Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/j-WnyZj7i3isMx6ug7wXhiPuPJ4.cer
File: j-WnyZj7i3isMx6ug7wXhiPuPJ4.cer (raw, json)
Hash identifier: 6x/ArFxTxpm8x+prwNd7vD6b7lpyP1ljqlbKRgPOPmY=
Subject key identifier: 8F:E5:A7:C9:98:FB:8B:78:AC:33:1E:AE:83:BC:17:86:23:EE:3C:9E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01E70F
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A913EF1D/BA9CD8ACECE611EEAAE9E81EC4F9AE02/j-WnyZj7i3isMx6ug7wXhiPuPJ4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A913EF1D/BA9CD8ACECE611EEAAE9E81EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 28 Mar 2024 09:37:08 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 152661
IP: 203.28.104.0/23
IP: 2401:8d60::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 08 May 2024 21:44:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124687 (0x1e70f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Mar 28 09:37:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A913EF1D/serialNumber=8FE5A7C998FB8B78AC331EAE83BC178623EE3C9E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f2:7c:c2:77:41:0d:a4:05:76:17:13:70:0f:
de:13:74:57:e7:01:e4:d2:5b:cc:a8:c5:2d:b9:25:
90:88:f8:89:1a:5d:35:1c:c0:19:78:fe:2f:06:db:
cb:f7:03:86:42:06:aa:47:74:98:b4:c7:58:29:e8:
51:73:64:a1:9a:4e:8c:3b:f8:c8:c9:7d:8a:81:27:
dd:79:e8:45:da:ae:45:57:39:df:c2:f3:37:f7:c1:
90:91:ef:bb:a7:78:15:9c:1e:cf:d8:9d:cf:ec:09:
27:84:71:55:ee:27:17:73:d7:e7:51:79:27:93:50:
39:56:6b:9f:74:80:a6:5c:17:68:00:c5:3f:a0:e3:
f4:94:59:3f:0d:87:35:ab:96:7d:99:db:90:57:9a:
69:be:08:a0:65:8e:9f:b2:38:09:0b:67:ae:54:60:
77:fb:14:e2:81:ef:08:bf:f8:32:08:c2:50:0f:f8:
5b:74:7e:f9:62:92:a1:99:b7:da:b4:7f:0d:ba:f5:
4a:54:3f:10:00:d2:d5:fe:0c:30:9e:45:a1:5e:20:
f9:25:4f:6f:a4:58:c6:a5:55:1f:43:24:5f:34:6a:
ec:34:e5:87:a3:01:b2:8e:a5:cc:1b:5f:a7:5b:b9:
38:94:87:53:ee:28:a7:2f:6c:8f:b3:1e:80:d7:3d:
45:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E5:A7:C9:98:FB:8B:78:AC:33:1E:AE:83:BC:17:86:23:EE:3C:9E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913EF1D/BA9CD8ACECE611EEAAE9E81EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913EF1D/BA9CD8ACECE611EEAAE9E81EC4F9AE02/j-WnyZj7i3isMx6ug7wXhiPuPJ4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
152661
sbgp-ipAddrBlock: critical
IPv4:
203.28.104.0/23
IPv6:
2401:8d60::/32
Signature Algorithm: sha256WithRSAEncryption
b5:19:38:45:4b:52:3c:e3:60:78:98:82:f9:3f:3c:0f:cd:c6:
5a:cd:f0:b2:d6:22:4f:e3:30:59:65:f0:4a:74:f6:e8:bc:9b:
5f:60:72:c9:9e:12:6b:ec:c0:e4:0a:0b:7e:79:4d:1d:2d:e8:
c6:6a:53:54:d6:c2:dc:3d:84:e5:90:73:58:8c:87:38:ff:30:
ec:39:c4:65:c5:a7:a9:1c:32:50:0d:87:8d:ed:a3:71:6a:7d:
af:bd:b7:1c:d1:8d:4c:74:99:07:0f:d4:26:a5:79:15:d2:6c:
a7:f4:a2:98:32:1a:e6:df:d3:42:f3:8d:70:ae:d1:c9:8a:23:
12:dc:20:15:3a:f1:45:c9:65:74:70:3b:18:60:7e:c7:48:50:
b0:33:fd:18:82:d2:2c:64:4e:b7:77:27:36:cd:67:99:96:d8:
b8:a8:b9:46:f4:a3:f9:d5:57:d2:6c:bc:65:de:29:7c:dd:65:
07:92:cd:f1:15:de:07:05:57:84:f2:ec:7e:20:33:3f:54:05:
1e:96:72:89:c9:c4:50:54:1f:a5:de:6c:61:21:6f:fb:c4:a4:
e6:32:95:5d:82:9a:c7:ba:21:99:8e:d5:d3:b0:41:57:c1:92:
e1:55:8d:42:7a:4c:fd:1d:64:47:a3:d6:4e:25:8d:8f:b3:9b:
96:43:34:85
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAecPMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMyODA5MzcwOFoXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0VGMUQxMTAvBgNVBAUTKDhGRTVBN0M5OThGQjhCNzhBQzMzMUVB
RTgzQkMxNzg2MjNFRTNDOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCf8nzCd0ENpAV2FxNwD94TdFfnAeTSW8yoxS25JZCI+IkaXTUcwBl4/i8G28v3
A4ZCBqpHdJi0x1gp6FFzZKGaTow7+MjJfYqBJ9156EXarkVXOd/C8zf3wZCR77un
eBWcHs/Ync/sCSeEcVXuJxdz1+dReSeTUDlWa590gKZcF2gAxT+g4/SUWT8NhzWr
ln2Z25BXmmm+CKBljp+yOAkLZ65UYHf7FOKB7wi/+DIIwlAP+Ft0fvlikqGZt9q0
fw269UpUPxAA0tX+DDCeRaFeIPklT2+kWMalVR9DJF80auw05YejAbKOpcwbX6db
uTiUh1PuKKcvbI+zHoDXPUVDAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUj+WnyZj7
i3isMx6ug7wXhiPuPJ4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNFRjFEL0JBOUNEOEFDRUNFNjExRUVBQUU5RTgxRUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzRUYxRC9CQTlDRDhBQ0VDRTYxMUVFQUFFOUU4MUVDNEY5QUUwMi9qLVdueVpq
N2kzaXNNeDZ1Zzd3WGhpUHVQSjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlRVMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQByxxoMA0EAgAC
MAcDBQAkAY1gMA0GCSqGSIb3DQEBCwUAA4IBAQC1GThFS1I842B4mIL5PzwPzcZa
zfCy1iJP4zBZZfBKdPbovJtfYHLJnhJr7MDkCgt+eU0dLejGalNU1sLcPYTlkHNY
jIc4/zDsOcRlxaepHDJQDYeN7aNxan2vvbcc0Y1MdJkHD9QmpXkV0myn9KKYMhrm
39NC841wrtHJiiMS3CAVOvFFyWV0cDsYYH7HSFCwM/0YgtIsZE63dyc2zWeZlti4
qLlG9KP51VfSbLxl3il83WUHks3xFd4HBVeE8ux+IDM/VAUelnKJycRQVB+l3mxh
IW/7xKTmMpVdgprHuiGZjtXTsEFXwZLhVY1Cekz9HWRHo9ZOJY2Ps5uWQzSF
-----END CERTIFICATE-----
Generated at Wed May 1 22:52:01 2024 by rpki-client on console-ams.rpki-client.org