Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer
File: raiu0ysVuH5hElLSnR4dW95YFkY.cer (raw, json)
Hash identifier: nyz+F/5VXfhjp0RUjJIG7nSNAdlrFVBo4yN0qqAR4Gg=
Subject key identifier: AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01C46D
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 16 Oct 2023 22:55:15 +0000
Certificate not after: Mon 31 Mar 2031 00:00:00 +0000
Subordinate resources: AS: 4608
AS: 4777
AS: 9545
AS: 18366 -- 18370
AS: 24555
AS: 55638
AS: 131076
IP: 202.12.28.0/23
IP: 202.12.31.0/24
IP: 203.119.0.0/24
IP: 203.119.42.0/24
IP: 203.119.76.0/23
IP: 203.119.86.0/24
IP: 203.119.95.0/24
IP: 203.119.100.0 -- 203.119.111.255
IP: 220.247.144.0/20
IP: 2001:dc0::/32
IP: 2001:dd8:6::/48
IP: 2001:dd8:8::/45
IP: 2001:dd8:12::/48
IP: 2001:ddd::/48
IP: 2001:df8::/31
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115821 (0x1c46d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Oct 16 22:55:15 2023 GMT
Not After : Mar 31 00:00:00 2031 GMT
Subject: CN=A91DC5BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:41:21:7a:23:da:58:54:0b:5c:d7:f8:fe:a8:
33:54:c4:15:50:0a:01:1e:e0:98:ec:16:c1:97:a2:
13:fb:c3:ea:18:be:d3:c3:18:b1:90:43:78:66:2c:
ae:b0:2c:87:8c:4a:29:36:f0:35:4d:ec:2c:14:73:
40:99:68:4e:8d:fb:dd:9d:ba:c5:84:57:76:58:f0:
a3:de:fa:22:95:04:91:e1:0b:76:59:99:a2:31:c8:
18:8f:cc:19:04:60:2f:72:c5:c2:7f:b3:30:fe:85:
b4:e4:b8:1a:79:0d:76:67:d5:24:36:48:33:69:32:
99:d3:a5:4b:1f:b3:f4:81:0a:64:9b:4d:c4:40:76:
61:a8:61:58:a4:7a:f4:b9:67:84:37:2f:3e:af:30:
6b:b6:7f:c9:f9:2e:75:5f:df:16:d4:e0:40:a2:26:
fa:75:85:7a:c9:9f:68:f6:89:c4:13:20:12:b1:be:
a2:38:1a:cf:5d:ca:f8:f0:37:03:70:de:95:91:c1:
e1:c5:d2:a1:f8:8e:84:c2:23:4f:d4:cb:2d:90:1a:
b6:56:76:fa:15:21:84:da:74:6b:ae:db:e0:28:be:
ee:a2:f2:1c:a7:01:d7:95:c5:f9:e8:16:c1:04:18:
88:fd:69:01:ad:db:1a:60:58:e3:12:04:bb:df:9b:
2c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
4608
4777
9545
18366-18370
24555
55638
131076
sbgp-ipAddrBlock: critical
IPv4:
202.12.28.0/23
202.12.31.0/24
203.119.0.0/24
203.119.42.0/24
203.119.76.0/23
203.119.86.0/24
203.119.95.0/24
203.119.100.0-203.119.111.255
220.247.144.0/20
IPv6:
2001:dc0::/32
2001:dd8:6::/48
2001:dd8:8::/45
2001:dd8:12::/48
2001:ddd::/48
2001:df8::/31
Signature Algorithm: sha256WithRSAEncryption
03:e4:da:57:b7:3f:e6:62:1a:0d:a0:07:d5:3e:65:63:d9:58:
ae:62:33:6e:7b:e7:f1:a9:ce:11:35:30:17:67:27:b6:18:b1:
5d:7d:12:61:64:ad:8f:1e:30:8a:96:9e:98:89:61:9b:49:f0:
3b:d3:05:56:8f:87:05:4d:08:a1:e7:91:a5:45:da:f9:7c:bd:
8b:36:29:b6:56:08:08:83:af:86:23:b4:ec:9b:79:45:7b:e7:
66:df:78:ff:47:27:d0:ab:8c:bd:fc:83:52:03:9c:64:30:bd:
92:a9:4d:ee:db:72:ba:ec:5e:69:93:34:73:9d:63:4b:f2:7b:
0d:28:46:71:93:a7:41:7c:a3:71:20:64:8e:ec:f0:5d:9e:22:
12:9f:eb:f1:90:72:87:a0:25:1a:78:66:de:83:48:97:ad:72:
88:ba:5a:00:22:91:a5:60:c2:8a:e3:94:af:e9:fe:b8:47:61:
65:fa:fc:22:9d:d0:1d:33:58:10:45:fb:18:2a:63:4d:c2:57:
e8:ac:64:e4:58:ce:b8:c4:15:97:8b:e1:d3:e1:fb:71:06:7d:
da:a5:35:7a:c1:8d:80:3e:b2:8d:76:df:63:da:ad:e4:e1:c4:
bd:37:1d:23:9d:8c:97:96:74:32:c8:ee:4b:f6:d7:17:de:86:
1b:fc:ad:d1
-----BEGIN CERTIFICATE-----
MIIGrjCCBZagAwIBAgIDAcRtMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTAxNjIyNTUxNVoXDTMxMDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxREM1QkUxMTAvBgNVBAUTKEFEQThBRUQzMkIxNUI4N0U2MTEyNTJE
MjlEMUUxRDVCREU1ODE2NDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJQSF6I9pYVAtc1/j+qDNUxBVQCgEe4JjsFsGXohP7w+oYvtPDGLGQQ3hmLK6w
LIeMSik28DVN7CwUc0CZaE6N+92dusWEV3ZY8KPe+iKVBJHhC3ZZmaIxyBiPzBkE
YC9yxcJ/szD+hbTkuBp5DXZn1SQ2SDNpMpnTpUsfs/SBCmSbTcRAdmGoYVikevS5
Z4Q3Lz6vMGu2f8n5LnVf3xbU4ECiJvp1hXrJn2j2icQTIBKxvqI4Gs9dyvjwNwNw
3pWRweHF0qH4joTCI0/Uyy2QGrZWdvoVIYTadGuu2+Aovu6i8hynAdeVxfnoFsEE
GIj9aQGt2xpgWOMSBLvfmyyTAgMBAAGjggOjMIIDnzAdBgNVHQ4EFgQUraiu0ysV
uH5hElLSnR4dW95YFkYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MURDNUJFL0Q0MDE2MTlBMUQ2OTExRTJBRkI2NEVBNzA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEQzVCRS9ENDAxNjE5QTFENjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlz
VnVINWhFbExTblI0ZFc5NVlGa1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQgBAf8EKjAo
oCYwJAICEgACAhKpAgIlSTAIAgJHvgICR8ICAl/rAgMA2VYCAwIABDCBkwYIKwYB
BQUHAQcBAf8EgYMwgYAwRAQCAAEwPgMEAcoMHAMEAMoMHwMEAMt3AAMEAMt3KgME
Act3TAMEAMt3VgMEAMt3XzAMAwQCy3dkAwQEy3dgAwQE3PeQMDgEAgACMDIDBQAg
AQ3AAwcAIAEN2AAGAwcDIAEN2AAIAwcAIAEN2AASAwcAIAEN3QAAAwUBIAEN+DAN
BgkqhkiG9w0BAQsFAAOCAQEAA+TaV7c/5mIaDaAH1T5lY9lYrmIzbnvn8anOETUw
F2cnthixXX0SYWStjx4wipaemIlhm0nwO9MFVo+HBU0IoeeRpUXa+Xy9izYptlYI
CIOvhiO07Jt5RXvnZt94/0cn0KuMvfyDUgOcZDC9kqlN7ttyuuxeaZM0c51jS/J7
DShGcZOnQXyjcSBkjuzwXZ4iEp/r8ZByh6AlGnhm3oNIl61yiLpaACKRpWDCiuOU
r+n+uEdhZfr8Ip3QHTNYEEX7GCpjTcJX6Kxk5FjOuMQVl4vh0+H7cQZ92qU1esGN
gD6yjXbfY9qt5OHEvTcdI52Ml5Z0MsjuS/bXF96GG/yt0Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:34 2025 by rpki-client