Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oA4C3Hg_kIQCHflPdYYmTsR9NDg.cer
File: oA4C3Hg_kIQCHflPdYYmTsR9NDg.cer (raw, json)
Hash identifier: mtS7SJlISkz0pV4wxUee8Z4B7J9rlsfAM1rK8BKBkZA=
Subject key identifier: A0:0E:02:DC:78:3F:90:84:02:1D:F9:4F:75:86:26:4E:C4:7D:34:38
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021F3B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91EE5E5/F97BC302AFBF11EFA28A3654C4F9AE02/oA4C3Hg_kIQCHflPdYYmTsR9NDg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91EE5E5/F97BC302AFBF11EFA28A3654C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 01 Dec 2024 08:40:57 +0000
Certificate not after: Mon 02 Mar 2026 00:00:00 +0000
Subordinate resources: AS: 153391
IP: 2401:d320::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 13 Feb 2025 03:45:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139067 (0x21f3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Dec 1 08:40:57 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=A91EE5E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1e:a3:1f:19:d9:d7:ae:26:06:19:f4:6d:ed:
9e:f1:a2:e0:fc:2b:93:b5:b6:e4:b6:0d:bf:7a:75:
c1:9b:e9:86:62:ab:b3:e6:48:0e:1a:d0:45:d2:3f:
31:37:4f:5f:27:29:47:30:6f:a8:df:4a:53:8a:56:
4c:aa:6f:40:34:9a:d9:20:b7:5f:c5:3d:48:71:b5:
94:4f:73:0f:67:db:bd:c7:15:27:3b:f7:1a:f2:80:
ff:ec:56:0c:6d:75:8a:90:20:b2:16:bf:b2:82:c4:
3d:15:38:aa:e4:3b:a4:a4:30:71:4c:6d:a0:37:b4:
d5:f8:a9:f8:a8:c6:34:92:b9:44:8c:19:d7:c2:ed:
a2:7d:2f:3a:92:72:8a:e9:a5:a7:52:d9:45:51:a6:
05:c3:55:89:93:0a:02:1d:19:e0:b7:90:3a:08:11:
8f:e9:79:85:5d:0c:ab:68:5c:fe:8e:e2:8c:95:2e:
24:7c:4b:9c:7a:e2:33:f1:f4:d6:16:5a:fd:38:fe:
b3:46:d3:b0:f4:81:a8:8e:fd:61:a6:90:ca:6c:28:
73:8f:27:f7:e1:ff:11:26:72:e7:68:dc:be:f0:eb:
4c:b1:f2:d3:56:b9:f0:da:a4:14:a4:ea:4c:b0:e9:
da:f0:6f:79:de:60:e2:d1:5e:eb:22:46:e7:c3:15:
b4:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:0E:02:DC:78:3F:90:84:02:1D:F9:4F:75:86:26:4E:C4:7D:34:38
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91EE5E5/F97BC302AFBF11EFA28A3654C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91EE5E5/F97BC302AFBF11EFA28A3654C4F9AE02/oA4C3Hg_kIQCHflPdYYmTsR9NDg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
153391
sbgp-ipAddrBlock: critical
IPv6:
2401:d320::/32
Signature Algorithm: sha256WithRSAEncryption
20:6c:7a:f0:ac:6e:68:10:a1:7f:5b:7f:26:52:c2:46:ba:f4:
2b:8a:58:5d:ac:b8:15:d5:ad:8a:6b:62:66:82:6d:bb:4d:3a:
7b:31:de:f4:2f:a2:c1:b9:f1:8a:10:b4:69:8f:89:46:32:62:
f0:a0:e9:b3:61:fc:e0:f2:9f:19:c0:14:8e:f3:c4:3b:4f:96:
31:f6:49:6b:3a:a1:9f:df:4d:5d:e8:fa:ca:8d:c4:09:78:b1:
25:8e:de:e1:72:f7:49:40:b3:80:d5:44:44:6a:04:ca:3e:b2:
ec:20:a3:88:9f:60:ea:a5:b2:f0:c0:7b:69:84:b9:ff:dd:f7:
b8:7d:07:ac:9d:9b:72:ad:84:ba:78:9e:54:31:59:88:a4:5a:
ef:94:7d:bd:28:15:e2:e0:2f:50:f5:97:37:09:00:d5:26:33:
cc:85:3c:69:d9:f0:3a:61:3c:d5:7c:a3:e0:27:be:8d:8d:d7:
c6:94:cb:d1:64:dc:65:55:e9:c4:85:d6:a1:0d:e9:6f:03:a1:
06:d5:13:22:38:86:a7:de:b9:1e:ec:9d:e2:92:5f:97:79:f4:
83:50:d9:53:cf:c1:e9:d9:d2:1e:be:bb:5f:87:16:93:17:35:
93:3e:15:54:c0:a7:2a:ba:31:81:b6:21:cb:62:f2:e3:bb:c5:
00:43:37:dc
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIDAh87MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTIwMTA4NDA1N1oXDTI2MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRUU1RTUxMTAvBgNVBAUTKEEwMEUwMkRDNzgzRjkwODQwMjFERjk0
Rjc1ODYyNjRFQzQ3RDM0MzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDAHqMfGdnXriYGGfRt7Z7xouD8K5O1tuS2Db96dcGb6YZiq7PmSA4a0EXSPzE3
T18nKUcwb6jfSlOKVkyqb0A0mtkgt1/FPUhxtZRPcw9n273HFSc79xrygP/sVgxt
dYqQILIWv7KCxD0VOKrkO6SkMHFMbaA3tNX4qfioxjSSuUSMGdfC7aJ9LzqScorp
padS2UVRpgXDVYmTCgIdGeC3kDoIEY/peYVdDKtoXP6O4oyVLiR8S5x64jPx9NYW
Wv04/rNG07D0gaiO/WGmkMpsKHOPJ/fh/xEmcudo3L7w60yx8tNWufDapBSk6kyw
6drwb3neYOLRXusiRufDFbQRAgMBAAGjggMQMIIDDDAdBgNVHQ4EFgQUoA4C3Hg/
kIQCHflPdYYmTsR9NDgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUVFNUU1L0Y5N0JDMzAyQUZCRjExRUZBMjhBMzY1NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFRTVFNS9GOTdCQzMwMkFGQkYxMUVGQTI4QTM2NTRDNEY5QUUwMi9vQTRDM0hn
X2tJUUNIZmxQZFlZbVRzUjlORGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlcvMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAHTIDANBgkq
hkiG9w0BAQsFAAOCAQEAIGx68KxuaBChf1t/JlLCRrr0K4pYXay4FdWtimtiZoJt
u006ezHe9C+iwbnxihC0aY+JRjJi8KDps2H84PKfGcAUjvPEO0+WMfZJazqhn99N
Xej6yo3ECXixJY7e4XL3SUCzgNVERGoEyj6y7CCjiJ9g6qWy8MB7aYS5/933uH0H
rJ2bcq2EunieVDFZiKRa75R9vSgV4uAvUPWXNwkA1SYzzIU8adnwOmE81Xyj4Ce+
jY3XxpTL0WTcZVXpxIXWoQ3pbwOhBtUTIjiGp965Huyd4pJfl3n0g1DZU8/B6dnS
Hr67X4cWkxc1kz4VVMCnKroxgbYhy2Ly47vFAEM33A==
-----END CERTIFICATE-----
Generated at Thu Feb 6 07:48:52 2025 by rpki-client