Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zlgHMAQJCIdOtirydgUp51w9XGg.cer
File: zlgHMAQJCIdOtirydgUp51w9XGg.cer (raw, json)
Hash identifier: f0YfNLUoApQE+JN4HM6rPJtJ9sr88y6+eEy2JLqyYPY=
Subject key identifier: CE:58:07:30:04:09:08:87:4E:B6:2A:F2:76:05:29:E7:5C:3D:5C:68
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 01D151
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E89CD/3C0D4A16B05511EAA045B80EC4F9AE02/zlgHMAQJCIdOtirydgUp51w9XGg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E89CD/3C0D4A16B05511EAA045B80EC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 12 Dec 2023 00:05:21 +0000
Certificate not after: Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources: AS: 137184
IP: 103.104.100.0/22
IP: 202.43.224.0/24
IP: 2402:940::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119121 (0x1d151)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Dec 12 00:05:21 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=A91E89CD/serialNumber=CE580730040908874EB62AF2760529E75C3D5C68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:06:7d:bd:82:a7:84:43:4f:3b:66:80:ef:8f:
b4:13:70:a8:c2:3a:e0:2f:31:1b:77:d6:f3:26:09:
d9:41:a3:6a:97:c8:56:98:f9:e7:49:fc:d1:ac:2d:
6a:2e:2f:3d:6f:b5:78:0e:18:d6:ad:c4:86:67:eb:
40:e8:f3:97:d4:b2:98:b3:9e:49:6a:9e:5b:13:a4:
b6:ac:f2:d4:7c:63:15:57:2e:ed:7e:79:05:0c:69:
86:e9:01:bf:0d:45:50:e5:47:d0:dc:fd:c6:0f:4b:
59:51:13:01:19:a9:0e:38:4d:1b:38:d2:cd:b1:4f:
de:68:d0:6a:7e:99:86:cd:42:72:34:4b:7c:ac:66:
ab:d0:7f:e6:ea:80:6b:56:d0:4c:99:d6:33:2a:38:
af:0b:bf:2b:ff:52:0f:a5:91:c8:fb:4e:eb:c4:53:
3d:5f:68:c5:7d:90:40:1c:6b:31:a1:4d:59:ec:59:
b6:3c:7b:7f:48:be:3d:b8:70:8c:01:af:47:a5:eb:
6b:78:ef:47:03:54:e3:32:cc:d7:fb:5a:95:29:76:
07:3b:97:c6:4b:cb:e3:ec:22:23:7c:49:07:d7:53:
4a:0c:5c:78:04:c5:6e:ba:8a:83:a4:95:db:8c:ff:
3a:d7:2e:45:dd:7c:06:47:c5:be:68:17:82:59:5f:
93:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:58:07:30:04:09:08:87:4E:B6:2A:F2:76:05:29:E7:5C:3D:5C:68
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E89CD/3C0D4A16B05511EAA045B80EC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E89CD/3C0D4A16B05511EAA045B80EC4F9AE02/zlgHMAQJCIdOtirydgUp51w9XGg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
137184
sbgp-ipAddrBlock: critical
IPv4:
103.104.100.0/22
202.43.224.0/24
IPv6:
2402:940::/32
Signature Algorithm: sha256WithRSAEncryption
a1:22:16:b3:e1:47:17:55:bb:6f:41:2e:3e:e1:e7:da:f7:d6:
d5:41:c1:e4:bc:89:f7:17:48:cc:59:7c:fc:42:15:8b:02:33:
c3:56:11:07:9a:e4:c0:9d:8a:22:e9:ea:e3:ba:52:81:e9:04:
49:65:2b:21:17:ba:50:2a:4a:cb:e1:c6:b5:7c:2a:82:96:45:
85:0a:fe:59:10:b8:d6:10:60:dc:d1:57:1d:32:0c:1a:72:a0:
9f:a6:75:a6:96:80:68:8d:73:30:97:18:5e:05:0c:1f:8a:89:
f0:44:25:f7:f7:75:cd:37:44:0e:91:67:a0:67:1c:6d:eb:2c:
db:84:8e:3f:a8:bc:4d:19:50:90:1c:b0:c4:de:7c:c0:fc:df:
ce:de:01:b5:02:ad:ac:84:10:5d:f0:1b:bd:2d:4f:3d:52:50:
28:c7:22:5f:a1:76:d9:c6:f6:25:62:20:c6:ce:6f:20:06:69:
d5:3a:44:3e:2d:7e:9d:67:47:8b:7a:51:e2:5b:0f:bf:8c:2e:
85:ef:a8:d1:d9:d3:83:f8:89:d7:35:80:3e:09:a1:33:6f:5b:
a6:6b:94:4d:ac:f0:7f:69:56:53:c4:e7:00:6f:8c:a9:d3:04:
f6:d7:09:59:22:58:51:a5:76:eb:25:78:cd:00:12:03:77:54:
25:13:47:96
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAdFRMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIxMjAwMDUyMVoXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTg5Q0QxMTAvBgNVBAUTKENFNTgwNzMwMDQwOTA4ODc0RUI2MkFG
Mjc2MDUyOUU3NUMzRDVDNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDABn29gqeEQ087ZoDvj7QTcKjCOuAvMRt31vMmCdlBo2qXyFaY+edJ/NGsLWou
Lz1vtXgOGNatxIZn60Do85fUspiznklqnlsTpLas8tR8YxVXLu1+eQUMaYbpAb8N
RVDlR9Dc/cYPS1lREwEZqQ44TRs40s2xT95o0Gp+mYbNQnI0S3ysZqvQf+bqgGtW
0EyZ1jMqOK8Lvyv/Ug+lkcj7TuvEUz1faMV9kEAcazGhTVnsWbY8e39Ivj24cIwB
r0el62t470cDVOMyzNf7WpUpdgc7l8ZLy+PsIiN8SQfXU0oMXHgExW66ioOklduM
/zrXLkXdfAZHxb5oF4JZX5NVAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUzlgHMAQJ
CIdOtirydgUp51w9XGgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU4OUNELzNDMEQ0QTE2QjA1NTExRUFBMDQ1QjgwRUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFODlDRC8zQzBENEExNkIwNTUxMUVBQTA0NUI4MEVDNEY5QUUwMi96bGdITUFR
SkNJZE90aXJ5ZGdVcDUxdzlYR2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhfgMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ2hkAwQAyivg
MA0EAgACMAcDBQAkAglAMA0GCSqGSIb3DQEBCwUAA4IBAQChIhaz4UcXVbtvQS4+
4efa99bVQcHkvIn3F0jMWXz8QhWLAjPDVhEHmuTAnYoi6erjulKB6QRJZSshF7pQ
KkrL4ca1fCqClkWFCv5ZELjWEGDc0VcdMgwacqCfpnWmloBojXMwlxheBQwfionw
RCX393XNN0QOkWegZxxt6yzbhI4/qLxNGVCQHLDE3nzA/N/O3gG1Aq2shBBd8Bu9
LU89UlAoxyJfoXbZxvYlYiDGzm8gBmnVOkQ+LX6dZ0eLelHiWw+/jC6F76jR2dOD
+InXNYA+CaEzb1uma5RNrPB/aVZTxOcAb4yp0wT21wlZIlhRpXbrJXjNABIDd1Ql
E0eW
-----END CERTIFICATE-----
Generated at Wed May 8 10:09:19 2024 by rpki-client on console-ams.rpki-client.org