Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hbFKiQub1JgNl-Qbs5H8yYUPy3g.cer
File: hbFKiQub1JgNl-Qbs5H8yYUPy3g.cer (raw, json)
Hash identifier: auAFrYUZvOBM4jLC9EIni7CBFy5/TpU9wsCu4qBfmtY=
Subject key identifier: 85:B1:4A:89:0B:9B:D4:98:0D:97:E4:1B:B3:91:FC:C9:85:0F:CB:78
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 020794
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 19 Aug 2024 06:57:52 +0000
Certificate not after: Fri 31 Oct 2025 00:00:00 +0000
Subordinate resources: IP: 117.74.96.0/20
IP: 2407:2080::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 11:16:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133012 (0x20794)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 19 06:57:52 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=A91D894F/serialNumber=85B14A890B9BD4980D97E41BB391FCC9850FCB78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:94:0d:e8:1b:ec:33:86:75:f8:63:7e:3f:f7:
0c:21:97:87:c6:aa:25:76:d5:15:6a:e2:d7:37:63:
a2:77:06:6e:ab:fa:ee:18:da:55:33:dc:70:62:30:
09:78:29:43:d8:7d:81:dc:ad:68:09:5f:99:aa:34:
1a:b6:ed:19:bd:10:57:99:5b:d6:14:ce:a3:76:53:
b9:e0:01:f5:c2:8d:f4:9b:d1:d2:f9:b2:77:c6:c0:
da:2e:81:8e:f3:be:43:09:b7:0e:4f:2a:71:cb:d9:
30:2d:c2:37:69:5b:7c:99:ee:78:c9:09:13:30:3c:
6e:ac:de:e6:86:91:b1:d2:a8:4e:e4:6a:cb:f4:4b:
02:d0:28:1f:52:ec:41:6e:2a:3a:51:fa:8f:ef:b6:
b9:c0:7e:77:38:b5:9c:8b:72:c8:3b:88:0e:d4:e2:
7e:2f:b2:28:b1:24:02:cf:c6:5b:8d:2d:a4:27:b9:
84:b3:b8:7b:8e:08:b7:8b:54:83:35:f2:12:e9:91:
4e:cf:82:fd:1e:cf:f3:cd:34:4c:b4:b6:3f:2e:25:
13:03:7e:d2:9c:83:80:cd:03:fa:91:ba:f0:e3:f1:
79:97:60:3a:86:dd:8e:46:b1:41:c4:7c:47:2e:40:
d8:2f:80:46:49:3d:5c:d3:56:78:4b:55:b2:ce:4f:
5c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B1:4A:89:0B:9B:D4:98:0D:97:E4:1B:B3:91:FC:C9:85:0F:CB:78
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
117.74.96.0/20
IPv6:
2407:2080::/32
Signature Algorithm: sha256WithRSAEncryption
37:85:8a:a1:1e:93:ee:18:82:28:eb:b0:6e:9e:33:af:cc:b5:
71:2e:7b:7d:3b:b6:a3:f6:2e:08:32:80:29:6e:11:47:4c:85:
d0:98:8b:2f:dc:49:52:c2:48:ac:a1:49:a9:b5:78:7c:9f:73:
11:0f:45:3d:e7:94:ae:5e:9b:5e:70:4c:96:e8:ff:04:25:05:
72:4b:75:94:74:eb:54:8b:d5:28:5c:42:61:37:99:cc:eb:5d:
2b:81:c5:9a:98:df:9d:94:31:ba:fc:5d:7d:03:1c:ad:77:6c:
63:22:e7:6f:20:29:09:28:16:1c:a0:f3:c7:0b:27:7c:60:e6:
b7:af:46:63:9d:c3:89:9c:95:a3:69:9b:b7:5b:7f:6a:e2:42:
9d:83:01:06:1c:a7:e7:14:e9:b3:cb:88:22:b1:2d:1a:2e:e2:
27:22:dd:12:c4:da:67:0c:22:9b:a3:fc:15:a7:63:ef:b7:0b:
87:87:8c:8c:0c:d1:b6:7c:97:24:ad:38:29:04:d2:03:d9:fa:
29:9a:bf:14:1a:7e:5a:b1:1e:c5:23:57:44:66:9b:bf:2f:96:
37:d5:89:53:13:fe:f7:71:8d:32:d5:6c:67:58:2a:5d:2e:91:
82:c7:c6:5d:d2:de:9e:e7:c1:c7:5d:9d:85:3a:bd:c2:8a:14:
6c:d9:e9:12
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgIDAgeUMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDgxOTA2NTc1MloXDTI1MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDg5NEYxMTAvBgNVBAUTKDg1QjE0QTg5MEI5QkQ0OTgwRDk3RTQx
QkIzOTFGQ0M5ODUwRkNCNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCdlA3oG+wzhnX4Y34/9wwhl4fGqiV21RVq4tc3Y6J3Bm6r+u4Y2lUz3HBiMAl4
KUPYfYHcrWgJX5mqNBq27Rm9EFeZW9YUzqN2U7ngAfXCjfSb0dL5snfGwNougY7z
vkMJtw5PKnHL2TAtwjdpW3yZ7njJCRMwPG6s3uaGkbHSqE7kasv0SwLQKB9S7EFu
KjpR+o/vtrnAfnc4tZyLcsg7iA7U4n4vsiixJALPxluNLaQnuYSzuHuOCLeLVIM1
8hLpkU7Pgv0ez/PNNEy0tj8uJRMDftKcg4DNA/qRuvDj8XmXYDqG3Y5GsUHEfEcu
QNgvgEZJPVzTVnhLVbLOT1yVAgMBAAGjggMCMIIC/jAdBgNVHQ4EFgQUhbFKiQub
1JgNl+Qbs5H8yYUPy3gwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQ4OTRGLzBBRjQ1RTM2MDEyQTExRUZBNUZEOTE2RkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEODk0Ri8wQUY0NUUzNjAxMkExMUVGQTVGRDkxNkZDNEY5QUUwMi9oYkZLaVF1
YjFKZ05sLVFiczVIOHlZVVB5M2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8EHzAd
MAwEAgABMAYDBAR1SmAwDQQCAAIwBwMFACQHIIAwDQYJKoZIhvcNAQELBQADggEB
ADeFiqEek+4YgijrsG6eM6/MtXEue307tqP2LggygCluEUdMhdCYiy/cSVLCSKyh
Sam1eHyfcxEPRT3nlK5em15wTJbo/wQlBXJLdZR061SL1ShcQmE3mczrXSuBxZqY
352UMbr8XX0DHK13bGMi528gKQkoFhyg88cLJ3xg5revRmOdw4mclaNpm7dbf2ri
Qp2DAQYcp+cU6bPLiCKxLRou4ici3RLE2mcMIpuj/BWnY++3C4eHjIwM0bZ8lySt
OCkE0gPZ+imavxQaflqxHsUjV0Rmm78vljfViVMT/vdxjTLVbGdYKl0ukYLHxl3S
3p7nwcddnYU6vcKKFGzZ6RI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:37:41 2024 by rpki-client on console-ams.rpki-client.org