Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
File: kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer (raw, json)
Hash identifier: CLQGiq42Sl0OwT3cdqQp3AnlTVX2ud2nCEMzZ/zITL4=
Subject key identifier: 90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01A61A
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 30 May 2023 15:09:36 +0000
Certificate not after: Tue 30 Jul 2024 00:00:00 +0000
Subordinate resources: AS: 9541
AS: 24440
AS: 56052
AS: 58614
AS: 58746
IP: 14.1.104.0/22
IP: 36.255.32.0/22
IP: 36.255.40.0/21
IP: 43.242.100.0/22
IP: 58.65.192.0/19
IP: 61.5.128.0/19
IP: 101.53.224.0/19
IP: 103.7.60.0/22
IP: 103.18.8.0/21
IP: 103.18.20.0/22
IP: 103.26.80.0/21
IP: 103.31.92.0/22
IP: 103.31.100.0 -- 103.31.107.255
IP: 103.244.172.0 -- 103.244.179.255
IP: 103.245.132.0/22
IP: 103.245.192.0/22
IP: 119.13.184.0/21
IP: 124.29.192.0/18
IP: 137.59.144.0/22
IP: 137.59.216.0 -- 137.59.231.255
IP: 144.48.120.0/22
IP: 144.48.128.0/21
IP: 175.107.192.0/18
IP: 202.47.32.0/19
IP: 202.163.64.0/18
IP: 203.101.160.0/19
IP: 218.100.85.0/24
IP: 2001:dec:8000::/48
IP: 2001:4538::/32
IP: 2400:adc0::/27
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 27 Apr 2024 02:50:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108058 (0x1a61a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 30 15:09:36 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=A9150F66/serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a8:98:37:78:43:f1:1e:a1:8f:db:10:32:a1:
91:34:9b:5b:f8:40:47:4f:bc:88:5f:ce:e2:6d:7e:
d1:f8:1e:97:29:c5:bb:a2:f7:98:b2:94:db:fc:36:
25:90:e5:b8:84:83:0e:b2:72:5e:fa:54:2b:40:a6:
d9:fb:31:e3:64:9f:35:57:2c:95:a4:f0:c1:52:d2:
02:89:53:b2:fd:28:0e:fd:bb:69:2f:8c:71:eb:88:
7b:9a:bc:9e:46:4a:97:80:5b:03:37:1f:1a:d3:9c:
ae:d6:3c:05:99:08:bb:ac:83:20:cf:43:b6:e9:02:
6c:0d:1d:05:9b:3c:aa:04:7a:4e:a9:3c:8d:0d:ad:
43:7f:7a:9f:ae:f7:4e:ba:64:9c:50:99:d4:cf:59:
3e:ba:50:1e:5c:67:cf:f0:32:76:b9:c3:c7:46:df:
9b:a0:71:a9:5e:39:a6:0c:ef:22:ab:48:fe:c8:ca:
c0:c8:79:cf:66:49:9a:3a:92:4b:35:26:2b:bf:10:
b7:51:a6:1a:f9:5d:bc:f2:bb:28:d8:49:2d:c2:49:
cd:2b:31:03:96:76:d9:73:01:39:db:84:b3:c7:0f:
42:f2:86:0a:63:42:69:fc:2f:00:e9:1f:17:41:92:
1a:9a:60:72:57:04:d7:16:0a:47:c2:34:25:05:5c:
0c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9541
24440
56052
58614
58746
sbgp-ipAddrBlock: critical
IPv4:
14.1.104.0/22
36.255.32.0/22
36.255.40.0/21
43.242.100.0/22
58.65.192.0/19
61.5.128.0/19
101.53.224.0/19
103.7.60.0/22
103.18.8.0/21
103.18.20.0/22
103.26.80.0/21
103.31.92.0/22
103.31.100.0-103.31.107.255
103.244.172.0-103.244.179.255
103.245.132.0/22
103.245.192.0/22
119.13.184.0/21
124.29.192.0/18
137.59.144.0/22
137.59.216.0-137.59.231.255
144.48.120.0/22
144.48.128.0/21
175.107.192.0/18
202.47.32.0/19
202.163.64.0/18
203.101.160.0/19
218.100.85.0/24
IPv6:
2001:dec:8000::/48
2001:4538::/32
2400:adc0::/27
Signature Algorithm: sha256WithRSAEncryption
14:d3:ac:58:b4:78:37:b4:a4:e3:1c:26:d1:36:24:6b:a4:7a:
23:1d:65:8c:c6:cd:09:27:72:bb:24:dc:cd:13:b7:88:3d:c0:
1b:44:d3:cf:e0:b1:db:e8:bd:ba:5f:88:ca:f3:30:3c:23:69:
db:1a:a1:13:ea:fd:f0:d5:5c:a1:66:74:68:0a:12:e4:f6:78:
f3:9d:4c:4e:bc:e8:4a:c2:e7:57:65:93:ad:cc:b1:8a:d5:39:
36:1d:59:d2:70:72:07:17:44:20:34:d5:07:b5:71:0d:cd:24:
6a:00:66:5a:e8:65:81:29:b4:bf:5f:0c:f3:42:1c:13:89:df:
72:3e:b8:19:ef:e7:8d:2d:29:3f:05:b6:0e:d1:8f:fe:2a:07:
9b:05:dd:5f:58:17:f6:24:4b:d1:23:20:bd:54:d9:56:10:75:
b7:0c:d7:2b:27:15:4a:ff:20:88:80:c0:d4:c6:e5:7c:46:8a:
34:d4:96:42:11:93:26:4d:d5:a2:74:f8:d0:c9:21:54:60:b0:
78:6a:72:54:cb:53:c5:92:a2:24:46:76:e0:fd:f6:a0:2b:a4:
e8:ad:ed:97:71:59:31:32:0d:eb:bc:21:5d:8e:62:a9:82:33:
64:70:eb:94:ca:59:5f:f8:d4:ff:cc:7b:1d:40:23:74:62:63:
b9:d5:59:07
-----BEGIN CERTIFICATE-----
MIIHBDCCBeygAwIBAgIDAaYaMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDUzMDE1MDkzNloXDTI0MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTBGNjYxMTAvBgNVBAUTKDkwMDlFNzQxOTZENDhCMDM5NjRGMUZD
NTZDRkU0NDZFQzUwNDhDRjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCnqJg3eEPxHqGP2xAyoZE0m1v4QEdPvIhfzuJtftH4Hpcpxbui95iylNv8NiWQ
5biEgw6ycl76VCtAptn7MeNknzVXLJWk8MFS0gKJU7L9KA79u2kvjHHriHuavJ5G
SpeAWwM3HxrTnK7WPAWZCLusgyDPQ7bpAmwNHQWbPKoEek6pPI0NrUN/ep+u9066
ZJxQmdTPWT66UB5cZ8/wMna5w8dG35ugcaleOaYM7yKrSP7IysDIec9mSZo6kks1
Jiu/ELdRphr5XbzyuyjYSS3CSc0rMQOWdtlzATnbhLPHD0LyhgpjQmn8LwDpHxdB
khqaYHJXBNcWCkfCNCUFXAzXAgMBAAGjggP5MIID9TAdBgNVHQ4EFgQUkAnnQZbU
iwOWTx/FbP5EbsUEjPcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTUwRjY2L0JDMURDMUY2QzE3NTExRTRBMkM3Qjc0Q0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1MEY2Ni9CQzFEQzFGNkMxNzUxMUU0QTJDN0I3NENDNEY5QUUwMi9rQW5uUVpi
VWl3T1dUeF9GYlA1RWJzVUVqUGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLAYIKwYBBQUHAQgBAf8EHTAb
oBkwFwICJUUCAl94AgMA2vQCAwDk9gIDAOV6MIH2BggrBgEFBQcBBwEB/wSB5jCB
4zCBwQQCAAEwgboDBAIOAWgDBAIk/yADBAMk/ygDBAIr8mQDBAU6QcADBAU9BYAD
BAVlNeADBAJnBzwDBANnEggDBAJnEhQDBANnGlADBAJnH1wwDAMEAmcfZAMEAmcf
aDAMAwQCZ/SsAwQCZ/SwAwQCZ/WEAwQCZ/XAAwQDdw24AwQGfB3AAwQCiTuQMAwD
BAOJO9gDBAOJO+ADBAKQMHgDBAOQMIADBAava8ADBAXKLyADBAbKo0ADBAXLZaAD
BADaZFUwHQQCAAIwFwMHACABDeyAAAMFACABRTgDBQUkAK3AMA0GCSqGSIb3DQEB
CwUAA4IBAQAU06xYtHg3tKTjHCbRNiRrpHojHWWMxs0JJ3K7JNzNE7eIPcAbRNPP
4LHb6L26X4jK8zA8I2nbGqET6v3w1VyhZnRoChLk9njznUxOvOhKwudXZZOtzLGK
1Tk2HVnScHIHF0QgNNUHtXENzSRqAGZa6GWBKbS/XwzzQhwTid9yPrgZ7+eNLSk/
BbYO0Y/+KgebBd1fWBf2JEvRIyC9VNlWEHW3DNcrJxVK/yCIgMDUxuV8Roo01JZC
EZMmTdWidPjQySFUYLB4anJUy1PFkqIkRnbg/fagK6Tore2XcVkxMg3rvCFdjmKp
gjNkcOuUyllf+NT/zHsdQCN0YmO51VkH
-----END CERTIFICATE-----
Generated at Sat Apr 20 05:37:17 2024 by rpki-client on console-ams.rpki-client.org