Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nWx1DOA5PCAKv4pnHB8sIGoMtHE.cer
File: nWx1DOA5PCAKv4pnHB8sIGoMtHE.cer (raw, json)
Hash identifier: 6MECT0K8gP4AmTbgd4SIBNGxoV1vFOXC/AUJstgLOWw=
Subject key identifier: 9D:6C:75:0C:E0:39:3C:20:0A:BF:8A:67:1C:1F:2C:20:6A:0C:B4:71
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01FA56
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91113E7/9D3A20002F5611EFA23E5A23C4F9AE02/nWx1DOA5PCAKv4pnHB8sIGoMtHE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91113E7/9D3A20002F5611EFA23E5A23C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 20 Jun 2024 22:44:18 +0000
Certificate not after: Wed 30 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 152703
IP: 103.16.4.0/23
IP: 2401:9520::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 14 Sep 2024 20:15:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 129622 (0x1fa56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jun 20 22:44:18 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=A91113E7/serialNumber=9D6C750CE0393C200ABF8A671C1F2C206A0CB471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:17:a9:7f:4e:dc:87:b9:a0:9f:7c:8f:ef:e9:
f8:ae:a2:2a:75:74:25:12:ee:ae:ef:63:f9:1a:16:
c8:75:0a:e8:e9:0d:15:56:0a:60:d1:b3:30:0e:8a:
f4:69:d3:57:63:e3:0e:dc:2c:b8:44:55:26:fb:b3:
54:4b:48:c1:37:00:e8:9c:c2:20:22:5d:d0:6a:e5:
22:84:58:5b:81:78:54:b8:b4:08:8e:88:21:f5:1f:
22:85:13:e7:40:02:d8:69:0d:36:9b:59:85:ec:c2:
46:72:38:aa:25:38:45:37:42:06:f6:17:e7:1b:a6:
e2:e9:0d:ca:9e:45:7e:4e:b3:e9:3d:3e:46:26:e9:
a3:2e:3a:2b:20:78:f2:18:8a:e7:bb:3f:50:ad:6e:
6f:6d:ba:25:a1:8e:a7:76:09:ee:34:47:b5:ab:7c:
07:a1:d3:8c:ad:52:e6:8c:15:b7:bf:78:38:22:a4:
ec:26:62:5d:ce:c8:25:90:cb:e0:74:c8:9b:c3:8a:
14:54:be:9c:34:15:7b:c6:dd:b9:81:7f:b9:0f:74:
ce:d5:60:ac:1c:5b:5f:d3:05:62:5a:5c:3c:c1:07:
4b:b9:8a:76:94:98:40:98:0b:a9:86:96:1d:94:ad:
a2:17:0b:1a:a0:20:fc:5d:48:19:32:0a:25:ba:eb:
27:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:6C:75:0C:E0:39:3C:20:0A:BF:8A:67:1C:1F:2C:20:6A:0C:B4:71
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91113E7/9D3A20002F5611EFA23E5A23C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91113E7/9D3A20002F5611EFA23E5A23C4F9AE02/nWx1DOA5PCAKv4pnHB8sIGoMtHE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
152703
sbgp-ipAddrBlock: critical
IPv4:
103.16.4.0/23
IPv6:
2401:9520::/32
Signature Algorithm: sha256WithRSAEncryption
ae:60:4a:22:5f:54:33:50:94:70:94:97:02:9d:30:27:c2:65:
3a:36:fb:b4:f0:5b:40:01:ae:a3:44:7c:4e:5c:a3:f5:88:cf:
2a:37:b1:2b:8e:88:f1:24:8b:37:68:08:85:ef:9e:94:ed:15:
82:46:cc:de:28:7b:1e:6f:50:32:e7:a6:0f:08:5f:c7:7a:6b:
57:44:5f:ab:5a:20:eb:46:df:c0:7a:0d:a6:a7:ec:14:3d:14:
5d:ce:59:d7:74:f3:8e:81:a5:11:43:f7:25:f3:34:d8:a1:b6:
71:40:6b:60:12:21:64:68:e5:a4:3d:7b:df:74:d3:f0:14:59:
f0:0e:51:a4:d5:47:85:2c:60:80:ed:44:fb:c9:8f:a0:30:01:
6c:02:fd:b4:54:55:36:d3:25:c0:d4:da:d6:8f:96:e8:1e:4d:
35:ec:8c:c7:09:33:e0:48:f4:8b:a1:e8:59:95:63:82:94:28:
9c:38:33:88:9a:2a:65:72:c1:41:74:8b:8b:58:e9:64:23:41:
01:68:4f:da:62:f4:3b:d8:5b:e6:40:5e:da:b1:84:b7:91:a0:
c2:48:98:e6:6c:32:a7:c2:d2:ae:7e:72:de:c7:93:17:06:06:
72:87:65:f5:fc:80:80:24:dd:40:8c:db:d4:ce:4b:ee:76:31:
4e:90:0d:5a
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAfpWMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDYyMDIyNDQxOFoXDTI1MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTEzRTcxMTAvBgNVBAUTKDlENkM3NTBDRTAzOTNDMjAwQUJGOEE2
NzFDMUYyQzIwNkEwQ0I0NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCxF6l/TtyHuaCffI/v6fiuoip1dCUS7q7vY/kaFsh1CujpDRVWCmDRszAOivRp
01dj4w7cLLhEVSb7s1RLSME3AOicwiAiXdBq5SKEWFuBeFS4tAiOiCH1HyKFE+dA
AthpDTabWYXswkZyOKolOEU3Qgb2F+cbpuLpDcqeRX5Os+k9PkYm6aMuOisgePIY
iue7P1Ctbm9tuiWhjqd2Ce40R7WrfAeh04ytUuaMFbe/eDgipOwmYl3OyCWQy+B0
yJvDihRUvpw0FXvG3bmBf7kPdM7VYKwcW1/TBWJaXDzBB0u5inaUmECYC6mGlh2U
raIXCxqgIPxdSBkyCiW66ydfAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUnWx1DOA5
PCAKv4pnHB8sIGoMtHEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTExM0U3LzlEM0EyMDAwMkY1NjExRUZBMjNFNUEyM0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExMTNFNy85RDNBMjAwMDJGNTYxMUVGQTIzRTVBMjNDNEY5QUUwMi9uV3gxRE9B
NVBDQUt2NHBuSEI4c0lHb010SEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlR/MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZxAEMA0EAgAC
MAcDBQAkAZUgMA0GCSqGSIb3DQEBCwUAA4IBAQCuYEoiX1QzUJRwlJcCnTAnwmU6
Nvu08FtAAa6jRHxOXKP1iM8qN7ErjojxJIs3aAiF756U7RWCRszeKHseb1Ay56YP
CF/HemtXRF+rWiDrRt/Aeg2mp+wUPRRdzlnXdPOOgaURQ/cl8zTYobZxQGtgEiFk
aOWkPXvfdNPwFFnwDlGk1UeFLGCA7UT7yY+gMAFsAv20VFU20yXA1NrWj5boHk01
7IzHCTPgSPSLoehZlWOClCicODOImiplcsFBdIuLWOlkI0EBaE/aYvQ72FvmQF7a
sYS3kaDCSJjmbDKnwtKufnLex5MXBgZyh2X1/ICAJN1AjNvUzkvudjFOkA1a
-----END CERTIFICATE-----
Generated at Sat Sep 7 22:42:08 2024 by rpki-client on console-ams.rpki-client.org