Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kHsDit7Hw_qcZJMOZBmy-7q5yBw.cer
File: kHsDit7Hw_qcZJMOZBmy-7q5yBw.cer (raw, json)
Hash identifier: npC8n0OUbpmazv76kg1qrsP73V3PYAIsznIEmcihFbU=
Subject key identifier: 90:7B:03:8A:DE:C7:C3:FA:9C:64:93:0E:64:19:B2:FB:BA:B9:C8:1C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0217E1
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A913A7A6/4DB9443A73B611EA9B8C1F5CC4F9AE02/kHsDit7Hw_qcZJMOZBmy-7q5yBw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A913A7A6/4DB9443A73B611EA9B8C1F5CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 01 Nov 2024 16:37:27 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 58877
IP: 203.22.220.0/23
IP: 2405:2d00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137185 (0x217e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 1 16:37:27 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A913A7A6/serialNumber=907B038ADEC7C3FA9C64930E6419B2FBBAB9C81C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e3:d1:75:52:de:d9:4d:44:05:33:c7:b2:35:
d8:10:2b:1f:0b:40:a2:e4:b5:28:8b:9e:21:c4:d7:
5f:8d:c1:55:b0:5b:b2:89:1a:76:f9:c7:a7:6f:2b:
5b:51:bd:34:f6:bb:41:9c:9e:a2:97:f2:5e:fa:d5:
6d:da:e8:ab:5d:5c:52:fc:41:8b:30:1d:54:1d:d5:
2f:77:81:3d:8f:b2:30:83:5d:00:07:b7:c0:c6:bc:
c6:0e:1a:00:9d:a9:b6:1e:a2:0a:32:ba:ac:e9:f9:
6f:04:91:d6:de:fc:e0:aa:8d:40:c5:f8:70:d2:1e:
65:00:ef:c8:90:cc:79:12:d8:1c:98:f2:32:18:a0:
ce:8e:51:0b:5f:dd:cd:ab:1c:59:8f:4d:d7:e7:74:
f8:de:4a:54:c9:e3:dd:55:04:84:42:02:79:01:64:
48:89:98:b5:24:6f:3e:36:43:cf:cf:df:0a:ab:62:
da:70:38:de:79:07:7e:7c:02:e3:35:ee:57:51:f9:
c7:6a:d8:4c:3b:4a:2b:d8:a5:b4:a1:f5:46:61:6e:
d4:87:bc:f8:69:53:c1:35:0c:35:08:5d:9b:77:c1:
dc:2f:c9:cb:0e:bd:94:37:40:29:ca:ac:fa:33:ca:
7b:df:bd:9e:81:e3:70:a7:c3:af:79:37:b2:11:c1:
86:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:7B:03:8A:DE:C7:C3:FA:9C:64:93:0E:64:19:B2:FB:BA:B9:C8:1C
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913A7A6/4DB9443A73B611EA9B8C1F5CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913A7A6/4DB9443A73B611EA9B8C1F5CC4F9AE02/kHsDit7Hw_qcZJMOZBmy-7q5yBw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
58877
sbgp-ipAddrBlock: critical
IPv4:
203.22.220.0/23
IPv6:
2405:2d00::/32
Signature Algorithm: sha256WithRSAEncryption
1a:da:25:40:29:69:c4:85:e2:70:f4:1a:c6:3d:6d:07:02:bc:
07:14:12:b8:ae:95:7a:c1:e6:3e:94:ff:7a:4c:fc:c4:b6:e9:
2f:c9:24:bf:e5:44:83:a8:ad:16:96:c1:af:ca:5b:9c:08:e3:
99:32:dd:80:a6:2d:f4:5f:3b:13:22:94:34:b5:b2:5b:ff:68:
d6:0a:98:8b:39:cb:b1:70:02:62:c0:69:ab:cd:4f:3d:1e:69:
9d:fa:a6:42:9b:b2:59:24:2e:89:d5:7a:8c:61:1c:2c:40:25:
31:e2:72:10:2c:30:11:ca:54:f2:85:84:7a:68:a7:e8:6e:a0:
5b:d3:5d:90:ee:12:15:3d:75:59:41:c5:02:7b:f0:0d:c4:0e:
d7:ef:fe:d7:ae:24:72:9b:f1:2f:fd:b3:7e:e1:83:48:b3:e7:
79:ec:b8:0c:14:14:69:d9:fc:e4:d2:ed:82:58:04:8b:1f:48:
03:70:ba:6c:e0:18:22:0c:fc:45:25:3f:6f:aa:32:73:92:e3:
48:c6:12:f3:f5:9d:26:e4:84:b3:45:d9:7a:a2:a7:51:44:00:
dd:7f:ae:90:51:93:6b:36:97:3f:15:f1:7e:05:18:cd:04:27:
e9:82:d4:6c:1c:b1:51:a5:98:b5:49:19:2e:15:ce:19:88:5e:
c2:cc:bf:af
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAhfhMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTEwMTE2MzcyN1oXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0E3QTYxMTAvBgNVBAUTKDkwN0IwMzhBREVDN0MzRkE5QzY0OTMw
RTY0MTlCMkZCQkFCOUM4MUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDO49F1Ut7ZTUQFM8eyNdgQKx8LQKLktSiLniHE11+NwVWwW7KJGnb5x6dvK1tR
vTT2u0GcnqKX8l761W3a6KtdXFL8QYswHVQd1S93gT2PsjCDXQAHt8DGvMYOGgCd
qbYeogoyuqzp+W8Ekdbe/OCqjUDF+HDSHmUA78iQzHkS2ByY8jIYoM6OUQtf3c2r
HFmPTdfndPjeSlTJ491VBIRCAnkBZEiJmLUkbz42Q8/P3wqrYtpwON55B358AuM1
7ldR+cdq2Ew7SivYpbSh9UZhbtSHvPhpU8E1DDUIXZt3wdwvycsOvZQ3QCnKrPoz
ynvfvZ6B43Cnw695N7IRwYZRAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUkHsDit7H
w/qcZJMOZBmy+7q5yBwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNBN0E2LzREQjk0NDNBNzNCNjExRUE5QjhDMUY1Q0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzQTdBNi80REI5NDQzQTczQjYxMUVBOUI4QzFGNUNDNEY5QUUwMi9rSHNEaXQ3
SHdfcWNaSk1PWkJteS03cTV5QncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAOX9MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQByxbcMA0EAgAC
MAcDBQAkBS0AMA0GCSqGSIb3DQEBCwUAA4IBAQAa2iVAKWnEheJw9BrGPW0HArwH
FBK4rpV6weY+lP96TPzEtukvySS/5USDqK0WlsGvylucCOOZMt2Api30XzsTIpQ0
tbJb/2jWCpiLOcuxcAJiwGmrzU89Hmmd+qZCm7JZJC6J1XqMYRwsQCUx4nIQLDAR
ylTyhYR6aKfobqBb012Q7hIVPXVZQcUCe/ANxA7X7/7XriRym/Ev/bN+4YNIs+d5
7LgMFBRp2fzk0u2CWASLH0gDcLps4BgiDPxFJT9vqjJzkuNIxhLz9Z0m5ISzRdl6
oqdRRADdf66QUZNrNpc/FfF+BRjNBCfpgtRsHLFRpZi1SRkuFc4ZiF7CzL+v
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:15:44 2024 by rpki-client on console-ams.rpki-client.org