Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/puZHuaRPqqc-u4IEBQzGTMpFmOo.cer
File: puZHuaRPqqc-u4IEBQzGTMpFmOo.cer (raw, json)
Hash identifier: cEVfHo6z58ofMH4iaQKgiANK0twbAnw4zJONZXvd4MQ=
Subject key identifier: A6:E6:47:B9:A4:4F:AA:A7:3E:BB:82:04:05:0C:C6:4C:CA:45:98:EA
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021467
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91C5319/025D7B5C8C2D11EF8122EC11C4F9AE02/puZHuaRPqqc-u4IEBQzGTMpFmOo.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91C5319/025D7B5C8C2D11EF8122EC11C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 17 Oct 2024 02:10:46 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: AS: 153352
IP: 2001:df4:5b40::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136295 (0x21467)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Oct 17 02:10:46 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A91C5319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b1:47:04:3f:08:36:ce:b0:f5:a1:7d:b3:55:
67:4b:57:81:a2:eb:7f:cf:f2:e7:49:54:1a:b0:85:
67:cb:2b:ae:8a:ff:c1:35:02:9e:92:1c:af:bf:3d:
46:1f:83:90:cc:da:43:2e:03:b6:74:2e:b6:58:5e:
b3:20:30:63:b7:1c:72:97:01:1b:1f:75:31:1a:7c:
ae:05:23:dc:73:b6:3b:c5:ae:56:82:bf:bb:b1:fa:
9a:2c:98:d4:2d:56:97:cd:56:d7:d0:77:0e:49:a5:
c6:b3:1f:ce:82:42:e5:2f:2d:09:f1:b9:da:4f:e1:
9f:3a:73:1c:c9:c8:18:64:5d:12:5d:01:2d:e7:7d:
e7:3d:99:ca:7c:27:54:2f:b2:7a:03:f2:a7:b9:c8:
4a:f6:da:de:17:18:f3:2c:d0:82:5b:2f:3e:f0:c2:
b9:fe:1f:08:ef:50:18:08:31:c1:9d:ab:8f:4f:fc:
b7:7d:3d:73:56:2e:ba:ef:e1:ef:b1:dd:36:16:a5:
f8:2a:d3:b7:35:97:38:bf:89:82:27:ac:fc:56:cc:
2d:6c:2b:de:02:a4:93:48:2a:d3:b2:87:93:63:7b:
32:23:9b:d0:b8:c4:f2:23:14:23:6a:48:d1:4f:dd:
fc:fa:1e:be:91:7c:ca:01:09:fc:e7:73:d7:3a:b4:
90:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E6:47:B9:A4:4F:AA:A7:3E:BB:82:04:05:0C:C6:4C:CA:45:98:EA
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C5319/025D7B5C8C2D11EF8122EC11C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C5319/025D7B5C8C2D11EF8122EC11C4F9AE02/puZHuaRPqqc-u4IEBQzGTMpFmOo.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
153352
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:5b40::/48
Signature Algorithm: sha256WithRSAEncryption
02:86:e0:ce:48:a6:6b:f6:62:a0:eb:cd:52:5c:a8:9b:db:08:
de:70:2b:81:34:c6:99:ee:99:39:14:42:b2:e8:63:4d:fa:6a:
8b:89:b8:b1:5f:a4:6b:41:ef:80:04:e2:59:50:b3:ee:e9:7a:
f0:a6:b4:4b:b9:b3:16:67:84:50:db:c9:32:24:ca:2b:ca:4d:
6e:5d:c8:2b:cc:d5:38:83:d1:59:ee:a1:a7:26:5c:dc:62:50:
4b:0d:9a:9f:8f:f2:d3:10:05:ae:81:70:74:ec:58:63:ac:7b:
5b:84:3e:a4:0d:68:5a:8e:84:02:a1:73:75:56:c6:64:b8:a3:
c5:82:7e:38:45:06:a0:4d:ca:26:20:e7:e1:d8:3c:e6:20:4a:
30:da:8d:24:78:6e:9a:d3:10:dd:90:36:74:9c:ee:f6:4b:a2:
08:a6:7c:04:ac:84:5b:9f:74:b3:c9:2f:72:1e:8d:94:c9:75:
ca:51:3a:7c:15:eb:7e:f0:6f:0d:e9:20:1b:80:51:17:8d:2b:
8a:29:ba:e5:56:4d:ad:62:d0:25:cc:c9:a5:a4:3d:c5:1f:77:
40:99:61:18:92:c7:cc:f3:e7:ab:c0:97:46:96:cf:db:4b:50:
28:9d:e8:b3:25:ce:ad:86:5f:e0:bc:ba:8b:fc:cf:00:aa:c3:
88:63:ee:b5
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgIDAhRnMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTAxNzAyMTA0NloXDTI2MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzUzMTkxMTAvBgNVBAUTKEE2RTY0N0I5QTQ0RkFBQTczRUJCODIw
NDA1MENDNjRDQ0E0NTk4RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCQsUcEPwg2zrD1oX2zVWdLV4Gi63/P8udJVBqwhWfLK66K/8E1Ap6SHK+/PUYf
g5DM2kMuA7Z0LrZYXrMgMGO3HHKXARsfdTEafK4FI9xztjvFrlaCv7ux+posmNQt
VpfNVtfQdw5JpcazH86CQuUvLQnxudpP4Z86cxzJyBhkXRJdAS3nfec9mcp8J1Qv
snoD8qe5yEr22t4XGPMs0IJbLz7wwrn+HwjvUBgIMcGdq49P/Ld9PXNWLrrv4e+x
3TYWpfgq07c1lzi/iYInrPxWzC1sK94CpJNIKtOyh5NjezIjm9C4xPIjFCNqSNFP
3fz6Hr6RfMoBCfznc9c6tJBvAgMBAAGjggMSMIIDDjAdBgNVHQ4EFgQUpuZHuaRP
qqc+u4IEBQzGTMpFmOowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM1MzE5LzAyNUQ3QjVDOEMyRDExRUY4MTIyRUMxMUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDNTMxOS8wMjVEN0I1QzhDMkQxMUVGODEyMkVDMTFDNEY5QUUwMi9wdVpIdWFS
UHFxYy11NElFQlF6R1RNcEZtT28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlcIMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN9FtAMA0G
CSqGSIb3DQEBCwUAA4IBAQAChuDOSKZr9mKg681SXKib2wjecCuBNMaZ7pk5FEKy
6GNN+mqLibixX6RrQe+ABOJZULPu6XrwprRLubMWZ4RQ28kyJMoryk1uXcgrzNU4
g9FZ7qGnJlzcYlBLDZqfj/LTEAWugXB07FhjrHtbhD6kDWhajoQCoXN1VsZkuKPF
gn44RQagTcomIOfh2DzmIEow2o0keG6a0xDdkDZ0nO72S6IIpnwErIRbn3SzyS9y
Ho2UyXXKUTp8Fet+8G8N6SAbgFEXjSuKKbrlVk2tYtAlzMmlpD3FH3dAmWEYksfM
8+erwJdGls/bS1AoneizJc6thl/gvLqL/M8AqsOIY+61
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:04 2025 by rpki-client