Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xC_x0v81KYG8X4IkDsk5TvqzEYY.cer
File: xC_x0v81KYG8X4IkDsk5TvqzEYY.cer (raw, json)
Hash identifier: MLg8Rnf7s6vVXaTVKHNlv2JAIFjtff4N3lqdmKu4LG8=
Subject key identifier: C4:2F:F1:D2:FF:35:29:81:BC:5F:82:24:0E:C9:39:4E:FA:B3:11:86
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021AC0
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91814E9/FE57C2BC083011EBBFE4C732C4F9AE02/xC_x0v81KYG8X4IkDsk5TvqzEYY.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91814E9/FE57C2BC083011EBBFE4C732C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 11 Nov 2024 15:58:47 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: IP: 203.4.192.0/21
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137920 (0x21ac0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Nov 11 15:58:47 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A91814E9/serialNumber=C42FF1D2FF352981BC5F82240EC9394EFAB31186
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ca:6f:86:3f:a2:77:f5:7c:4d:82:72:0a:dd:
c3:01:3a:2e:09:39:0d:8f:a3:0f:05:4e:59:f7:7f:
07:6c:2e:c4:f0:c1:ba:e6:ac:3d:39:a4:53:2b:91:
8c:e7:db:af:83:3a:2e:1f:2f:5f:39:2d:53:2e:a9:
45:44:60:69:94:8c:c1:1e:0f:e0:cc:ce:ed:6e:11:
8b:ae:00:70:59:c0:b3:02:a1:f5:a5:cf:a8:0a:ce:
ea:0b:f0:75:c0:65:28:b4:31:29:17:f3:ea:e3:f1:
bf:22:f9:ff:50:32:9f:ac:3d:55:09:f5:c5:3f:fe:
56:08:63:2e:fc:f4:32:b2:45:9d:b2:5c:05:51:86:
45:01:ca:aa:41:49:24:df:01:65:39:ec:7c:13:b0:
3b:e7:cb:a1:ad:51:d8:04:0d:75:0a:a5:21:d0:bb:
e4:d2:55:d7:37:8a:3e:88:93:2c:af:0f:3b:84:e4:
0c:0f:53:08:65:dc:1f:2d:c7:a2:09:bd:f7:f0:a6:
32:7a:09:33:a7:c8:40:50:ac:4a:7b:6d:6f:5d:20:
36:94:fc:e0:0a:bd:71:eb:e8:c0:d5:34:6e:0d:40:
7a:25:b7:12:46:d8:5d:4b:2c:50:7c:59:26:f4:58:
20:3a:b7:dd:1c:16:53:d3:cb:e2:ac:0f:ab:c7:c7:
ba:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:2F:F1:D2:FF:35:29:81:BC:5F:82:24:0E:C9:39:4E:FA:B3:11:86
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91814E9/FE57C2BC083011EBBFE4C732C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91814E9/FE57C2BC083011EBBFE4C732C4F9AE02/xC_x0v81KYG8X4IkDsk5TvqzEYY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.4.192.0/21
Signature Algorithm: sha256WithRSAEncryption
50:62:c5:15:5c:55:6c:57:00:e1:d3:16:d9:18:5b:1f:06:e4:
aa:fd:f4:6f:b0:16:67:7c:41:fd:38:8d:83:1a:9f:87:7c:eb:
27:95:60:6b:fe:62:96:b2:8b:c5:44:7d:e8:ca:e9:85:54:c1:
cd:82:9b:21:c5:5a:64:49:1c:4d:75:f9:87:51:f1:cb:b7:43:
80:d6:ff:a3:4f:d4:12:96:3f:fc:56:88:9a:d9:0e:be:cc:f0:
3e:a3:58:e3:4d:e9:34:c5:ec:46:d4:b2:33:b6:74:8b:05:b8:
92:e6:91:c3:53:00:60:3e:01:d0:e1:99:aa:92:04:05:46:34:
f9:74:f1:8f:97:b1:17:cd:da:06:9d:8f:15:dc:a8:cf:30:d5:
5e:19:a2:0f:80:25:55:f2:01:66:80:52:5d:50:fa:e6:c4:80:
26:50:f2:a5:e6:be:32:de:c1:e6:59:c4:21:81:75:21:e8:08:
a9:e5:98:d9:43:1f:ab:bf:df:ff:dd:39:67:57:be:d2:aa:2f:
d7:99:68:e1:7a:68:22:1e:b9:77:97:ae:37:ea:28:4a:6a:59:
30:4b:00:57:26:2d:aa:97:4e:ce:12:4e:09:c6:94:8b:92:a7:
1d:a9:d1:55:ba:0c:59:6e:92:7d:3f:5b:76:d6:da:22:c7:4a:
82:3b:79:2c
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAhrAMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTExMTE1NTg0N1oXDTI2MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxODE0RTkxMTAvBgNVBAUTKEM0MkZGMUQyRkYzNTI5ODFCQzVGODIy
NDBFQzkzOTRFRkFCMzExODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDPym+GP6J39XxNgnIK3cMBOi4JOQ2Pow8FTln3fwdsLsTwwbrmrD05pFMrkYzn
26+DOi4fL185LVMuqUVEYGmUjMEeD+DMzu1uEYuuAHBZwLMCofWlz6gKzuoL8HXA
ZSi0MSkX8+rj8b8i+f9QMp+sPVUJ9cU//lYIYy789DKyRZ2yXAVRhkUByqpBSSTf
AWU57HwTsDvny6GtUdgEDXUKpSHQu+TSVdc3ij6IkyyvDzuE5AwPUwhl3B8tx6IJ
vffwpjJ6CTOnyEBQrEp7bW9dIDaU/OAKvXHr6MDVNG4NQHoltxJG2F1LLFB8WSb0
WCA6t90cFlPTy+KsD6vHx7oHAgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQUxC/x0v81
KYG8X4IkDsk5TvqzEYYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTgxNEU5L0ZFNTdDMkJDMDgzMDExRUJCRkU0QzczMkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4MTRFOS9GRTU3QzJCQzA4MzAxMUVCQkZFNEM3MzJDNEY5QUUwMi94Q194MHY4
MUtZRzhYNElrRHNrNVR2cXpFWVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBAPLBMAwDQYJKoZIhvcNAQELBQADggEBAFBixRVcVWxXAOHTFtkY
Wx8G5Kr99G+wFmd8Qf04jYMan4d86yeVYGv+Ypayi8VEfejK6YVUwc2CmyHFWmRJ
HE11+YdR8cu3Q4DW/6NP1BKWP/xWiJrZDr7M8D6jWONN6TTF7EbUsjO2dIsFuJLm
kcNTAGA+AdDhmaqSBAVGNPl08Y+XsRfN2gadjxXcqM8w1V4Zog+AJVXyAWaAUl1Q
+ubEgCZQ8qXmvjLeweZZxCGBdSHoCKnlmNlDH6u/3//dOWdXvtKqL9eZaOF6aCIe
uXeXrjfqKEpqWTBLAFcmLaqXTs4STgnGlIuSpx2p0VW6DFlukn0/W3bW2iLHSoI7
eSw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:25:10 2024 by rpki-client on console-fra.rpki-client.org