Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hyN_9okCTZT9tJ7CXFsSDQu5Qpc.cer
File: hyN_9okCTZT9tJ7CXFsSDQu5Qpc.cer (raw, json)
Hash identifier: qmhu/B7MtqutfH6aF+BYWpsxIm2dKe1s3xN97pPBeXA=
Subject key identifier: 87:23:7F:F6:89:02:4D:94:FD:B4:9E:C2:5C:5B:12:0D:0B:B9:42:97
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 020C6B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91FFA15/701F53D21D8711EAA8169B6CC4F9AE02/hyN_9okCTZT9tJ7CXFsSDQu5Qpc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91FFA15/701F53D21D8711EAA8169B6CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 06 Sep 2024 19:29:05 +0000
Certificate not after: Fri 31 Oct 2025 00:00:00 +0000
Subordinate resources: AS: 136905
IP: 103.98.128.0/22
IP: 2401:9a40::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 11:16:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134251 (0x20c6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Sep 6 19:29:05 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=A91FFA15/serialNumber=87237FF689024D94FDB49EC25C5B120D0BB94297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:7b:9e:38:39:f0:5c:36:87:0f:11:05:e6:70:
26:e5:76:c6:77:ce:be:77:68:3b:4f:d8:5a:53:22:
c2:ed:0a:d3:2c:6d:d2:76:56:16:b9:27:f0:55:9e:
e7:bc:31:f7:ec:c8:d0:e5:c4:f0:3e:fb:84:0d:9c:
3f:1c:52:75:f6:49:07:04:ed:54:01:2f:58:ee:dd:
db:80:b2:66:a9:c1:db:06:87:7d:25:de:bc:0e:6b:
bf:5b:36:e2:25:f0:ac:26:b0:01:3b:8f:f7:a9:b6:
b8:cb:9d:bb:6d:c3:8e:9d:d0:6c:ce:66:d9:ab:3b:
a7:a9:f4:eb:90:64:54:a9:e0:a2:d1:55:19:7a:dd:
66:bc:f2:d9:1e:0e:87:9c:a8:87:98:a3:e9:0e:dc:
ba:0f:20:e4:39:5d:51:71:f5:5c:b6:51:0f:20:44:
61:61:59:24:25:35:15:8c:14:3b:fd:98:77:d3:93:
ca:19:c8:f4:dd:ce:f3:06:0a:92:8a:fe:a8:fc:80:
1c:96:a3:de:ea:67:ba:45:39:6d:34:d8:31:e1:ff:
85:38:30:d0:43:5b:13:d9:3d:10:c2:18:2b:8a:a2:
cb:e0:91:52:3b:f3:a1:dc:3c:d3:b7:60:05:d0:28:
95:a5:5a:3b:5e:86:7e:77:97:02:96:b0:f8:a0:ea:
0e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:23:7F:F6:89:02:4D:94:FD:B4:9E:C2:5C:5B:12:0D:0B:B9:42:97
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91FFA15/701F53D21D8711EAA8169B6CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91FFA15/701F53D21D8711EAA8169B6CC4F9AE02/hyN_9okCTZT9tJ7CXFsSDQu5Qpc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
136905
sbgp-ipAddrBlock: critical
IPv4:
103.98.128.0/22
IPv6:
2401:9a40::/32
Signature Algorithm: sha256WithRSAEncryption
26:ef:2e:68:95:f8:79:12:fe:83:40:86:26:c1:b5:35:18:3d:
dc:03:cb:f7:52:f5:b3:39:cf:98:d7:8c:49:e9:d4:d8:70:0e:
be:44:07:f8:78:79:a6:59:67:7f:23:8e:67:40:87:e1:46:db:
59:1a:c3:31:b7:27:16:e4:83:cf:e3:fe:20:a2:df:f7:0c:21:
85:e7:f2:ff:15:96:66:bf:bb:6d:49:0c:32:4c:28:b7:24:46:
32:45:da:58:83:f2:a8:c1:b1:b9:27:5a:c8:ee:7e:d0:0a:3f:
5b:5e:6c:ab:95:d7:e5:00:20:02:b3:62:26:05:b9:eb:b5:55:
71:22:00:a9:2a:0c:e7:06:e5:8e:ea:d1:3c:ac:6d:48:e9:24:
88:4d:d3:60:cd:91:c3:5c:5a:98:27:66:7c:c7:c2:28:f9:5e:
be:f4:84:b1:22:f2:6f:42:37:53:44:d4:2d:3b:68:63:f1:07:
2e:74:9e:e1:7f:6f:d7:c4:d2:43:32:20:a9:1e:fa:3e:09:d8:
28:1a:f2:9c:31:d9:1b:44:69:86:96:f5:3d:30:ed:a0:c7:61:
b6:2f:34:b7:c9:33:f9:55:f8:7c:1a:dd:c8:ba:c3:08:5a:a4:
72:d6:c0:34:b7:ea:16:97:0a:e5:40:f1:86:a2:7b:1f:6e:92:
e1:4f:53:86
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAgxrMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDkwNjE5MjkwNVoXDTI1MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRkZBMTUxMTAvBgNVBAUTKDg3MjM3RkY2ODkwMjREOTRGREI0OUVD
MjVDNUIxMjBEMEJCOTQyOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDYe544OfBcNocPEQXmcCbldsZ3zr53aDtP2FpTIsLtCtMsbdJ2Vha5J/BVnue8
MffsyNDlxPA++4QNnD8cUnX2SQcE7VQBL1ju3duAsmapwdsGh30l3rwOa79bNuIl
8KwmsAE7j/eptrjLnbttw46d0GzOZtmrO6ep9OuQZFSp4KLRVRl63Wa88tkeDoec
qIeYo+kO3LoPIOQ5XVFx9Vy2UQ8gRGFhWSQlNRWMFDv9mHfTk8oZyPTdzvMGCpKK
/qj8gByWo97qZ7pFOW002DHh/4U4MNBDWxPZPRDCGCuKosvgkVI786HcPNO3YAXQ
KJWlWjtehn53lwKWsPig6g61AgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUhyN/9okC
TZT9tJ7CXFsSDQu5QpcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUZGQTE1LzcwMUY1M0QyMUQ4NzExRUFBODE2OUI2Q0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGRkExNS83MDFGNTNEMjFEODcxMUVBQTgxNjlCNkNDNEY5QUUwMi9oeU5fOW9r
Q1RaVDl0SjdDWEZzU0RRdTVRcGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhbJMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ2KAMA0EAgAC
MAcDBQAkAZpAMA0GCSqGSIb3DQEBCwUAA4IBAQAm7y5olfh5Ev6DQIYmwbU1GD3c
A8v3UvWzOc+Y14xJ6dTYcA6+RAf4eHmmWWd/I45nQIfhRttZGsMxtycW5IPP4/4g
ot/3DCGF5/L/FZZmv7ttSQwyTCi3JEYyRdpYg/KowbG5J1rI7n7QCj9bXmyrldfl
ACACs2ImBbnrtVVxIgCpKgznBuWO6tE8rG1I6SSITdNgzZHDXFqYJ2Z8x8Io+V6+
9ISxIvJvQjdTRNQtO2hj8QcudJ7hf2/XxNJDMiCpHvo+CdgoGvKcMdkbRGmGlvU9
MO2gx2G2LzS3yTP5Vfh8Gt3IusMIWqRy1sA0t+oWlwrlQPGGonsfbpLhT1OG
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:37:42 2024 by rpki-client on console-ams.rpki-client.org