Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
File: ntkFUQfHD4W7kajaAnC1ynYK61Q.cer (raw, json)
Hash identifier: 4Uqh/H6sZo+k8Izgf7Mmez9inN7FYOe3p2R5ZChBxVw=
Subject key identifier: 9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01E984
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 03 Apr 2024 23:08:35 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 4661
AS: 9557
AS: 17557
AS: 45595
AS: 140307
IP: 39.32.0.0/11
IP: 58.181.96.0/19
IP: 59.103.0.0/16
IP: 103.28.152.0/22
IP: 116.71.0.0/16
IP: 119.152.0.0/13
IP: 182.176.0.0/12
IP: 202.70.144.0/20
IP: 202.125.128.0/19
IP: 203.99.160.0/19
IP: 203.135.0.0/18
IP: 221.120.192.0/18
IP: 2001:df0:279::/48
IP: 2001:df2:b940::/48
IP: 2404:7000::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 May 2024 13:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125316 (0x1e984)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 3 23:08:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:26:dc:45:d3:9d:e7:0d:cd:a2:52:d8:4b:55:
bc:27:05:4f:44:74:94:87:63:bc:d5:a8:1b:c4:38:
cb:78:83:b9:c5:c0:bc:3c:63:e0:3e:e9:54:d5:96:
e4:3f:c9:da:33:3d:01:e7:0c:c8:39:d2:14:96:7e:
95:65:11:36:e4:ae:4d:71:6d:3c:e9:7a:01:a6:5d:
3f:11:ec:eb:76:82:a6:d1:36:e3:d1:a9:8b:a8:d9:
62:bb:86:62:85:cc:23:64:46:68:3c:17:23:c8:db:
9c:1a:f0:33:7f:87:52:65:0e:bb:f4:2a:60:d4:ac:
ee:d6:a5:8d:95:b7:25:d7:f5:38:d5:34:11:ac:f6:
59:5c:6e:c2:46:e9:f3:cc:c8:ff:a3:81:03:8e:bc:
cd:4b:8b:97:3a:00:2a:a8:09:01:77:46:8f:18:1d:
0a:21:35:08:f4:35:a3:d5:ef:54:98:62:ff:b7:7d:
5f:d4:23:4f:fe:f8:57:4c:09:7d:ce:1b:d4:13:bd:
00:6e:15:c2:11:0e:33:05:3e:29:87:2e:fd:f7:41:
21:b5:cc:a3:c4:ba:2f:44:cf:3d:19:8d:1c:0c:6d:
58:75:da:9c:b7:0e:bd:22:8b:1c:ef:42:e5:cf:47:
04:0a:3b:15:20:d5:6c:5f:fc:af:72:88:c8:19:7a:
67:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
4661
9557
17557
45595
140307
sbgp-ipAddrBlock: critical
IPv4:
39.32.0.0/11
58.181.96.0/19
59.103.0.0/16
103.28.152.0/22
116.71.0.0/16
119.152.0.0/13
182.176.0.0/12
202.70.144.0/20
202.125.128.0/19
203.99.160.0/19
203.135.0.0/18
221.120.192.0/18
IPv6:
2001:df0:279::/48
2001:df2:b940::/48
2404:7000::/32
Signature Algorithm: sha256WithRSAEncryption
ae:d9:ae:dd:ab:77:c3:6a:8f:e1:bf:3f:53:b7:f6:6a:35:05:
4e:d0:4c:69:b6:6c:e3:cd:aa:8f:c2:0d:79:f2:e2:15:6b:9d:
4d:10:b8:8d:af:08:94:77:05:a3:cb:92:6d:b8:fa:5a:fc:92:
d3:d0:de:28:12:83:17:28:8b:ed:db:25:a1:34:82:eb:24:9d:
17:00:bd:2a:71:19:b1:04:98:8a:fb:de:6b:30:57:be:0c:f5:
41:da:fc:87:45:41:35:b6:38:75:29:9d:7e:73:c8:b5:64:2f:
fb:71:c0:b3:2c:0c:54:fa:22:00:e6:35:be:5d:d5:e4:ed:96:
c0:c9:fc:58:ed:84:5a:6a:0c:5e:e5:2f:cd:76:60:09:d7:cc:
82:0c:bf:d6:ce:b6:6f:ad:55:de:74:b0:10:10:f2:68:b7:50:
1b:ad:e4:a3:7c:0c:e7:4d:27:02:d7:97:48:37:6b:d0:68:d9:
f7:5b:a3:df:b5:c1:96:46:0c:96:33:df:4e:c4:45:17:a8:bd:
cc:15:0e:b8:8f:b3:8a:56:40:a9:78:a8:7f:e8:a4:e9:32:b0:
2a:19:fe:6b:8f:2c:6e:5a:c5:0c:26:9b:f6:58:a4:5a:cd:ef:
46:2b:a6:aa:6b:ab:ba:dc:98:48:fc:08:28:20:78:09:e1:0e:
84:17:5d:84
-----BEGIN CERTIFICATE-----
MIIGiTCCBXGgAwIBAgIDAemEMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQwMzIzMDgzNVoXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThE
QTAyNzBCNUNBNzYwQUVCNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLJtxF053nDc2iUthLVbwnBU9EdJSHY7zVqBvEOMt4g7nFwLw8Y+A+6VTVluQ/
ydozPQHnDMg50hSWfpVlETbkrk1xbTzpegGmXT8R7Ot2gqbRNuPRqYuo2WK7hmKF
zCNkRmg8FyPI25wa8DN/h1JlDrv0KmDUrO7WpY2VtyXX9TjVNBGs9llcbsJG6fPM
yP+jgQOOvM1Li5c6ACqoCQF3Ro8YHQohNQj0NaPV71SYYv+3fV/UI0/++FdMCX3O
G9QTvQBuFcIRDjMFPimHLv33QSG1zKPEui9Ezz0ZjRwMbVh12py3Dr0iixzvQuXP
RwQKOxUg1Wxf/K9yiMgZeme9AgMBAAGjggN+MIIDejAdBgNVHQ4EFgQUntkFUQfH
D4W7kajaAnC1ynYK61QwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUEwODMyLzlEQUY3ODBFMUQ5NDExRTI5OTAxRjNGODA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBMDgzMi85REFGNzgwRTFEOTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFm
SEQ0VzdrYWphQW5DMXluWUs2MVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQgBAf8EHDAa
oBgwFgICEjUCAiVVAgJElQIDALIbAgMCJBMwfQYIKwYBBQUHAQcBAf8EbjBsMEkE
AgABMEMDAwUnIAMEBTq1YAMDADtnAwQCZxyYAwMAdEcDAwN3mAMDBLawAwQEykaQ
AwQFyn2AAwQFy2OgAwQGy4cAAwQG3XjAMB8EAgACMBkDBwAgAQ3wAnkDBwAgAQ3y
uUADBQAkBHAAMA0GCSqGSIb3DQEBCwUAA4IBAQCu2a7dq3fDao/hvz9Tt/ZqNQVO
0ExptmzjzaqPwg158uIVa51NELiNrwiUdwWjy5JtuPpa/JLT0N4oEoMXKIvt2yWh
NILrJJ0XAL0qcRmxBJiK+95rMFe+DPVB2vyHRUE1tjh1KZ1+c8i1ZC/7ccCzLAxU
+iIA5jW+XdXk7ZbAyfxY7YRaagxe5S/NdmAJ18yCDL/WzrZvrVXedLAQEPJot1Ab
reSjfAznTScC15dIN2vQaNn3W6PftcGWRgyWM99OxEUXqL3MFQ64j7OKVkCpeKh/
6KTpMrAqGf5rjyxuWsUMJpv2WKRaze9GK6aqa6u63JhI/AgoIHgJ4Q6EF12E
-----END CERTIFICATE-----
Generated at Thu Apr 25 14:08:51 2024 by rpki-client on console-ams.rpki-client.org