Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vB0KtgKnbsodRhO4N1elN11eEs.cer
File: 4vB0KtgKnbsodRhO4N1elN11eEs.cer (raw, json)
Hash identifier: w3kxW9hWtETcGaHd6dPU1Lm3TKkFomoKzDrEHsfvgEY=
Subject key identifier: E2:F0:74:2A:D8:0A:9D:BB:28:75:18:4E:E0:DD:5E:94:DD:75:78:4B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 021380
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 10 Oct 2024 16:24:57 +0000
Certificate not after: Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources: AS: 134674
IP: 45.119.28.0/22
IP: 45.127.44.0/22
IP: 58.84.60.0/22
IP: 101.0.62.0/23
IP: 103.22.140.0/22
IP: 103.59.72.0/22
IP: 103.76.100.0/22
IP: 103.80.160.0/22
IP: 103.113.140.0/22
IP: 103.195.200.0/22
IP: 103.197.72.0/22
IP: 103.208.68.0/22
IP: 182.50.68.0/22
IP: 203.76.182.0/23
IP: 210.89.34.0 -- 210.89.37.255
IP: 210.89.54.0/23
IP: 2402:e280::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 28 Oct 2024 02:50:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136064 (0x21380)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Oct 10 16:24:57 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=A91C23FE/serialNumber=E2F0742AD80A9DBB2875184EE0DD5E94DD75784B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:95:30:b7:d5:d3:e4:1f:92:dc:d6:bd:4b:6a:
38:c9:99:82:5d:a4:0e:b1:4a:22:e0:70:31:47:d9:
47:5b:2b:20:23:4e:03:14:8a:e0:5f:b8:0d:5c:c8:
ab:18:d8:63:8a:7a:5e:aa:c2:6a:84:8f:f3:ee:9f:
37:a9:85:7a:12:3d:b4:f0:a0:31:1a:ed:63:8c:c1:
50:d8:d0:0c:81:8c:3e:4f:7e:75:4e:87:e6:2e:7b:
be:9e:8b:df:8a:a4:27:8c:6f:02:59:d1:70:93:da:
0a:25:42:8f:be:87:46:88:34:9f:b0:56:26:0a:9e:
7a:a5:70:19:ee:8e:f5:c4:b6:a5:c6:0b:6b:b2:aa:
88:a9:15:56:ec:e5:6e:0c:c6:1b:3e:90:3d:56:98:
a5:2d:5c:cf:f4:27:b1:c4:7d:6a:97:40:4e:13:f5:
84:8f:5c:38:ea:7d:d1:79:76:c7:d9:f8:99:50:40:
e4:2e:e0:f6:30:d5:91:11:2c:7d:61:de:56:b3:84:
b7:56:74:74:dd:c0:59:b9:fa:63:d0:c7:78:0f:f0:
55:f8:e5:e3:ca:fb:28:18:99:3f:db:81:54:02:fd:
0d:51:5d:68:05:32:64:6a:6b:4d:ba:06:3c:f0:cb:
5b:6d:9e:21:8f:bf:5a:0a:0a:ad:51:83:b3:3e:5b:
89:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:F0:74:2A:D8:0A:9D:BB:28:75:18:4E:E0:DD:5E:94:DD:75:78:4B
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
134674
sbgp-ipAddrBlock: critical
IPv4:
45.119.28.0/22
45.127.44.0/22
58.84.60.0/22
101.0.62.0/23
103.22.140.0/22
103.59.72.0/22
103.76.100.0/22
103.80.160.0/22
103.113.140.0/22
103.195.200.0/22
103.197.72.0/22
103.208.68.0/22
182.50.68.0/22
203.76.182.0/23
210.89.34.0-210.89.37.255
210.89.54.0/23
IPv6:
2402:e280::/32
Signature Algorithm: sha256WithRSAEncryption
55:2f:6a:12:4a:ff:bd:1e:7e:dc:36:4e:1d:62:26:eb:71:64:
f2:33:12:7f:92:c7:32:28:ac:2f:02:03:f0:91:9c:30:43:5f:
f4:3e:e3:cf:f2:ea:2f:11:20:54:8d:e1:84:bc:39:c3:1f:87:
75:74:25:e5:62:4b:13:9d:15:25:32:e8:41:3b:e9:3a:f5:d2:
4a:56:be:d0:6e:d7:1c:b3:1f:75:f9:7a:51:f0:08:c6:89:88:
19:90:80:57:d9:3e:3b:21:50:88:f9:e1:d2:02:e4:d6:0a:5f:
ff:e0:6a:e9:61:f2:08:21:60:ca:19:0f:9b:e4:cc:f0:fb:d3:
f2:9a:79:30:60:77:eb:01:d0:a5:af:55:fa:1b:ff:0a:7f:b9:
27:35:e6:92:e4:fd:08:dd:c8:8a:a9:21:6a:e4:24:c9:46:30:
1b:30:4e:cd:1b:d0:e2:1e:7a:62:19:0c:d6:e0:31:35:a6:9e:
2c:7c:e1:09:69:4b:b6:70:36:07:fa:64:91:25:6f:6a:b8:ee:
7a:18:c9:c2:21:cb:0b:f6:a9:ca:8b:d4:4f:52:f5:e1:89:74:
29:6a:5d:e7:d3:e0:9c:bc:f2:e9:dc:bb:6a:bf:2f:7d:fe:79:
2d:c4:e7:fb:bc:12:d0:ee:13:1b:d1:f0:0d:14:2b:c8:16:2d:
e4:81:ec:fe
-----BEGIN CERTIFICATE-----
MIIGjTCCBXWgAwIBAgIDAhOAMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTAxMDE2MjQ1N1oXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzIzRkUxMTAvBgNVBAUTKEUyRjA3NDJBRDgwQTlEQkIyODc1MTg0
RUUwREQ1RTk0REQ3NTc4NEIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDglTC31dPkH5Lc1r1LajjJmYJdpA6xSiLgcDFH2UdbKyAjTgMUiuBfuA1cyKsY
2GOKel6qwmqEj/PunzephXoSPbTwoDEa7WOMwVDY0AyBjD5PfnVOh+Yue76ei9+K
pCeMbwJZ0XCT2golQo++h0aINJ+wViYKnnqlcBnujvXEtqXGC2uyqoipFVbs5W4M
xhs+kD1WmKUtXM/0J7HEfWqXQE4T9YSPXDjqfdF5dsfZ+JlQQOQu4PYw1ZERLH1h
3lazhLdWdHTdwFm5+mPQx3gP8FX45ePK+ygYmT/bgVQC/Q1RXWgFMmRqa026Bjzw
y1ttniGPv1oKCq1Rg7M+W4l1AgMBAAGjggOCMIIDfjAdBgNVHQ4EFgQU4vB0KtgK
nbsodRhO4N1elN11eEswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUMyM0ZFLzgyNUNFOUFBRjlFQjExRTZCREU3QTk2OEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDMjNGRS84MjVDRTlBQUY5RUIxMUU2QkRFN0E5NjhDNEY5QUUwMi80dkIwS3Rn
S25ic29kUmhPNE4xZWxOMTFlRXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg4SMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgDBAItdxwDBAIt
fywDBAI6VDwDBAFlAD4DBAJnFowDBAJnO0gDBAJnTGQDBAJnUKADBAJncYwDBAJn
w8gDBAJnxUgDBAJn0EQDBAK2MkQDBAHLTLYwDAMEAdJZIgMEAdJZJAMEAdJZNjAN
BAIAAjAHAwUAJALigDANBgkqhkiG9w0BAQsFAAOCAQEAVS9qEkr/vR5+3DZOHWIm
63Fk8jMSf5LHMiisLwID8JGcMENf9D7jz/LqLxEgVI3hhLw5wx+HdXQl5WJLE50V
JTLoQTvpOvXSSla+0G7XHLMfdfl6UfAIxomIGZCAV9k+OyFQiPnh0gLk1gpf/+Bq
6WHyCCFgyhkPm+TM8PvT8pp5MGB36wHQpa9V+hv/Cn+5JzXmkuT9CN3IiqkhauQk
yUYwGzBOzRvQ4h56YhkM1uAxNaaeLHzhCWlLtnA2B/pkkSVvarjuehjJwiHLC/ap
yovUT1L14Yl0KWpd59PgnLzy6dy7ar8vff55LcTn+7wS0O4TG9HwDRQryBYt5IHs
/g==
-----END CERTIFICATE-----
Generated at Mon Oct 21 04:28:36 2024 by rpki-client on console.sobornost.net