Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jNZeQOKuy7xVttozRr8czjg1wnc.cer
File: jNZeQOKuy7xVttozRr8czjg1wnc.cer (raw, json)
Hash identifier: TOTBzUKPu6U+1IdN2OBFnE9aQLZE2UCkbSaCsPW3scE=
Subject key identifier: 8C:D6:5E:40:E2:AE:CB:BC:55:B6:DA:33:46:BF:1C:CE:38:35:C2:77
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01FA65
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A919A6EB/DD4C1B2A0A5A11EEBE824344C4F9AE02/jNZeQOKuy7xVttozRr8czjg1wnc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A919A6EB/DD4C1B2A0A5A11EEBE824344C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 21 Jun 2024 05:19:02 +0000
Certificate not after: Sun 31 Aug 2025 00:00:00 +0000
Subordinate resources: AS: 151360
IP: 103.208.88.0/23
IP: 2401:220::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 129637 (0x1fa65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jun 21 05:19:02 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=A919A6EB/serialNumber=8CD65E40E2AECBBC55B6DA3346BF1CCE3835C277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3b:29:f0:de:b5:22:db:ba:35:0f:e7:78:f5:
14:f7:84:09:8e:e4:61:d7:b5:15:45:5e:f1:6b:0e:
e7:91:84:19:41:19:19:43:a1:1e:54:81:7c:34:8e:
a4:a4:03:06:fe:e8:41:8e:5b:b5:e3:5b:12:0c:8a:
8e:88:d3:86:a4:1e:4d:24:d4:9b:0d:f4:92:a6:b2:
35:82:ac:6b:37:c6:48:09:a3:86:53:36:13:04:fc:
fe:a7:fb:f1:f2:50:83:cd:3e:54:d7:35:0d:54:9f:
b6:5b:d0:3e:0f:07:a9:88:0c:d9:13:a8:52:a8:d2:
78:be:5c:af:12:8d:42:c5:60:ae:09:7b:9b:48:27:
4b:22:09:cf:fb:5a:63:a7:b9:b3:1d:5e:c7:8a:bc:
2e:98:75:0e:34:d7:46:8b:17:06:e6:f4:a5:de:f2:
bd:35:2e:9f:3e:2b:a9:c9:3d:45:f6:8e:69:12:aa:
e0:75:30:d9:4e:aa:a4:60:af:42:a8:56:aa:a2:cc:
a9:31:c0:e8:f2:ea:31:2f:5c:c6:97:07:d8:48:49:
65:26:64:d8:3a:bb:8e:ab:08:26:53:45:d3:f7:d2:
07:fc:ef:f4:22:40:27:0f:ee:71:cd:d6:70:58:38:
39:2d:80:48:a0:70:d3:72:62:f2:31:a0:36:14:fa:
2f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:D6:5E:40:E2:AE:CB:BC:55:B6:DA:33:46:BF:1C:CE:38:35:C2:77
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919A6EB/DD4C1B2A0A5A11EEBE824344C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919A6EB/DD4C1B2A0A5A11EEBE824344C4F9AE02/jNZeQOKuy7xVttozRr8czjg1wnc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
151360
sbgp-ipAddrBlock: critical
IPv4:
103.208.88.0/23
IPv6:
2401:220::/32
Signature Algorithm: sha256WithRSAEncryption
67:eb:42:1e:c1:d2:ca:b5:fe:c3:0b:9a:e5:7e:64:4d:82:33:
77:a5:29:64:50:3a:d0:22:70:06:f5:67:23:1f:f1:24:64:ff:
dd:87:d4:39:25:a8:41:14:2c:95:37:96:ad:ad:73:d4:b5:87:
a5:24:15:bd:97:5b:9f:43:ab:1e:02:6e:fe:6f:5a:98:af:76:
ff:2e:7f:97:33:f9:41:07:1d:8b:4f:73:8a:ee:82:0b:44:c5:
10:c2:49:6f:60:6f:a2:95:6d:c2:31:1f:53:1b:bf:33:50:84:
b3:49:23:26:df:bc:28:d8:ec:44:8d:56:fb:59:ee:fb:30:3f:
a5:e4:1a:6e:90:5c:16:36:ab:8f:35:40:22:1d:ed:2b:58:7e:
32:c6:9b:7e:6b:7b:e0:04:9e:39:ec:32:99:15:35:5f:6f:2d:
de:75:75:ef:43:f1:8c:19:48:be:d8:ed:4b:c3:4b:db:33:ab:
d7:c6:d7:d8:8f:1f:6c:0f:e9:78:ee:ed:54:92:b8:53:fb:0b:
36:22:9d:36:19:69:c6:ac:32:27:d0:aa:ab:ae:68:1a:a7:1a:
bf:59:99:7c:66:65:f8:1d:e5:29:f4:3f:49:99:9a:b0:4b:42:
4b:32:ca:f3:57:88:5c:cf:83:95:7d:ca:a0:1c:4e:dd:7a:74:
5d:78:74:6b
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAfplMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDYyMTA1MTkwMloXDTI1MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOUE2RUIxMTAvBgNVBAUTKDhDRDY1RTQwRTJBRUNCQkM1NUI2REEz
MzQ2QkYxQ0NFMzgzNUMyNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGOynw3rUi27o1D+d49RT3hAmO5GHXtRVFXvFrDueRhBlBGRlDoR5UgXw0jqSk
Awb+6EGOW7XjWxIMio6I04akHk0k1JsN9JKmsjWCrGs3xkgJo4ZTNhME/P6n+/Hy
UIPNPlTXNQ1Un7Zb0D4PB6mIDNkTqFKo0ni+XK8SjULFYK4Je5tIJ0siCc/7WmOn
ubMdXseKvC6YdQ4010aLFwbm9KXe8r01Lp8+K6nJPUX2jmkSquB1MNlOqqRgr0Ko
VqqizKkxwOjy6jEvXMaXB9hISWUmZNg6u46rCCZTRdP30gf87/QiQCcP7nHN1nBY
ODktgEigcNNyYvIxoDYU+i8lAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUjNZeQOKu
y7xVttozRr8czjg1wncwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTlBNkVCL0RENEMxQjJBMEE1QTExRUVCRTgyNDM0NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5QTZFQi9ERDRDMUIyQTBBNUExMUVFQkU4MjQzNDRDNEY5QUUwMi9qTlplUU9L
dXk3eFZ0dG96UnI4Y3pqZzF3bmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAk9AMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ9BYMA0EAgAC
MAcDBQAkAQIgMA0GCSqGSIb3DQEBCwUAA4IBAQBn60IewdLKtf7DC5rlfmRNgjN3
pSlkUDrQInAG9WcjH/EkZP/dh9Q5JahBFCyVN5atrXPUtYelJBW9l1ufQ6seAm7+
b1qYr3b/Ln+XM/lBBx2LT3OK7oILRMUQwklvYG+ilW3CMR9TG78zUISzSSMm37wo
2OxEjVb7We77MD+l5BpukFwWNquPNUAiHe0rWH4yxpt+a3vgBJ457DKZFTVfby3e
dXXvQ/GMGUi+2O1Lw0vbM6vXxtfYjx9sD+l47u1UkrhT+ws2Ip02GWnGrDIn0Kqr
rmgapxq/WZl8ZmX4HeUp9D9JmZqwS0JLMsrzV4hcz4OVfcqgHE7denRdeHRr
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:44 2024 by rpki-client on console-fra.rpki-client.org