Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y-xvGDkFSHUhx5R7T3v9bLeNpHk.cer
File: y-xvGDkFSHUhx5R7T3v9bLeNpHk.cer (raw, json)
Hash identifier: xu/d3WiciP0Ote+Ttk7TUKFz/hP2GFd2byq+TSAzRlM=
Subject key identifier: CB:EC:6F:18:39:05:48:75:21:C7:94:7B:4F:7B:FD:6C:B7:8D:A4:79
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0229AB
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9159FAF/129575C46E4211EEAB4C9C6CC4F9AE02/y-xvGDkFSHUhx5R7T3v9bLeNpHk.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9159FAF/129575C46E4211EEAB4C9C6CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 16 Jan 2025 14:10:36 +0000
Certificate not after: Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources: AS: 151968
IP: 103.67.62.0/23
IP: 2401:4820::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141739 (0x229ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE
Validity
Not Before: Jan 16 14:10:36 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=A9159FAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:73:5f:eb:bc:b9:3a:b4:5f:89:dd:de:67:ea:
fc:6b:53:25:b8:13:21:7a:09:b9:d6:2a:0e:3f:ec:
59:5d:a6:dd:ec:8b:f3:95:87:b9:99:c4:8b:64:1a:
7d:36:b1:05:a4:28:34:da:61:11:95:f3:f5:2d:41:
46:fb:7f:1e:30:0b:28:24:5a:70:c7:12:9a:28:aa:
0f:eb:9f:85:10:53:22:c9:29:28:71:5b:09:e5:74:
f5:9d:9f:02:35:27:26:bb:95:ad:8a:a0:af:23:73:
51:e8:37:a3:4d:03:6b:df:0b:99:cb:cf:60:27:99:
a2:9e:f0:bc:f4:99:7a:3c:25:af:af:5d:6a:1b:98:
fe:25:fc:89:b4:24:0b:bb:3f:48:10:38:1e:c1:e4:
5f:60:f2:6f:cf:c4:2c:13:e5:8d:fe:ef:a7:0e:cf:
7b:8a:e5:ce:b9:54:af:5d:55:61:9a:46:a6:d5:f8:
64:ca:e4:4d:75:48:8c:72:59:e4:68:15:d4:5b:f8:
06:f8:ef:bc:a1:fc:8e:8f:ad:5f:3c:26:b9:64:92:
96:81:37:3b:bd:82:9b:71:db:67:bf:68:46:3d:ef:
2f:b0:8a:4d:d4:a9:12:02:96:34:0d:57:2d:e7:98:
1f:60:6b:26:75:4c:0b:d0:bc:77:bb:0a:cd:0c:12:
aa:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:EC:6F:18:39:05:48:75:21:C7:94:7B:4F:7B:FD:6C:B7:8D:A4:79
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9159FAF/129575C46E4211EEAB4C9C6CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9159FAF/129575C46E4211EEAB4C9C6CC4F9AE02/y-xvGDkFSHUhx5R7T3v9bLeNpHk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
151968
sbgp-ipAddrBlock: critical
IPv4:
103.67.62.0/23
IPv6:
2401:4820::/32
Signature Algorithm: sha256WithRSAEncryption
01:8d:68:f6:98:88:39:d6:cd:e8:0a:58:b0:04:0a:68:63:7c:
b3:93:27:56:93:43:9f:73:d2:1f:48:bd:e2:6f:c0:d8:19:d5:
76:dc:83:c3:b8:f8:27:63:11:38:96:9f:5a:b7:fa:7e:e8:bf:
78:a9:cf:17:9a:c9:f3:0d:f9:a0:22:aa:2d:72:5e:e8:b4:eb:
23:27:fb:ad:e9:d9:92:b7:a1:49:09:1d:e3:01:b3:dc:17:51:
55:38:b3:eb:eb:0a:a7:06:57:ab:d1:f8:17:76:41:3c:5b:d7:
1c:95:b1:a6:ee:ff:5c:af:ba:8d:7a:1e:f3:bc:9b:f9:8e:1b:
f3:d0:7f:2a:2f:eb:25:20:81:d2:55:50:fb:64:23:07:87:46:
c8:b0:8d:dd:8c:23:80:4e:b7:b8:3b:46:e4:4a:00:89:c7:3c:
a8:01:ee:f2:1d:b3:ff:f6:64:8f:e2:9f:0b:aa:d6:54:85:7a:
15:81:ea:7e:fb:8d:3b:b0:e3:2a:de:25:88:b9:f0:f3:f1:88:
f6:03:37:a5:de:20:bd:04:f2:cd:19:a5:c4:f4:a1:a8:4f:e6:
2a:ca:50:f1:eb:55:bb:3a:36:cf:40:8e:fe:9e:f0:88:b2:f7:
ce:41:22:2f:3d:c6:75:d1:ef:52:c3:12:5b:10:4d:ae:b9:54:
52:3f:e0:3a
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAimrMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDExNjE0MTAzNloXDTI2MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTlGQUYxMTAvBgNVBAUTKENCRUM2RjE4MzkwNTQ4NzUyMUM3OTQ3
QjRGN0JGRDZDQjc4REE0NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLc1/rvLk6tF+J3d5n6vxrUyW4EyF6CbnWKg4/7Fldpt3si/OVh7mZxItkGn02
sQWkKDTaYRGV8/UtQUb7fx4wCygkWnDHEpooqg/rn4UQUyLJKShxWwnldPWdnwI1
Jya7la2KoK8jc1HoN6NNA2vfC5nLz2AnmaKe8Lz0mXo8Ja+vXWobmP4l/Im0JAu7
P0gQOB7B5F9g8m/PxCwT5Y3+76cOz3uK5c65VK9dVWGaRqbV+GTK5E11SIxyWeRo
FdRb+Ab477yh/I6PrV88JrlkkpaBNzu9gptx22e/aEY97y+wik3UqRICljQNVy3n
mB9gayZ1TAvQvHe7Cs0MEqqZAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUy+xvGDkF
SHUhx5R7T3v9bLeNpHkwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTU5RkFGLzEyOTU3NUM0NkU0MjExRUVBQjRDOUM2Q0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1OUZBRi8xMjk1NzVDNDZFNDIxMUVFQUI0QzlDNkNDNEY5QUUwMi95LXh2R0Rr
RlNIVWh4NVI3VDN2OWJMZU5wSGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlGgMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ0M+MA0EAgAC
MAcDBQAkAUggMA0GCSqGSIb3DQEBCwUAA4IBAQABjWj2mIg51s3oCliwBApoY3yz
kydWk0Ofc9IfSL3ib8DYGdV23IPDuPgnYxE4lp9at/p+6L94qc8XmsnzDfmgIqot
cl7otOsjJ/ut6dmSt6FJCR3jAbPcF1FVOLPr6wqnBler0fgXdkE8W9cclbGm7v9c
r7qNeh7zvJv5jhvz0H8qL+slIIHSVVD7ZCMHh0bIsI3djCOATre4O0bkSgCJxzyo
Ae7yHbP/9mSP4p8LqtZUhXoVgep++407sOMq3iWIufDz8Yj2Azel3iC9BPLNGaXE
9KGoT+YqylDx61W7OjbPQI7+nvCIsvfOQSIvPcZ10e9SwxJbEE2uuVRSP+A6
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:22 2025 by rpki-client