Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nZwAihKi96YP7_liJmsFAqHKC6I.cer
File: nZwAihKi96YP7_liJmsFAqHKC6I.cer (raw, json)
Hash identifier: iCFGgc+fXmpKLY4CHuErYGlaQfrqiOSE2mGpNrfnZyE=
Subject key identifier: 9D:9C:00:8A:12:A2:F7:A6:0F:EF:F9:62:26:6B:05:02:A1:CA:0B:A2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 020C37
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91AB85A/185C39B603CD11ECABCE697BC4F9AE02/nZwAihKi96YP7_liJmsFAqHKC6I.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91AB85A/185C39B603CD11ECABCE697BC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 05 Sep 2024 18:43:03 +0000
Certificate not after: Fri 31 Oct 2025 00:00:00 +0000
Subordinate resources: AS: 146956
IP: 103.172.28.0/23
IP: 2001:df7:5e80::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 04 Dec 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134199 (0x20c37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Sep 5 18:43:03 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=A91AB85A/serialNumber=9D9C008A12A2F7A60FEFF962266B0502A1CA0BA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5d:73:a9:bd:e3:76:30:ec:a7:f9:11:b1:6d:
59:59:23:a6:71:ef:b0:c3:4f:4d:42:3f:65:c6:d3:
b2:aa:d4:63:74:6d:68:23:5e:4f:07:5c:95:c8:33:
4f:36:60:f8:33:4a:58:bf:f0:13:59:ca:3b:bb:73:
fe:b8:95:ba:0a:00:7b:bd:6a:0a:2d:98:85:23:fc:
2f:df:20:c6:13:d8:25:65:e3:ac:1d:6c:eb:b6:77:
68:df:41:2b:ee:de:ad:ea:12:40:21:b9:48:33:db:
26:a3:95:77:8a:19:9f:b5:ba:d6:6d:65:55:9b:19:
78:76:52:41:1b:ac:d4:05:75:d5:7d:5d:b1:53:f4:
5e:4e:dc:65:3c:4f:f4:ab:99:ef:f6:eb:e8:d9:69:
1f:ff:51:9a:88:2f:92:62:9d:0e:33:e4:19:fe:bd:
88:41:0b:b4:03:ce:fb:9c:72:d0:7f:55:65:2e:af:
06:bd:25:e7:30:74:6e:88:5a:4b:86:25:b4:ab:3f:
04:ed:34:85:55:7e:d2:8c:82:2c:57:01:74:63:7c:
40:99:2a:36:e3:de:37:0d:3e:29:ff:a4:4d:ae:67:
6c:05:24:85:2a:2d:a4:9a:91:81:51:08:83:84:b2:
73:dd:d0:14:48:b1:b9:af:18:7d:dc:47:a0:b8:d5:
fe:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:9C:00:8A:12:A2:F7:A6:0F:EF:F9:62:26:6B:05:02:A1:CA:0B:A2
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91AB85A/185C39B603CD11ECABCE697BC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91AB85A/185C39B603CD11ECABCE697BC4F9AE02/nZwAihKi96YP7_liJmsFAqHKC6I.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
146956
sbgp-ipAddrBlock: critical
IPv4:
103.172.28.0/23
IPv6:
2001:df7:5e80::/48
Signature Algorithm: sha256WithRSAEncryption
77:d6:ec:58:77:ae:52:06:ad:4a:03:1c:86:c7:ed:49:0e:9a:
3a:de:fe:79:49:1f:c5:ae:57:30:be:5f:80:82:e3:61:93:07:
07:af:29:f1:4c:df:57:82:55:5a:31:fb:4b:25:d8:32:d0:ae:
5c:b0:c6:94:df:24:a3:e2:1b:ff:3c:0f:e5:17:c5:a7:84:6f:
d3:5d:89:da:5c:a3:e6:d5:d3:b7:3e:ca:6f:27:cf:44:78:2a:
34:d8:a8:cb:cb:57:11:f5:e5:fc:50:c7:b2:d7:dd:ba:b2:3c:
73:b3:e1:02:d7:33:28:81:66:a9:d6:32:29:00:8c:4b:3b:2a:
4a:99:2d:a3:f0:bd:c7:92:f3:19:5a:17:32:4c:13:76:0e:7b:
54:48:03:7a:13:51:db:38:7e:f7:40:ff:3c:7d:8d:14:93:3d:
32:4e:1f:21:25:c2:a4:d2:5f:ee:8e:a5:23:74:5c:0c:08:db:
90:f9:73:6c:1d:ed:e1:f5:1c:42:d5:fa:15:03:7d:f8:57:9f:
b7:1d:d2:5d:d3:a6:56:68:12:8e:a2:a8:b7:ca:d6:99:66:97:
2d:a5:b6:14:63:4f:83:7a:e4:38:8f:14:f0:a6:ae:4e:9c:c6:
39:36:27:16:6c:c4:8b:f6:53:2d:ed:5f:fb:89:ed:62:b1:f0:
e0:fb:4f:99
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAgw3MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDkwNTE4NDMwM1oXDTI1MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQUI4NUExMTAvBgNVBAUTKDlEOUMwMDhBMTJBMkY3QTYwRkVGRjk2
MjI2NkIwNTAyQTFDQTBCQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCXXOpveN2MOyn+RGxbVlZI6Zx77DDT01CP2XG07Kq1GN0bWgjXk8HXJXIM082
YPgzSli/8BNZyju7c/64lboKAHu9agotmIUj/C/fIMYT2CVl46wdbOu2d2jfQSvu
3q3qEkAhuUgz2yajlXeKGZ+1utZtZVWbGXh2UkEbrNQFddV9XbFT9F5O3GU8T/Sr
me/26+jZaR//UZqIL5JinQ4z5Bn+vYhBC7QDzvucctB/VWUurwa9JecwdG6IWkuG
JbSrPwTtNIVVftKMgixXAXRjfECZKjbj3jcNPin/pE2uZ2wFJIUqLaSakYFRCIOE
snPd0BRIsbmvGH3cR6C41f4zAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUnZwAihKi
96YP7/liJmsFAqHKC6IwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUFCODVBLzE4NUMzOUI2MDNDRDExRUNBQkNFNjk3QkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBQjg1QS8xODVDMzlCNjAzQ0QxMUVDQUJDRTY5N0JDNEY5QUUwMi9uWndBaWhL
aTk2WVA3X2xpSm1zRkFxSEtDNkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAj4MMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ6wcMA8EAgAC
MAkDBwAgAQ33XoAwDQYJKoZIhvcNAQELBQADggEBAHfW7Fh3rlIGrUoDHIbH7UkO
mjre/nlJH8WuVzC+X4CC42GTBwevKfFM31eCVVox+0sl2DLQrlywxpTfJKPiG/88
D+UXxaeEb9Ndidpco+bV07c+ym8nz0R4KjTYqMvLVxH15fxQx7LX3bqyPHOz4QLX
MyiBZqnWMikAjEs7KkqZLaPwvceS8xlaFzJME3YOe1RIA3oTUds4fvdA/zx9jRST
PTJOHyElwqTSX+6OpSN0XAwI25D5c2wd7eH1HELV+hUDffhXn7cd0l3TplZoEo6i
qLfK1plmly2lthRjT4N65DiPFPCmrk6cxjk2JxZsxIv2Uy3tX/uJ7WKx8OD7T5k=
-----END CERTIFICATE-----
Generated at Wed Nov 27 04:08:12 2024 by rpki-client on console-ams.rpki-client.org