Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer
File: xOTw2gEK9YY3zFlihHHpmLckPFI.cer (raw, json)
Hash identifier: sscc6K64NxM8tASNzAN6uTm3JHym3OMWEzWOkEjsEmY=
Subject key identifier: C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01D6A1
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 04 Jan 2024 04:08:59 +0000
Certificate not after: Wed 29 May 2024 00:00:00 +0000
Subordinate resources: AS: 133882
IP: 43.255.152.0/22
IP: 103.1.172.0/22
IP: 103.35.91.0/24
IP: 103.44.220.0/24
IP: 103.87.189.0 -- 103.87.191.255
IP: 118.139.160.0/19
IP: 182.50.128.0/19
IP: 202.3.13.0/24
IP: 203.124.96.0/19
IP: 2001:df1:9c00::/48
IP: 2403:bc80::/32
IP: 2407:1c00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 05 Apr 2024 04:49:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120481 (0x1d6a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jan 4 04:08:59 2024 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=A91D83D0/serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2b:d2:ef:73:ca:0c:40:cd:a1:fa:21:fc:cd:
47:2f:e3:67:3c:ac:f4:f7:c9:f2:62:10:d8:bc:24:
bc:07:84:e5:1a:3b:cd:b7:80:67:78:20:96:59:11:
a2:ae:1e:8f:8a:d9:ba:7f:e1:81:d6:e4:ab:c5:ce:
dd:b5:bf:09:64:d2:6b:0d:22:d1:74:66:59:2f:30:
46:70:f5:ab:91:76:4f:9c:e0:49:21:58:3c:55:aa:
3e:28:1a:9b:60:93:2f:79:8a:cf:44:ad:e9:b8:95:
41:22:1f:d6:bb:00:59:ae:d3:d5:72:0c:a9:0c:e0:
0c:3b:fc:72:9e:07:8f:31:41:a6:20:d2:f6:01:64:
07:5c:a9:be:0e:e9:30:d5:9d:20:2a:03:60:89:3b:
6c:55:5c:b1:49:61:c1:a3:b6:9d:b5:90:a7:9e:03:
dc:d7:1d:77:24:4c:72:15:b9:59:bc:6d:56:2a:80:
5a:b6:4d:7a:c6:13:78:65:5d:a5:a1:fa:53:c4:b4:
39:16:bd:20:2b:f8:1a:f3:40:f8:1e:f2:b5:ef:8c:
00:12:a5:ad:bc:0f:69:18:45:58:ba:97:27:ff:ef:
82:9e:5f:e1:4b:e7:50:70:71:d4:c4:b8:bd:0b:5f:
5a:f1:08:20:86:8c:9d:ae:5f:fd:d3:e0:7c:61:39:
83:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
133882
sbgp-ipAddrBlock: critical
IPv4:
43.255.152.0/22
103.1.172.0/22
103.35.91.0/24
103.44.220.0/24
103.87.189.0-103.87.191.255
118.139.160.0/19
182.50.128.0/19
202.3.13.0/24
203.124.96.0/19
IPv6:
2001:df1:9c00::/48
2403:bc80::/32
2407:1c00::/32
Signature Algorithm: sha256WithRSAEncryption
43:96:7a:eb:3b:29:41:c8:67:8d:3d:67:88:48:f7:c8:11:ac:
24:21:f3:7a:4b:16:8f:96:69:00:c8:a3:25:9c:01:d9:d7:60:
65:56:bc:54:e4:6e:c4:7b:d3:6f:70:9e:ea:4b:69:96:49:62:
ba:1e:bb:e5:a1:d2:d0:6e:74:b6:a8:61:ea:78:bc:5a:0f:66:
a5:83:89:6a:15:8c:ad:e6:fb:0b:20:bb:63:5c:33:e5:aa:a9:
5f:e4:96:1b:9e:64:ac:12:9c:c0:e5:3a:f3:f7:77:9c:ce:cc:
dc:5f:58:6f:4e:b6:05:db:c8:09:c8:92:c6:d1:5c:66:e7:ae:
3f:5c:29:89:e3:7d:dc:d9:89:a9:92:3c:41:d3:95:65:f7:5c:
07:ab:cc:99:34:12:da:89:c0:50:03:27:5b:25:f0:ef:a0:56:
c2:84:b0:4f:12:07:12:ec:4e:d6:28:76:63:b2:00:e6:c6:4e:
3e:b9:0a:c8:fd:0a:f0:11:9b:cf:fe:ba:cc:0e:a1:3b:0a:23:
3a:32:e2:4c:97:32:50:22:49:32:b0:29:6a:78:32:34:d9:d9:
4c:e4:0f:fb:e9:c7:97:ba:95:d5:87:4a:71:ca:8f:9a:2b:af:
84:ca:54:c0:c1:b3:39:69:1b:c8:82:9d:5b:60:bf:78:0d:d0:
1e:0d:57:1b
-----BEGIN CERTIFICATE-----
MIIGcTCCBVmgAwIBAgIDAdahMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEwNDA0MDg1OVoXDTI0MDUyOTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDgzRDAxMTAvBgNVBAUTKEM0RTRGMERBMDEwQUY1ODYzN0NDNTk2
Mjg0NzFFOTk4QjcyNDNDNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCK9Lvc8oMQM2h+iH8zUcv42c8rPT3yfJiENi8JLwHhOUaO823gGd4IJZZEaKu
Ho+K2bp/4YHW5KvFzt21vwlk0msNItF0ZlkvMEZw9auRdk+c4EkhWDxVqj4oGptg
ky95is9Erem4lUEiH9a7AFmu09VyDKkM4Aw7/HKeB48xQaYg0vYBZAdcqb4O6TDV
nSAqA2CJO2xVXLFJYcGjtp21kKeeA9zXHXckTHIVuVm8bVYqgFq2TXrGE3hlXaWh
+lPEtDkWvSAr+BrzQPge8rXvjAASpa28D2kYRVi6lyf/74KeX+FL51BwcdTEuL0L
X1rxCCCGjJ2uX/3T4HxhOYOpAgMBAAGjggNmMIIDYjAdBgNVHQ4EFgQUxOTw2gEK
9YY3zFlihHHpmLckPFIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQ4M0QwLzBBMTYyMDhBQUZCQzExRUFBOTYxQ0I4NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEODNEMC8wQTE2MjA4QUFGQkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdF
SzlZWTN6RmxpaEhIcG1MY2tQRkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgr6MHYGCCsGAQUFBwEHAQH/BGcwZTBEBAIAATA+AwQCK/+YAwQCZwGs
AwQAZyNbAwQAZyzcMAwDBABnV70DBAZnV4ADBAV2i6ADBAW2MoADBADKAw0DBAXL
fGAwHQQCAAIwFwMHACABDfGcAAMFACQDvIADBQAkBxwAMA0GCSqGSIb3DQEBCwUA
A4IBAQBDlnrrOylByGeNPWeISPfIEawkIfN6SxaPlmkAyKMlnAHZ12BlVrxU5G7E
e9NvcJ7qS2mWSWK6HrvlodLQbnS2qGHqeLxaD2alg4lqFYyt5vsLILtjXDPlqqlf
5JYbnmSsEpzA5Trz93eczszcX1hvTrYF28gJyJLG0Vxm564/XCmJ433c2YmpkjxB
05Vl91wHq8yZNBLaicBQAydbJfDvoFbChLBPEgcS7E7WKHZjsgDmxk4+uQrI/Qrw
EZvP/rrMDqE7CiM6MuJMlzJQIkkysClqeDI02dlM5A/76ceXupXVh0pxyo+aK6+E
ylTAwbM5aRvIgp1bYL94DdAeDVcb
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:47:33 2024 by rpki-client on console-ams.rpki-client.org