Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qiG2kMHWPL9EGqO9EX7Yt4aIIik.cer
File: qiG2kMHWPL9EGqO9EX7Yt4aIIik.cer (raw, json)
Hash identifier: dYpKBt3OlkY0I6DkeKmDaJ4UQhSz4wDgdCGALk0woY0=
Subject key identifier: AA:21:B6:90:C1:D6:3C:BF:44:1A:A3:BD:11:7E:D8:B7:86:88:22:29
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0216D5
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/qiG2kMHWPL9EGqO9EX7Yt4aIIik.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 28 Oct 2024 20:52:23 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 134676
IP: 103.195.204.0/23
IP: 2404:e3c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136917 (0x216d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 28 20:52:23 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A91C0BE1/serialNumber=AA21B690C1D63CBF441AA3BD117ED8B786882229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b8:4f:1d:3c:ee:de:f4:0c:8a:2a:26:e3:6c:
6a:a7:bf:08:58:b9:de:f8:bc:62:04:05:ee:db:99:
73:33:c6:a5:3d:a5:13:e1:33:30:25:b9:0a:95:a9:
26:d5:65:a2:dd:f7:2a:a7:04:78:72:8a:dd:89:df:
1f:06:47:b2:c9:86:6c:19:03:66:d6:97:2c:a2:83:
9a:56:e4:8c:4e:8e:0a:a9:e0:91:98:48:49:c7:e5:
9f:16:6b:09:a1:de:4d:c8:df:84:a6:51:57:f1:31:
05:06:60:cd:64:e0:fb:1a:2d:04:e6:bd:04:e7:eb:
fb:0e:0d:f9:99:28:e5:b0:1f:f1:e0:f3:cd:d2:74:
35:eb:02:6e:97:19:e0:62:71:73:40:cd:26:3a:18:
db:33:2a:b3:26:12:b9:7c:49:6c:26:e9:23:14:8e:
6a:ad:50:0b:57:30:31:f7:68:7d:0b:f0:de:b7:d2:
3f:d1:b9:8f:c9:9e:19:36:00:6b:71:b8:4e:8f:a2:
10:4d:3a:8d:d3:a0:c6:ae:d9:74:41:15:ff:a4:f3:
0b:e0:9b:07:ee:50:1a:e5:4c:fa:b7:3e:46:60:48:
4d:70:45:00:e8:59:ee:b3:6b:41:b1:db:7a:ac:ce:
6c:dc:7a:07:02:94:98:b9:03:57:77:c0:24:5e:18:
20:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:21:B6:90:C1:D6:3C:BF:44:1A:A3:BD:11:7E:D8:B7:86:88:22:29
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/qiG2kMHWPL9EGqO9EX7Yt4aIIik.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
134676
sbgp-ipAddrBlock: critical
IPv4:
103.195.204.0/23
IPv6:
2404:e3c0::/32
Signature Algorithm: sha256WithRSAEncryption
0e:d4:09:a7:43:ed:70:3a:2b:47:43:b2:fd:0e:a3:de:de:6d:
19:24:24:0f:db:62:37:f1:85:0d:3c:b0:69:ab:5e:ec:af:5c:
2d:e0:88:86:a1:00:e4:e8:f7:17:cd:a3:ec:b8:33:67:ad:24:
de:d1:f0:6e:4f:32:84:51:78:53:92:bf:c8:6a:b3:a5:2a:3a:
ff:19:95:f3:19:6f:03:f0:37:20:af:2a:4b:6c:de:11:a2:e9:
00:32:b6:66:55:03:0f:48:fa:cc:68:b4:a4:bd:0b:c0:55:2b:
a4:f7:43:81:c9:37:fc:cb:09:6e:bb:d4:96:ef:e8:3b:b2:66:
6c:6e:56:2d:d8:ad:e2:31:37:32:4c:e6:e4:31:d0:b4:66:cc:
1f:32:f6:05:37:85:71:2d:56:a5:59:d2:da:b6:f6:d4:57:11:
f0:7b:43:14:2c:2c:bc:f9:54:6a:84:03:1d:6d:26:e2:ec:7e:
63:be:d1:61:27:88:2d:c2:20:69:b5:24:cc:22:4d:22:a8:00:
fc:59:70:0a:ea:fd:1b:ee:1c:98:f6:45:ba:ba:dc:c8:a9:8c:
b5:4a:74:72:99:d9:1f:0a:a2:f1:de:fa:e4:3f:b6:a5:7c:e6:
d3:dc:ee:c4:d8:13:1d:c2:3e:69:9f:43:40:28:13:05:66:fa:
41:75:2f:68
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAhbVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTAyODIwNTIyM1oXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzBCRTExMTAvBgNVBAUTKEFBMjFCNjkwQzFENjNDQkY0NDFBQTNC
RDExN0VEOEI3ODY4ODIyMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFuE8dPO7e9AyKKibjbGqnvwhYud74vGIEBe7bmXMzxqU9pRPhMzAluQqVqSbV
ZaLd9yqnBHhyit2J3x8GR7LJhmwZA2bWlyyig5pW5IxOjgqp4JGYSEnH5Z8Wawmh
3k3I34SmUVfxMQUGYM1k4PsaLQTmvQTn6/sODfmZKOWwH/Hg883SdDXrAm6XGeBi
cXNAzSY6GNszKrMmErl8SWwm6SMUjmqtUAtXMDH3aH0L8N630j/RuY/Jnhk2AGtx
uE6PohBNOo3ToMau2XRBFf+k8wvgmwfuUBrlTPq3PkZgSE1wRQDoWe6za0Gx23qs
zmzcegcClJi5A1d3wCReGCCFAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUqiG2kMHW
PL9EGqO9EX7Yt4aIIikwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUMwQkUxL0U0NkZGNDkwQUUyQjExRUI5NTYyN0Y4MkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDMEJFMS9FNDZGRjQ5MEFFMkIxMUVCOTU2MjdGODJDNEY5QUUwMi9xaUcya01I
V1BMOUVHcU85RVg3WXQ0YUlJaWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg4UMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ8PMMA0EAgAC
MAcDBQAkBOPAMA0GCSqGSIb3DQEBCwUAA4IBAQAO1AmnQ+1wOitHQ7L9DqPe3m0Z
JCQP22I38YUNPLBpq17sr1wt4IiGoQDk6PcXzaPsuDNnrSTe0fBuTzKEUXhTkr/I
arOlKjr/GZXzGW8D8DcgrypLbN4RoukAMrZmVQMPSPrMaLSkvQvAVSuk90OByTf8
ywluu9SW7+g7smZsblYt2K3iMTcyTObkMdC0ZswfMvYFN4VxLValWdLatvbUVxHw
e0MULCy8+VRqhAMdbSbi7H5jvtFhJ4gtwiBptSTMIk0iqAD8WXAK6v0b7hyY9kW6
utzIqYy1SnRymdkfCqLx3vrkP7alfObT3O7E2BMdwj5pn0NAKBMFZvpBdS9o
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:50 2024 by rpki-client on console-fra.rpki-client.org