Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hbFKiQub1JgNl-Qbs5H8yYUPy3g.cer
File: hbFKiQub1JgNl-Qbs5H8yYUPy3g.cer (raw, json)
Hash identifier: xDN17BuEGLCIsgqGkKZdjEVH2Jheb4ygagVWVINYLfg=
Subject key identifier: 85:B1:4A:89:0B:9B:D4:98:0D:97:E4:1B:B3:91:FC:C9:85:0F:CB:78
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01ECFF
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 23 Apr 2024 04:29:23 +0000
Certificate not after: Thu 31 Oct 2024 00:00:00 +0000
Subordinate resources: IP: 117.74.96.0/20
IP: 2407:2080::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 14 May 2024 13:51:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126207 (0x1ecff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 23 04:29:23 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=A91D894F/serialNumber=85B14A890B9BD4980D97E41BB391FCC9850FCB78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:94:0d:e8:1b:ec:33:86:75:f8:63:7e:3f:f7:
0c:21:97:87:c6:aa:25:76:d5:15:6a:e2:d7:37:63:
a2:77:06:6e:ab:fa:ee:18:da:55:33:dc:70:62:30:
09:78:29:43:d8:7d:81:dc:ad:68:09:5f:99:aa:34:
1a:b6:ed:19:bd:10:57:99:5b:d6:14:ce:a3:76:53:
b9:e0:01:f5:c2:8d:f4:9b:d1:d2:f9:b2:77:c6:c0:
da:2e:81:8e:f3:be:43:09:b7:0e:4f:2a:71:cb:d9:
30:2d:c2:37:69:5b:7c:99:ee:78:c9:09:13:30:3c:
6e:ac:de:e6:86:91:b1:d2:a8:4e:e4:6a:cb:f4:4b:
02:d0:28:1f:52:ec:41:6e:2a:3a:51:fa:8f:ef:b6:
b9:c0:7e:77:38:b5:9c:8b:72:c8:3b:88:0e:d4:e2:
7e:2f:b2:28:b1:24:02:cf:c6:5b:8d:2d:a4:27:b9:
84:b3:b8:7b:8e:08:b7:8b:54:83:35:f2:12:e9:91:
4e:cf:82:fd:1e:cf:f3:cd:34:4c:b4:b6:3f:2e:25:
13:03:7e:d2:9c:83:80:cd:03:fa:91:ba:f0:e3:f1:
79:97:60:3a:86:dd:8e:46:b1:41:c4:7c:47:2e:40:
d8:2f:80:46:49:3d:5c:d3:56:78:4b:55:b2:ce:4f:
5c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B1:4A:89:0B:9B:D4:98:0D:97:E4:1B:B3:91:FC:C9:85:0F:CB:78
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
117.74.96.0/20
IPv6:
2407:2080::/32
Signature Algorithm: sha256WithRSAEncryption
10:0b:ca:a1:46:08:9f:7c:d1:c9:bb:c4:a8:66:01:2b:7b:80:
e9:07:20:1b:8f:99:fb:46:86:cb:68:d6:2b:1a:37:65:4b:a7:
a0:fc:d2:61:76:88:cc:41:65:f2:1c:b0:20:2f:41:51:cb:c9:
3a:33:cc:6f:3e:aa:e8:4c:78:d6:67:d7:62:a1:53:5f:e6:f3:
a9:9e:b8:1c:54:ca:cb:a4:5f:fd:06:a6:37:32:db:dd:6c:d6:
fa:34:2f:a8:5d:9a:c5:a5:07:ab:da:0a:ad:38:05:36:6f:4e:
fd:35:d1:50:2a:6e:92:46:d2:4b:95:8b:3f:3b:e7:56:dc:6f:
e9:c5:e9:04:1f:74:0e:df:62:fe:75:ae:01:2a:98:83:97:fb:
d3:d5:bd:d9:60:31:dc:a1:a9:2a:cc:91:c5:e2:21:7a:3f:c6:
d4:69:db:c3:f0:62:d3:40:18:dc:d3:7c:10:d3:ab:f7:90:b3:
7f:4a:4c:7b:9c:79:22:75:c1:2f:62:fa:81:5b:b9:29:91:c9:
74:21:64:87:5b:4b:6c:45:0a:90:35:da:9e:81:d3:6b:00:fd:
1e:c4:70:76:05:12:a6:6b:c3:e3:a0:84:6b:5b:d7:33:b7:22:
9b:d8:78:12:5f:34:28:ac:87:81:8d:36:97:be:e9:c3:4e:cf:
63:ce:3c:be
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgIDAez/MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQyMzA0MjkyM1oXDTI0MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDg5NEYxMTAvBgNVBAUTKDg1QjE0QTg5MEI5QkQ0OTgwRDk3RTQx
QkIzOTFGQ0M5ODUwRkNCNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCdlA3oG+wzhnX4Y34/9wwhl4fGqiV21RVq4tc3Y6J3Bm6r+u4Y2lUz3HBiMAl4
KUPYfYHcrWgJX5mqNBq27Rm9EFeZW9YUzqN2U7ngAfXCjfSb0dL5snfGwNougY7z
vkMJtw5PKnHL2TAtwjdpW3yZ7njJCRMwPG6s3uaGkbHSqE7kasv0SwLQKB9S7EFu
KjpR+o/vtrnAfnc4tZyLcsg7iA7U4n4vsiixJALPxluNLaQnuYSzuHuOCLeLVIM1
8hLpkU7Pgv0ez/PNNEy0tj8uJRMDftKcg4DNA/qRuvDj8XmXYDqG3Y5GsUHEfEcu
QNgvgEZJPVzTVnhLVbLOT1yVAgMBAAGjggMCMIIC/jAdBgNVHQ4EFgQUhbFKiQub
1JgNl+Qbs5H8yYUPy3gwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQ4OTRGLzBBRjQ1RTM2MDEyQTExRUZBNUZEOTE2RkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEODk0Ri8wQUY0NUUzNjAxMkExMUVGQTVGRDkxNkZDNEY5QUUwMi9oYkZLaVF1
YjFKZ05sLVFiczVIOHlZVVB5M2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8EHzAd
MAwEAgABMAYDBAR1SmAwDQQCAAIwBwMFACQHIIAwDQYJKoZIhvcNAQELBQADggEB
ABALyqFGCJ980cm7xKhmASt7gOkHIBuPmftGhsto1isaN2VLp6D80mF2iMxBZfIc
sCAvQVHLyTozzG8+quhMeNZn12KhU1/m86meuBxUysukX/0Gpjcy291s1vo0L6hd
msWlB6vaCq04BTZvTv010VAqbpJG0kuViz8751bcb+nF6QQfdA7fYv51rgEqmIOX
+9PVvdlgMdyhqSrMkcXiIXo/xtRp28PwYtNAGNzTfBDTq/eQs39KTHuceSJ1wS9i
+oFbuSmRyXQhZIdbS2xFCpA12p6B02sA/R7EcHYFEqZrw+OghGtb1zO3IpvYeBJf
NCish4GNNpe+6cNOz2POPL4=
-----END CERTIFICATE-----
Generated at Tue May 7 15:14:40 2024 by rpki-client on console-fra.rpki-client.org