Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nZwAihKi96YP7_liJmsFAqHKC6I.cer
File: nZwAihKi96YP7_liJmsFAqHKC6I.cer (raw, json)
Hash identifier: GIm+uUXphVSfkLK9uuzV4CqvRfahE+4Zd1DBdAI49Wg=
Subject key identifier: 9D:9C:00:8A:12:A2:F7:A6:0F:EF:F9:62:26:6B:05:02:A1:CA:0B:A2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01B871
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91AB85A/185C39B603CD11ECABCE697BC4F9AE02/nZwAihKi96YP7_liJmsFAqHKC6I.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91AB85A/185C39B603CD11ECABCE697BC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 23 Aug 2023 18:32:22 +0000
Certificate not after: Thu 31 Oct 2024 00:00:00 +0000
Subordinate resources: AS: 146956
IP: 103.172.28.0/23
IP: 2001:df7:5e80::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 26 Apr 2024 21:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112753 (0x1b871)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 23 18:32:22 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=A91AB85A/serialNumber=9D9C008A12A2F7A60FEFF962266B0502A1CA0BA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5d:73:a9:bd:e3:76:30:ec:a7:f9:11:b1:6d:
59:59:23:a6:71:ef:b0:c3:4f:4d:42:3f:65:c6:d3:
b2:aa:d4:63:74:6d:68:23:5e:4f:07:5c:95:c8:33:
4f:36:60:f8:33:4a:58:bf:f0:13:59:ca:3b:bb:73:
fe:b8:95:ba:0a:00:7b:bd:6a:0a:2d:98:85:23:fc:
2f:df:20:c6:13:d8:25:65:e3:ac:1d:6c:eb:b6:77:
68:df:41:2b:ee:de:ad:ea:12:40:21:b9:48:33:db:
26:a3:95:77:8a:19:9f:b5:ba:d6:6d:65:55:9b:19:
78:76:52:41:1b:ac:d4:05:75:d5:7d:5d:b1:53:f4:
5e:4e:dc:65:3c:4f:f4:ab:99:ef:f6:eb:e8:d9:69:
1f:ff:51:9a:88:2f:92:62:9d:0e:33:e4:19:fe:bd:
88:41:0b:b4:03:ce:fb:9c:72:d0:7f:55:65:2e:af:
06:bd:25:e7:30:74:6e:88:5a:4b:86:25:b4:ab:3f:
04:ed:34:85:55:7e:d2:8c:82:2c:57:01:74:63:7c:
40:99:2a:36:e3:de:37:0d:3e:29:ff:a4:4d:ae:67:
6c:05:24:85:2a:2d:a4:9a:91:81:51:08:83:84:b2:
73:dd:d0:14:48:b1:b9:af:18:7d:dc:47:a0:b8:d5:
fe:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:9C:00:8A:12:A2:F7:A6:0F:EF:F9:62:26:6B:05:02:A1:CA:0B:A2
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91AB85A/185C39B603CD11ECABCE697BC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91AB85A/185C39B603CD11ECABCE697BC4F9AE02/nZwAihKi96YP7_liJmsFAqHKC6I.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
146956
sbgp-ipAddrBlock: critical
IPv4:
103.172.28.0/23
IPv6:
2001:df7:5e80::/48
Signature Algorithm: sha256WithRSAEncryption
ca:93:32:74:46:e7:5f:14:4d:7b:c2:1c:79:08:13:55:52:ee:
8a:45:17:15:4d:8a:75:6d:e8:13:1b:6b:93:2d:df:fc:7f:36:
b2:7b:c8:79:0a:9a:93:fb:fc:93:f1:98:21:aa:e4:2e:d5:7a:
fe:28:a5:a9:35:6b:a3:16:a5:40:18:3a:7d:38:f8:fb:5b:9a:
f8:88:75:5d:fc:82:88:34:e4:4a:80:d9:e1:ba:90:46:ad:ea:
01:db:e7:fc:97:09:17:bc:ef:75:3b:17:bb:32:bd:08:33:ab:
07:14:1d:57:a6:c8:93:a4:eb:07:61:2a:74:0a:9f:c1:5d:96:
ce:13:99:ba:c0:90:e6:9f:3b:01:a0:38:6c:6d:d0:08:5b:90:
d0:be:8e:a1:0a:63:66:b8:61:90:e6:18:22:f7:18:71:24:53:
81:da:55:a6:06:16:ad:f6:51:1f:2d:e4:d2:c9:0c:07:30:95:
85:86:99:23:89:94:57:e6:1a:7e:39:5e:fd:83:23:14:99:73:
55:b1:34:3d:23:0b:28:c4:b3:92:b8:b8:e5:be:0f:4c:c6:4e:
40:d2:5f:b3:20:80:6e:f4:b6:34:33:38:05:c1:89:78:4b:8c:
17:50:0d:17:d4:b4:35:16:13:79:8a:a7:bb:93:fc:ba:03:4c:
13:89:de:a1
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAbhxMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDgyMzE4MzIyMloXDTI0MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQUI4NUExMTAvBgNVBAUTKDlEOUMwMDhBMTJBMkY3QTYwRkVGRjk2
MjI2NkIwNTAyQTFDQTBCQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCXXOpveN2MOyn+RGxbVlZI6Zx77DDT01CP2XG07Kq1GN0bWgjXk8HXJXIM082
YPgzSli/8BNZyju7c/64lboKAHu9agotmIUj/C/fIMYT2CVl46wdbOu2d2jfQSvu
3q3qEkAhuUgz2yajlXeKGZ+1utZtZVWbGXh2UkEbrNQFddV9XbFT9F5O3GU8T/Sr
me/26+jZaR//UZqIL5JinQ4z5Bn+vYhBC7QDzvucctB/VWUurwa9JecwdG6IWkuG
JbSrPwTtNIVVftKMgixXAXRjfECZKjbj3jcNPin/pE2uZ2wFJIUqLaSakYFRCIOE
snPd0BRIsbmvGH3cR6C41f4zAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUnZwAihKi
96YP7/liJmsFAqHKC6IwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUFCODVBLzE4NUMzOUI2MDNDRDExRUNBQkNFNjk3QkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBQjg1QS8xODVDMzlCNjAzQ0QxMUVDQUJDRTY5N0JDNEY5QUUwMi9uWndBaWhL
aTk2WVA3X2xpSm1zRkFxSEtDNkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAj4MMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ6wcMA8EAgAC
MAkDBwAgAQ33XoAwDQYJKoZIhvcNAQELBQADggEBAMqTMnRG518UTXvCHHkIE1VS
7opFFxVNinVt6BMba5Mt3/x/NrJ7yHkKmpP7/JPxmCGq5C7Vev4opak1a6MWpUAY
On04+PtbmviIdV38gog05EqA2eG6kEat6gHb5/yXCRe873U7F7syvQgzqwcUHVem
yJOk6wdhKnQKn8Fdls4TmbrAkOafOwGgOGxt0AhbkNC+jqEKY2a4YZDmGCL3GHEk
U4HaVaYGFq32UR8t5NLJDAcwlYWGmSOJlFfmGn45Xv2DIxSZc1WxND0jCyjEs5K4
uOW+D0zGTkDSX7MggG70tjQzOAXBiXhLjBdQDRfUtDUWE3mKp7uT/LoDTBOJ3qE=
-----END CERTIFICATE-----
Generated at Fri Apr 19 22:16:54 2024 by rpki-client on console-fra.rpki-client.org