Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l1vVXWFcmGCsz9hgmYU7yxmpm-Q.cer
File: l1vVXWFcmGCsz9hgmYU7yxmpm-Q.cer (raw, json)
Hash identifier: mPvLWSUy8NMmd6Vc8gCOM/ZycnxBS2Ieo3iUDdip19w=
Subject key identifier: 97:5B:D5:5D:61:5C:98:60:AC:CF:D8:60:99:85:3B:CB:19:A9:9B:E4
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01C8AA
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91CBB09/611DABA07CE811ECAC894839C4F9AE02/l1vVXWFcmGCsz9hgmYU7yxmpm-Q.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91CBB09/611DABA07CE811ECAC894839C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 02 Nov 2023 23:06:25 +0000
Certificate not after: Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources: AS: 148991
IP: 103.175.150.0/23
IP: 2400:1ae0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 27 Apr 2024 02:50:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116906 (0x1c8aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 2 23:06:25 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=A91CBB09/serialNumber=975BD55D615C9860ACCFD86099853BCB19A99BE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:4b:8c:e2:c5:1f:76:8e:c9:f7:31:13:1e:bc:
31:8c:0f:cf:7d:09:e6:8b:68:78:8f:54:54:3f:52:
cf:57:35:10:b2:83:5b:40:ba:a0:b7:65:4b:35:f8:
41:d7:4f:6e:19:f8:9c:5b:29:c6:89:1c:ba:73:63:
a7:b6:7c:99:c5:d4:e4:1c:0b:79:21:d9:01:98:75:
00:26:9e:60:0e:a3:35:ae:d4:ad:1c:bd:a0:a5:c2:
2d:a2:c2:37:e2:fa:62:0e:a5:ee:49:e9:5b:a0:79:
dd:30:81:92:65:6b:19:98:f4:2c:ae:25:fb:a2:70:
b6:81:de:92:da:67:5c:e2:5f:9d:b7:b7:31:d8:f2:
5f:59:e9:a8:91:8a:e3:ae:39:9b:3c:d1:d9:d3:da:
fa:0e:6b:2e:22:25:9e:3e:d6:4f:0e:20:34:63:5b:
f4:1f:55:f0:cc:a6:d0:77:95:e9:eb:08:79:d3:e4:
f9:6e:c3:ea:3c:1b:32:6a:8c:f8:e2:d4:69:9b:9f:
68:a1:c5:40:71:f7:87:af:02:86:72:e1:92:d3:2f:
74:49:22:f6:33:11:f8:fc:d6:62:c3:d9:81:04:1f:
14:cc:56:a9:30:a7:c1:32:6e:89:0a:7b:b4:34:fa:
1b:00:02:08:b5:a7:cb:41:cb:68:6f:12:98:ae:3a:
5b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:5B:D5:5D:61:5C:98:60:AC:CF:D8:60:99:85:3B:CB:19:A9:9B:E4
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CBB09/611DABA07CE811ECAC894839C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CBB09/611DABA07CE811ECAC894839C4F9AE02/l1vVXWFcmGCsz9hgmYU7yxmpm-Q.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
148991
sbgp-ipAddrBlock: critical
IPv4:
103.175.150.0/23
IPv6:
2400:1ae0::/32
Signature Algorithm: sha256WithRSAEncryption
d4:79:1b:f2:31:bc:ec:28:86:76:ce:eb:8a:0a:e3:69:4a:80:
96:96:7b:d3:c4:fc:47:7b:3a:04:85:eb:17:62:6d:c2:b6:81:
74:03:84:3b:51:e1:1a:9d:94:9b:fa:8a:2b:39:a4:a1:8a:50:
af:be:f1:31:70:b6:da:2b:e3:7c:c4:65:b0:48:46:d1:ea:09:
71:d9:10:d0:fe:c0:f0:18:97:85:67:18:30:39:10:49:40:3a:
6b:4e:37:bd:a7:83:ef:15:f3:bd:fd:5d:a6:a7:8c:f7:e0:19:
45:83:f8:b6:db:ba:4b:37:f0:34:86:39:ec:b6:79:ad:f7:06:
52:b3:17:0b:f9:35:1a:1c:59:7b:df:9a:2e:50:9f:ad:72:47:
7d:66:d7:39:32:dd:f5:6f:08:34:c5:64:e6:fc:49:50:98:6b:
3d:b1:60:d5:e5:3a:af:48:b8:f0:e8:a0:75:3f:ab:1e:a3:9d:
19:d9:ec:0f:16:f0:4a:4b:40:3e:73:78:e9:23:aa:8c:bf:5d:
e6:f8:65:00:ad:58:70:67:2b:ba:02:44:e4:3f:4b:c9:0c:fa:
6a:c2:1f:7a:5f:0e:df:a9:d7:6f:bd:b4:97:22:eb:a2:46:d0:
0b:8d:ef:66:69:f0:a7:68:cd:b0:07:13:bc:0d:a8:8e:16:35:
91:0e:b4:fe
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAciqMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEwMjIzMDYyNVoXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQ0JCMDkxMTAvBgNVBAUTKDk3NUJENTVENjE1Qzk4NjBBQ0NGRDg2
MDk5ODUzQkNCMTlBOTlCRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDvS4zixR92jsn3MRMevDGMD899CeaLaHiPVFQ/Us9XNRCyg1tAuqC3ZUs1+EHX
T24Z+JxbKcaJHLpzY6e2fJnF1OQcC3kh2QGYdQAmnmAOozWu1K0cvaClwi2iwjfi
+mIOpe5J6Vuged0wgZJlaxmY9CyuJfuicLaB3pLaZ1ziX523tzHY8l9Z6aiRiuOu
OZs80dnT2voOay4iJZ4+1k8OIDRjW/QfVfDMptB3lenrCHnT5Pluw+o8GzJqjPji
1Gmbn2ihxUBx94evAoZy4ZLTL3RJIvYzEfj81mLD2YEEHxTMVqkwp8EybokKe7Q0
+hsAAgi1p8tBy2hvEpiuOlt9AgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUl1vVXWFc
mGCsz9hgmYU7yxmpm+QwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNCQjA5LzYxMURBQkEwN0NFODExRUNBQzg5NDgzOUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDQkIwOS82MTFEQUJBMDdDRTgxMUVDQUM4OTQ4MzlDNEY5QUUwMi9sMXZWWFdG
Y21HQ3N6OWhnbVlVN3l4bXBtLVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkX/MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ6+WMA0EAgAC
MAcDBQAkABrgMA0GCSqGSIb3DQEBCwUAA4IBAQDUeRvyMbzsKIZ2zuuKCuNpSoCW
lnvTxPxHezoEhesXYm3CtoF0A4Q7UeEanZSb+oorOaShilCvvvExcLbaK+N8xGWw
SEbR6glx2RDQ/sDwGJeFZxgwORBJQDprTje9p4PvFfO9/V2mp4z34BlFg/i227pL
N/A0hjnstnmt9wZSsxcL+TUaHFl735ouUJ+tckd9Ztc5Mt31bwg0xWTm/ElQmGs9
sWDV5TqvSLjw6KB1P6seo50Z2ewPFvBKS0A+c3jpI6qMv13m+GUArVhwZyu6AkTk
P0vJDPpqwh96Xw7fqddvvbSXIuuiRtALje9mafCnaM2wBxO8DaiOFjWRDrT+
-----END CERTIFICATE-----
Generated at Sat Apr 20 03:58:02 2024 by rpki-client on console-fra.rpki-client.org