Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMa2jRauQ5Lt8OkP4Tc4DjxEN-c.cer
File: kMa2jRauQ5Lt8OkP4Tc4DjxEN-c.cer (raw, json)
Hash identifier: gbWkQ0XEWAcmZoWjuGRnJTcscI6iixODB2l42XNTdAE=
Subject key identifier: 90:C6:B6:8D:16:AE:43:92:ED:F0:E9:0F:E1:37:38:0E:3C:44:37:E7
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02022E
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91F7935/905A3A489B9511ECAE3F0C4FC4F9AE02/kMa2jRauQ5Lt8OkP4Tc4DjxEN-c.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91F7935/905A3A489B9511ECAE3F0C4FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 25 Jul 2024 00:06:11 +0000
Certificate not after: Sun 31 Aug 2025 00:00:00 +0000
Subordinate resources: AS: 142406
IP: 103.167.214.0/23
IP: 2001:df6:c180::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131630 (0x2022e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 25 00:06:11 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=A91F7935/serialNumber=90C6B68D16AE4392EDF0E90FE137380E3C4437E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:14:3f:79:1b:cc:37:00:ef:c4:cd:f1:d4:6a:
dc:ec:26:01:9b:92:83:f2:84:69:76:0b:37:b8:a8:
e0:05:97:d5:25:73:a7:36:95:e1:ff:4e:13:33:f4:
1b:90:77:01:d9:cc:a1:c4:4f:48:93:82:0a:fb:cd:
8e:54:b0:65:c3:d0:a0:88:80:9a:ce:de:ec:de:eb:
03:94:c3:23:e1:e1:0b:e2:3a:d0:12:43:6b:99:28:
d3:dc:01:ad:6f:be:12:dc:c0:44:08:f0:db:06:6b:
d7:28:57:df:5e:fb:51:c1:26:c4:e5:2d:f1:18:65:
a5:e6:4d:dc:50:15:58:d3:bd:02:61:b4:42:e5:cc:
e6:1b:f9:46:14:8d:5d:ae:60:7a:5c:8c:0e:76:6d:
b0:16:cc:ca:60:14:ef:f3:d9:a4:67:cb:53:1d:e3:
e3:e9:86:64:d3:f0:df:c4:4b:fd:cb:3f:80:08:2c:
b8:e2:bb:f0:61:10:f0:fe:1c:93:8a:98:33:da:60:
fe:86:40:81:40:b2:0b:ad:c7:54:cc:ae:9c:94:4f:
0e:30:13:89:c0:b0:f3:70:c2:c0:03:7a:3a:e1:c4:
00:24:36:33:d2:39:8b:dc:3c:76:01:e5:2e:4d:83:
aa:e1:2c:b9:86:af:18:87:9f:e2:19:f6:df:4f:f8:
a8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C6:B6:8D:16:AE:43:92:ED:F0:E9:0F:E1:37:38:0E:3C:44:37:E7
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F7935/905A3A489B9511ECAE3F0C4FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F7935/905A3A489B9511ECAE3F0C4FC4F9AE02/kMa2jRauQ5Lt8OkP4Tc4DjxEN-c.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
142406
sbgp-ipAddrBlock: critical
IPv4:
103.167.214.0/23
IPv6:
2001:df6:c180::/48
Signature Algorithm: sha256WithRSAEncryption
c6:4a:54:a0:0b:9c:55:d6:1f:b3:e3:82:11:09:d3:d1:30:ca:
af:1b:2c:e9:82:52:21:70:fa:6d:b1:da:89:4b:48:06:67:65:
23:e8:3c:a3:63:f6:a5:46:9b:8d:1b:9d:e8:84:a0:45:22:b9:
f7:5e:bc:96:b1:18:a2:35:1d:1f:c4:fa:31:c4:ff:38:6a:30:
fd:3f:96:8a:06:ed:00:23:49:46:62:18:1a:94:5a:e8:6e:26:
c5:c3:0b:fc:d5:8e:d0:43:01:22:3e:7c:db:b0:9b:39:71:dd:
5a:a7:78:b7:5e:f8:e0:a1:ba:f3:5b:ee:32:30:ae:3b:f1:38:
2c:65:42:65:49:82:7d:6c:35:47:dd:11:e3:df:e1:21:bf:2c:
c4:af:45:19:03:85:e0:e2:57:4d:d1:96:d0:e6:77:77:0a:54:
62:1e:b6:9a:fc:4a:4e:c4:65:00:b1:1f:04:a4:c4:d7:86:28:
e6:8b:e6:39:50:1b:3e:53:d5:32:a9:24:3f:a6:44:7f:17:ea:
37:8e:6a:4b:77:c9:a8:37:c8:b1:4b:80:87:3c:b6:b2:54:bc:
a2:56:c3:bd:5f:28:c6:05:ee:b7:ce:7c:1a:f5:4d:3a:2a:89:
78:51:e0:d8:56:09:b1:89:23:2f:2b:63:86:33:27:98:d6:a6:
31:79:ec:81
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAgIuMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDcyNTAwMDYxMVoXDTI1MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRjc5MzUxMTAvBgNVBAUTKDkwQzZCNjhEMTZBRTQzOTJFREYwRTkw
RkUxMzczODBFM0M0NDM3RTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDTFD95G8w3AO/EzfHUatzsJgGbkoPyhGl2Cze4qOAFl9Ulc6c2leH/ThMz9BuQ
dwHZzKHET0iTggr7zY5UsGXD0KCIgJrO3uze6wOUwyPh4QviOtASQ2uZKNPcAa1v
vhLcwEQI8NsGa9coV99e+1HBJsTlLfEYZaXmTdxQFVjTvQJhtELlzOYb+UYUjV2u
YHpcjA52bbAWzMpgFO/z2aRny1Md4+PphmTT8N/ES/3LP4AILLjiu/BhEPD+HJOK
mDPaYP6GQIFAsgutx1TMrpyUTw4wE4nAsPNwwsADejrhxAAkNjPSOYvcPHYB5S5N
g6rhLLmGrxiHn+IZ9t9P+Kh/AgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUkMa2jRau
Q5Lt8OkP4Tc4DjxEN+cwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUY3OTM1LzkwNUEzQTQ4OUI5NTExRUNBRTNGMEM0RkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGNzkzNS85MDVBM0E0ODlCOTUxMUVDQUUzRjBDNEZDNEY5QUUwMi9rTWEyalJh
dVE1THQ4T2tQNFRjNERqeEVOLWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAixGMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ6fWMA8EAgAC
MAkDBwAgAQ32wYAwDQYJKoZIhvcNAQELBQADggEBAMZKVKALnFXWH7PjghEJ09Ew
yq8bLOmCUiFw+m2x2olLSAZnZSPoPKNj9qVGm40bneiEoEUiufdevJaxGKI1HR/E
+jHE/zhqMP0/looG7QAjSUZiGBqUWuhuJsXDC/zVjtBDASI+fNuwmzlx3VqneLde
+OChuvNb7jIwrjvxOCxlQmVJgn1sNUfdEePf4SG/LMSvRRkDheDiV03RltDmd3cK
VGIetpr8Sk7EZQCxHwSkxNeGKOaL5jlQGz5T1TKpJD+mRH8X6jeOakt3yag3yLFL
gIc8trJUvKJWw71fKMYF7rfOfBr1TToqiXhR4NhWCbGJIy8rY4YzJ5jWpjF57IE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:45 2024 by rpki-client on console-fra.rpki-client.org