Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.cer
File: mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.cer (raw, json)
Hash identifier: UiBrBfN5Px+e2Y/dvXnUxtB2nHraSIHwFAFlDgkpUyQ=
Subject key identifier: 99:1B:3F:17:08:4F:76:F1:2F:9F:05:09:D5:97:F0:FF:EC:A0:4B:4A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021817
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 01 Nov 2024 22:52:38 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 38059
AS: 38187
AS: 45761
AS: 55576
IP: 103.70.52.0/22
IP: 112.121.64.0/18
IP: 182.54.136.0/22
IP: 202.80.104.0/21
IP: 2402:b600::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 06:14:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137239 (0x21817)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 1 22:52:38 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A9167B50/serialNumber=991B3F17084F76F12F9F0509D597F0FFECA04B4A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d0:c7:94:58:40:cc:47:08:b5:64:d6:6c:47:
46:d5:03:3c:e0:5f:b5:e8:9a:76:09:7b:93:50:c5:
f5:dd:f3:ab:c0:3c:84:08:06:61:fa:ee:88:d4:87:
4a:5c:6d:a3:dd:91:87:cb:9d:f4:c5:c4:a9:34:c0:
34:33:67:bb:e3:4f:c5:8a:d1:84:9e:98:73:3a:bd:
c1:12:e2:1f:fa:6e:39:11:e4:9f:b7:c6:85:13:d3:
72:e0:7c:bb:29:37:6c:16:05:78:59:9a:aa:23:4c:
90:ba:6d:f1:35:0d:4c:1a:63:c7:68:bb:66:a1:f4:
a8:18:55:78:48:78:c4:5a:17:71:f1:44:b3:09:e1:
87:2b:ad:ea:c8:68:2f:58:15:b1:c0:7c:a4:a3:78:
b3:89:dd:23:16:2c:23:5e:60:ab:a8:77:87:06:98:
c4:e8:05:c8:d3:49:d2:23:58:c8:90:38:7b:56:fb:
98:e0:bb:7a:d8:d0:09:17:bf:9a:88:c2:7e:37:86:
09:b3:5d:d8:69:49:06:01:2d:a7:72:fa:05:b0:83:
0c:32:61:48:fb:47:11:af:bf:c5:5c:d2:5c:39:52:
e5:7d:b4:2f:24:f5:f9:93:56:cb:ef:41:06:e0:73:
8d:0b:02:ba:12:f3:bf:6d:c5:ab:99:cb:45:b3:18:
f5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:1B:3F:17:08:4F:76:F1:2F:9F:05:09:D5:97:F0:FF:EC:A0:4B:4A
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
38059
38187
45761
55576
sbgp-ipAddrBlock: critical
IPv4:
103.70.52.0/22
112.121.64.0/18
182.54.136.0/22
202.80.104.0/21
IPv6:
2402:b600::/32
Signature Algorithm: sha256WithRSAEncryption
39:94:0d:f3:28:92:d1:6e:c8:83:4b:59:0a:bc:ea:3a:66:09:
cf:ad:b3:b5:5a:e5:7f:c3:13:de:c3:c6:d5:91:2c:f8:7c:bc:
8b:9d:6a:f4:d7:91:6d:72:03:fc:54:95:f1:7a:e7:2b:8e:2a:
6c:9d:33:ec:13:a3:d2:db:a7:12:6f:23:c0:3d:a2:f1:c6:21:
85:da:f1:f9:dd:b1:08:cd:72:b9:78:a6:5f:44:7d:08:4c:69:
bc:04:70:01:b3:6a:32:fb:7c:99:23:4d:dc:26:20:39:2d:5f:
58:ea:e1:9e:74:da:26:03:05:e9:42:3f:ed:0f:d2:76:a3:de:
46:88:aa:cb:f2:a4:37:53:a3:03:76:44:56:dc:ca:a6:3e:c7:
c3:b8:f7:6c:3c:aa:7e:cc:d9:8b:1d:76:54:39:1a:f6:86:fa:
c0:e5:26:63:ae:61:f2:ad:7d:87:02:56:c7:8e:a2:c7:f1:65:
4e:a4:dc:c9:a5:af:73:eb:83:98:8f:2b:3f:e4:91:ec:0a:70:
57:b8:71:34:ca:91:8c:8b:27:85:a6:55:95:f2:90:96:f1:ea:
de:ef:46:bb:20:f1:aa:f6:52:bf:d2:0a:dd:2d:bb:15:2b:80:
b3:e0:4f:c3:c4:94:f3:b4:87:cb:78:27:93:11:d0:66:0e:ea:
74:64:4e:57
-----BEGIN CERTIFICATE-----
MIIGSjCCBTKgAwIBAgIDAhgXMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTEwMTIyNTIzOFoXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNjdCNTAxMTAvBgNVBAUTKDk5MUIzRjE3MDg0Rjc2RjEyRjlGMDUw
OUQ1OTdGMEZGRUNBMDRCNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDK0MeUWEDMRwi1ZNZsR0bVAzzgX7XomnYJe5NQxfXd86vAPIQIBmH67ojUh0pc
baPdkYfLnfTFxKk0wDQzZ7vjT8WK0YSemHM6vcES4h/6bjkR5J+3xoUT03LgfLsp
N2wWBXhZmqojTJC6bfE1DUwaY8dou2ah9KgYVXhIeMRaF3HxRLMJ4YcrrerIaC9Y
FbHAfKSjeLOJ3SMWLCNeYKuod4cGmMToBcjTSdIjWMiQOHtW+5jgu3rY0AkXv5qI
wn43hgmzXdhpSQYBLady+gWwgwwyYUj7RxGvv8Vc0lw5UuV9tC8k9fmTVsvvQQbg
c40LAroS879txauZy0WzGPWpAgMBAAGjggM/MIIDOzAdBgNVHQ4EFgQUmRs/FwhP
dvEvnwUJ1Zfw/+ygS0owHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTY3QjUwLzlEMTMwNUM4MUQ4RjExRTJBMDJCQ0RFRTA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2N0I1MC85RDEzMDVDODFEOEYxMUUyQTAyQkNERUUwOEIwMkNEMi9tUnNfRndo
UGR2RXZud1VKMVpmd18teWdTMG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKQYIKwYBBQUHAQgBAf8EGjAY
oBYwFAIDAJSrAgMAlSsCAwCywQIDANkYMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIA
ATAYAwQCZ0Y0AwQGcHlAAwQCtjaIAwQDylBoMA0EAgACMAcDBQAkArYAMA0GCSqG
SIb3DQEBCwUAA4IBAQA5lA3zKJLRbsiDS1kKvOo6ZgnPrbO1WuV/wxPew8bVkSz4
fLyLnWr015FtcgP8VJXxeucrjipsnTPsE6PS26cSbyPAPaLxxiGF2vH53bEIzXK5
eKZfRH0ITGm8BHABs2oy+3yZI03cJiA5LV9Y6uGedNomAwXpQj/tD9J2o95GiKrL
8qQ3U6MDdkRW3MqmPsfDuPdsPKp+zNmLHXZUORr2hvrA5SZjrmHyrX2HAlbHjqLH
8WVOpNzJpa9z64OYjys/5JHsCnBXuHE0ypGMiyeFplWV8pCW8ere70a7IPGq9lK/
0grdLbsVK4Cz4E/DxJTztIfLeCeTEdBmDup0ZE5X
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:59:04 2024 by rpki-client on console-fra.rpki-client.org