Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hiIzPbwHczgLo3ZH3MPz5lXzS8Y.cer
File: hiIzPbwHczgLo3ZH3MPz5lXzS8Y.cer (raw, json)
Hash identifier: PamxoxvUjUpub6j35+YHU4ulATkiobZJzmJ2BNRZKOw=
Subject key identifier: 86:22:33:3D:BC:07:73:38:0B:A3:76:47:DC:C3:F3:E6:55:F3:4B:C6
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01C0C5
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91B3759/090F5AAA051911EB9D50DD6EC4F9AE02/hiIzPbwHczgLo3ZH3MPz5lXzS8Y.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91B3759/090F5AAA051911EB9D50DD6EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 29 Sep 2023 20:02:37 +0000
Certificate not after: Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources: IP: 43.246.172.0/22
IP: 103.35.148.0/22
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 May 2024 06:28:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114885 (0x1c0c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Sep 29 20:02:37 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=A91B3759/serialNumber=8622333DBC0773380BA37647DCC3F3E655F34BC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fa:ac:64:c7:df:72:36:15:0b:99:b2:06:1d:
eb:14:d5:9a:c4:b0:72:e8:0b:f2:25:32:ec:ca:19:
b0:11:5d:36:0d:ea:7f:22:60:21:7b:8c:90:c8:11:
40:57:95:68:70:89:4a:13:23:66:44:b6:3a:2e:c1:
a7:9b:19:57:b9:74:e3:a3:c2:9f:53:25:fb:ba:3c:
cc:f3:e2:82:52:98:c5:6d:22:00:a2:60:b7:80:99:
ca:ec:d6:cf:87:e6:e4:76:b6:94:84:38:28:b0:ac:
20:f3:28:30:b8:db:b8:79:88:0f:23:6d:9e:bc:88:
33:ea:a0:88:a2:a4:5d:7a:c8:09:d5:ab:5c:2c:83:
e0:14:28:17:ff:1a:ea:b6:af:27:9d:41:01:ef:e3:
f8:0a:7d:cc:61:b5:33:d4:7b:f7:f9:d0:37:cf:8e:
cb:f6:83:cd:8e:59:15:88:84:2b:48:bc:4c:06:9a:
4c:1b:57:81:ac:d2:92:18:93:74:88:8b:f1:fa:71:
de:9c:c5:c8:39:5f:a5:fb:90:41:e7:63:e1:a8:07:
86:dc:ab:ce:e6:0b:bf:8d:43:1f:1d:40:d4:39:39:
68:cf:de:78:d7:78:dc:5a:19:81:1a:eb:43:5b:2f:
d9:a6:42:cc:9f:e9:a2:03:29:b7:f0:8a:77:97:6f:
b5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:22:33:3D:BC:07:73:38:0B:A3:76:47:DC:C3:F3:E6:55:F3:4B:C6
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B3759/090F5AAA051911EB9D50DD6EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B3759/090F5AAA051911EB9D50DD6EC4F9AE02/hiIzPbwHczgLo3ZH3MPz5lXzS8Y.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.246.172.0/22
103.35.148.0/22
Signature Algorithm: sha256WithRSAEncryption
d0:4f:a7:45:6d:17:cb:1b:56:b8:42:ed:82:6a:df:f3:5b:b2:
d7:c7:05:af:da:8b:e7:be:51:d5:38:4d:db:51:8c:9e:cc:57:
bb:d6:47:d1:db:26:9a:b5:42:4d:09:44:43:fc:35:93:80:0c:
bf:77:70:ed:7b:bc:40:f4:30:e8:92:00:3f:e0:21:71:3a:47:
5d:98:12:ee:94:e4:6e:8f:45:83:64:63:b3:59:ce:c8:84:0c:
36:15:b2:c1:28:4a:21:06:ef:46:8a:59:6c:8c:25:eb:a1:b0:
53:d3:78:6b:49:19:5d:ce:7f:49:6b:f7:5c:7a:8f:61:fd:c1:
05:e6:ad:26:0a:a9:cd:c0:b6:cd:82:23:5b:4a:b7:0c:73:e0:
36:9b:63:36:29:4d:a3:de:2d:dc:92:4d:1e:76:51:f3:68:f9:
17:c1:fa:a0:47:f1:cb:bc:bd:0b:88:ad:74:0c:09:9f:85:d7:
b7:f4:c0:68:26:55:e7:e7:75:6c:b3:12:96:5d:62:55:6c:8a:
5e:c4:e4:a3:3c:c0:83:1d:a8:39:4f:39:8c:c3:ab:0b:15:21:
44:8c:c0:60:60:d1:94:27:9f:64:07:ff:26:dd:67:a7:72:3a:
e1:55:82:e2:5d:53:20:3f:f8:14:89:3e:5f:71:3b:28:6b:07:
13:71:42:ea
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgIDAcDFMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDkyOTIwMDIzN1oXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjM3NTkxMTAvBgNVBAUTKDg2MjIzMzNEQkMwNzczMzgwQkEzNzY0
N0RDQzNGM0U2NTVGMzRCQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCr+qxkx99yNhULmbIGHesU1ZrEsHLoC/IlMuzKGbARXTYN6n8iYCF7jJDIEUBX
lWhwiUoTI2ZEtjouwaebGVe5dOOjwp9TJfu6PMzz4oJSmMVtIgCiYLeAmcrs1s+H
5uR2tpSEOCiwrCDzKDC427h5iA8jbZ68iDPqoIiipF16yAnVq1wsg+AUKBf/Guq2
ryedQQHv4/gKfcxhtTPUe/f50DfPjsv2g82OWRWIhCtIvEwGmkwbV4Gs0pIYk3SI
i/H6cd6cxcg5X6X7kEHnY+GoB4bcq87mC7+NQx8dQNQ5OWjP3njXeNxaGYEa60Nb
L9mmQsyf6aIDKbfwineXb7VTAgMBAAGjggL5MIIC9TAdBgNVHQ4EFgQUhiIzPbwH
czgLo3ZH3MPz5lXzS8YwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUIzNzU5LzA5MEY1QUFBMDUxOTExRUI5RDUwREQ2RUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCMzc1OS8wOTBGNUFBQTA1MTkxMUVCOUQ1MERENkVDNEY5QUUwMi9oaUl6UGJ3
SGN6Z0xvM1pIM01QejVsWHpTOFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8EFjAU
MBIEAgABMAwDBAIr9qwDBAJnI5QwDQYJKoZIhvcNAQELBQADggEBANBPp0VtF8sb
VrhC7YJq3/NbstfHBa/ai+e+UdU4TdtRjJ7MV7vWR9HbJpq1Qk0JREP8NZOADL93
cO17vED0MOiSAD/gIXE6R12YEu6U5G6PRYNkY7NZzsiEDDYVssEoSiEG70aKWWyM
JeuhsFPTeGtJGV3Of0lr91x6j2H9wQXmrSYKqc3Ats2CI1tKtwxz4DabYzYpTaPe
LdySTR52UfNo+RfB+qBH8cu8vQuIrXQMCZ+F17f0wGgmVefndWyzEpZdYlVsil7E
5KM8wIMdqDlPOYzDqwsVIUSMwGBg0ZQnn2QH/ybdZ6dyOuFVguJdUyA/+BSJPl9x
OyhrBxNxQuo=
-----END CERTIFICATE-----
Generated at Thu Apr 25 07:19:02 2024 by rpki-client on console-fra.rpki-client.org