Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/okHn2Rnw8RasO4j-FDkgQiAt6gw.cer
File: okHn2Rnw8RasO4j-FDkgQiAt6gw.cer (raw, json)
Hash identifier: ffp/Oy/mArI3FYD+vRq+vUqrIW4Aab25cRUYktTlgEk=
Subject key identifier: A2:41:E7:D9:19:F0:F1:16:AC:3B:88:FE:14:39:20:42:20:2D:EA:0C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 018007
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/3/A241E7D919F0F116AC3B88FE14392042202DEA0C.mft
caRepository: rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/3
Notify URL: https://rpki.zappiehost.com/rrdp/notification.xml
Certificate not before: Thu 15 Dec 2022 22:19:00 +0000
Certificate not after: Sun 28 May 2023 00:00:00 +0000
Subordinate resources: AS: 132282
AS: 140704
IP: 27.0.232.0/22
IP: 103.68.108.0/22
IP: 103.208.84.0/22
IP: 103.214.68.0/22
IP: 103.230.140.0/22
IP: 144.48.80.0/22
IP: 2404:3d80::/32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98311 (0x18007)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Dec 15 22:19:00 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=A91115900000/serialNumber=A241E7D919F0F116AC3B88FE14392042202DEA0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:11:aa:7b:70:71:0f:85:85:53:cb:d8:59:54:
14:f1:10:aa:7f:2e:28:d4:27:5d:34:1a:83:93:6f:
aa:07:9a:cc:af:98:27:d6:d1:15:bf:b1:c7:6f:3d:
4e:04:41:dc:85:35:5d:7e:7b:4e:0e:98:f0:84:df:
88:63:ee:e9:55:9d:ac:7e:3c:06:ab:10:8d:68:31:
e6:72:74:0a:56:6b:d7:d2:83:ac:8f:d6:40:26:8c:
23:41:05:cd:91:42:e3:eb:2d:fd:75:b0:01:9e:32:
1c:a8:cb:83:85:df:cd:fc:f8:79:16:dd:28:38:d9:
29:bb:5d:13:e5:74:5c:fc:2f:e8:b7:73:e9:dd:66:
a1:33:c8:35:41:14:2d:1d:08:84:9f:16:ab:91:8d:
03:87:ee:e5:16:21:07:ee:34:d6:e8:c6:04:82:2c:
55:ba:96:68:1e:d1:73:a3:3f:18:14:53:87:f9:54:
ec:71:f8:df:52:49:68:2a:de:f7:a3:31:f7:0a:d8:
46:f8:77:0c:df:5c:65:31:57:1b:73:aa:0e:43:11:
b6:ac:c6:6c:90:7c:d3:14:5e:41:d1:97:dc:4d:41:
25:6e:4f:72:a9:8f:d3:9a:d3:60:a8:7c:0d:36:ec:
c5:8e:ff:12:55:72:a0:b0:b3:f1:60:9a:92:6f:c4:
90:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:41:E7:D9:19:F0:F1:16:AC:3B:88:FE:14:39:20:42:20:2D:EA:0C
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/3
RPKI Manifest - URI:rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/3/A241E7D919F0F116AC3B88FE14392042202DEA0C.mft
RPKI Notify - URI:https://rpki.zappiehost.com/rrdp/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
132282
140704
sbgp-ipAddrBlock: critical
IPv4:
27.0.232.0/22
103.68.108.0/22
103.208.84.0/22
103.214.68.0/22
103.230.140.0/22
144.48.80.0/22
IPv6:
2404:3d80::/32
Signature Algorithm: sha256WithRSAEncryption
20:8d:59:9d:d5:98:95:f5:b6:09:9e:f4:21:2a:ff:94:34:a2:
74:ef:76:07:93:b8:c7:ba:b9:06:67:bb:fd:3e:f1:4e:10:26:
bd:5f:51:54:72:09:b9:6a:bc:65:dd:38:11:eb:a0:29:6d:e0:
54:db:37:f9:89:8a:2d:c3:d7:47:53:08:1d:72:00:2c:be:88:
97:43:8b:c3:31:d6:cb:69:f7:f6:66:52:8c:25:ec:99:97:80:
45:86:43:32:39:2a:39:f5:d5:c4:e3:90:55:c3:bd:98:a4:81:
68:e4:80:cd:62:33:ad:26:df:a1:ba:e3:e4:19:74:77:75:53:
a0:7d:ba:4f:ae:6d:de:1c:3a:b5:ea:58:6e:e4:cc:e6:e0:6b:
61:4d:23:6d:1b:24:98:9f:2b:e4:7c:a2:30:ed:2f:6f:05:ef:
fa:99:19:aa:9a:18:d2:ce:a2:8d:8f:a0:74:3f:10:cd:53:fa:
01:73:b4:27:45:d6:ae:62:4c:94:92:32:37:57:f2:1f:33:d4:
ab:7b:a7:dc:a5:35:da:e1:22:59:01:ac:c9:5a:12:de:b5:95:
95:90:b7:42:e1:25:9c:1e:ec:01:61:f5:9d:3f:22:63:0a:46:
8c:69:c8:7d:2e:5d:6a:a3:c8:dc:89:9e:93:80:99:ca:75:3c:
c8:0f:4d:c0
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIDAYAHMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIyMTIxNTIyMTkwMFoXDTIzMDUyODAwMDAwMFowSjEVMBMG
A1UEAxMMQTkxMTE1OTAwMDAwMTEwLwYDVQQFEyhBMjQxRTdEOTE5RjBGMTE2QUMz
Qjg4RkUxNDM5MjA0MjIwMkRFQTBDMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqRGqe3BxD4WFU8vYWVQU8RCqfy4o1CddNBqDk2+qB5rMr5gn1tEVv7HH
bz1OBEHchTVdfntODpjwhN+IY+7pVZ2sfjwGqxCNaDHmcnQKVmvX0oOsj9ZAJowj
QQXNkULj6y39dbABnjIcqMuDhd/N/Ph5Ft0oONkpu10T5XRc/C/ot3Pp3WahM8g1
QRQtHQiEnxarkY0Dh+7lFiEH7jTW6MYEgixVupZoHtFzoz8YFFOH+VTscfjfUklo
Kt73ozH3CthG+HcM31xlMVcbc6oOQxG2rMZskHzTFF5B0ZfcTUElbk9yqY/TmtNg
qHwNNuzFjv8SVXKgsLPxYJqSb8SQWwIDAQABo4IDDDCCAwgwHQYDVR0OBBYEFKJB
59kZ8PEWrDuI/hQ5IEIgLeoMMB8GA1UdIwQYMBaAFA5lpPX9NrW9aOs8kjQIl4yQ
eqefMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1
ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9EbVdrOWYwMnRiMW82enlTTkFpWGpK
QjZwNTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3RTExRTdBOTZBMzk1
MjFBNEY0RkI0L0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1OC5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMIH0BggrBgEFBQcBCwSB5zCB5DA6BggrBgEF
BQcwBYYucnN5bmM6Ly9ycGtpLnphcHBpZWhvc3QuY29tL3JlcG8vWkFQUElFLVJQ
S0kvMzBnBggrBgEFBQcwCoZbcnN5bmM6Ly9ycGtpLnphcHBpZWhvc3QuY29tL3Jl
cG8vWkFQUElFLVJQS0kvMy9BMjQxRTdEOTE5RjBGMTE2QUMzQjg4RkUxNDM5MjA0
MjIwMkRFQTBDLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6Ly9ycGtpLnphcHBpZWhv
c3QuY29tL3JyZHAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBCAEB/wQQMA6g
DDAKAgMCBLoCAwIloDBMBggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAhsA6AME
AmdEbAMEAmfQVAMEAmfWRAMEAmfmjAMEApAwUDANBAIAAjAHAwUAJAQ9gDANBgkq
hkiG9w0BAQsFAAOCAQEAII1ZndWYlfW2CZ70ISr/lDSidO92B5O4x7q5Bme7/T7x
ThAmvV9RVHIJuWq8Zd04EeugKW3gVNs3+YmKLcPXR1MIHXIALL6Il0OLwzHWy2n3
9mZSjCXsmZeARYZDMjkqOfXVxOOQVcO9mKSBaOSAzWIzrSbfobrj5Bl0d3VToH26
T65t3hw6tepYbuTM5uBrYU0jbRskmJ8r5HyiMO0vbwXv+pkZqpoY0s6ijY+gdD8Q
zVP6AXO0J0XWrmJMlJIyN1fyHzPUq3un3KU12uEiWQGsyVoS3rWVlZC3QuElnB7s
AWH1nT8iYwpGjGnIfS5daqPI3Imek4CZynU8yA9NwA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:15 2023 by rpki-client on console-ams.rpki-client.org