Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/c35h2qB72DNCtgxeutSxuxm-QAM.cer
File: c35h2qB72DNCtgxeutSxuxm-QAM.cer (raw, json)
Hash identifier: R2F05YYPTNbQFTOZOUhl1v4EeqbvYZ2yFubCP27ivFw=
Subject key identifier: 73:7E:61:DA:A0:7B:D8:33:42:B6:0C:5E:BA:D4:B1:BB:19:BE:40:03
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 639C
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A911647C/3B1CDFBC851311EAAA0B0A7FC4F9AE02/c35h2qB72DNCtgxeutSxuxm-QAM.mft
caRepository: rsync://rpki.apnic.net/member_repository/A911647C/3B1CDFBC851311EAAA0B0A7FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 01 Apr 2025 12:40:51 +0000
Certificate not after: Sun 31 Aug 2025 00:00:00 +0000
Subordinate resources: IP: 138.19.0.0/16
IP: 155.137.128.0/17
IP: 165.84.128.0/18
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 01 May 2025 17:06:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25500 (0x639c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Apr 1 12:40:51 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=A911647C, serialNumber=737E61DAA07BD83342B60C5EBAD4B1BB19BE4003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:81:4d:67:f5:28:40:b8:a7:cb:d7:5c:ba:93:
cb:68:8d:8a:38:67:d7:7d:d5:d7:9b:1d:0e:12:5b:
18:67:ee:78:c3:ba:1b:d3:f1:dc:c6:d4:d1:9c:27:
8f:0a:1d:ba:0f:fa:ad:28:4e:40:8e:75:e7:1c:ad:
ee:62:04:4f:50:53:7f:74:6a:45:33:b1:8b:0a:a9:
89:f4:96:39:fe:ae:12:22:34:f7:b2:8a:9a:e5:54:
88:2b:a1:a0:f7:fa:e7:70:70:65:57:51:a7:6b:c4:
ff:dd:b5:a8:54:47:1f:f4:c2:6f:da:33:6c:30:01:
c4:18:ba:cf:ef:56:83:f1:f8:9a:22:4d:91:57:5d:
63:f2:41:5b:75:1b:e6:35:a9:1d:5b:78:e6:1a:50:
28:78:e0:3b:47:1f:ae:1d:95:82:3e:ec:3e:4a:a6:
be:db:1c:cd:b0:3f:89:54:2b:d7:f1:80:35:02:af:
48:36:10:9c:ad:ae:f8:d0:5b:5f:88:fb:ae:96:7d:
c0:c8:4c:fc:b0:83:3c:27:50:2d:87:4b:ec:b5:2d:
6d:3e:55:f6:33:c2:ac:66:c7:a5:81:9e:7a:88:1d:
fa:a6:91:49:4b:d6:cb:79:44:a4:59:b1:1f:2d:d9:
7e:8e:af:52:75:70:1e:3b:17:3d:ad:99:79:cd:60:
d4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:7E:61:DA:A0:7B:D8:33:42:B6:0C:5E:BA:D4:B1:BB:19:BE:40:03
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911647C/3B1CDFBC851311EAAA0B0A7FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911647C/3B1CDFBC851311EAAA0B0A7FC4F9AE02/c35h2qB72DNCtgxeutSxuxm-QAM.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
138.19.0.0/16
155.137.128.0/17
165.84.128.0/18
Signature Algorithm: sha256WithRSAEncryption
5e:ea:36:cb:73:53:54:63:45:11:4f:18:86:79:04:6f:b7:da:
f5:85:31:5c:76:59:94:d9:5b:65:e1:2b:83:72:4f:a8:89:ca:
d7:a8:3a:f4:71:18:ff:8c:56:6a:c2:13:7c:bd:0a:50:8f:d6:
d2:8c:5d:dd:16:db:f5:14:bb:49:42:14:62:33:16:31:37:e9:
20:f5:0f:0c:cb:c2:72:5c:5d:80:70:95:50:f4:7c:1e:3e:25:
c1:cf:50:84:eb:49:c7:af:b2:40:33:77:f6:16:0e:04:75:16:
bb:e4:cc:7a:2d:36:0d:9f:8d:c6:89:3e:b1:f5:7f:6f:32:f9:
51:55:67:15:e9:fe:1b:55:b8:87:59:61:00:b3:fd:f0:86:16:
45:5f:80:b0:97:79:15:3b:78:26:9e:e8:77:51:e8:31:7a:60:
9d:83:28:47:a1:fb:e0:56:e3:66:9a:d8:d1:c8:03:29:69:e4:
84:9b:84:a5:3d:7e:aa:fe:f4:30:0b:fe:e7:e7:01:72:f3:5d:
e1:80:9d:6e:b1:f8:ea:5c:28:fc:26:b1:59:26:65:9b:45:49:
5b:66:91:43:ad:b4:89:e4:0d:27:cf:91:db:d4:7f:fa:3c:cb:
6e:a5:e2:b6:31:8d:56:69:26:d9:77:32:94:de:85:7a:08:e8:
41:ed:b4:69
-----BEGIN CERTIFICATE-----
MIIGCDCCBPCgAwIBAgICY5wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNDAxMTI0MDUxWhcNMjUwODMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTExNjQ3QzExMC8GA1UEBRMoNzM3RTYxREFBMDdCRDgzMzQyQjYwQzVF
QkFENEIxQkIxOUJFNDAwMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKqBTWf1KEC4p8vXXLqTy2iNijhn133V15sdDhJbGGfueMO6G9Px3MbU0Zwnjwod
ug/6rShOQI515xyt7mIET1BTf3RqRTOxiwqpifSWOf6uEiI097KKmuVUiCuhoPf6
53BwZVdRp2vE/921qFRHH/TCb9ozbDABxBi6z+9Wg/H4miJNkVddY/JBW3Ub5jWp
HVt45hpQKHjgO0cfrh2Vgj7sPkqmvtsczbA/iVQr1/GANQKvSDYQnK2u+NBbX4j7
rpZ9wMhM/LCDPCdQLYdL7LUtbT5V9jPCrGbHpYGeeogd+qaRSUvWy3lEpFmxHy3Z
fo6vUnVwHjsXPa2Zec1g1FcCAwEAAaOCAv4wggL6MB0GA1UdDgQWBBRzfmHaoHvY
M0K2DF661LG7Gb5AAzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY0N0MvM0IxQ0RGQkM4NTEzMTFFQUFBMEIwQTdGQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTE2NDdDLzNCMUNERkJDODUxMzExRUFBQTBCMEE3RkM0RjlBRTAyL2MzNWgycUI3
MkROQ3RneGV1dFN4dXhtLVFBTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAqBggrBgEFBQcBBwEB/wQbMBkw
FwQCAAEwEQMDAIoTAwQHm4mAAwQGpVSAMA0GCSqGSIb3DQEBCwUAA4IBAQBe6jbL
c1NUY0URTxiGeQRvt9r1hTFcdlmU2Vtl4SuDck+oicrXqDr0cRj/jFZqwhN8vQpQ
j9bSjF3dFtv1FLtJQhRiMxYxN+kg9Q8My8JyXF2AcJVQ9HwePiXBz1CE60nHr7JA
M3f2Fg4EdRa75Mx6LTYNn43GiT6x9X9vMvlRVWcV6f4bVbiHWWEAs/3whhZFX4Cw
l3kVO3gmnuh3UegxemCdgyhHofvgVuNmmtjRyAMpaeSEm4SlPX6q/vQwC/7n5wFy
813hgJ1usfjqXCj8JrFZJmWbRUlbZpFDrbSJ5A0nz5Hb1H/6PMtupeK2MY1WaSbZ
dzKU3oV6COhB7bRp
-----END CERTIFICATE-----
Generated at Thu Apr 24 20:39:28 2025 by rpki-client on console.sobornost.net