Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OS_CJ-7MWmIVcvrarGUaPOuyFjw.cer
File: OS_CJ-7MWmIVcvrarGUaPOuyFjw.cer (raw, json)
Hash identifier: Ht4/IZG+y3g7GdC2z8kV4aeI85OA+QoJFJA+oaHOtj8=
Subject key identifier: 39:2F:C2:27:EE:CC:5A:62:15:72:FA:DA:AC:65:1A:3C:EB:B2:16:3C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02358B
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/OS_CJ-7MWmIVcvrarGUaPOuyFjw.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 05 Mar 2025 12:27:08 +0000
Certificate not after: Fri 01 May 2026 00:00:00 +0000
Subordinate resources: AS: 45267
IP: 43.247.172.0/22
IP: 45.117.36.0/22
IP: 103.254.132.0/22
IP: 114.134.0.0/20
IP: 116.90.76.0/22
IP: 124.248.128.0/20
IP: 163.47.240.0/22
IP: 202.36.75.0/24
IP: 202.37.163.0/24
IP: 202.37.168.0/24
IP: 202.49.36.0/24
IP: 2400:bd00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 20:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144779 (0x2358b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Mar 5 12:27:08 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=A9115C2E, serialNumber=392FC227EECC5A621572FADAAC651A3CEBB2163C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1c:00:ca:6c:f9:c6:47:95:a5:e2:a5:8f:bd:
e2:b9:55:4d:a3:e0:09:39:96:0e:6f:d3:e5:88:77:
77:06:23:0d:34:74:32:e3:e3:56:1c:f1:c2:37:e0:
dc:8f:4b:8c:20:ef:36:bf:2f:83:2f:5b:b1:ed:e5:
56:35:63:15:16:00:15:da:8d:24:94:6f:34:7d:69:
3b:8c:10:d7:2d:3d:d5:65:35:c5:44:f2:56:49:6e:
ec:0f:3d:bd:4e:c6:b8:f6:24:0a:73:8d:66:9e:9c:
de:71:d7:bc:a1:e5:ac:5c:4c:da:cf:74:99:6c:f2:
78:ef:f7:3e:0d:74:9f:bf:58:37:71:80:04:92:d4:
70:7a:e5:54:20:e6:14:d4:99:92:ae:62:e0:8b:b1:
0a:d1:83:9d:c2:bf:e8:aa:a2:fa:d2:18:6d:46:62:
b7:8a:92:fc:74:18:4f:13:ee:09:0c:ec:69:eb:af:
7e:18:ac:c4:43:c1:17:a5:22:da:49:60:73:f4:ac:
1f:4d:9c:09:2e:17:33:fb:9f:01:8e:31:e6:f5:a1:
d1:23:ce:d3:7a:c7:14:c6:63:1a:bb:f8:6d:f4:65:
23:8b:1d:1d:70:25:ba:1a:4a:65:b3:1d:2f:54:be:
df:a7:bb:de:66:48:e4:99:a0:9e:9f:e5:b4:ef:07:
cc:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:2F:C2:27:EE:CC:5A:62:15:72:FA:DA:AC:65:1A:3C:EB:B2:16:3C
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/OS_CJ-7MWmIVcvrarGUaPOuyFjw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
45267
sbgp-ipAddrBlock: critical
IPv4:
43.247.172.0/22
45.117.36.0/22
103.254.132.0/22
114.134.0.0/20
116.90.76.0/22
124.248.128.0/20
163.47.240.0/22
202.36.75.0/24
202.37.163.0/24
202.37.168.0/24
202.49.36.0/24
IPv6:
2400:bd00::/32
Signature Algorithm: sha256WithRSAEncryption
00:7f:5e:ef:bb:72:1c:1d:c3:51:45:91:69:24:b6:c6:75:06:
6a:63:b9:c7:65:f3:05:f6:9d:c2:6e:9b:42:2a:19:9a:c8:a2:
10:6f:86:db:4e:e8:b8:e4:06:1f:bc:19:9a:50:ba:c1:d1:9f:
2e:af:5c:83:a9:8a:68:ee:18:45:18:9b:81:85:8a:f6:91:73:
5f:e5:43:fe:84:25:d3:32:c9:e6:2c:ae:be:91:d2:7e:e7:d5:
54:88:08:73:07:20:be:38:a6:29:37:73:cc:a4:56:7b:02:79:
5a:78:54:22:f0:32:a9:95:a4:0b:0e:f4:74:a2:e8:c6:c0:de:
a2:62:88:21:fa:3c:1f:61:45:12:9e:63:33:4d:f4:1f:23:dc:
bd:de:62:41:3f:65:4c:f5:2a:22:86:0a:d0:e1:2d:bf:19:39:
fb:55:e7:5d:fb:62:1b:04:59:5a:93:1e:24:ac:0d:92:dd:e1:
15:0c:29:43:8d:04:47:58:80:e9:0b:f5:b9:ce:21:90:b2:cd:
ce:4c:cc:21:eb:23:d4:b8:c3:43:e8:e4:14:33:72:7c:ad:11:
ee:9d:4a:69:de:8a:04:5e:bb:30:33:f0:92:66:f0:1c:cc:6a:
a9:41:91:09:1b:a7:2d:be:a2:42:4c:ca:0c:cb:a6:ae:d4:f6:
e5:fc:c8:fb
-----BEGIN CERTIFICATE-----
MIIGZTCCBU2gAwIBAgIDAjWLMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDMwNTEyMjcwOFoXDTI2MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTVDMkUxMTAvBgNVBAUTKDM5MkZDMjI3RUVDQzVBNjIxNTcyRkFE
QUFDNjUxQTNDRUJCMjE2M0MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDTHADKbPnGR5Wl4qWPveK5VU2j4Ak5lg5v0+WId3cGIw00dDLj41Yc8cI34NyP
S4wg7za/L4MvW7Ht5VY1YxUWABXajSSUbzR9aTuMENctPdVlNcVE8lZJbuwPPb1O
xrj2JApzjWaenN5x17yh5axcTNrPdJls8njv9z4NdJ+/WDdxgASS1HB65VQg5hTU
mZKuYuCLsQrRg53Cv+iqovrSGG1GYreKkvx0GE8T7gkM7Gnrr34YrMRDwRelItpJ
YHP0rB9NnAkuFzP7nwGOMeb1odEjztN6xxTGYxq7+G30ZSOLHR1wJboaSmWzHS9U
vt+nu95mSOSZoJ6f5bTvB8xJAgMBAAGjggNaMIIDVjAdBgNVHQ4EFgQUOS/CJ+7M
WmIVcvrarGUaPOuyFjwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTE1QzJFLzM4RDE0MDFDODM0ODExRUFBN0M0NzU3NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExNUMyRS8zOEQxNDAxQzgzNDgxMUVBQTdDNDc1NzZDNEY5QUUwMi9PU19DSi03
TVdtSVZjdnJhckdVYVBPdXlGancubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDALDTMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQCK/esAwQCLXUk
AwQCZ/6EAwQEcoYAAwQCdFpMAwQEfPiAAwQCoy/wAwQAyiRLAwQAyiWjAwQAyiWo
AwQAyjEkMA0EAgACMAcDBQAkAL0AMA0GCSqGSIb3DQEBCwUAA4IBAQAAf17vu3Ic
HcNRRZFpJLbGdQZqY7nHZfMF9p3CbptCKhmayKIQb4bbTui45AYfvBmaULrB0Z8u
r1yDqYpo7hhFGJuBhYr2kXNf5UP+hCXTMsnmLK6+kdJ+59VUiAhzByC+OKYpN3PM
pFZ7AnlaeFQi8DKplaQLDvR0oujGwN6iYogh+jwfYUUSnmMzTfQfI9y93mJBP2VM
9SoihgrQ4S2/GTn7Vedd+2IbBFlakx4krA2S3eEVDClDjQRHWIDpC/W5ziGQss3O
TMwh6yPUuMND6OQUM3J8rRHunUpp3ooEXrswM/CSZvAczGqpQZEJG6ctvqJCTMoM
y6au1Pbl/Mj7
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:39:42 2025 by rpki-client