Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zVzVkJE-T4mvPRym4p-rPAZ9IU4.cer
File: zVzVkJE-T4mvPRym4p-rPAZ9IU4.cer (raw, json)
Hash identifier: Yrjbv8iqDfxofhk39MuF4lSMC7vF5qJGtAxs/91t9NY=
Subject key identifier: CD:5C:D5:90:91:3E:4F:89:AF:3D:1C:A6:E2:9F:AB:3C:06:7D:21:4E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01D771
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91FBA0C/41531B0CAECD11EE86F1B249C4F9AE02/zVzVkJE-T4mvPRym4p-rPAZ9IU4.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91FBA0C/41531B0CAECD11EE86F1B249C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 09 Jan 2024 08:58:35 +0000
Certificate not after: Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources: AS: 151806
IP: 103.218.138.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 09 May 2024 05:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120689 (0x1d771)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jan 9 08:58:35 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=A91FBA0C/serialNumber=CD5CD590913E4F89AF3D1CA6E29FAB3C067D214E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9f:c7:ee:2f:ae:2a:77:13:bb:f4:c0:56:c4:
0f:d0:7b:ea:d9:d4:49:2e:61:3d:2b:b6:73:47:7e:
a8:bf:38:35:95:0d:67:81:e2:85:c9:c6:3a:ba:a5:
b8:2c:7b:25:1f:4f:dd:23:b3:30:d5:c3:d9:80:c4:
4c:dd:f7:cc:84:3e:4a:30:c2:2e:0c:40:7a:2b:6e:
e0:bf:fd:73:35:e9:df:9b:37:94:3d:ae:91:29:51:
09:5c:45:8c:97:c9:b7:5b:b2:01:f6:8a:cd:ef:26:
77:02:b4:32:1e:5e:8b:e4:af:d1:e1:0d:1e:9b:50:
89:71:f2:f3:c7:1d:93:8b:e4:a5:52:48:c4:33:72:
e9:a0:a4:90:10:e5:95:e9:3b:e5:99:2d:27:2a:63:
64:ff:aa:db:66:75:d1:12:21:0e:6f:e3:34:12:1e:
d0:e2:90:12:5f:72:8b:56:cf:52:69:97:ee:cf:11:
a6:c0:d1:4b:13:a8:a7:d4:69:4c:b0:5d:f6:1d:fe:
c2:ac:6d:02:db:12:67:d4:64:df:ab:07:5b:66:5f:
0d:6a:7e:18:2e:24:06:c1:50:93:d0:7e:25:24:c2:
e7:d3:5a:20:b9:c8:44:73:1c:de:0e:a4:6d:04:7c:
60:bf:e4:0b:fc:cb:1b:85:86:f5:75:ae:59:98:9d:
3b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:5C:D5:90:91:3E:4F:89:AF:3D:1C:A6:E2:9F:AB:3C:06:7D:21:4E
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91FBA0C/41531B0CAECD11EE86F1B249C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91FBA0C/41531B0CAECD11EE86F1B249C4F9AE02/zVzVkJE-T4mvPRym4p-rPAZ9IU4.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
151806
sbgp-ipAddrBlock: critical
IPv4:
103.218.138.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:76:fd:22:f2:20:15:cd:da:c1:82:c0:c2:ed:54:ad:d3:30:
aa:23:e4:7a:7d:51:ff:c9:45:05:f7:b5:34:ca:94:1a:4c:f3:
c0:9e:a7:ac:62:8d:b8:29:a0:b3:2b:09:19:e0:38:55:59:a4:
70:c1:23:5f:11:57:9f:e0:94:0b:86:ab:e8:5c:56:b2:7b:1e:
fa:78:2a:c1:d2:52:53:ef:9a:ca:a6:97:6f:ab:38:b4:48:74:
1a:49:63:1a:98:33:d8:18:be:f0:84:a8:e7:13:a9:49:89:11:
8b:7c:fe:8b:cd:e9:8b:d5:5f:1c:28:d1:c0:94:88:2f:fa:fe:
51:a9:09:20:ec:e4:a1:4b:75:47:14:c5:14:02:6b:77:8e:29:
a1:66:75:5b:79:65:af:e6:44:f3:ea:cb:45:69:71:5e:f0:1c:
e4:02:46:4a:55:26:32:10:05:39:2d:3e:ba:36:81:08:70:21:
a7:af:93:82:81:d6:59:ff:56:79:fc:fc:ff:c1:8d:50:e9:ab:
68:b4:ad:71:84:13:91:bc:5a:29:24:1c:57:c4:aa:ba:64:e5:
c6:84:0e:ab:d2:db:f6:b4:a0:9c:ea:05:88:a1:c6:9f:aa:77:
bf:14:2b:9f:79:a4:b8:df:9e:44:d8:e7:79:61:3b:72:99:54:
a3:f2:d1:63
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAddxMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEwOTA4NTgzNVoXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRkJBMEMxMTAvBgNVBAUTKENENUNENTkwOTEzRTRGODlBRjNEMUNB
NkUyOUZBQjNDMDY3RDIxNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/n8fuL64qdxO79MBWxA/Qe+rZ1EkuYT0rtnNHfqi/ODWVDWeB4oXJxjq6pbgs
eyUfT90jszDVw9mAxEzd98yEPkowwi4MQHorbuC//XM16d+bN5Q9rpEpUQlcRYyX
ybdbsgH2is3vJncCtDIeXovkr9HhDR6bUIlx8vPHHZOL5KVSSMQzcumgpJAQ5ZXp
O+WZLScqY2T/qttmddESIQ5v4zQSHtDikBJfcotWz1Jpl+7PEabA0UsTqKfUaUyw
XfYd/sKsbQLbEmfUZN+rB1tmXw1qfhguJAbBUJPQfiUkwufTWiC5yERzHN4OpG0E
fGC/5Av8yxuFhvV1rlmYnTvrAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUzVzVkJE+
T4mvPRym4p+rPAZ9IU4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUZCQTBDLzQxNTMxQjBDQUVDRDExRUU4NkYxQjI0OUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGQkEwQy80MTUzMUIwQ0FFQ0QxMUVFODZGMUIyNDlDNEY5QUUwMi96VnpWa0pF
LVQ0bXZQUnltNHAtclBBWjlJVTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlD+MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ9qKMA0GCSqG
SIb3DQEBCwUAA4IBAQCrdv0i8iAVzdrBgsDC7VSt0zCqI+R6fVH/yUUF97U0ypQa
TPPAnqesYo24KaCzKwkZ4DhVWaRwwSNfEVef4JQLhqvoXFayex76eCrB0lJT75rK
ppdvqzi0SHQaSWMamDPYGL7whKjnE6lJiRGLfP6LzemL1V8cKNHAlIgv+v5RqQkg
7OShS3VHFMUUAmt3jimhZnVbeWWv5kTz6stFaXFe8BzkAkZKVSYyEAU5LT66NoEI
cCGnr5OCgdZZ/1Z5/Pz/wY1Q6atotK1xhBORvFopJBxXxKq6ZOXGhA6r0tv2tKCc
6gWIocafqne/FCufeaS4355E2Od5YTtymVSj8tFj
-----END CERTIFICATE-----
Generated at Thu May 2 06:14:44 2024 by rpki-client on console-fra.rpki-client.org