Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hrKx0eeCRIuE9pgY8WofcHtUyGw.cer
File: hrKx0eeCRIuE9pgY8WofcHtUyGw.cer (raw, json)
Hash identifier: wK5/iOWOwWSUkwHNP5efT+NndKuHHgTmB5u45F+a5zA=
Subject key identifier: 86:B2:B1:D1:E7:82:44:8B:84:F6:98:18:F1:6A:1F:70:7B:54:C8:6C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01EE79
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91EC979/ED633E865FD911EBA30EE37BC4F9AE02/hrKx0eeCRIuE9pgY8WofcHtUyGw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91EC979/ED633E865FD911EBA30EE37BC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 30 Apr 2024 10:05:57 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 138675
IP: 103.136.104.0/22
IP: 2404:90c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 04 Dec 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126585 (0x1ee79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 30 10:05:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A91EC979/serialNumber=86B2B1D1E782448B84F69818F16A1F707B54C86C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:8f:de:da:bd:05:a3:f8:f5:7a:40:78:33:c8:
1b:e3:aa:47:03:65:51:de:bf:68:18:e8:47:9b:81:
c0:fe:70:a6:4d:01:77:80:40:69:63:a7:b0:a4:98:
10:ab:ba:a8:7c:33:e8:d2:e7:e6:ad:6b:57:a5:7f:
98:d8:cb:03:57:97:6c:cb:86:aa:f1:ed:89:c9:b5:
83:7c:5d:1b:c2:6f:3b:4b:6b:d2:70:67:77:bf:e5:
1a:e6:d2:b5:50:de:55:6d:11:b6:91:48:f6:a4:90:
db:76:52:a8:d8:ae:46:cf:c4:d8:a4:38:97:6f:89:
9f:e9:9d:aa:53:93:7d:a0:32:bb:56:6d:b4:14:83:
35:41:9e:38:b3:fd:0f:69:de:8e:8b:8e:fd:6a:33:
0c:0d:ea:a0:24:64:7e:ea:18:81:df:ed:67:1c:b8:
95:b8:63:70:39:56:43:14:97:ee:31:9e:67:f1:43:
52:83:c2:ac:5f:c8:ab:f6:8a:f3:ee:21:2b:95:ee:
74:03:bc:36:84:88:d7:db:41:db:60:51:30:aa:11:
2d:4e:74:61:09:6c:53:61:15:43:c1:c4:0f:a3:d8:
6f:85:bc:50:6b:4a:58:f6:8f:de:2d:8e:97:6c:ca:
1c:a8:a7:b4:12:f8:c9:d4:5e:2c:89:4c:24:be:58:
9c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B2:B1:D1:E7:82:44:8B:84:F6:98:18:F1:6A:1F:70:7B:54:C8:6C
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91EC979/ED633E865FD911EBA30EE37BC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91EC979/ED633E865FD911EBA30EE37BC4F9AE02/hrKx0eeCRIuE9pgY8WofcHtUyGw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
138675
sbgp-ipAddrBlock: critical
IPv4:
103.136.104.0/22
IPv6:
2404:90c0::/32
Signature Algorithm: sha256WithRSAEncryption
51:65:a2:08:74:5c:d5:03:48:ea:64:a2:06:d5:ae:79:41:9b:
1a:60:d0:d3:47:cf:c5:d1:23:f2:df:05:bd:29:38:b2:d1:bb:
28:aa:c3:f6:ac:b6:80:58:c1:ec:48:f9:c3:ea:1e:b0:59:7d:
32:ca:20:a4:2e:fc:d0:cc:75:d7:38:32:b0:b7:7d:03:45:98:
89:f6:f9:fd:0d:3c:41:7e:f6:66:fb:4d:d2:d8:c7:29:77:90:
27:01:45:1f:06:5f:d8:22:e1:f7:38:fc:a6:cb:98:0f:4c:3c:
1c:39:8e:fa:2d:51:7c:f9:e1:80:92:ef:77:a6:21:ee:4f:15:
ea:00:2c:80:3d:e9:e7:bf:e9:eb:4a:55:c0:9a:ae:f6:08:03:
29:9f:65:b7:fe:98:7e:ad:63:8c:b5:06:2d:7b:4c:43:1a:e3:
5b:75:47:55:67:46:9f:0e:d2:c2:54:58:1f:6c:f9:1b:c7:04:
8f:7d:c5:80:23:5f:33:f4:35:d3:bf:f2:f3:4e:e4:33:9a:3d:
27:51:39:81:87:1e:6a:df:b1:6c:59:3f:54:cf:bf:f3:0e:53:
ff:80:7d:8f:09:be:00:30:62:ec:7e:40:a4:b0:ec:eb:d6:95:
a5:18:a2:82:2c:24:fb:41:5d:14:03:af:0c:78:05:80:ea:17:
76:2d:38:e3
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAe55MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQzMDEwMDU1N1oXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRUM5NzkxMTAvBgNVBAUTKDg2QjJCMUQxRTc4MjQ0OEI4NEY2OTgx
OEYxNkExRjcwN0I1NEM4NkMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDuj97avQWj+PV6QHgzyBvjqkcDZVHev2gY6EebgcD+cKZNAXeAQGljp7CkmBCr
uqh8M+jS5+ata1elf5jYywNXl2zLhqrx7YnJtYN8XRvCbztLa9JwZ3e/5Rrm0rVQ
3lVtEbaRSPakkNt2UqjYrkbPxNikOJdviZ/pnapTk32gMrtWbbQUgzVBnjiz/Q9p
3o6Ljv1qMwwN6qAkZH7qGIHf7WccuJW4Y3A5VkMUl+4xnmfxQ1KDwqxfyKv2ivPu
ISuV7nQDvDaEiNfbQdtgUTCqES1OdGEJbFNhFUPBxA+j2G+FvFBrSlj2j94tjpds
yhyop7QS+MnUXiyJTCS+WJzVAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUhrKx0eeC
RIuE9pgY8WofcHtUyGwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUVDOTc5L0VENjMzRTg2NUZEOTExRUJBMzBFRTM3QkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFQzk3OS9FRDYzM0U4NjVGRDkxMUVCQTMwRUUzN0JDNEY5QUUwMi9ockt4MGVl
Q1JJdUU5cGdZOFdvZmNIdFV5R3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAh2zMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ4hoMA0EAgAC
MAcDBQAkBJDAMA0GCSqGSIb3DQEBCwUAA4IBAQBRZaIIdFzVA0jqZKIG1a55QZsa
YNDTR8/F0SPy3wW9KTiy0bsoqsP2rLaAWMHsSPnD6h6wWX0yyiCkLvzQzHXXODKw
t30DRZiJ9vn9DTxBfvZm+03S2Mcpd5AnAUUfBl/YIuH3OPymy5gPTDwcOY76LVF8
+eGAku93piHuTxXqACyAPennv+nrSlXAmq72CAMpn2W3/ph+rWOMtQYte0xDGuNb
dUdVZ0afDtLCVFgfbPkbxwSPfcWAI18z9DXTv/LzTuQzmj0nUTmBhx5q37FsWT9U
z7/zDlP/gH2PCb4AMGLsfkCksOzr1pWlGKKCLCT7QV0UA68MeAWA6hd2LTjj
-----END CERTIFICATE-----
Generated at Wed Nov 27 04:03:52 2024 by rpki-client on console-fra.rpki-client.org