Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hiIzPbwHczgLo3ZH3MPz5lXzS8Y.cer
File: hiIzPbwHczgLo3ZH3MPz5lXzS8Y.cer (raw, json)
Hash identifier: Hr5aLkUExGWQGiHKFlf7WY4idLBVS0QPxwIUv4u0gcc=
Subject key identifier: 86:22:33:3D:BC:07:73:38:0B:A3:76:47:DC:C3:F3:E6:55:F3:4B:C6
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 020C7D
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91B3759/090F5AAA051911EB9D50DD6EC4F9AE02/hiIzPbwHczgLo3ZH3MPz5lXzS8Y.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91B3759/090F5AAA051911EB9D50DD6EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sat 07 Sep 2024 17:44:57 +0000
Certificate not after: Mon 01 Dec 2025 00:00:00 +0000
Subordinate resources: IP: 43.246.172.0/22
IP: 103.35.148.0/22
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134269 (0x20c7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Sep 7 17:44:57 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=A91B3759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fa:ac:64:c7:df:72:36:15:0b:99:b2:06:1d:
eb:14:d5:9a:c4:b0:72:e8:0b:f2:25:32:ec:ca:19:
b0:11:5d:36:0d:ea:7f:22:60:21:7b:8c:90:c8:11:
40:57:95:68:70:89:4a:13:23:66:44:b6:3a:2e:c1:
a7:9b:19:57:b9:74:e3:a3:c2:9f:53:25:fb:ba:3c:
cc:f3:e2:82:52:98:c5:6d:22:00:a2:60:b7:80:99:
ca:ec:d6:cf:87:e6:e4:76:b6:94:84:38:28:b0:ac:
20:f3:28:30:b8:db:b8:79:88:0f:23:6d:9e:bc:88:
33:ea:a0:88:a2:a4:5d:7a:c8:09:d5:ab:5c:2c:83:
e0:14:28:17:ff:1a:ea:b6:af:27:9d:41:01:ef:e3:
f8:0a:7d:cc:61:b5:33:d4:7b:f7:f9:d0:37:cf:8e:
cb:f6:83:cd:8e:59:15:88:84:2b:48:bc:4c:06:9a:
4c:1b:57:81:ac:d2:92:18:93:74:88:8b:f1:fa:71:
de:9c:c5:c8:39:5f:a5:fb:90:41:e7:63:e1:a8:07:
86:dc:ab:ce:e6:0b:bf:8d:43:1f:1d:40:d4:39:39:
68:cf:de:78:d7:78:dc:5a:19:81:1a:eb:43:5b:2f:
d9:a6:42:cc:9f:e9:a2:03:29:b7:f0:8a:77:97:6f:
b5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:22:33:3D:BC:07:73:38:0B:A3:76:47:DC:C3:F3:E6:55:F3:4B:C6
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B3759/090F5AAA051911EB9D50DD6EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B3759/090F5AAA051911EB9D50DD6EC4F9AE02/hiIzPbwHczgLo3ZH3MPz5lXzS8Y.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.246.172.0/22
103.35.148.0/22
Signature Algorithm: sha256WithRSAEncryption
88:b0:97:ea:82:9f:f8:b4:cf:10:e8:75:a1:87:ee:6b:ff:eb:
d9:96:6e:61:ac:4b:23:f7:4c:42:e8:08:24:81:06:fe:f1:05:
f5:c4:ea:07:9a:b6:0e:e5:cc:01:ca:f8:d9:72:b4:5f:c2:8b:
68:5e:82:7d:e8:1c:6d:89:07:ea:07:7c:33:c8:9e:68:75:d7:
66:f8:13:36:2b:89:14:4c:92:c3:6c:7b:8f:ab:85:bd:34:b9:
57:9a:c1:e3:20:c7:1f:17:bb:38:86:24:91:39:a1:e6:37:51:
ba:c8:12:86:b6:28:65:72:e8:d8:41:fe:69:45:ba:11:2d:57:
2f:6f:fe:70:bf:a1:13:ea:08:2b:6b:58:91:f8:ca:06:8a:a2:
d0:83:84:0d:fe:6e:0c:c8:25:9d:80:55:93:df:8e:e2:37:2e:
c6:95:bb:10:58:f2:27:11:d9:60:bd:32:ae:61:d2:f6:d2:cd:
a8:ee:00:4c:aa:db:42:5b:87:8c:34:ec:33:1a:52:8e:bd:82:
3b:80:73:f1:1b:fb:5c:06:6c:cf:02:ee:91:7a:52:87:8c:51:
47:41:33:62:1e:01:e4:37:dd:3d:14:69:a2:35:00:b2:c4:52:
0c:fb:47:6d:fa:3f:38:6c:dc:24:a6:bb:c3:c9:d4:5d:e1:fa:
fd:35:3a:4f
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgIDAgx9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDkwNzE3NDQ1N1oXDTI1MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjM3NTkxMTAvBgNVBAUTKDg2MjIzMzNEQkMwNzczMzgwQkEzNzY0
N0RDQzNGM0U2NTVGMzRCQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCr+qxkx99yNhULmbIGHesU1ZrEsHLoC/IlMuzKGbARXTYN6n8iYCF7jJDIEUBX
lWhwiUoTI2ZEtjouwaebGVe5dOOjwp9TJfu6PMzz4oJSmMVtIgCiYLeAmcrs1s+H
5uR2tpSEOCiwrCDzKDC427h5iA8jbZ68iDPqoIiipF16yAnVq1wsg+AUKBf/Guq2
ryedQQHv4/gKfcxhtTPUe/f50DfPjsv2g82OWRWIhCtIvEwGmkwbV4Gs0pIYk3SI
i/H6cd6cxcg5X6X7kEHnY+GoB4bcq87mC7+NQx8dQNQ5OWjP3njXeNxaGYEa60Nb
L9mmQsyf6aIDKbfwineXb7VTAgMBAAGjggL5MIIC9TAdBgNVHQ4EFgQUhiIzPbwH
czgLo3ZH3MPz5lXzS8YwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUIzNzU5LzA5MEY1QUFBMDUxOTExRUI5RDUwREQ2RUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCMzc1OS8wOTBGNUFBQTA1MTkxMUVCOUQ1MERENkVDNEY5QUUwMi9oaUl6UGJ3
SGN6Z0xvM1pIM01QejVsWHpTOFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8EFjAU
MBIEAgABMAwDBAIr9qwDBAJnI5QwDQYJKoZIhvcNAQELBQADggEBAIiwl+qCn/i0
zxDodaGH7mv/69mWbmGsSyP3TELoCCSBBv7xBfXE6geatg7lzAHK+NlytF/Ci2he
gn3oHG2JB+oHfDPInmh112b4EzYriRRMksNse4+rhb00uVeaweMgxx8XuziGJJE5
oeY3UbrIEoa2KGVy6NhB/mlFuhEtVy9v/nC/oRPqCCtrWJH4ygaKotCDhA3+bgzI
JZ2AVZPfjuI3LsaVuxBY8icR2WC9Mq5h0vbSzajuAEyq20Jbh4w07DMaUo69gjuA
c/Eb+1wGbM8C7pF6UoeMUUdBM2IeAeQ33T0UaaI1ALLEUgz7R236Pzhs3CSmu8PJ
1F3h+v01Ok8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:05 2025 by rpki-client