Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nflMM9P2R649kTYeHxcsIGhvWYk.cer
File: nflMM9P2R649kTYeHxcsIGhvWYk.cer (raw, json)
Hash identifier: OmkqkO2cEkATeQLsb2G++/aMrC7LCkqsOCn0Mm7j/ws=
Subject key identifier: 9D:F9:4C:33:D3:F6:47:AE:3D:91:36:1E:1F:17:2C:20:68:6F:59:89
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01B859
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/nflMM9P2R649kTYeHxcsIGhvWYk.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 23 Aug 2023 12:48:22 +0000
Certificate not after: Thu 31 Oct 2024 00:00:00 +0000
Subordinate resources: AS: 23855
AS: 23864
AS: 134148
AS: 136968
IP: 103.5.240.0/22
IP: 203.30.38.0/23
IP: 2001:df0:21a::/48
IP: 2401:c7c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 May 2024 17:23:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112729 (0x1b859)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Aug 23 12:48:22 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=A911B5B4/serialNumber=9DF94C33D3F647AE3D91361E1F172C20686F5989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:23:aa:54:f0:3d:9d:0d:ad:90:f6:f3:f4:05:
89:5c:ed:a7:81:ef:65:3b:d9:52:6c:cf:ae:ad:0e:
02:af:3a:cf:3d:e6:e0:80:af:25:7d:32:85:74:f1:
07:8c:64:ba:22:ac:cb:2f:3f:20:bb:d2:30:49:fa:
b8:57:db:f6:2e:95:41:82:b2:86:d9:27:69:bc:e0:
f1:a0:3b:81:e2:a6:ad:c5:81:93:3e:3d:3b:01:83:
20:3f:f1:76:a6:c7:70:cf:43:04:a6:e2:15:6a:46:
3a:fc:db:16:59:96:b2:c9:10:30:f0:e0:6a:7a:a8:
0b:ce:7b:a8:4f:2b:48:a9:7d:2b:51:92:2f:cc:24:
3f:cd:cd:a4:e8:cd:38:f3:85:21:e8:d8:d7:7a:42:
21:79:7c:c0:fa:34:d0:ed:8e:49:7b:f7:8a:ed:d9:
99:50:90:3b:2d:2f:df:c7:08:5d:b2:ee:88:64:01:
37:9b:71:4e:29:93:89:16:c6:6b:5a:23:d1:50:f0:
5e:0e:ba:8d:ca:60:a5:5f:f4:7a:a1:30:2a:6c:38:
98:b3:37:56:f7:b2:20:3f:6b:f8:a3:c4:34:ad:ee:
cc:ad:65:30:69:c2:51:50:b7:ab:0f:09:65:d4:cf:
26:b2:d7:83:da:48:9e:a4:73:4e:ac:b1:cb:89:4c:
2a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F9:4C:33:D3:F6:47:AE:3D:91:36:1E:1F:17:2C:20:68:6F:59:89
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/nflMM9P2R649kTYeHxcsIGhvWYk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
23855
23864
134148
136968
sbgp-ipAddrBlock: critical
IPv4:
103.5.240.0/22
203.30.38.0/23
IPv6:
2001:df0:21a::/48
2401:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
d5:0d:18:c4:e9:35:6f:ed:c7:a9:ff:36:c5:a0:09:18:c7:d8:
89:41:9a:ab:51:ed:78:27:06:f6:c8:9a:22:ee:1d:74:64:32:
83:3b:2c:52:bc:fe:1a:1c:fb:ce:95:ea:0d:25:58:29:76:9d:
17:d4:63:02:07:99:a7:ba:e4:7d:2f:46:ab:2d:22:7e:7b:d8:
eb:2f:e6:48:c9:29:c5:d0:30:6d:5f:f9:34:aa:0d:4c:60:b6:
6d:10:16:e4:d6:62:54:05:b0:82:aa:74:dc:bd:97:b2:d2:a6:
85:c2:ef:30:1b:f9:5e:e9:8c:41:c6:f6:fc:de:c4:d9:56:5f:
8c:24:ff:28:d4:c2:da:82:4f:22:19:05:d9:66:fb:4a:6e:38:
3c:fd:c4:71:e8:7b:21:3d:d9:8a:60:13:13:a7:51:84:8d:8c:
8c:6e:78:ee:ba:b1:19:ab:2a:60:cd:9d:9f:34:55:97:56:05:
65:92:23:b4:b5:90:ed:a4:6d:31:48:24:e0:4f:22:31:4a:d6:
e8:51:29:34:0b:6f:81:45:f7:98:e9:fb:f3:61:b7:32:33:e9:
eb:08:31:14:50:3f:26:cd:52:ce:ae:9e:af:f1:f2:87:8f:7a:
de:ff:9b:47:38:be:6b:b3:87:23:b4:81:f4:19:9d:ed:cc:d3:
0c:80:7f:3d
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgIDAbhZMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDgyMzEyNDgyMloXDTI0MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMUI1QjQxMTAvBgNVBAUTKDlERjk0QzMzRDNGNjQ3QUUzRDkxMzYx
RTFGMTcyQzIwNjg2RjU5ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/I6pU8D2dDa2Q9vP0BYlc7aeB72U72VJsz66tDgKvOs895uCAryV9MoV08QeM
ZLoirMsvPyC70jBJ+rhX2/YulUGCsobZJ2m84PGgO4Hipq3FgZM+PTsBgyA/8Xam
x3DPQwSm4hVqRjr82xZZlrLJEDDw4Gp6qAvOe6hPK0ipfStRki/MJD/NzaTozTjz
hSHo2Nd6QiF5fMD6NNDtjkl794rt2ZlQkDstL9/HCF2y7ohkATebcU4pk4kWxmta
I9FQ8F4Ouo3KYKVf9HqhMCpsOJizN1b3siA/a/ijxDSt7sytZTBpwlFQt6sPCWXU
zyay14PaSJ6kc06sscuJTCoBAgMBAAGjggM6MIIDNjAdBgNVHQ4EFgQUnflMM9P2
R649kTYeHxcsIGhvWYkwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTFCNUI0LzcwOUY3QTI2QjgyOTExRTk5MzczOEEwOUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExQjVCNC83MDlGN0EyNkI4MjkxMUU5OTM3MzhBMDlDNEY5QUUwMi9uZmxNTTlQ
MlI2NDlrVFllSHhjc0lHaHZXWWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQgBAf8EGDAW
oBQwEgICXS8CAl04AgMCDAQCAwIXCDA9BggrBgEFBQcBBwEB/wQuMCwwEgQCAAEw
DAMEAmcF8AMEAcseJjAWBAIAAjAQAwcAIAEN8AIaAwUAJAHHwDANBgkqhkiG9w0B
AQsFAAOCAQEA1Q0YxOk1b+3Hqf82xaAJGMfYiUGaq1HteCcG9siaIu4ddGQygzss
Urz+Ghz7zpXqDSVYKXadF9RjAgeZp7rkfS9Gqy0ifnvY6y/mSMkpxdAwbV/5NKoN
TGC2bRAW5NZiVAWwgqp03L2XstKmhcLvMBv5XumMQcb2/N7E2VZfjCT/KNTC2oJP
IhkF2Wb7Sm44PP3Eceh7IT3ZimATE6dRhI2MjG547rqxGasqYM2dnzRVl1YFZZIj
tLWQ7aRtMUgk4E8iMUrW6FEpNAtvgUX3mOn782G3MjPp6wgxFFA/Js1Szq6er/Hy
h4963v+bRzi+a7OHI7SB9Bmd7czTDIB/PQ==
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:37:28 2024 by rpki-client on console-ams.rpki-client.org