Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fKdQzAmQd9S0MpCnYoOre_C2Smg.cer
File: fKdQzAmQd9S0MpCnYoOre_C2Smg.cer (raw, json)
Hash identifier: u8YlLiM+PGVfbxW4tXbUBOTwnGvzlPWdoWnFI7pRSNs=
Subject key identifier: 7C:A7:50:CC:09:90:77:D4:B4:32:90:A7:62:83:AB:7B:F0:B6:4A:68
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0232B8
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91300ED/0EC94A88622911EB8E1BC27CC4F9AE02/fKdQzAmQd9S0MpCnYoOre_C2Smg.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91300ED/0EC94A88622911EB8E1BC27CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Sat 22 Feb 2025 23:07:46 +0000
Certificate not after: Fri 01 May 2026 00:00:00 +0000
Subordinate resources: AS: 141701
IP: 103.162.58.0/23
IP: 2401:cde0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 20:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144056 (0x232b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Feb 22 23:07:46 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=A91300ED, serialNumber=7CA750CC099077D4B43290A76283AB7BF0B64A68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e9:80:5f:d7:1f:ab:9b:ae:45:99:49:41:dd:
3b:c1:00:94:44:cc:5e:21:75:82:76:89:4b:d4:04:
e3:67:d8:34:2f:f0:98:02:3c:07:4e:54:1e:ba:7d:
56:85:ff:86:9c:10:63:cd:83:c4:57:89:71:fe:33:
dc:b6:0d:52:64:96:a0:52:4d:1d:4a:fb:e3:57:0c:
d7:91:2c:5a:97:8a:2a:88:60:d6:2d:25:b5:24:01:
f7:be:06:59:0b:e0:7e:a1:df:ac:24:7a:0b:4c:6a:
63:1d:11:17:1d:57:43:c9:24:9f:46:06:cc:db:bb:
ed:c7:3b:49:ec:d3:af:7d:8b:87:ce:c1:35:31:6c:
12:c2:0e:c1:55:dd:44:29:34:be:79:cc:7f:d3:e1:
7a:ff:81:1f:33:3a:4c:16:66:f0:2b:d6:02:7c:56:
4d:6a:24:a7:5c:45:f1:42:3f:bc:c4:26:fc:35:a2:
df:4b:b9:3d:bb:f1:2a:7f:34:8a:83:cb:03:e5:b7:
ef:f3:5f:c8:f9:e6:1f:7c:d4:d8:06:09:66:cb:24:
03:0b:1f:f1:a8:34:67:5f:4c:69:64:d9:39:64:c8:
21:a2:17:5f:a4:b6:99:f1:11:74:0a:8c:95:6f:4d:
3f:0b:aa:c9:b0:68:35:ac:b9:c7:ca:d3:04:81:04:
37:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:A7:50:CC:09:90:77:D4:B4:32:90:A7:62:83:AB:7B:F0:B6:4A:68
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91300ED/0EC94A88622911EB8E1BC27CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91300ED/0EC94A88622911EB8E1BC27CC4F9AE02/fKdQzAmQd9S0MpCnYoOre_C2Smg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
141701
sbgp-ipAddrBlock: critical
IPv4:
103.162.58.0/23
IPv6:
2401:cde0::/32
Signature Algorithm: sha256WithRSAEncryption
b6:a9:91:b3:9e:dc:93:77:37:9d:67:4e:66:42:1d:71:07:97:
13:89:86:e5:a1:4c:7b:40:15:e1:ff:83:48:28:01:df:9e:ef:
52:c2:c9:30:84:a5:d2:ab:aa:8a:d6:04:4c:21:bb:ac:8e:7b:
e2:3e:b3:5e:b2:f3:ac:ad:c6:22:a3:8a:48:ac:fa:1b:bf:0c:
90:1f:41:ac:e8:92:c8:86:f9:f9:63:43:5d:00:8d:b2:f3:19:
e8:2d:8b:16:79:c8:fb:30:fd:06:20:fb:8d:ad:1c:0b:18:57:
1a:bf:15:0e:44:a6:1b:42:67:92:19:bb:16:44:37:80:02:ce:
df:54:55:46:ba:9a:1e:22:a6:75:d4:2c:57:49:c4:e1:65:ba:
7a:4b:68:d4:9e:d4:df:5d:c2:88:c1:52:64:c7:65:e8:15:95:
8e:b0:47:1d:77:e6:5e:88:17:37:38:01:5e:8e:e0:44:59:15:
a3:51:85:1d:ae:f3:e3:d8:e7:f6:59:ca:d7:e8:73:18:2f:43:
67:34:77:6d:fe:f6:d3:d1:57:dd:7b:d1:34:83:ed:ac:f7:9e:
70:20:88:2f:ba:01:d0:24:2c:06:97:37:03:44:c1:9a:25:e5:
66:e6:59:9d:a9:13:1e:89:c1:44:4d:91:18:c2:75:4c:63:08:
06:99:d3:d0
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAjK4MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDIyMjIzMDc0NloXDTI2MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzAwRUQxMTAvBgNVBAUTKDdDQTc1MENDMDk5MDc3RDRCNDMyOTBB
NzYyODNBQjdCRjBCNjRBNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDE6YBf1x+rm65FmUlB3TvBAJREzF4hdYJ2iUvUBONn2DQv8JgCPAdOVB66fVaF
/4acEGPNg8RXiXH+M9y2DVJklqBSTR1K++NXDNeRLFqXiiqIYNYtJbUkAfe+BlkL
4H6h36wkegtMamMdERcdV0PJJJ9GBszbu+3HO0ns0699i4fOwTUxbBLCDsFV3UQp
NL55zH/T4Xr/gR8zOkwWZvAr1gJ8Vk1qJKdcRfFCP7zEJvw1ot9LuT278Sp/NIqD
ywPlt+/zX8j55h981NgGCWbLJAMLH/GoNGdfTGlk2TlkyCGiF1+ktpnxEXQKjJVv
TT8LqsmwaDWsucfK0wSBBDeVAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUfKdQzAmQ
d9S0MpCnYoOre/C2SmgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTMwMEVELzBFQzk0QTg4NjIyOTExRUI4RTFCQzI3Q0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzMDBFRC8wRUM5NEE4ODYyMjkxMUVCOEUxQkMyN0NDNEY5QUUwMi9mS2RRekFt
UWQ5UzBNcENuWW9PcmVfQzJTbWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAimFMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ6I6MA0EAgAC
MAcDBQAkAc3gMA0GCSqGSIb3DQEBCwUAA4IBAQC2qZGzntyTdzedZ05mQh1xB5cT
iYbloUx7QBXh/4NIKAHfnu9SwskwhKXSq6qK1gRMIbusjnviPrNesvOsrcYio4pI
rPobvwyQH0Gs6JLIhvn5Y0NdAI2y8xnoLYsWecj7MP0GIPuNrRwLGFcavxUORKYb
QmeSGbsWRDeAAs7fVFVGupoeIqZ11CxXScThZbp6S2jUntTfXcKIwVJkx2XoFZWO
sEcdd+ZeiBc3OAFejuBEWRWjUYUdrvPj2Of2WcrX6HMYL0NnNHdt/vbT0Vfde9E0
g+2s955wIIgvugHQJCwGlzcDRMGaJeVm5lmdqRMeicFETZEYwnVMYwgGmdPQ
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:41:12 2025 by rpki-client