Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oktqYgRLcAZfBQY4hGDkry8X8_8.cer
File: oktqYgRLcAZfBQY4hGDkry8X8_8.cer (raw, json)
Hash identifier: uTXEIh6d6JCtXpd5GDG7MQWtyjcf34X9l9r454z/CYY=
Subject key identifier: A2:4B:6A:62:04:4B:70:06:5F:05:06:38:84:60:E4:AF:2F:17:F3:FF
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0215D8
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/oktqYgRLcAZfBQY4hGDkry8X8_8.mft
caRepository: rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 24 Oct 2024 14:28:24 +0000
Certificate not after: Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources: AS: 23647
AS: 24123
AS: 24503
AS: 38533
AS: 45811
AS: 45845
IP: 45.117.152.0/23
IP: 103.235.196.0/22
IP: 103.250.132.0/23
IP: 103.250.135.0/24
IP: 163.53.24.0/23
IP: 202.51.64.0 -- 202.51.77.255
IP: 202.51.79.0 -- 202.51.83.255
IP: 202.51.86.0/24
IP: 202.51.88.0/23
IP: 202.51.92.0/22
IP: 2405:6600::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136664 (0x215d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Oct 24 14:28:24 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=A918F550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3b:e7:52:a0:59:2c:89:5b:97:51:f4:08:f0:
d0:a0:e8:c7:6d:d0:5b:18:6f:4e:7c:cd:59:7b:b6:
88:be:d5:76:81:54:e6:ea:a0:4a:2b:19:60:74:28:
b8:79:eb:06:ec:9f:f7:4d:55:69:f4:ce:2b:2f:ad:
d9:7e:e6:c1:94:9e:15:59:17:9d:92:d6:db:2a:0c:
fa:e7:62:7e:15:e8:34:fa:38:00:f0:bb:2f:77:af:
fc:2f:aa:3b:20:75:6f:74:cc:a9:08:04:25:c2:a0:
c0:ce:7c:c6:31:67:a9:3d:5f:3a:86:09:95:da:97:
9d:19:db:d0:43:7d:00:c3:d5:d3:e1:be:cb:88:25:
d9:78:29:1b:48:ef:8c:79:b8:d8:9d:0d:4b:b4:24:
63:0a:c3:e1:ae:8c:d4:94:66:71:80:9b:9d:03:7b:
4e:29:10:72:2e:d0:2c:b2:11:72:78:ff:74:9e:d6:
55:7f:3d:4e:ba:8d:55:8b:16:f8:bb:64:0e:f3:df:
ae:ba:90:fb:fb:b8:24:db:87:5d:66:16:f9:f1:26:
a9:98:d4:9a:55:3c:42:0b:e7:8d:1a:3a:2c:e4:07:
be:d0:55:fd:be:58:c0:01:85:f4:a1:c9:d1:e5:06:
be:b4:4c:62:9a:4d:3a:6b:ca:a8:87:b6:d8:d6:0b:
17:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:4B:6A:62:04:4B:70:06:5F:05:06:38:84:60:E4:AF:2F:17:F3:FF
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/oktqYgRLcAZfBQY4hGDkry8X8_8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
23647
24123
24503
38533
45811
45845
sbgp-ipAddrBlock: critical
IPv4:
45.117.152.0/23
103.235.196.0/22
103.250.132.0/23
103.250.135.0/24
163.53.24.0/23
202.51.64.0-202.51.77.255
202.51.79.0-202.51.83.255
202.51.86.0/24
202.51.88.0/23
202.51.92.0/22
IPv6:
2405:6600::/32
Signature Algorithm: sha256WithRSAEncryption
10:f3:2c:49:d7:d8:b6:05:98:cc:52:03:14:51:7f:d0:02:67:
93:6c:dd:47:f2:de:61:4f:c2:aa:5a:6c:a7:1a:e5:6d:75:e6:
91:c9:3c:38:7b:fc:41:bc:62:2a:0e:fe:6c:f4:28:8e:05:c2:
85:23:e4:ce:c0:ab:7a:3b:7a:21:72:e1:7f:55:92:5c:94:f4:
e2:f2:d9:9d:b2:fe:84:6c:34:b3:db:92:ef:bf:83:13:89:a0:
15:80:ea:04:c8:59:ec:73:95:83:5c:94:29:51:c8:e0:eb:7c:
ba:77:5c:c2:1e:5f:4a:2a:54:de:5c:20:ee:44:8c:cd:49:22:
f9:00:36:72:28:f3:93:0a:12:08:e9:b9:1d:14:11:ac:1e:e7:
7c:17:44:19:24:fd:ae:11:e6:89:71:66:48:01:af:73:26:1c:
1a:63:2a:6d:1c:32:47:10:6c:4b:43:11:b0:d5:fd:91:4e:72:
f9:94:d4:54:1a:c0:94:68:1f:d8:5a:50:fc:66:32:19:41:0d:
ad:15:21:c8:e6:7b:6c:c3:72:34:81:7d:d6:10:85:f5:78:19:
7e:b8:f6:6e:4c:bb:b4:bb:ee:8d:4c:4b:20:d8:73:64:89:15:
53:95:80:dc:8f:ca:0e:9a:69:b6:a2:60:50:a3:c3:26:8d:e7:
08:fb:56:18
-----BEGIN CERTIFICATE-----
MIIGhTCCBW2gAwIBAgIDAhXYMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTAyNDE0MjgyNFoXDTI1MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOEY1NTAxMTAvBgNVBAUTKEEyNEI2QTYyMDQ0QjcwMDY1RjA1MDYz
ODg0NjBFNEFGMkYxN0YzRkYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFO+dSoFksiVuXUfQI8NCg6Mdt0FsYb058zVl7toi+1XaBVObqoEorGWB0KLh5
6wbsn/dNVWn0zisvrdl+5sGUnhVZF52S1tsqDPrnYn4V6DT6OADwuy93r/wvqjsg
dW90zKkIBCXCoMDOfMYxZ6k9XzqGCZXal50Z29BDfQDD1dPhvsuIJdl4KRtI74x5
uNidDUu0JGMKw+GujNSUZnGAm50De04pEHIu0CyyEXJ4/3Se1lV/PU66jVWLFvi7
ZA7z3666kPv7uCTbh11mFvnxJqmY1JpVPEIL540aOizkB77QVf2+WMABhfShydHl
Br60TGKaTTpryqiHttjWCxfbAgMBAAGjggN6MIIDdjAdBgNVHQ4EFgQUoktqYgRL
cAZfBQY4hGDkry8X8/8wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThGNTUwLzhCOUJEMjAyMUQ4NTExRTJCNDEyMzBEQzA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4RjU1MC84QjlCRDIwMjFEODUxMUUyQjQxMjMwREMwOEIwMkNEMi9va3RxWWdS
TGNBWmZCUVk0aEdEa3J5OFg4XzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQgBAf8EITAf
oB0wGwICXF8CAl47AgJftwIDAJaFAgMAsvMCAwCzFTB0BggrBgEFBQcBBwEB/wRl
MGMwUgQCAAEwTAMEAS11mAMEAmfrxAMEAWf6hAMEAGf6hwMEAaM1GDAMAwQGyjNA
AwQByjNMMAwDBADKM08DBALKM1ADBADKM1YDBAHKM1gDBALKM1wwDQQCAAIwBwMF
ACQFZgAwDQYJKoZIhvcNAQELBQADggEBABDzLEnX2LYFmMxSAxRRf9ACZ5Ns3Ufy
3mFPwqpabKca5W115pHJPDh7/EG8YioO/mz0KI4FwoUj5M7Aq3o7eiFy4X9VklyU
9OLy2Z2y/oRsNLPbku+/gxOJoBWA6gTIWexzlYNclClRyODrfLp3XMIeX0oqVN5c
IO5EjM1JIvkANnIo85MKEgjpuR0UEawe53wXRBkk/a4R5olxZkgBr3MmHBpjKm0c
MkcQbEtDEbDV/ZFOcvmU1FQawJRoH9haUPxmMhlBDa0VIcjme2zDcjSBfdYQhfV4
GX649m5Mu7S77o1MSyDYc2SJFVOVgNyPyg6aabaiYFCjwyaN5wj7Vhg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:43 2025 by rpki-client