Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hseUaUaypXsFbwKyeTQNMMLOSbQ.cer
File: hseUaUaypXsFbwKyeTQNMMLOSbQ.cer (raw, json)
Hash identifier: 4iA8SDhp3fWPQf5NwlZgwsUPL3pjbFIUR0IVwRf/itk=
Subject key identifier: 86:C7:94:69:46:B2:A5:7B:05:6F:02:B2:79:34:0D:30:C2:CE:49:B4
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023E44
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/hseUaUaypXsFbwKyeTQNMMLOSbQ.mft
caRepository: rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 10 Apr 2025 12:41:31 +0000
Certificate not after: Wed 30 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 7540
AS: 9586
AS: 9828
AS: 10232
IP: 117.18.96.0/24
IP: 117.18.98.0/24
IP: 117.18.105.0/24
IP: 117.18.116.0/24
IP: 202.181.136.0 -- 202.181.138.255
IP: 202.181.140.0 -- 202.181.142.255
IP: 202.181.146.0/23
IP: 202.181.149.0 -- 202.181.150.255
IP: 202.181.152.0/24
IP: 202.181.164.0 -- 202.181.169.255
IP: 202.181.174.0 -- 202.181.176.255
IP: 202.181.189.0/24
IP: 202.181.192.0 -- 202.181.203.255
IP: 202.181.205.0 -- 202.181.215.255
IP: 202.181.225.0 -- 202.181.247.255
IP: 2405:5d00::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 20:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147012 (0x23e44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Apr 10 12:41:31 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=A9120B99, serialNumber=86C7946946B2A57B056F02B279340D30C2CE49B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:de:90:3c:29:01:3e:22:86:ac:7d:86:d3:85:
a4:0a:fd:64:ad:52:1b:63:52:22:93:2b:84:0d:ee:
fb:5e:ee:9a:4a:44:6d:7f:69:0b:61:b1:66:48:bd:
88:69:56:2c:4d:61:4a:1c:1a:81:bc:61:0c:b6:f4:
c3:10:e9:e5:de:40:f3:bb:3d:66:37:34:2e:86:a3:
10:06:b6:a4:95:69:99:72:ab:69:76:62:ee:90:08:
10:e9:60:d7:c7:1c:51:8f:52:7c:f1:b6:76:b3:78:
f9:2b:12:3d:8a:d8:d6:2d:e1:3c:97:ed:07:7b:ca:
a4:59:6f:1a:85:ab:4d:21:90:9b:1a:05:e7:e1:82:
75:54:3f:d6:2d:11:9e:01:1b:73:b0:3b:87:90:8f:
6b:ce:28:f6:71:f1:ac:77:c1:05:b9:40:80:a6:de:
72:8b:fa:1f:15:13:10:50:40:72:3b:f0:cf:06:fe:
67:11:ed:db:e1:bf:9a:4b:c5:43:dc:05:ae:5a:27:
01:d0:c4:50:45:90:57:6e:be:7d:e9:1a:0d:9e:0b:
7c:ed:28:22:d1:ed:dc:5d:49:a7:6f:3b:c8:f1:63:
6e:6e:a9:54:73:6a:98:3b:7d:18:a8:54:41:c9:26:
b9:51:de:b0:14:f1:cc:33:bc:50:b3:bf:7f:f7:1e:
11:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C7:94:69:46:B2:A5:7B:05:6F:02:B2:79:34:0D:30:C2:CE:49:B4
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/hseUaUaypXsFbwKyeTQNMMLOSbQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
7540
9586
9828
10232
sbgp-ipAddrBlock: critical
IPv4:
117.18.96.0/24
117.18.98.0/24
117.18.105.0/24
117.18.116.0/24
202.181.136.0-202.181.138.255
202.181.140.0-202.181.142.255
202.181.146.0/23
202.181.149.0-202.181.150.255
202.181.152.0/24
202.181.164.0-202.181.169.255
202.181.174.0-202.181.176.255
202.181.189.0/24
202.181.192.0-202.181.203.255
202.181.205.0-202.181.215.255
202.181.225.0-202.181.247.255
IPv6:
2405:5d00::/32
Signature Algorithm: sha256WithRSAEncryption
02:d9:f9:53:04:b9:53:46:bb:36:8f:0f:2a:2d:d8:1e:8c:47:
ee:83:ab:0c:43:09:31:68:d1:e4:c0:78:ef:15:92:64:6a:6a:
16:98:62:4e:ac:a2:99:d1:ab:8f:4a:90:3d:54:fb:43:d7:9b:
ee:68:c4:97:08:a3:ef:ff:52:3f:51:ca:c1:5a:cc:88:45:f2:
2a:af:ec:61:df:9b:99:d2:1f:ea:1f:60:59:7c:d5:fd:d9:94:
d8:d9:08:e2:d3:9e:61:88:e9:4f:62:7d:bc:3c:aa:da:f0:82:
89:9f:81:fc:4c:08:b2:df:78:f1:7e:79:0f:8f:bb:e6:20:81:
b4:dd:0e:60:e5:e8:56:66:82:69:00:ae:57:d7:80:4f:07:4f:
43:17:3d:79:e6:6e:04:d9:ec:d8:1e:ac:ab:ec:35:4b:11:55:
75:6f:ac:b1:79:16:cd:63:a3:0f:e7:bf:f1:52:ef:c3:fb:31:
49:05:73:bc:76:af:33:2e:73:a1:7e:8a:5b:b7:ca:e8:57:d2:
82:ad:f0:6c:cd:d5:85:1d:65:6a:85:4e:98:0a:6d:b3:c5:e2:
81:b2:33:df:ae:2f:cf:e8:65:7c:ed:12:4b:89:75:46:c5:e0:
c1:f8:65:5d:07:e6:3a:e3:74:21:cc:2e:2e:76:19:1b:34:b6:
8e:bf:41:ae
-----BEGIN CERTIFICATE-----
MIIGzTCCBbWgAwIBAgIDAj5EMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDQxMDEyNDEzMVoXDTI1MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjBCOTkxMTAvBgNVBAUTKDg2Qzc5NDY5NDZCMkE1N0IwNTZGMDJC
Mjc5MzQwRDMwQzJDRTQ5QjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCq3pA8KQE+IoasfYbThaQK/WStUhtjUiKTK4QN7vte7ppKRG1/aQthsWZIvYhp
VixNYUocGoG8YQy29MMQ6eXeQPO7PWY3NC6GoxAGtqSVaZlyq2l2Yu6QCBDpYNfH
HFGPUnzxtnazePkrEj2K2NYt4TyX7Qd7yqRZbxqFq00hkJsaBefhgnVUP9YtEZ4B
G3OwO4eQj2vOKPZx8ax3wQW5QICm3nKL+h8VExBQQHI78M8G/mcR7dvhv5pLxUPc
Ba5aJwHQxFBFkFduvn3pGg2eC3ztKCLR7dxdSadvO8jxY25uqVRzapg7fRioVEHJ
JrlR3rAU8cwzvFCzv3/3HhF3AgMBAAGjggPCMIIDvjAdBgNVHQ4EFgQUhseUaUay
pXsFbwKyeTQNMMLOSbQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTIwQjk5L0QzRjkwNTFDMUQ4MzExRTJCNEVENUNEOTA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyMEI5OS9EM0Y5MDUxQzFEODMxMUUyQjRFRDVDRDkwOEIwMkNEMi9oc2VVYVVh
eXBYc0Zid0t5ZVRRTk1NTE9TYlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQgBAf8EFjAU
oBIwEAICHXQCAiVyAgImZAICJ/gwgcYGCCsGAQUFBwEHAQH/BIG2MIGzMIGhBAIA
ATCBmgMEAHUSYAMEAHUSYgMEAHUSaQMEAHUSdDAMAwQDyrWIAwQAyrWKMAwDBALK
tYwDBADKtY4DBAHKtZIwDAMEAMq1lQMEAMq1lgMEAMq1mDAMAwQCyrWkAwQByrWo
MAwDBAHKta4DBADKtbADBADKtb0wDAMEBsq1wAMEAsq1yDAMAwQAyrXNAwQDyrXQ
MAwDBADKteEDBAPKtfAwDQQCAAIwBwMFACQFXQAwDQYJKoZIhvcNAQELBQADggEB
AALZ+VMEuVNGuzaPDyot2B6MR+6DqwxDCTFo0eTAeO8VkmRqahaYYk6sopnRq49K
kD1U+0PXm+5oxJcIo+//Uj9RysFazIhF8iqv7GHfm5nSH+ofYFl81f3ZlNjZCOLT
nmGI6U9ifbw8qtrwgomfgfxMCLLfePF+eQ+Pu+YggbTdDmDl6FZmgmkArlfXgE8H
T0MXPXnmbgTZ7NgerKvsNUsRVXVvrLF5Fs1jow/nv/FS78P7MUkFc7x2rzMuc6F+
ilu3yuhX0oKt8GzN1YUdZWqFTpgKbbPF4oGyM9+uL8/oZXztEkuJdUbF4MH4ZV0H
5jrjdCHMLi52GRs0to6/Qa4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:53:35 2025 by rpki-client