
Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
File: ntkFUQfHD4W7kajaAnC1ynYK61Q.cer (raw, json)
Hash identifier: Q+HIiHuDkNEdy+TzDA9nYAB3jwITPPhaIj53YypKxm0=
Subject key identifier: 9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01B17A
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 21 Jul 2023 07:50:15 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: AS: 4661
AS: 9557
AS: 17557
AS: 45595
AS: 140307
IP: 39.32.0.0/11
IP: 58.181.96.0/19
IP: 59.103.0.0/16
IP: 103.28.152.0/22
IP: 116.71.0.0/16
IP: 119.152.0.0/13
IP: 182.176.0.0/12
IP: 202.70.144.0/20
IP: 202.125.128.0/19
IP: 203.99.160.0/19
IP: 203.135.0.0/18
IP: 221.120.192.0/18
IP: 2001:df0:279::/48
IP: 2001:df2:b940::/48
IP: 2404:7000::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 28 Jul 2023 07:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110970 (0x1b17a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 21 07:50:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:26:dc:45:d3:9d:e7:0d:cd:a2:52:d8:4b:55:
bc:27:05:4f:44:74:94:87:63:bc:d5:a8:1b:c4:38:
cb:78:83:b9:c5:c0:bc:3c:63:e0:3e:e9:54:d5:96:
e4:3f:c9:da:33:3d:01:e7:0c:c8:39:d2:14:96:7e:
95:65:11:36:e4:ae:4d:71:6d:3c:e9:7a:01:a6:5d:
3f:11:ec:eb:76:82:a6:d1:36:e3:d1:a9:8b:a8:d9:
62:bb:86:62:85:cc:23:64:46:68:3c:17:23:c8:db:
9c:1a:f0:33:7f:87:52:65:0e:bb:f4:2a:60:d4:ac:
ee:d6:a5:8d:95:b7:25:d7:f5:38:d5:34:11:ac:f6:
59:5c:6e:c2:46:e9:f3:cc:c8:ff:a3:81:03:8e:bc:
cd:4b:8b:97:3a:00:2a:a8:09:01:77:46:8f:18:1d:
0a:21:35:08:f4:35:a3:d5:ef:54:98:62:ff:b7:7d:
5f:d4:23:4f:fe:f8:57:4c:09:7d:ce:1b:d4:13:bd:
00:6e:15:c2:11:0e:33:05:3e:29:87:2e:fd:f7:41:
21:b5:cc:a3:c4:ba:2f:44:cf:3d:19:8d:1c:0c:6d:
58:75:da:9c:b7:0e:bd:22:8b:1c:ef:42:e5:cf:47:
04:0a:3b:15:20:d5:6c:5f:fc:af:72:88:c8:19:7a:
67:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
4661
9557
17557
45595
140307
sbgp-ipAddrBlock: critical
IPv4:
39.32.0.0/11
58.181.96.0/19
59.103.0.0/16
103.28.152.0/22
116.71.0.0/16
119.152.0.0/13
182.176.0.0/12
202.70.144.0/20
202.125.128.0/19
203.99.160.0/19
203.135.0.0/18
221.120.192.0/18
IPv6:
2001:df0:279::/48
2001:df2:b940::/48
2404:7000::/32
Signature Algorithm: sha256WithRSAEncryption
ad:64:e4:f5:8d:82:55:06:e5:1e:4b:b9:d6:30:a7:15:99:3d:
8e:db:f4:33:95:7e:06:56:32:09:64:ec:93:75:f5:5e:b3:4b:
4b:fe:d9:0a:d6:10:ad:f5:0c:30:62:bb:80:43:bc:ae:bc:81:
d3:62:2b:41:5e:d7:75:04:c5:f8:4b:57:ab:40:9d:91:05:5e:
47:38:8b:ca:48:a6:a2:01:a1:d4:fc:39:97:2b:6a:28:da:9f:
f1:cd:8e:66:df:ee:67:2e:5d:d8:f5:22:a0:d7:2a:58:16:a8:
82:dc:0f:0a:dd:bd:17:a4:79:c3:2f:c7:f1:1d:02:0b:fd:5d:
a7:e6:3c:5c:0f:76:e6:0c:2e:74:0f:d3:a2:c2:10:96:2d:dd:
56:0b:f4:6e:c5:0d:e8:4e:b0:0f:25:6d:f5:4d:87:94:ea:27:
19:11:2e:78:a2:14:e8:49:ac:9b:1a:59:93:0e:fa:2c:23:79:
8b:86:87:a5:90:b2:8b:31:44:3b:6b:fd:e2:9b:10:55:bd:1c:
54:06:14:a6:fd:5d:ec:01:11:d5:78:70:ff:c0:be:d3:f5:74:
3c:09:eb:88:46:86:af:55:ca:fc:95:b5:9d:94:39:7d:52:19:
65:69:20:96:d5:1b:80:3b:36:bd:11:e2:a0:b6:0e:04:65:c5:
39:6b:00:b9
-----BEGIN CERTIFICATE-----
MIIGiTCCBXGgAwIBAgIDAbF6MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDcyMTA3NTAxNVoXDTI0MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThE
QTAyNzBCNUNBNzYwQUVCNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLJtxF053nDc2iUthLVbwnBU9EdJSHY7zVqBvEOMt4g7nFwLw8Y+A+6VTVluQ/
ydozPQHnDMg50hSWfpVlETbkrk1xbTzpegGmXT8R7Ot2gqbRNuPRqYuo2WK7hmKF
zCNkRmg8FyPI25wa8DN/h1JlDrv0KmDUrO7WpY2VtyXX9TjVNBGs9llcbsJG6fPM
yP+jgQOOvM1Li5c6ACqoCQF3Ro8YHQohNQj0NaPV71SYYv+3fV/UI0/++FdMCX3O
G9QTvQBuFcIRDjMFPimHLv33QSG1zKPEui9Ezz0ZjRwMbVh12py3Dr0iixzvQuXP
RwQKOxUg1Wxf/K9yiMgZeme9AgMBAAGjggN+MIIDejAdBgNVHQ4EFgQUntkFUQfH
D4W7kajaAnC1ynYK61QwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUEwODMyLzlEQUY3ODBFMUQ5NDExRTI5OTAxRjNGODA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBMDgzMi85REFGNzgwRTFEOTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFm
SEQ0VzdrYWphQW5DMXluWUs2MVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQgBAf8EHDAa
oBgwFgICEjUCAiVVAgJElQIDALIbAgMCJBMwfQYIKwYBBQUHAQcBAf8EbjBsMEkE
AgABMEMDAwUnIAMEBTq1YAMDADtnAwQCZxyYAwMAdEcDAwN3mAMDBLawAwQEykaQ
AwQFyn2AAwQFy2OgAwQGy4cAAwQG3XjAMB8EAgACMBkDBwAgAQ3wAnkDBwAgAQ3y
uUADBQAkBHAAMA0GCSqGSIb3DQEBCwUAA4IBAQCtZOT1jYJVBuUeS7nWMKcVmT2O
2/QzlX4GVjIJZOyTdfVes0tL/tkK1hCt9QwwYruAQ7yuvIHTYitBXtd1BMX4S1er
QJ2RBV5HOIvKSKaiAaHU/DmXK2oo2p/xzY5m3+5nLl3Y9SKg1ypYFqiC3A8K3b0X
pHnDL8fxHQIL/V2n5jxcD3bmDC50D9OiwhCWLd1WC/RuxQ3oTrAPJW31TYeU6icZ
ES54ohToSaybGlmTDvosI3mLhoelkLKLMUQ7a/3imxBVvRxUBhSm/V3sARHVeHD/
wL7T9XQ8CeuIRoavVcr8lbWdlDl9UhllaSCW1RuAOza9EeKgtg4EZcU5awC5
-----END CERTIFICATE-----
Generated at Fri Jul 21 08:18:11 2023 by rpki-client on console-ams.rpki-client.org