC65mqLAyrzd4vFu924t8JBQH8hLYKaX0bflE
hBMc8kCXJ49nFk672MpccJSHVtSkYRbjV71DlWv0TjQSNb5hfdLRlUlLUYYpqomP
ZONpYjQ86wUUOndVzA8+OPFTAgMBAAGjggSeMIIEmjAdBgNVHQ4EFgQUhIWjnta2
ISjt9PmbLCqBH1wgFXAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTI0NDJBLzIwRjJDQjAwRUI5QzExRUNBNjgyMTIwQ0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyNDQyQS8yMEYyQ0IwMEVCOUMxMUVDQTY4MjEyMENDNEY5QUUwMi9oSVdqbnRh
MklTanQ5UG1iTENxQkgxd2dGWEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbMGCCsGAQUFBwEIAQH/BIGj
MIGgoIGdMIGaAgJdVAIDAJeKAgMAsI0CAwCwwAIDALLEAgMAstwCAwCy5AIDANgd
AgMA2ncCAwDbFQIDAgPeAgMCA/YCAwIG1QIDAgbmAgMCDQICAwIRwQIDAhH2AgMC
EfwCAwIYzwIDAhkRAgMCGp0CAwIdwwIDAh6fAgMCH7cCAwIjAAIDAiV2AgMCKZMC
AwJKZwIDAkugAgMCTK8CAwJTjTCCARIGCCsGAQUFBwEHAQH/BIIBATCB/jCB1QQC
AAEwgc4DBAIr8HAwDAMEAyv5OAMEAyv5QDAMAwQDK/loAwQCK/lwAwQCK/vMAwQC
K/y0AwQCLUBYAwQCLXXQAwQCLXowAwQCLX88AwQCZwTkAwQCZxd4AwQBZxzwMAwD
BAJnKIQDBANnKJAwDAMEAmcotAMEBmcogAMEAmfhGAMEAmfwPAMEAmf1cAMEBnMf
gAMEA3TBkAMEBHV50AMEA3cNGAMEBXc/QAMEAn3+NAMEApZr3AMEAMobbgMEBMpe
8AMEBMqUsAMEAstyRAMEBt8bwDAkBAIAAjAeAwcAIAEN8AAeAwUAJAA0gAMFACQA
zQADBQAkApsAMA0GCSqGSIb3DQEBCwUAA4IBAQAnO+/8egZVpszfoabrjrYIeM20
no1wOvz7hbN6Md0dyalvilkb9fUoOvHfsaDWKXEqlnlZXc91yz8HFOyFl7S7BH3S
uhfP5PBmBIqyBm23us5BbG2jMSMpQ93zo7lzRJvLRSd3slHWhMYlZt5xUNLQevEn
cS96dRcSicLjvKf4IZu9E9H91nVQ4kqJnTmx571R5e2EwJsWDzgPEaBAHWjq3sVZ
4TDjinyqlcStDP5+3azcO4jjCaM+eKAPCVqfanwtx/9IplxfaLWY5prz52zS4GgF
ha6gWoBZnJhUpzCddb6UqfjPJg9waCY4Ro6DOipT+z2g8WhwtvqUxv2Rxw70
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:15:42 2024 by rpki-client on console-ams.rpki-client.org