Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer
File: vFNsAPhfWQQdnEwpYfciQr9g1R4.cer (raw, json)
Hash identifier: 8kpQFZZoTs7eMnzJZ+9QplzDEIvxBQx9Xt5Npg99l5k=
Subject key identifier: BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01ED8F
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/vFNsAPhfWQQdnEwpYfciQr9g1R4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 26 Apr 2024 00:57:54 +0000
Certificate not after: Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources: AS: 23942
AS: 59325
AS: 133584
AS: 134170
AS: 137074
AS: 141013
IP: 43.224.188.0/22
IP: 43.226.4.0/22
IP: 45.64.80.0/22
IP: 103.18.64.0/22
IP: 103.25.176.0/22
IP: 103.43.212.0/22
IP: 103.104.16.0/22
IP: 116.89.244.0/22
IP: 203.28.64.0/22
IP: 2401:fdc0::/32
IP: 2406:e100::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 06:14:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126351 (0x1ed8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 26 00:57:54 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=A9164860/serialNumber=BC536C00F85F59041D9C4C2961F72242BF60D51E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:de:e8:24:ae:65:2e:d4:e9:f2:a3:c2:50:fb:
34:82:85:ff:01:5a:ff:18:18:9f:14:33:58:99:f9:
97:ca:ba:c4:55:55:b1:79:08:4b:aa:36:56:47:c4:
86:6d:3d:78:c2:60:55:4d:30:8c:ab:82:1c:83:80:
78:87:4a:1e:c6:be:8d:f7:5d:eb:7c:4f:9f:03:d7:
cf:80:19:cc:96:74:ea:9e:9f:e0:5f:d4:a8:bb:4e:
f8:9b:6a:96:7d:e5:e6:bc:27:41:10:d2:96:97:2c:
d8:87:27:19:fb:96:e5:c6:fb:5f:12:4c:c2:cf:d7:
71:04:8c:b5:4c:f2:31:bc:4d:13:4d:c5:4e:62:30:
0b:af:40:7b:ef:7c:a9:38:f7:48:01:28:b3:fc:6d:
f7:0f:7a:c4:54:5e:26:99:82:b2:b5:f5:a0:14:4a:
b7:58:b3:62:0e:c3:05:18:53:dc:93:5b:2a:2e:f8:
01:a3:29:83:71:7b:26:a1:f7:24:24:2f:38:b9:d6:
ac:eb:d0:46:6f:8a:2f:34:0c:48:01:9d:d0:77:60:
09:99:fa:ef:d4:16:54:29:47:7c:ee:8d:1e:2f:f3:
38:fe:27:a9:5f:d1:2f:2a:a1:64:98:82:e8:43:57:
11:54:70:53:cc:3e:f6:90:fc:1f:81:be:29:87:6b:
0f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/vFNsAPhfWQQdnEwpYfciQr9g1R4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
23942
59325
133584
134170
137074
141013
sbgp-ipAddrBlock: critical
IPv4:
43.224.188.0/22
43.226.4.0/22
45.64.80.0/22
103.18.64.0/22
103.25.176.0/22
103.43.212.0/22
103.104.16.0/22
116.89.244.0/22
203.28.64.0/22
IPv6:
2401:fdc0::/32
2406:e100::/32
Signature Algorithm: sha256WithRSAEncryption
3d:4a:c2:5d:b0:94:6a:1e:e5:7e:e9:a6:30:ae:66:0c:50:3b:
41:cb:01:d7:bc:5c:ed:eb:39:7e:a7:22:94:6d:93:82:5d:78:
19:d9:36:42:20:63:98:da:d6:1c:83:98:d8:c5:f0:2d:90:7c:
9a:12:a4:7b:ad:20:cd:18:d2:9f:8f:af:e2:4d:25:8d:f2:3b:
cb:c6:c2:64:2b:a8:00:3b:b0:34:f3:d5:fd:c1:ee:18:c4:15:
36:e3:b8:3b:d8:6f:2f:cd:ee:89:13:8a:87:8f:b7:09:09:d9:
7d:4f:2f:42:95:32:b2:e4:37:c1:78:88:39:e9:b4:2e:5e:a0:
5d:a0:0e:57:e2:c7:c5:ae:93:e6:b3:db:31:75:db:fe:79:46:
84:55:3a:37:e1:0a:5f:dc:9e:37:1c:25:31:4d:80:f3:f2:94:
50:f8:b8:91:92:cf:10:2f:3d:c5:8b:3d:5a:1a:f1:c3:11:ba:
83:b4:35:ae:85:4c:52:88:ae:bb:62:38:6a:41:f4:f4:47:f5:
7b:8a:0b:ad:25:bd:1c:52:30:e1:be:63:19:da:25:1a:90:5f:
a7:c8:f3:7d:58:5f:62:9e:3d:58:df:0c:a1:88:b2:df:b5:d8:
a7:2f:07:5d:26:96:de:d7:3b:15:d4:6f:90:d0:39:ec:9a:8c:
f0:1f:d6:93
-----BEGIN CERTIFICATE-----
MIIGeDCCBWCgAwIBAgIDAe2PMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQyNjAwNTc1NFoXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNjQ4NjAxMTAvBgNVBAUTKEJDNTM2QzAwRjg1RjU5MDQxRDlDNEMy
OTYxRjcyMjQyQkY2MEQ1MUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJ3ugkrmUu1Onyo8JQ+zSChf8BWv8YGJ8UM1iZ+ZfKusRVVbF5CEuqNlZHxIZt
PXjCYFVNMIyrghyDgHiHSh7Gvo33Xet8T58D18+AGcyWdOqen+Bf1Ki7TvibapZ9
5ea8J0EQ0paXLNiHJxn7luXG+18STMLP13EEjLVM8jG8TRNNxU5iMAuvQHvvfKk4
90gBKLP8bfcPesRUXiaZgrK19aAUSrdYs2IOwwUYU9yTWyou+AGjKYNxeyah9yQk
Lzi51qzr0EZvii80DEgBndB3YAmZ+u/UFlQpR3zujR4v8zj+J6lf0S8qoWSYguhD
VxFUcFPMPvaQ/B+BvimHaw/BAgMBAAGjggNtMIIDaTAdBgNVHQ4EFgQUvFNsAPhf
WQQdnEwpYfciQr9g1R4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTY0ODYwL0I0MDFDOTgyRTk3MDExRThCMDM1OTM1OUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2NDg2MC9CNDAxQzk4MkU5NzAxMUU4QjAzNTkzNTlDNEY5QUUwMi92Rk5zQVBo
ZldRUWRuRXdwWWZjaVFyOWcxUjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMgYIKwYBBQUHAQgBAf8EIzAh
oB8wHQICXYYCAwDnvQIDAgnQAgMCDBoCAwIXcgIDAibVMGUGCCsGAQUFBwEHAQH/
BFYwVDA8BAIAATA2AwQCK+C8AwQCK+IEAwQCLUBQAwQCZxJAAwQCZxmwAwQCZyvU
AwQCZ2gQAwQCdFn0AwQCyxxAMBQEAgACMA4DBQAkAf3AAwUAJAbhADANBgkqhkiG
9w0BAQsFAAOCAQEAPUrCXbCUah7lfummMK5mDFA7QcsB17xc7es5fqcilG2Tgl14
Gdk2QiBjmNrWHIOY2MXwLZB8mhKke60gzRjSn4+v4k0ljfI7y8bCZCuoADuwNPPV
/cHuGMQVNuO4O9hvL83uiROKh4+3CQnZfU8vQpUysuQ3wXiIOem0Ll6gXaAOV+LH
xa6T5rPbMXXb/nlGhFU6N+EKX9yeNxwlMU2A8/KUUPi4kZLPEC89xYs9WhrxwxG6
g7Q1roVMUoiuu2I4akH09Ef1e4oLrSW9HFIw4b5jGdolGpBfp8jzfVhfYp49WN8M
oYiy37XYpy8HXSaW3tc7FdRvkNA57JqM8B/Wkw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:59:12 2024 by rpki-client on console-fra.rpki-client.org