Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rKpuJqXy3KoUzfyezI6c9oKaQCE.cer
File: rKpuJqXy3KoUzfyezI6c9oKaQCE.cer (raw, json)
Hash identifier: iJ0JiIuRhuoY2E6SZuOFSuAJbBZGUvbhxsGl3ANF5kI=
Subject key identifier: AC:AA:6E:26:A5:F2:DC:AA:14:CD:FC:9E:CC:8E:9C:F6:82:9A:40:21
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 020047
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91AEF45/5D8B9B829F2A11ECA7CFAD0AC4F9AE02/rKpuJqXy3KoUzfyezI6c9oKaQCE.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91AEF45/5D8B9B829F2A11ECA7CFAD0AC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 15 Jul 2024 19:33:47 +0000
Certificate not after: Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources: AS: 140718
IP: 103.152.32.0/24
IP: 2001:df3:f380::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131143 (0x20047)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 15 19:33:47 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=A91AEF45/serialNumber=ACAA6E26A5F2DCAA14CDFC9ECC8E9CF6829A4021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9b:c4:4c:2b:f8:69:e8:06:9a:3e:5c:9f:1f:
4d:d2:58:1e:30:23:cd:f2:48:fb:74:da:0b:b6:14:
64:88:3d:d0:c2:c8:02:5e:9a:af:99:fc:e8:a4:86:
08:ac:e4:25:52:ae:df:38:02:be:f0:bb:d9:5e:35:
97:69:5b:e9:2d:1b:88:43:5e:78:f9:7e:40:cb:0a:
da:a7:44:0c:19:5e:47:88:ae:29:6d:ea:6d:7f:fb:
4e:9d:4b:35:2d:0d:02:15:da:32:c3:95:44:9f:ec:
fb:9d:a5:cd:1b:c3:39:ed:c2:b4:a3:db:8a:19:4d:
e2:c3:4d:0c:e1:cf:6e:8c:ea:f9:de:de:83:10:3b:
59:42:4c:01:15:15:e7:a8:df:c5:c3:cc:0a:27:92:
25:96:84:db:53:2f:24:b8:a6:31:14:9a:ff:b9:ba:
7b:50:f8:d5:c8:f5:f3:cb:06:4c:b2:1e:61:30:ea:
d9:a7:c3:31:27:fd:cf:bf:3e:c1:83:11:12:10:c0:
ee:fb:b8:fb:23:d8:a7:06:26:1c:2c:9e:69:de:02:
6e:45:c5:9d:c8:24:07:a6:75:8c:17:bd:fa:3a:7b:
bb:5c:9a:7b:0a:37:a6:e1:9b:3e:a9:37:2b:0f:75:
25:7a:4a:1f:c1:7d:97:c6:7a:89:57:3e:c2:f9:49:
b2:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:AA:6E:26:A5:F2:DC:AA:14:CD:FC:9E:CC:8E:9C:F6:82:9A:40:21
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91AEF45/5D8B9B829F2A11ECA7CFAD0AC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91AEF45/5D8B9B829F2A11ECA7CFAD0AC4F9AE02/rKpuJqXy3KoUzfyezI6c9oKaQCE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
140718
sbgp-ipAddrBlock: critical
IPv4:
103.152.32.0/24
IPv6:
2001:df3:f380::/48
Signature Algorithm: sha256WithRSAEncryption
72:ab:f7:1e:86:f1:24:4f:da:bc:e7:ca:82:93:7a:9a:2e:61:
a6:76:a9:5e:db:e8:78:b3:2c:d3:5b:c0:56:06:25:9c:6a:97:
9f:b1:ec:6c:25:fd:e3:11:47:ec:11:c1:c9:cb:52:23:26:80:
1d:07:a4:c0:ba:09:a8:9a:79:a4:19:ec:09:b4:da:80:16:55:
c0:53:ea:13:46:e9:0a:6f:00:7a:2d:d3:bf:0a:ca:47:7c:0f:
66:7c:83:8a:97:b9:96:70:ea:5e:20:49:9a:bb:4d:c9:bf:6f:
77:cb:d2:7f:6d:47:03:80:12:41:9d:fc:ab:18:23:83:b5:2b:
01:08:d4:b6:47:b9:c5:91:04:04:c0:8a:01:83:eb:b9:6a:5c:
86:cc:a4:d5:f8:b6:c1:60:df:79:3b:fd:3c:be:9a:23:9a:44:
58:17:63:43:2d:c2:bc:85:30:61:e1:2c:99:2d:5b:7a:7e:90:
38:2f:84:82:24:8c:3c:ae:29:57:63:81:c3:88:c8:8c:da:fd:
53:05:69:81:a1:ba:fb:ea:a8:72:46:46:24:bc:51:95:21:06:
85:e4:4c:d4:84:0c:95:2a:97:02:97:56:40:0f:f8:55:b3:89:
04:21:f5:3f:87:f6:ef:c0:49:fc:e8:f8:dc:c0:4b:1c:a7:65:
14:ac:10:b3
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAgBHMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDcxNTE5MzM0N1oXDTI1MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQUVGNDUxMTAvBgNVBAUTKEFDQUE2RTI2QTVGMkRDQUExNENERkM5
RUNDOEU5Q0Y2ODI5QTQwMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCvm8RMK/hp6AaaPlyfH03SWB4wI83ySPt02gu2FGSIPdDCyAJemq+Z/Oikhgis
5CVSrt84Ar7wu9leNZdpW+ktG4hDXnj5fkDLCtqnRAwZXkeIrilt6m1/+06dSzUt
DQIV2jLDlUSf7Pudpc0bwzntwrSj24oZTeLDTQzhz26M6vne3oMQO1lCTAEVFeeo
38XDzAonkiWWhNtTLyS4pjEUmv+5untQ+NXI9fPLBkyyHmEw6tmnwzEn/c+/PsGD
ERIQwO77uPsj2KcGJhwsnmneAm5FxZ3IJAemdYwXvfo6e7tcmnsKN6bhmz6pNysP
dSV6Sh/BfZfGeolXPsL5SbI3AgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUrKpuJqXy
3KoUzfyezI6c9oKaQCEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUFFRjQ1LzVEOEI5QjgyOUYyQTExRUNBN0NGQUQwQUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBRUY0NS81RDhCOUI4MjlGMkExMUVDQTdDRkFEMEFDNEY5QUUwMi9yS3B1SnFY
eTNLb1V6Znllekk2YzlvS2FRQ0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiWuMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAZ5ggMA8EAgAC
MAkDBwAgAQ3z84AwDQYJKoZIhvcNAQELBQADggEBAHKr9x6G8SRP2rznyoKTepou
YaZ2qV7b6HizLNNbwFYGJZxql5+x7Gwl/eMRR+wRwcnLUiMmgB0HpMC6CaiaeaQZ
7Am02oAWVcBT6hNG6QpvAHot078Kykd8D2Z8g4qXuZZw6l4gSZq7Tcm/b3fL0n9t
RwOAEkGd/KsYI4O1KwEI1LZHucWRBATAigGD67lqXIbMpNX4tsFg33k7/Ty+miOa
RFgXY0MtwryFMGHhLJktW3p+kDgvhIIkjDyuKVdjgcOIyIza/VMFaYGhuvvqqHJG
RiS8UZUhBoXkTNSEDJUqlwKXVkAP+FWziQQh9T+H9u/ASfzo+NzASxynZRSsELM=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:00:06 2024 by rpki-client on console-ams.rpki-client.org