Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lvgXvUBwtcwZoLU5PVW-dzmAqBA.cer
File: lvgXvUBwtcwZoLU5PVW-dzmAqBA.cer (raw, json)
Hash identifier: QA9DANxPsATTNpIF1wVLa1LCOjT3Wf3I6gUfpMT2ilk=
Subject key identifier: 96:F8:17:BD:40:70:B5:CC:19:A0:B5:39:3D:55:BE:77:39:80:A8:10
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021AEA
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91B8CA6/9BD64056320611EAA2F6B332C4F9AE02/lvgXvUBwtcwZoLU5PVW-dzmAqBA.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91B8CA6/9BD64056320611EAA2F6B332C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 12 Nov 2024 16:28:02 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 17412
AS: 150789
IP: 103.102.36.0/23
IP: 2001:def:8000::/47
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 05:23:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137962 (0x21aea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 12 16:28:02 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A91B8CA6/serialNumber=96F817BD4070B5CC19A0B5393D55BE773980A810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:74:bd:e1:87:cd:eb:5a:46:47:ea:8e:f2:86:
e3:40:05:8c:2e:67:26:61:d5:47:b1:2e:02:1a:d9:
22:5e:06:77:d3:75:a5:45:7b:0c:f4:ae:fe:e3:42:
b6:07:72:df:a5:f0:85:ad:df:81:fd:f5:7f:92:63:
f6:43:d7:cb:4c:99:e9:49:2d:8c:2c:8c:82:67:af:
b0:fc:a5:ff:ae:cc:98:3b:92:34:a6:ee:cd:da:70:
61:62:4e:82:7e:16:e9:14:0c:48:e4:c7:27:de:21:
76:2c:e0:6a:e5:0f:fd:08:92:7f:be:9f:6e:db:1e:
22:d8:d0:db:cb:bc:db:df:6a:5a:7d:18:56:86:8a:
de:63:68:54:73:0f:6d:a4:7d:2d:1f:78:2a:0f:8f:
c5:46:95:71:ed:03:8b:9c:da:ff:fb:e1:b5:71:91:
b4:ae:f4:0b:2b:19:6d:a1:a0:07:37:d7:1f:c1:eb:
13:e7:8b:91:02:65:ed:52:7a:6a:2c:5d:4a:8b:55:
41:f6:f6:fa:54:b9:bc:72:25:99:c3:7b:65:78:9f:
71:62:be:cd:88:cf:07:f3:50:1a:98:93:55:f3:ca:
e5:f5:24:c0:16:f5:01:45:35:e3:b6:48:1a:6e:74:
43:85:16:93:ae:10:a0:cb:3c:4a:8b:ec:2a:79:d9:
75:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F8:17:BD:40:70:B5:CC:19:A0:B5:39:3D:55:BE:77:39:80:A8:10
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B8CA6/9BD64056320611EAA2F6B332C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B8CA6/9BD64056320611EAA2F6B332C4F9AE02/lvgXvUBwtcwZoLU5PVW-dzmAqBA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
17412
150789
sbgp-ipAddrBlock: critical
IPv4:
103.102.36.0/23
IPv6:
2001:def:8000::/47
Signature Algorithm: sha256WithRSAEncryption
7e:c8:f0:70:a0:d9:11:bb:74:3d:ec:21:c1:75:d9:77:e1:ce:
8e:a2:88:61:dc:a9:b1:19:6b:17:4c:e7:de:98:a2:4d:92:23:
e7:d2:db:00:a7:18:5e:18:73:d6:e3:51:f5:03:78:99:ac:0b:
c1:07:87:06:81:b1:1d:eb:da:39:e1:9d:21:34:98:d5:57:28:
bf:13:f5:f5:77:90:cf:9a:f8:68:f8:ba:a1:ff:69:4a:bb:49:
21:e4:5c:72:e6:4b:b5:7b:3b:b1:1d:7e:4e:e0:d4:c2:f5:c2:
4c:6d:25:4d:a3:2d:d4:4f:62:9b:2f:dd:44:c3:a6:cd:78:1b:
37:49:c3:9f:6d:04:85:d4:fc:ce:d9:26:50:dc:4a:00:48:20:
62:cb:86:d5:cc:f9:d6:28:bb:a1:59:3b:f0:bb:f7:1d:11:57:
2b:74:85:cb:9e:40:55:cb:0e:ed:58:4e:e5:3e:36:b2:2d:52:
55:7a:52:67:b1:a6:b2:d8:93:ab:78:47:87:da:38:52:85:c6:
93:37:46:84:53:f0:9b:86:7c:5a:42:25:47:22:d7:81:d0:a2:
b2:45:3a:4f:e5:05:2f:09:5c:dd:3d:bf:05:23:18:41:45:21:
bf:6b:04:ab:58:7b:5d:2b:b8:05:9c:50:75:57:c0:b9:53:c1:
3c:11:c6:f1
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAhrqMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTExMjE2MjgwMloXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjhDQTYxMTAvBgNVBAUTKDk2RjgxN0JENDA3MEI1Q0MxOUEwQjUz
OTNENTVCRTc3Mzk4MEE4MTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2dL3hh83rWkZH6o7yhuNABYwuZyZh1UexLgIa2SJeBnfTdaVFewz0rv7jQrYH
ct+l8IWt34H99X+SY/ZD18tMmelJLYwsjIJnr7D8pf+uzJg7kjSm7s3acGFiToJ+
FukUDEjkxyfeIXYs4GrlD/0Ikn++n27bHiLY0NvLvNvfalp9GFaGit5jaFRzD22k
fS0feCoPj8VGlXHtA4uc2v/74bVxkbSu9AsrGW2hoAc31x/B6xPni5ECZe1Semos
XUqLVUH29vpUubxyJZnDe2V4n3Fivs2IzwfzUBqYk1XzyuX1JMAW9QFFNeO2SBpu
dEOFFpOuEKDLPEqL7Cp52XWZAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUlvgXvUBw
tcwZoLU5PVW+dzmAqBAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUI4Q0E2LzlCRDY0MDU2MzIwNjExRUFBMkY2QjMzMkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCOENBNi85QkQ2NDA1NjMyMDYxMUVBQTJGNkIzMzJDNEY5QUUwMi9sdmdYdlVC
d3Rjd1pvTFU1UFZXLWR6bUFxQkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQgBAf8EDzAN
oAswCQICRAQCAwJNBTAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAWdmJDAP
BAIAAjAJAwcBIAEN74AAMA0GCSqGSIb3DQEBCwUAA4IBAQB+yPBwoNkRu3Q97CHB
ddl34c6Ooohh3KmxGWsXTOfemKJNkiPn0tsApxheGHPW41H1A3iZrAvBB4cGgbEd
69o54Z0hNJjVVyi/E/X1d5DPmvho+Lqh/2lKu0kh5Fxy5ku1ezuxHX5O4NTC9cJM
bSVNoy3UT2KbL91Ew6bNeBs3ScOfbQSF1PzO2SZQ3EoASCBiy4bVzPnWKLuhWTvw
u/cdEVcrdIXLnkBVyw7tWE7lPjayLVJVelJnsaay2JOreEeH2jhShcaTN0aEU/Cb
hnxaQiVHIteB0KKyRTpP5QUvCVzdPb8FIxhBRSG/awSrWHtdK7gFnFB1V8C5U8E8
Ecbx
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:37:18 2024 by rpki-client on console-ams.rpki-client.org