Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jzTx-VOtA2V2fiHqvjWrRrVbPlg.cer
File: jzTx-VOtA2V2fiHqvjWrRrVbPlg.cer (raw, json)
Hash identifier: dOSo0AHt7mtO7692eWzsgImkyD9OtHefQEqtZJBURfg=
Subject key identifier: 8F:34:F1:F9:53:AD:03:65:76:7E:21:EA:BE:35:AB:46:B5:5B:3E:58
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 015820
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.rand.apnic.net/repo/pubServerRand/0/8F34F1F953AD0365767E21EABE35AB46B55B3E58.mft
caRepository: rsync://rpki.rand.apnic.net/repo/pubServerRand/0/
Notify URL: https://rpki.rand.apnic.net/rrdp/notification.xml
Certificate not before: Tue 31 May 2022 01:30:20 +0000
Certificate not after: Mon 31 Mar 2031 00:00:00 +0000
Subordinate resources: AS: 9838
AS: 24021
AS: 38610
AS: 131072
AS: 131074
IP: 1.0.0.0/24
IP: 1.1.1.0/24
IP: 103.0.0.0/16
IP: 103.10.232.0/24
IP: 203.10.60.0/22
IP: 203.133.248.0/22
IP: 203.147.108.0/23
IP: 2401:2000::/31
IP: 2408:2000::/24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88096 (0x15820)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 31 01:30:20 2022 GMT
Not After : Mar 31 00:00:00 2031 GMT
Subject: CN=A91872ED0000/serialNumber=8F34F1F953AD0365767E21EABE35AB46B55B3E58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4a:fe:b3:85:8b:17:32:b5:2b:f4:bb:ab:26:
74:af:f5:4c:b4:c3:bb:03:7b:ad:e2:e9:9e:c4:65:
32:27:95:3f:d2:0a:f6:99:8e:12:39:4f:d7:58:35:
3b:f7:86:1f:b4:dd:6e:c3:0d:93:e4:44:85:c7:40:
59:18:8d:f1:18:0e:05:10:0f:06:a0:cb:8f:2c:ad:
b1:21:32:69:46:07:46:e7:94:17:7a:bb:40:8e:d2:
df:4e:4f:b5:83:7e:ec:6d:8b:2a:58:c6:07:22:5c:
63:39:57:c8:67:bc:f7:c3:7a:db:9e:4f:0f:bd:78:
31:50:94:b4:af:22:62:5f:16:b9:5b:19:19:17:72:
a1:25:62:87:a4:bf:53:de:46:0c:8e:23:64:de:0d:
ed:83:3a:2f:f8:4d:f0:18:05:21:92:a3:b2:22:2d:
02:67:8e:b6:19:96:7d:cc:6e:f4:2d:df:a2:26:18:
75:a3:52:94:e1:18:51:75:4f:f8:ea:12:3f:db:bb:
75:46:19:71:39:fa:41:99:56:99:81:3b:86:d1:03:
a6:ac:91:82:d8:b2:b1:f0:47:6b:a2:8b:3d:fe:89:
f5:f4:9f:09:d8:eb:5d:4b:51:df:a4:85:ed:48:39:
61:04:02:7a:de:b7:e7:6d:c7:8d:ea:56:9d:ed:01:
af:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:34:F1:F9:53:AD:03:65:76:7E:21:EA:BE:35:AB:46:B5:5B:3E:58
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.rand.apnic.net/repo/pubServerRand/0/
RPKI Manifest - URI:rsync://rpki.rand.apnic.net/repo/pubServerRand/0/8F34F1F953AD0365767E21EABE35AB46B55B3E58.mft
RPKI Notify - URI:https://rpki.rand.apnic.net/rrdp/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9838
24021
38610
131072
131074
sbgp-ipAddrBlock: critical
IPv4:
1.0.0.0/24
1.1.1.0/24
103.0.0.0/16
103.10.232.0/24
203.10.60.0/22
203.133.248.0/22
203.147.108.0/23
IPv6:
2401:2000::/31
2408:2000::/24
Signature Algorithm: sha256WithRSAEncryption
83:9b:62:c3:db:6b:d9:4b:35:eb:2e:30:4e:3e:5c:b1:d6:15:
e9:91:a7:b9:6a:6b:9f:47:88:07:7f:aa:e3:02:4f:6c:1b:2f:
e7:44:36:b0:6c:b2:ac:d1:d0:6a:a4:9c:3f:ad:96:90:96:0d:
be:5b:99:08:10:ad:81:97:48:d2:f2:5d:49:4f:8f:04:49:2e:
69:d4:9f:dc:44:6b:f0:d9:20:a9:1f:f8:13:33:c8:9d:a8:af:
0b:f5:f9:44:ff:7d:b4:3c:80:7b:35:46:6b:a3:f0:13:8c:ba:
7f:32:6b:65:96:00:99:13:9b:a9:53:c7:a1:46:c8:25:1e:76:
68:d2:a0:52:59:67:99:75:f2:b1:a1:6f:47:c9:bd:e7:a6:25:
7e:07:a4:07:55:91:7b:32:c5:67:0d:69:51:f7:9f:21:7d:b8:
80:c5:4b:b5:1f:fe:df:4c:39:bc:0a:9b:29:f7:50:0d:b4:60:
56:fb:d2:79:3c:0b:cd:6b:37:d5:60:5f:99:42:b6:a9:7c:55:
10:6f:76:0a:71:cf:f9:41:64:6a:67:00:26:cd:c1:4d:82:b0:
e1:89:89:88:dc:c3:1d:3e:16:3b:f0:e6:02:10:10:e9:24:eb:
02:90:73:4e:20:4f:d5:42:da:29:6d:e2:de:c3:e2:c2:81:82:
fe:da:54:cc
-----BEGIN CERTIFICATE-----
MIIGODCCBSCgAwIBAgIDAVggMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIyMDUzMTAxMzAyMFoXDTMxMDMzMTAwMDAwMFowSjEVMBMG
A1UEAxMMQTkxODcyRUQwMDAwMTEwLwYDVQQFEyg4RjM0RjFGOTUzQUQwMzY1NzY3
RTIxRUFCRTM1QUI0NkI1NUIzRTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvUr+s4WLFzK1K/S7qyZ0r/VMtMO7A3ut4umexGUyJ5U/0gr2mY4SOU/X
WDU794YftN1uww2T5ESFx0BZGI3xGA4FEA8GoMuPLK2xITJpRgdG55QXertAjtLf
Tk+1g37sbYsqWMYHIlxjOVfIZ7z3w3rbnk8PvXgxUJS0ryJiXxa5WxkZF3KhJWKH
pL9T3kYMjiNk3g3tgzov+E3wGAUhkqOyIi0CZ462GZZ9zG70Ld+iJhh1o1KU4RhR
dU/46hI/27t1RhlxOfpBmVaZgTuG0QOmrJGC2LKx8Edroos9/on19J8J2OtdS1Hf
pIXtSDlhBAJ63rfnbceN6lad7QGvawIDAQABo4IDKTCCAyUwHQYDVR0OBBYEFI80
8flTrQNldn4h6r41q0a1Wz5YMB8GA1UdIwQYMBaAFA5lpPX9NrW9aOs8kjQIl4yQ
eqefMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1
ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9EbVdrOWYwMnRiMW82enlTTkFpWGpK
QjZwNTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3RTExRTdBOTZBMzk1
MjFBNEY0RkI0L0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1OC5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMIH5BggrBgEFBQcBCwSB7DCB6TA9BggrBgEF
BQcwBYYxcnN5bmM6Ly9ycGtpLnJhbmQuYXBuaWMubmV0L3JlcG8vcHViU2VydmVy
UmFuZC8wLzBpBggrBgEFBQcwCoZdcnN5bmM6Ly9ycGtpLnJhbmQuYXBuaWMubmV0
L3JlcG8vcHViU2VydmVyUmFuZC8wLzhGMzRGMUY5NTNBRDAzNjU3NjdFMjFFQUJF
MzVBQjQ2QjU1QjNFNTgubWZ0MD0GCCsGAQUFBzANhjFodHRwczovL3Jwa2kucmFu
ZC5hcG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMCwGCCsGAQUFBwEIAQH/
BB0wG6AZMBcCAiZuAgJd1QIDAJbSAgMCAAACAwIAAjBXBggrBgEFBQcBBwEB/wRI
MEYwLwQCAAEwKQMEAAEAAAMEAAEBAQMDAGcAAwQAZwroAwQCywo8AwQCy4X4AwQB
y5NsMBMEAgACMA0DBQEkASAAAwQAJAggMA0GCSqGSIb3DQEBCwUAA4IBAQCDm2LD
22vZSzXrLjBOPlyx1hXpkae5amufR4gHf6rjAk9sGy/nRDawbLKs0dBqpJw/rZaQ
lg2+W5kIEK2Bl0jS8l1JT48ESS5p1J/cRGvw2SCpH/gTM8idqK8L9flE/320PIB7
NUZro/ATjLp/MmtllgCZE5upU8ehRsglHnZo0qBSWWeZdfKxoW9Hyb3npiV+B6QH
VZF7MsVnDWlR958hfbiAxUu1H/7fTDm8Cpsp91ANtGBW+9J5PAvNazfVYF+ZQrap
fFUQb3YKcc/5QWRqZwAmzcFNgrDhiYmI3MMdPhY78OYCEBDpJOsCkHNOIE/VQtop
beLew+LCgYL+2lTM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:17 2023 by rpki-client on console-fra.rpki-client.org