Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oo2gvpAdmDpDPYM1idFnv0hvZPw.cer
File: oo2gvpAdmDpDPYM1idFnv0hvZPw.cer (raw, json)
Hash identifier: fRRm8rrx2TPNB8n2L4O5f/vMkzzCJxwSoP8sWit7V9A=
Subject key identifier: A2:8D:A0:BE:90:1D:98:3A:43:3D:83:35:89:D1:67:BF:48:6F:64:FC
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021D97
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A912720E/5E51D45C09D511EEA38A7480C4F9AE02/oo2gvpAdmDpDPYM1idFnv0hvZPw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A912720E/5E51D45C09D511EEA38A7480C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 26 Nov 2024 13:21:11 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: AS: 150389
IP: 103.29.8.0/23
IP: 2001:df1:74c0::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 04 Dec 2024 01:13:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138647 (0x21d97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 26 13:21:11 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A912720E/serialNumber=A28DA0BE901D983A433D833589D167BF486F64FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c3:a5:a2:bf:be:1e:19:eb:22:14:2b:f9:d2:
18:9b:b6:c3:96:22:0e:37:6e:5c:0c:cb:e0:ff:a5:
d3:24:33:f9:56:d3:91:2b:d0:1e:09:99:bd:22:3a:
5d:37:9a:a3:a5:3b:d2:d6:87:c6:c8:47:c7:3f:70:
04:65:98:22:e0:d7:5e:a8:fe:5b:2e:22:e5:00:04:
e4:90:18:34:d4:a8:4e:54:fa:a2:6d:0f:a2:01:f0:
77:6f:4a:a3:30:cd:8f:c9:68:13:5c:c8:b2:4e:68:
aa:ac:3f:aa:2b:62:c5:4c:e2:31:6b:5b:55:bf:9f:
5e:bc:36:4c:ff:7b:d5:ac:4f:54:98:bd:16:31:13:
27:65:53:9e:e0:c7:bb:97:32:97:db:ed:ba:0a:ec:
ce:e8:bd:ba:29:fa:d8:06:d7:4a:81:72:c6:76:70:
44:b6:b3:dc:15:ff:e4:41:6f:63:f9:4f:d6:78:ac:
db:5f:ac:71:ca:85:60:08:1d:d5:77:d4:0c:5f:f9:
cb:84:75:a7:1e:2e:90:19:90:2f:1d:ee:4f:99:a9:
30:6b:32:fc:73:f9:5e:36:de:f6:1d:e5:55:b8:eb:
06:0c:6e:93:d2:60:9c:ef:3e:57:57:e8:7a:25:e2:
13:c3:52:2d:45:70:bf:46:4c:92:ca:43:64:c0:04:
b8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:8D:A0:BE:90:1D:98:3A:43:3D:83:35:89:D1:67:BF:48:6F:64:FC
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912720E/5E51D45C09D511EEA38A7480C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912720E/5E51D45C09D511EEA38A7480C4F9AE02/oo2gvpAdmDpDPYM1idFnv0hvZPw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
150389
sbgp-ipAddrBlock: critical
IPv4:
103.29.8.0/23
IPv6:
2001:df1:74c0::/48
Signature Algorithm: sha256WithRSAEncryption
97:f5:d2:89:3d:7a:85:1b:a4:1e:05:0b:05:aa:96:c5:d4:7b:
35:6c:a7:1d:69:34:84:50:b1:ff:45:37:cc:93:1d:d4:f9:77:
72:cc:63:1b:92:60:0c:dd:f7:fa:d2:f0:19:0f:73:9b:a4:94:
ac:88:dd:8b:a6:c0:17:8b:ea:c8:85:ec:06:10:fe:70:64:17:
3b:0b:a2:9b:d0:77:ee:ab:cd:6d:e3:5a:1a:43:12:2f:6f:af:
c1:4b:1b:ef:cc:18:6e:97:4c:ba:20:0d:15:8a:0e:cb:eb:62:
fd:47:8b:52:45:2b:c4:12:00:b7:d1:93:49:98:e9:b2:92:50:
e3:61:ab:d5:75:43:02:8a:11:28:99:6b:e2:aa:74:51:07:e6:
6a:36:87:b6:98:65:8f:c1:da:d2:1e:97:ac:2e:45:60:3a:73:
c8:58:3d:1c:a7:f2:12:33:45:5e:b5:19:20:42:e2:6c:57:3e:
08:6a:f5:63:52:9e:dc:d5:83:02:31:d7:25:23:62:75:44:0a:
4f:e9:da:f1:a3:b7:98:53:35:68:a1:64:f4:58:3b:16:e1:d5:
47:7c:f3:b1:a0:9c:d5:42:a8:e6:8e:6e:50:d6:19:db:09:da:
4e:2d:b8:a5:86:48:57:d9:1a:b5:45:7b:1b:d9:cf:a9:d3:be:
b1:b6:c0:3e
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAh2XMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTEyNjEzMjExMVoXDTI2MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjcyMEUxMTAvBgNVBAUTKEEyOERBMEJFOTAxRDk4M0E0MzNEODMz
NTg5RDE2N0JGNDg2RjY0RkMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCxw6Wiv74eGesiFCv50hibtsOWIg43blwMy+D/pdMkM/lW05Er0B4Jmb0iOl03
mqOlO9LWh8bIR8c/cARlmCLg116o/lsuIuUABOSQGDTUqE5U+qJtD6IB8HdvSqMw
zY/JaBNcyLJOaKqsP6orYsVM4jFrW1W/n168Nkz/e9WsT1SYvRYxEydlU57gx7uX
Mpfb7boK7M7ovbop+tgG10qBcsZ2cES2s9wV/+RBb2P5T9Z4rNtfrHHKhWAIHdV3
1Axf+cuEdaceLpAZkC8d7k+ZqTBrMvxz+V423vYd5VW46wYMbpPSYJzvPldX6Hol
4hPDUi1FcL9GTJLKQ2TABLjnAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUoo2gvpAd
mDpDPYM1idFnv0hvZPwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTI3MjBFLzVFNTFENDVDMDlENTExRUVBMzhBNzQ4MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyNzIwRS81RTUxRDQ1QzA5RDUxMUVFQTM4QTc0ODBDNEY5QUUwMi9vbzJndnBB
ZG1EcERQWU0xaWRGbnYwaHZaUHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkt1MDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZx0IMA8EAgAC
MAkDBwAgAQ3xdMAwDQYJKoZIhvcNAQELBQADggEBAJf10ok9eoUbpB4FCwWqlsXU
ezVspx1pNIRQsf9FN8yTHdT5d3LMYxuSYAzd9/rS8BkPc5uklKyI3YumwBeL6siF
7AYQ/nBkFzsLopvQd+6rzW3jWhpDEi9vr8FLG+/MGG6XTLogDRWKDsvrYv1Hi1JF
K8QSALfRk0mY6bKSUONhq9V1QwKKESiZa+KqdFEH5mo2h7aYZY/B2tIel6wuRWA6
c8hYPRyn8hIzRV61GSBC4mxXPghq9WNSntzVgwIx1yUjYnVECk/p2vGjt5hTNWih
ZPRYOxbh1Ud887GgnNVCqOaOblDWGdsJ2k4tuKWGSFfZGrVFexvZz6nTvrG2wD4=
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:22:07 2024 by rpki-client on console-fra.rpki-client.org