Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ks6UC13DAzfS5UIXIhkauSOqdcc.cer
File: Ks6UC13DAzfS5UIXIhkauSOqdcc.cer (raw, json)
Hash identifier: WewI1PCSJSiRN3lIYyRcT+V/GceVF7J3Fmv17wSdAGI=
Subject key identifier: 2A:CE:94:0B:5D:C3:03:37:D2:E5:42:17:22:19:1A:B9:23:AA:75:C7
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023E46
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9138A9F/82C67EA6C56D11EEB278534AC4F9AE02/Ks6UC13DAzfS5UIXIhkauSOqdcc.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9138A9F/82C67EA6C56D11EEB278534AC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 10 Apr 2025 13:22:17 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 103.136.120.0/24
IP: 2001:df0:780::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 20:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147014 (0x23e46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 10 13:22:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A9138A9F, serialNumber=2ACE940B5DC30337D2E5421722191AB923AA75C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bf:fd:0f:06:d1:3f:61:2c:a9:7d:ac:d3:b3:
94:b3:5e:4b:1e:02:a1:54:93:4b:ab:9b:d5:3b:e8:
db:00:38:cb:2a:7a:9f:bd:77:9e:ac:04:1b:25:1f:
d2:25:6a:9f:a3:79:8b:c4:a4:4d:6a:7f:02:69:b3:
fa:09:4c:9a:a4:b6:6e:9a:71:5d:c5:50:45:84:76:
ba:d7:3c:3f:04:d8:72:a6:81:7f:55:49:cd:b0:a3:
49:b6:2a:c9:de:93:f0:cc:c8:e4:bb:aa:47:39:1b:
80:48:47:3b:b0:c6:56:05:fe:bc:ee:30:49:8a:23:
72:ac:13:c0:33:cb:65:84:39:81:30:03:61:79:e9:
db:54:01:21:e8:05:24:4c:56:95:a2:be:bd:a0:cd:
72:a1:7d:2c:39:e0:f5:61:ef:1e:5b:a7:4a:d8:5f:
f6:a5:42:cc:7a:48:1d:f3:5f:ae:a3:fd:97:3b:aa:
67:00:27:fe:24:f9:cb:da:49:81:63:c5:cc:66:f9:
9f:67:f6:e2:2e:80:07:c4:2d:1f:50:2e:80:af:77:
d4:93:47:1c:67:a5:13:3b:38:8a:2a:a3:93:57:8a:
8b:f1:1a:97:68:5f:06:1a:2b:53:d9:23:37:9d:94:
2e:bf:01:3f:94:cb:8f:f6:05:f0:77:98:ac:55:79:
9c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:CE:94:0B:5D:C3:03:37:D2:E5:42:17:22:19:1A:B9:23:AA:75:C7
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9138A9F/82C67EA6C56D11EEB278534AC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9138A9F/82C67EA6C56D11EEB278534AC4F9AE02/Ks6UC13DAzfS5UIXIhkauSOqdcc.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.120.0/24
IPv6:
2001:df0:780::/48
Signature Algorithm: sha256WithRSAEncryption
97:b3:6c:f9:6c:8d:58:fc:53:aa:37:ea:e3:09:06:55:b1:60:
78:2c:67:ae:ef:2b:aa:8d:25:21:9c:d7:19:b2:5a:70:f1:8d:
55:26:ca:80:15:b3:07:f0:cd:ec:3a:ba:16:a3:1b:a2:52:c1:
ae:1e:e2:4f:76:a4:30:98:1b:53:1e:54:b4:b4:ce:d2:5a:e4:
54:0a:69:a5:49:10:b0:e3:07:7b:b6:29:ac:85:af:28:64:07:
1c:52:b2:1c:20:bf:cf:5c:a5:a5:17:71:ec:35:29:e9:98:87:
2d:ec:2e:a7:54:b1:d7:9c:e9:5a:0a:fc:cf:cb:f1:83:89:2e:
a7:d3:b6:d5:c0:cc:e1:82:7b:e0:0e:32:e6:cf:e9:70:07:35:
88:96:01:be:3a:20:13:33:cd:3a:c1:0b:93:d5:6a:2e:8d:91:
b9:e4:b3:66:b6:f8:fc:24:79:2a:14:f6:2a:92:70:d9:63:2c:
62:a1:e5:45:b9:4c:2f:75:ed:73:2f:67:8f:46:94:1f:e6:e2:
e9:ef:27:b1:4b:2f:2a:85:ce:15:83:c1:e8:c4:aa:c8:fb:4b:
98:9e:d1:94:05:19:54:3c:c9:e7:aa:6b:ee:a1:6c:7a:65:cc:
ca:6c:ca:fc:d6:21:6f:f4:aa:90:e2:63:c2:fe:2e:29:10:d2:
3d:30:c9:4b
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgIDAj5GMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDQxMDEzMjIxN1oXDTI2MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzhBOUYxMTAvBgNVBAUTKDJBQ0U5NDBCNURDMzAzMzdEMkU1NDIx
NzIyMTkxQUI5MjNBQTc1QzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/v/0PBtE/YSypfazTs5SzXkseAqFUk0urm9U76NsAOMsqep+9d56sBBslH9Il
ap+jeYvEpE1qfwJps/oJTJqktm6acV3FUEWEdrrXPD8E2HKmgX9VSc2wo0m2Ksne
k/DMyOS7qkc5G4BIRzuwxlYF/rzuMEmKI3KsE8Azy2WEOYEwA2F56dtUASHoBSRM
VpWivr2gzXKhfSw54PVh7x5bp0rYX/alQsx6SB3zX66j/Zc7qmcAJ/4k+cvaSYFj
xcxm+Z9n9uIugAfELR9QLoCvd9STRxxnpRM7OIoqo5NXiovxGpdoXwYaK1PZIzed
lC6/AT+Uy4/2BfB3mKxVeZyvAgMBAAGjggMEMIIDADAdBgNVHQ4EFgQUKs6UC13D
AzfS5UIXIhkauSOqdccwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM4QTlGLzgyQzY3RUE2QzU2RDExRUVCMjc4NTM0QUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzOEE5Ri84MkM2N0VBNkM1NkQxMUVFQjI3ODUzNEFDNEY5QUUwMi9LczZVQzEz
REF6ZlM1VUlYSWhrYXVTT3FkY2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8EITAf
MAwEAgABMAYDBABniHgwDwQCAAIwCQMHACABDfAHgDANBgkqhkiG9w0BAQsFAAOC
AQEAl7Ns+WyNWPxTqjfq4wkGVbFgeCxnru8rqo0lIZzXGbJacPGNVSbKgBWzB/DN
7Dq6FqMbolLBrh7iT3akMJgbUx5UtLTO0lrkVApppUkQsOMHe7YprIWvKGQHHFKy
HCC/z1ylpRdx7DUp6ZiHLewup1Sx15zpWgr8z8vxg4kup9O21cDM4YJ74A4y5s/p
cAc1iJYBvjogEzPNOsELk9VqLo2RueSzZrb4/CR5KhT2KpJw2WMsYqHlRblML3Xt
cy9nj0aUH+bi6e8nsUsvKoXOFYPB6MSqyPtLmJ7RlAUZVDzJ56pr7qFsemXMymzK
/NYhb/SqkOJjwv4uKRDSPTDJSw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:47:28 2025 by rpki-client