Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yL8GWnSCLvjMYvSlTlnVhxILb0c.cer
File: yL8GWnSCLvjMYvSlTlnVhxILb0c.cer (raw, json)
Hash identifier: l+yV1hnDhn6A/jm62O510Yp2zAZdzPD9jv1dAms8Azo=
Subject key identifier: C8:BF:06:5A:74:82:2E:F8:CC:62:F4:A5:4E:59:D5:87:12:0B:6F:47
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 023AD4
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Mon 31 Mar 2025 06:50:26 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 153322
IP: 2001:df4:3ec0::/48
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 20:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146132 (0x23ad4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Mar 31 06:50:26 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A91E85F1, serialNumber=C8BF065A74822EF8CC62F4A54E59D587120B6F47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0c:d8:0c:9c:0f:af:2d:01:77:72:38:1b:b2:
4f:28:ef:7d:18:0c:a6:3b:bb:0b:93:78:fd:d1:74:
20:4e:e5:b6:4b:3d:cf:4d:45:d2:38:19:d0:3e:84:
c9:d4:ae:95:af:d9:a1:96:f7:d3:4d:8e:c1:e5:55:
04:ba:57:0d:7e:cb:5d:09:15:9d:8e:84:ff:7c:18:
c2:25:3e:72:dd:01:a0:f3:aa:c9:60:38:6f:96:1a:
f7:2a:0d:39:c0:67:83:41:52:ee:d5:3f:21:ce:0b:
47:ca:3a:2f:fe:55:0f:db:a9:21:af:24:31:22:8a:
02:37:df:bc:72:f7:61:fa:8d:f0:9e:00:49:2a:7a:
97:2d:8b:36:91:63:65:67:ac:cc:f4:2b:8f:9c:1b:
e4:0f:01:55:55:6d:53:1b:70:3f:ca:79:d5:3d:7d:
40:36:bb:77:fd:36:3e:3f:03:42:71:aa:67:f9:ef:
41:c8:94:48:60:02:25:f4:95:b3:c1:8c:6b:74:a4:
29:75:8a:a9:87:3a:d8:98:12:b0:e3:e7:d6:a7:09:
ed:38:48:73:a9:f5:b4:1f:e7:05:3c:f1:66:57:c6:
6b:d2:a4:8d:79:0e:0d:ab:5f:c9:f7:bb:14:ad:62:
28:0b:dd:2d:61:f1:a3:bd:ee:98:22:77:a0:25:e8:
cd:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:BF:06:5A:74:82:2E:F8:CC:62:F4:A5:4E:59:D5:87:12:0B:6F:47
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6AA4D60A0DFC11F0A1D98053C4F9AE02/yL8GWnSCLvjMYvSlTlnVhxILb0c.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
153322
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:3ec0::/48
Signature Algorithm: sha256WithRSAEncryption
7f:f0:93:e7:67:fb:b7:86:b4:1a:b8:4f:61:7c:ad:3c:0b:fa:
5f:5b:86:ab:69:a7:9c:06:68:48:a2:e5:e9:f2:f8:70:25:03:
9b:c4:34:c7:de:41:63:fb:5c:03:4b:1b:41:d3:31:c9:bb:42:
fd:5e:81:be:a7:61:8a:52:ac:44:34:17:6a:cb:3a:e3:79:d0:
74:1d:cd:3c:62:b9:e9:16:26:7f:9f:c7:1e:d8:d3:4e:c1:6d:
19:39:92:17:7d:39:1e:a9:42:35:9a:4e:a9:44:9a:e3:7b:80:
7f:84:0f:13:da:a7:f2:dc:c6:a1:ee:1e:a3:2d:6a:2a:f4:9e:
e2:74:7e:ee:79:03:78:ce:1e:fb:ff:85:5b:f8:15:5d:ab:dd:
11:d5:0b:ee:5b:9a:c6:82:a9:96:32:1f:af:48:10:ef:3e:22:
40:20:94:11:0f:44:bc:7e:8a:ad:b1:b7:e4:10:58:83:d5:51:
66:00:53:73:59:07:29:78:d5:4a:50:3c:d8:8c:03:bc:2e:d3:
20:5a:75:24:a9:b6:e1:5d:c6:27:b8:5a:cd:b6:06:ab:fb:08:
26:76:76:95:e9:5e:72:53:b0:9f:13:55:e8:72:05:87:5a:bd:
64:89:25:43:c4:1f:0f:e2:5c:da:c5:37:a8:44:83:42:d1:88:
2e:92:43:47
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgIDAjrUMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDMzMTA2NTAyNloXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTg1RjExMTAvBgNVBAUTKEM4QkYwNjVBNzQ4MjJFRjhDQzYyRjRB
NTRFNTlENTg3MTIwQjZGNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC0DNgMnA+vLQF3cjgbsk8o730YDKY7uwuTeP3RdCBO5bZLPc9NRdI4GdA+hMnU
rpWv2aGW99NNjsHlVQS6Vw1+y10JFZ2OhP98GMIlPnLdAaDzqslgOG+WGvcqDTnA
Z4NBUu7VPyHOC0fKOi/+VQ/bqSGvJDEiigI337xy92H6jfCeAEkqepctizaRY2Vn
rMz0K4+cG+QPAVVVbVMbcD/KedU9fUA2u3f9Nj4/A0Jxqmf570HIlEhgAiX0lbPB
jGt0pCl1iqmHOtiYErDj59anCe04SHOp9bQf5wU88WZXxmvSpI15Dg2rX8n3uxSt
YigL3S1h8aO97pgid6Al6M3xAgMBAAGjggMSMIIDDjAdBgNVHQ4EFgQUyL8GWnSC
LvjMYvSlTlnVhxILb0cwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU4NUYxLzZBQTRENjBBMERGQzExRjBBMUQ5ODA1M0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFODVGMS82QUE0RDYwQTBERkMxMUYwQTFEOTgwNTNDNEY5QUUwMi95TDhHV25T
Q0x2ak1ZdlNsVGxuVmh4SUxiMGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlbqMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN9D7AMA0G
CSqGSIb3DQEBCwUAA4IBAQB/8JPnZ/u3hrQauE9hfK08C/pfW4araaecBmhIouXp
8vhwJQObxDTH3kFj+1wDSxtB0zHJu0L9XoG+p2GKUqxENBdqyzrjedB0Hc08Yrnp
FiZ/n8ce2NNOwW0ZOZIXfTkeqUI1mk6pRJrje4B/hA8T2qfy3Mah7h6jLWoq9J7i
dH7ueQN4zh77/4Vb+BVdq90R1QvuW5rGgqmWMh+vSBDvPiJAIJQRD0S8foqtsbfk
EFiD1VFmAFNzWQcpeNVKUDzYjAO8LtMgWnUkqbbhXcYnuFrNtgar+wgmdnaV6V5y
U7CfE1XocgWHWr1kiSVDxB8P4lzaxTeoRINC0YgukkNH
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:42:01 2025 by rpki-client