Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
File: kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer (raw, json)
Hash identifier: abJxqSgUvKNyz5brAhHarkUzz6VhNUQ69HwmJ2SZTvg=
Subject key identifier: 90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01F4DC
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 30 May 2024 16:09:52 +0000
Certificate not after: Wed 30 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 9541
AS: 24440
AS: 56052
AS: 58614
AS: 58746
IP: 14.1.104.0/22
IP: 36.255.32.0/22
IP: 36.255.40.0/21
IP: 43.242.100.0/22
IP: 58.65.192.0/19
IP: 61.5.128.0/19
IP: 101.53.224.0/19
IP: 103.7.60.0/22
IP: 103.18.8.0/21
IP: 103.18.20.0/22
IP: 103.26.80.0/21
IP: 103.31.92.0/22
IP: 103.31.100.0 -- 103.31.107.255
IP: 103.244.172.0 -- 103.244.179.255
IP: 103.245.132.0/22
IP: 103.245.192.0/22
IP: 119.13.184.0/21
IP: 124.29.192.0/18
IP: 137.59.144.0/22
IP: 137.59.216.0 -- 137.59.231.255
IP: 144.48.120.0/22
IP: 144.48.128.0/21
IP: 175.107.192.0/18
IP: 202.47.32.0/19
IP: 202.163.64.0/18
IP: 203.101.160.0/19
IP: 218.100.85.0/24
IP: 2001:dec:8000::/48
IP: 2001:4538::/32
IP: 2400:adc0::/27
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128220 (0x1f4dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 30 16:09:52 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=A9150F66/serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a8:98:37:78:43:f1:1e:a1:8f:db:10:32:a1:
91:34:9b:5b:f8:40:47:4f:bc:88:5f:ce:e2:6d:7e:
d1:f8:1e:97:29:c5:bb:a2:f7:98:b2:94:db:fc:36:
25:90:e5:b8:84:83:0e:b2:72:5e:fa:54:2b:40:a6:
d9:fb:31:e3:64:9f:35:57:2c:95:a4:f0:c1:52:d2:
02:89:53:b2:fd:28:0e:fd:bb:69:2f:8c:71:eb:88:
7b:9a:bc:9e:46:4a:97:80:5b:03:37:1f:1a:d3:9c:
ae:d6:3c:05:99:08:bb:ac:83:20:cf:43:b6:e9:02:
6c:0d:1d:05:9b:3c:aa:04:7a:4e:a9:3c:8d:0d:ad:
43:7f:7a:9f:ae:f7:4e:ba:64:9c:50:99:d4:cf:59:
3e:ba:50:1e:5c:67:cf:f0:32:76:b9:c3:c7:46:df:
9b:a0:71:a9:5e:39:a6:0c:ef:22:ab:48:fe:c8:ca:
c0:c8:79:cf:66:49:9a:3a:92:4b:35:26:2b:bf:10:
b7:51:a6:1a:f9:5d:bc:f2:bb:28:d8:49:2d:c2:49:
cd:2b:31:03:96:76:d9:73:01:39:db:84:b3:c7:0f:
42:f2:86:0a:63:42:69:fc:2f:00:e9:1f:17:41:92:
1a:9a:60:72:57:04:d7:16:0a:47:c2:34:25:05:5c:
0c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9541
24440
56052
58614
58746
sbgp-ipAddrBlock: critical
IPv4:
14.1.104.0/22
36.255.32.0/22
36.255.40.0/21
43.242.100.0/22
58.65.192.0/19
61.5.128.0/19
101.53.224.0/19
103.7.60.0/22
103.18.8.0/21
103.18.20.0/22
103.26.80.0/21
103.31.92.0/22
103.31.100.0-103.31.107.255
103.244.172.0-103.244.179.255
103.245.132.0/22
103.245.192.0/22
119.13.184.0/21
124.29.192.0/18
137.59.144.0/22
137.59.216.0-137.59.231.255
144.48.120.0/22
144.48.128.0/21
175.107.192.0/18
202.47.32.0/19
202.163.64.0/18
203.101.160.0/19
218.100.85.0/24
IPv6:
2001:dec:8000::/48
2001:4538::/32
2400:adc0::/27
Signature Algorithm: sha256WithRSAEncryption
63:d3:98:d5:74:36:ba:1b:c5:e6:06:51:2c:52:5e:86:e0:f6:
65:42:6d:cd:9a:ca:92:01:79:5d:59:73:de:d0:c7:8b:36:ab:
d6:2a:c4:a4:e8:a9:97:bb:17:06:0c:7c:0a:22:f9:38:69:16:
23:0f:65:54:00:e4:61:ad:41:28:93:1a:c8:5a:28:d4:02:7d:
e7:28:c7:29:0e:ed:de:55:fd:ce:bb:dc:5d:da:1c:56:83:d3:
7c:60:15:9e:3b:58:bc:0a:3a:af:b6:87:33:08:cc:2b:38:48:
5c:6f:16:db:5e:0b:54:b6:67:e6:52:a4:93:c9:b8:de:6d:e2:
12:c1:ac:cc:5a:9a:24:ca:54:a8:e2:44:8c:58:12:22:ab:97:
e1:75:fb:a9:c0:5d:5f:db:f5:4c:41:41:ca:2e:23:f0:b9:2e:
77:df:ab:33:f2:ca:55:46:79:b4:75:0c:ad:14:d4:b7:1e:22:
f9:e5:be:5d:75:14:ba:71:7a:bd:1e:a7:c0:de:65:dc:8f:9f:
52:be:9f:27:37:c6:d3:15:a8:91:65:2a:51:13:95:25:c9:03:
44:5e:17:2b:ac:e2:bd:f8:0c:73:fb:f6:f3:6b:a1:a7:b7:bb:
51:e9:57:4b:55:ca:68:30:ce:ad:05:06:db:2f:97:c2:a8:96:
81:22:66:b5
-----BEGIN CERTIFICATE-----
MIIHBDCCBeygAwIBAgIDAfTcMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDUzMDE2MDk1MloXDTI1MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTBGNjYxMTAvBgNVBAUTKDkwMDlFNzQxOTZENDhCMDM5NjRGMUZD
NTZDRkU0NDZFQzUwNDhDRjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCnqJg3eEPxHqGP2xAyoZE0m1v4QEdPvIhfzuJtftH4Hpcpxbui95iylNv8NiWQ
5biEgw6ycl76VCtAptn7MeNknzVXLJWk8MFS0gKJU7L9KA79u2kvjHHriHuavJ5G
SpeAWwM3HxrTnK7WPAWZCLusgyDPQ7bpAmwNHQWbPKoEek6pPI0NrUN/ep+u9066
ZJxQmdTPWT66UB5cZ8/wMna5w8dG35ugcaleOaYM7yKrSP7IysDIec9mSZo6kks1
Jiu/ELdRphr5XbzyuyjYSS3CSc0rMQOWdtlzATnbhLPHD0LyhgpjQmn8LwDpHxdB
khqaYHJXBNcWCkfCNCUFXAzXAgMBAAGjggP5MIID9TAdBgNVHQ4EFgQUkAnnQZbU
iwOWTx/FbP5EbsUEjPcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTUwRjY2L0JDMURDMUY2QzE3NTExRTRBMkM3Qjc0Q0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1MEY2Ni9CQzFEQzFGNkMxNzUxMUU0QTJDN0I3NENDNEY5QUUwMi9rQW5uUVpi
VWl3T1dUeF9GYlA1RWJzVUVqUGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLAYIKwYBBQUHAQgBAf8EHTAb
oBkwFwICJUUCAl94AgMA2vQCAwDk9gIDAOV6MIH2BggrBgEFBQcBBwEB/wSB5jCB
4zCBwQQCAAEwgboDBAIOAWgDBAIk/yADBAMk/ygDBAIr8mQDBAU6QcADBAU9BYAD
BAVlNeADBAJnBzwDBANnEggDBAJnEhQDBANnGlADBAJnH1wwDAMEAmcfZAMEAmcf
aDAMAwQCZ/SsAwQCZ/SwAwQCZ/WEAwQCZ/XAAwQDdw24AwQGfB3AAwQCiTuQMAwD
BAOJO9gDBAOJO+ADBAKQMHgDBAOQMIADBAava8ADBAXKLyADBAbKo0ADBAXLZaAD
BADaZFUwHQQCAAIwFwMHACABDeyAAAMFACABRTgDBQUkAK3AMA0GCSqGSIb3DQEB
CwUAA4IBAQBj05jVdDa6G8XmBlEsUl6G4PZlQm3NmsqSAXldWXPe0MeLNqvWKsSk
6KmXuxcGDHwKIvk4aRYjD2VUAORhrUEokxrIWijUAn3nKMcpDu3eVf3Ou9xd2hxW
g9N8YBWeO1i8CjqvtoczCMwrOEhcbxbbXgtUtmfmUqSTybjebeISwazMWpokylSo
4kSMWBIiq5fhdfupwF1f2/VMQUHKLiPwuS5336sz8spVRnm0dQytFNS3HiL55b5d
dRS6cXq9HqfA3mXcj59Svp8nN8bTFaiRZSpRE5UlyQNEXhcrrOK9+Axz+/bza6Gn
t7tR6VdLVcpoMM6tBQbbL5fCqJaBIma1
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:24:58 2024 by rpki-client on console-fra.rpki-client.org