Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.cer
File: tLGKJT-2KTQ3EWY13d0ZlCi2jVs.cer (raw, json)
Hash identifier: Bw+N0LHeM3Luo3ZLnQC0DP52HcfHJmdiyU8isH1dx4w=
Subject key identifier: B4:B1:8A:25:3F:B6:29:34:37:11:66:35:DD:DD:19:94:28:B6:8D:5B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 022DDC
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sun 02 Feb 2025 03:22:08 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: AS: 133148
IP: 103.66.228.0/23
IP: 2400:d2a0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142812 (0x22ddc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Feb 2 03:22:08 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=A91FD64D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0a:bc:75:9f:3a:9e:9a:ef:0a:ed:f9:10:fc:
ca:c2:90:ec:b0:ea:d7:e6:9a:c9:d7:4d:80:e7:f1:
54:46:1a:aa:7e:ce:b1:28:8a:5a:11:65:64:0f:c5:
71:55:9e:66:d8:19:da:2e:9f:e6:b0:53:3c:8e:aa:
e4:cf:89:41:71:dc:5c:6d:bb:1b:04:da:80:19:48:
16:77:fc:3e:62:d6:5d:99:a9:a1:fe:17:dd:7a:64:
93:de:0e:d2:18:a1:ad:ce:31:72:bd:df:41:db:61:
86:18:f0:89:00:7b:8f:08:2a:70:18:05:d4:9d:13:
48:3d:62:52:83:6d:79:fa:a0:04:15:e6:3a:60:d1:
90:26:c5:87:bc:1d:03:01:d2:62:05:a8:b0:67:51:
49:ae:3e:11:a8:a8:8f:2e:c8:41:57:26:cf:eb:28:
15:61:79:12:ab:1f:a9:9a:b4:c6:a5:f7:e6:49:f4:
1a:9c:1d:61:84:ec:b0:21:c8:04:20:a8:ea:dd:6e:
2a:e8:4c:f8:94:e1:26:85:6f:7c:97:d3:46:02:ed:
f9:94:87:d7:1e:72:0a:b0:04:22:83:08:3f:9a:a3:
1f:f1:b1:e7:57:5e:ed:1c:b2:43:1f:8a:39:b9:8c:
28:73:06:cf:19:ce:9b:ca:f2:ab:83:8d:5a:11:a6:
42:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B1:8A:25:3F:B6:29:34:37:11:66:35:DD:DD:19:94:28:B6:8D:5B
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
133148
sbgp-ipAddrBlock: critical
IPv4:
103.66.228.0/23
IPv6:
2400:d2a0::/32
Signature Algorithm: sha256WithRSAEncryption
03:95:c8:24:88:4f:05:52:bf:0b:9d:24:89:b1:d1:ed:0b:3f:
96:c4:ba:83:a0:d3:ba:5d:aa:bf:e4:0b:09:f9:f8:ec:47:6e:
f8:1d:59:73:0f:e9:ef:45:51:13:16:6b:55:a8:f3:22:33:ff:
57:62:d1:33:c8:01:19:63:2f:b2:91:99:1c:00:70:94:52:d2:
93:4e:99:7e:c6:09:48:b3:2b:94:b8:61:e8:f7:af:3e:b7:0d:
87:8a:ba:e3:1b:8d:b9:2b:13:5a:a2:bb:72:dc:e3:7c:52:b2:
3d:5c:87:64:ac:d6:95:df:a5:e1:4d:08:b5:07:28:71:48:2c:
56:ce:74:88:9f:64:3f:62:9d:54:7b:c7:33:20:77:38:da:7d:
c6:f0:75:ca:02:65:66:8a:05:49:3a:d3:42:c5:e6:8f:cd:fa:
b0:1d:64:74:1e:02:16:37:69:d8:e2:c7:93:66:27:0e:ff:00:
41:e8:2e:77:41:02:fa:6a:5f:b9:1e:81:5d:51:73:79:91:51:
05:84:16:f3:ea:33:46:d1:db:f2:03:70:ca:a9:a1:c0:85:cc:
61:53:08:e7:02:0c:3b:d1:4b:c0:93:9b:70:0e:12:74:f9:e3:
95:be:5f:0e:28:64:42:44:fa:8a:a8:e4:5d:95:4b:a7:12:a3:
ac:6d:b4:7c
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAi3cMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDIwMjAzMjIwOFoXDTI2MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRkQ2NEQxMTAvBgNVBAUTKEI0QjE4QTI1M0ZCNjI5MzQzNzExNjYz
NUREREQxOTk0MjhCNjhENUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLCrx1nzqemu8K7fkQ/MrCkOyw6tfmmsnXTYDn8VRGGqp+zrEoiloRZWQPxXFV
nmbYGdoun+awUzyOquTPiUFx3FxtuxsE2oAZSBZ3/D5i1l2ZqaH+F916ZJPeDtIY
oa3OMXK930HbYYYY8IkAe48IKnAYBdSdE0g9YlKDbXn6oAQV5jpg0ZAmxYe8HQMB
0mIFqLBnUUmuPhGoqI8uyEFXJs/rKBVheRKrH6matMal9+ZJ9BqcHWGE7LAhyAQg
qOrdbiroTPiU4SaFb3yX00YC7fmUh9cecgqwBCKDCD+aox/xsedXXu0cskMfijm5
jChzBs8ZzpvK8quDjVoRpkLFAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUtLGKJT+2
KTQ3EWY13d0ZlCi2jVswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUZENjRELzM3MDc4NkM4OTk5NDExRUQ4NTY3MzExRkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGRDY0RC8zNzA3ODZDODk5OTQxMUVEODU2NzMxMUZDNEY5QUUwMi90TEdLSlQt
MktUUTNFV1kxM2QwWmxDaTJqVnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAggcMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ0LkMA0EAgAC
MAcDBQAkANKgMA0GCSqGSIb3DQEBCwUAA4IBAQADlcgkiE8FUr8LnSSJsdHtCz+W
xLqDoNO6Xaq/5AsJ+fjsR274HVlzD+nvRVETFmtVqPMiM/9XYtEzyAEZYy+ykZkc
AHCUUtKTTpl+xglIsyuUuGHo968+tw2HirrjG425KxNaorty3ON8UrI9XIdkrNaV
36XhTQi1ByhxSCxWznSIn2Q/Yp1Ue8czIHc42n3G8HXKAmVmigVJOtNCxeaPzfqw
HWR0HgIWN2nY4seTZicO/wBB6C53QQL6al+5HoFdUXN5kVEFhBbz6jNG0dvyA3DK
qaHAhcxhUwjnAgw70UvAk5twDhJ0+eOVvl8OKGRCRPqKqORdlUunEqOsbbR8
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:14 2025 by rpki-client