Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/upj7l0sLFJ-1v3Ge_9938G2-STQ.cer
File: upj7l0sLFJ-1v3Ge_9938G2-STQ.cer (raw, json)
Hash identifier: CiD45TrAUHHt6yP/GRITSBVJuZQQHudE4URRQduBMGo=
Subject key identifier: BA:98:FB:97:4B:0B:14:9F:B5:BF:71:9E:FF:DF:77:F0:6D:BE:49:34
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01D4D9
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91EAC9B/503F8E24792C11EE81E69A16C4F9AE02/upj7l0sLFJ-1v3Ge_9938G2-STQ.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91EAC9B/503F8E24792C11EE81E69A16C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 28 Dec 2023 22:53:19 +0000
Certificate not after: Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources: IP: 203.11.92.0/23
IP: 203.28.124.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 09 May 2024 05:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120025 (0x1d4d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Dec 28 22:53:19 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=A91EAC9B/serialNumber=BA98FB974B0B149FB5BF719EFFDF77F06DBE4934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:e2:8f:1f:3c:4b:26:1f:4b:a0:c0:54:e8:6d:
94:34:a3:ca:ce:16:25:4e:3b:ad:61:25:68:61:bb:
57:98:c4:5b:32:6e:7a:bf:84:0a:48:98:3d:df:7e:
09:dd:90:14:c0:26:3a:48:45:23:d5:b9:b9:6a:99:
84:09:a0:07:89:58:27:a6:f0:97:45:34:b0:98:f9:
dd:48:bc:83:48:b6:ca:f4:74:2f:53:94:d1:7b:5b:
26:eb:ea:3f:3c:ab:ca:a5:bb:b2:11:dd:10:36:65:
ef:f9:91:7b:4a:3f:20:fe:08:fb:19:db:50:18:58:
7b:e4:2d:c1:35:bd:37:74:59:02:ae:d9:89:81:15:
f8:3a:2d:25:df:a5:28:f2:64:11:8c:c4:15:5b:c0:
be:89:8e:9b:15:59:02:90:2c:26:96:6c:73:e7:6b:
40:45:11:fe:32:8c:96:93:f9:a2:5f:b3:0f:10:10:
3b:05:23:bf:4b:ad:7f:e1:d7:9a:30:9d:74:5e:b4:
92:0d:a1:33:4c:01:83:69:2a:59:4a:06:1d:a5:5d:
a7:9f:93:53:11:bf:d2:1e:bb:d6:f5:4f:46:bd:a3:
36:a2:2b:e2:cb:0a:ae:76:ec:db:cc:ea:b6:27:1a:
a6:0e:31:61:da:73:4f:12:de:31:c3:5c:53:0d:2d:
c0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:98:FB:97:4B:0B:14:9F:B5:BF:71:9E:FF:DF:77:F0:6D:BE:49:34
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91EAC9B/503F8E24792C11EE81E69A16C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91EAC9B/503F8E24792C11EE81E69A16C4F9AE02/upj7l0sLFJ-1v3Ge_9938G2-STQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.11.92.0/23
203.28.124.0/23
Signature Algorithm: sha256WithRSAEncryption
42:2a:a8:17:19:d1:2f:94:2d:6c:a7:33:74:16:f7:dc:a7:52:
dc:c6:7d:f1:79:3f:1e:89:4c:c4:03:9b:7d:5c:f5:f9:d4:f7:
bd:a0:cf:1f:5f:4f:e2:e9:a8:99:16:1d:27:0a:73:2b:51:e8:
59:68:ea:61:11:f2:b6:06:04:08:7c:3a:36:8f:d7:ce:b4:91:
f6:e2:5a:86:7e:96:73:ac:bc:72:ed:79:7b:71:9b:79:2a:6c:
6b:43:7b:ea:ef:6b:9d:af:fe:05:dd:96:a1:dc:1f:15:99:3f:
be:2c:4b:61:1f:e6:41:f2:81:65:6f:3a:b9:57:6a:13:0b:1f:
32:f5:4a:8e:6f:fc:8b:c5:c9:87:35:82:5a:f5:cd:8f:7d:8f:
be:3d:e1:11:9a:a4:77:30:55:4f:6f:34:a9:3c:32:b4:ce:7a:
f2:ec:ed:0a:d5:b1:1f:39:41:03:c5:03:16:d7:f2:a0:79:36:
fe:2d:4e:cd:18:38:58:15:3c:4d:b3:7a:9f:e4:95:2e:a4:ba:
a9:b6:c8:c0:fe:ac:ee:f3:32:de:c9:3a:92:88:3a:a5:3d:93:
49:ff:08:05:8f:df:cf:c7:33:25:37:33:07:e6:96:72:f2:00:
62:ec:bf:20:2b:6a:cd:3b:cc:88:3d:cf:d3:86:5e:db:02:45:
ff:38:3a:49
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgIDAdTZMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIyODIyNTMxOVoXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRUFDOUIxMTAvBgNVBAUTKEJBOThGQjk3NEIwQjE0OUZCNUJGNzE5
RUZGREY3N0YwNkRCRTQ5MzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDh4o8fPEsmH0ugwFTobZQ0o8rOFiVOO61hJWhhu1eYxFsybnq/hApImD3ffgnd
kBTAJjpIRSPVublqmYQJoAeJWCem8JdFNLCY+d1IvINItsr0dC9TlNF7Wybr6j88
q8qlu7IR3RA2Ze/5kXtKPyD+CPsZ21AYWHvkLcE1vTd0WQKu2YmBFfg6LSXfpSjy
ZBGMxBVbwL6JjpsVWQKQLCaWbHPna0BFEf4yjJaT+aJfsw8QEDsFI79LrX/h15ow
nXRetJINoTNMAYNpKllKBh2lXaefk1MRv9Ieu9b1T0a9ozaiK+LLCq527NvM6rYn
GqYOMWHac08S3jHDXFMNLcD/AgMBAAGjggL5MIIC9TAdBgNVHQ4EFgQUupj7l0sL
FJ+1v3Ge/9938G2+STQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUVBQzlCLzUwM0Y4RTI0NzkyQzExRUU4MUU2OUExNkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFQUM5Qi81MDNGOEUyNDc5MkMxMUVFODFFNjlBMTZDNEY5QUUwMi91cGo3bDBz
TEZKLTF2M0dlXzk5MzhHMi1TVFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8EFjAU
MBIEAgABMAwDBAHLC1wDBAHLHHwwDQYJKoZIhvcNAQELBQADggEBAEIqqBcZ0S+U
LWynM3QW99ynUtzGffF5Px6JTMQDm31c9fnU972gzx9fT+LpqJkWHScKcytR6Flo
6mER8rYGBAh8OjaP1860kfbiWoZ+lnOsvHLteXtxm3kqbGtDe+rva52v/gXdlqHc
HxWZP74sS2Ef5kHygWVvOrlXahMLHzL1So5v/IvFyYc1glr1zY99j7494RGapHcw
VU9vNKk8MrTOevLs7QrVsR85QQPFAxbX8qB5Nv4tTs0YOFgVPE2zep/klS6kuqm2
yMD+rO7zMt7JOpKIOqU9k0n/CAWP38/HMyU3MwfmlnLyAGLsvyAras07zIg9z9OG
XtsCRf84Okk=
-----END CERTIFICATE-----
Generated at Thu May 2 06:14:40 2024 by rpki-client on console-fra.rpki-client.org