Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rSNOPx67ra0Bn-Ca__cOgHWv3hc.cer
File: rSNOPx67ra0Bn-Ca__cOgHWv3hc.cer (raw, json)
Hash identifier: vVULYndl6MNuJQkwpvZ4LmjKfLjSKMqKd3ec0aOwCSI=
Subject key identifier: AD:23:4E:3F:1E:BB:AD:AD:01:9F:E0:9A:FF:F7:0E:80:75:AF:DE:17
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01F1BD
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911B6FB/D9CC9EDE11F711EF93BD944EC4F9AE02/rSNOPx67ra0Bn-Ca__cOgHWv3hc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911B6FB/D9CC9EDE11F711EF93BD944EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 14 May 2024 13:42:55 +0000
Certificate not after: Sun 31 Aug 2025 00:00:00 +0000
Subordinate resources: AS: 152853
IP: 103.158.118.0/23
IP: 2001:df3:cec0::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 14 Sep 2024 20:15:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127421 (0x1f1bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 14 13:42:55 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=A911B6FB/serialNumber=AD234E3F1EBBADAD019FE09AFFF70E8075AFDE17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:17:1b:6a:59:43:c6:04:a1:f8:f9:d1:21:25:
68:92:c1:9a:8b:cd:8c:7f:cb:10:53:f5:1e:c2:00:
89:7b:cd:8e:f7:d5:97:bc:52:ab:bc:8f:8a:e5:bc:
f7:3b:1b:24:d2:ee:b3:1b:df:df:72:0e:b2:06:39:
ed:3c:e8:08:31:82:5b:63:da:ce:ae:fd:d7:95:e8:
48:97:d6:81:81:f0:90:c9:db:07:ab:ed:29:65:c9:
5f:9b:ca:5e:71:a9:ff:cc:91:6a:54:59:02:01:bd:
4e:01:fc:67:4f:f7:3f:2b:be:6a:0c:62:33:0f:a4:
72:64:13:13:1d:81:a8:c3:b9:2a:95:d2:a4:17:ef:
96:63:a3:c9:5c:ef:9a:78:56:68:25:41:55:fa:3d:
f7:ee:94:45:c3:60:03:fb:af:07:ba:2a:ad:1e:b7:
58:0b:3a:7f:18:a5:93:f1:43:84:c4:d1:c6:c6:35:
58:26:a0:b0:24:51:c5:ed:42:ba:36:1b:ec:f3:4d:
48:39:21:a1:7d:dd:13:cf:d1:92:29:f7:63:03:05:
69:32:6f:a0:82:d8:02:d5:c5:0c:bc:cd:36:09:38:
df:50:24:ab:00:87:02:d7:08:64:de:15:90:3a:da:
8d:aa:1a:d8:3f:ab:83:43:57:45:2e:5d:42:dc:f1:
13:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:23:4E:3F:1E:BB:AD:AD:01:9F:E0:9A:FF:F7:0E:80:75:AF:DE:17
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911B6FB/D9CC9EDE11F711EF93BD944EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911B6FB/D9CC9EDE11F711EF93BD944EC4F9AE02/rSNOPx67ra0Bn-Ca__cOgHWv3hc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
152853
sbgp-ipAddrBlock: critical
IPv4:
103.158.118.0/23
IPv6:
2001:df3:cec0::/48
Signature Algorithm: sha256WithRSAEncryption
06:d1:1a:83:21:9e:1a:f9:29:ec:7c:24:b0:e2:9f:c9:6d:2d:
a1:3b:81:f9:ac:8a:21:66:a6:31:97:64:c6:b2:0f:b5:ac:9c:
36:aa:e5:3d:e3:d5:1a:df:bf:c1:3e:ea:30:14:35:d8:98:38:
4a:bd:43:e8:70:07:5f:71:a3:d7:f7:35:3b:e2:50:74:41:2b:
06:71:da:e1:9b:bb:0f:7e:37:60:c6:41:19:34:33:37:20:f7:
42:13:b2:02:bb:93:7b:e1:a6:02:b1:db:36:3d:d3:1e:74:64:
f7:c3:21:10:34:29:1f:43:69:02:c5:31:ff:cb:17:77:9e:c1:
34:ec:58:f8:d0:42:d9:06:3f:f0:81:2f:13:6a:58:55:39:80:
bd:6e:c3:58:79:6d:5a:ed:0a:94:20:43:a6:17:76:38:ac:6e:
e4:68:0c:e2:02:f7:88:4b:7a:af:3d:2c:bf:22:01:c4:af:55:
3e:48:77:65:c3:e6:48:71:92:96:a7:47:d4:a4:18:eb:1b:4d:
e6:31:f9:5b:5b:0f:2c:f0:92:8e:ca:ca:38:43:cf:58:f4:d9:
49:e7:e4:d1:d5:73:55:96:80:d9:84:b9:98:47:8f:a1:ad:8c:
8c:95:0a:42:a8:a9:49:f2:4e:e3:dd:11:25:a1:94:72:82:94:
bc:78:82:4a
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAfG9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDUxNDEzNDI1NVoXDTI1MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMUI2RkIxMTAvBgNVBAUTKEFEMjM0RTNGMUVCQkFEQUQwMTlGRTA5
QUZGRjcwRTgwNzVBRkRFMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCjFxtqWUPGBKH4+dEhJWiSwZqLzYx/yxBT9R7CAIl7zY731Ze8Uqu8j4rlvPc7
GyTS7rMb399yDrIGOe086Agxgltj2s6u/deV6EiX1oGB8JDJ2wer7SllyV+byl5x
qf/MkWpUWQIBvU4B/GdP9z8rvmoMYjMPpHJkExMdgajDuSqV0qQX75Zjo8lc75p4
VmglQVX6PffulEXDYAP7rwe6Kq0et1gLOn8YpZPxQ4TE0cbGNVgmoLAkUcXtQro2
G+zzTUg5IaF93RPP0ZIp92MDBWkyb6CC2ALVxQy8zTYJON9QJKsAhwLXCGTeFZA6
2o2qGtg/q4NDV0UuXULc8RNLAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUrSNOPx67
ra0Bn+Ca//cOgHWv3hcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTFCNkZCL0Q5Q0M5RURFMTFGNzExRUY5M0JEOTQ0RUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExQjZGQi9EOUNDOUVERTExRjcxMUVGOTNCRDk0NEVDNEY5QUUwMi9yU05PUHg2
N3JhMEJuLUNhX19jT2dIV3YzaGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlUVMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ552MA8EAgAC
MAkDBwAgAQ3zzsAwDQYJKoZIhvcNAQELBQADggEBAAbRGoMhnhr5Kex8JLDin8lt
LaE7gfmsiiFmpjGXZMayD7WsnDaq5T3j1Rrfv8E+6jAUNdiYOEq9Q+hwB19xo9f3
NTviUHRBKwZx2uGbuw9+N2DGQRk0Mzcg90ITsgK7k3vhpgKx2zY90x50ZPfDIRA0
KR9DaQLFMf/LF3eewTTsWPjQQtkGP/CBLxNqWFU5gL1uw1h5bVrtCpQgQ6YXdjis
buRoDOIC94hLeq89LL8iAcSvVT5Id2XD5khxkpanR9SkGOsbTeYx+VtbDyzwko7K
yjhDz1j02Unn5NHVc1WWgNmEuZhHj6GtjIyVCkKoqUnyTuPdESWhlHKClLx4gko=
-----END CERTIFICATE-----
Generated at Sat Sep 7 22:42:11 2024 by rpki-client on console-ams.rpki-client.org