Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S0QUrmheSI9CsbZH7qAd67DE86A.cer
File: S0QUrmheSI9CsbZH7qAd67DE86A.cer (raw, json)
Hash identifier: vUebq5+imknLLCQJeQO2XNOka0Q+b4LvuhabQuxmEEY=
Subject key identifier: 4B:44:14:AE:68:5E:48:8F:42:B1:B6:47:EE:A0:1D:EB:B0:C4:F3:A0
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 020E02
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91A9B1B/4B3864D80E0B11EDA8D12E58C4F9AE02/S0QUrmheSI9CsbZH7qAd67DE86A.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91A9B1B/4B3864D80E0B11EDA8D12E58C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 17 Sep 2024 17:52:48 +0000
Certificate not after: Fri 31 Oct 2025 00:00:00 +0000
Subordinate resources: IP: 103.23.68.0/23
IP: 2400:9920::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 28 Oct 2024 02:50:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134658 (0x20e02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Sep 17 17:52:48 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=A91A9B1B/serialNumber=4B4414AE685E488F42B1B647EEA01DEBB0C4F3A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:08:62:2d:d4:9e:95:a7:7a:89:77:f3:66:e1:
ed:4c:85:d2:3a:72:95:28:6a:a9:49:c6:34:fd:81:
38:be:e9:a4:45:38:d7:0d:f1:15:80:d7:df:4d:85:
70:5c:d2:76:a8:d3:de:fe:ea:7d:da:aa:10:76:01:
2a:53:8b:62:09:af:aa:de:71:bd:08:e2:64:d0:c3:
11:94:04:70:41:48:cf:ab:53:64:3c:a0:14:9a:4f:
e6:e3:0a:8b:fb:7f:9d:ea:65:61:49:fa:4e:c2:24:
3b:43:43:8c:66:62:e7:ba:ed:13:26:e7:98:35:9b:
82:b0:cf:ca:f1:8a:bc:e0:27:6c:24:c9:96:53:56:
45:a7:22:80:9d:d2:17:d7:60:4e:a0:5d:89:3b:c1:
b2:c9:11:d7:2e:50:44:1e:10:6a:bf:07:0c:32:fb:
02:31:1a:7a:53:fb:a0:69:56:ac:37:74:5f:d0:06:
b2:ec:62:09:26:54:6e:09:3e:4a:a2:e2:8c:8b:68:
e3:82:76:2a:1b:21:c7:11:0b:dc:38:69:c1:9e:53:
66:de:2d:d6:73:db:7c:cb:f2:13:c4:62:03:aa:98:
e8:17:79:a5:34:02:03:3b:a3:32:8c:ae:ad:d5:67:
09:69:52:bb:b4:27:cb:b8:a9:c8:4e:d7:6e:fe:39:
19:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:44:14:AE:68:5E:48:8F:42:B1:B6:47:EE:A0:1D:EB:B0:C4:F3:A0
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A9B1B/4B3864D80E0B11EDA8D12E58C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A9B1B/4B3864D80E0B11EDA8D12E58C4F9AE02/S0QUrmheSI9CsbZH7qAd67DE86A.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.68.0/23
IPv6:
2400:9920::/32
Signature Algorithm: sha256WithRSAEncryption
d1:e5:d7:03:fb:3a:15:a9:a6:14:6f:8b:eb:b8:e7:df:a6:3a:
9b:cd:95:1d:ee:d2:2d:9c:24:65:d4:74:77:2a:1b:55:71:85:
c2:bd:7c:ea:3c:8a:84:14:64:0b:13:fd:4e:4c:c3:a1:90:c0:
15:bf:88:2d:5b:36:75:2f:bf:29:5d:36:5b:4f:d4:70:85:fb:
4c:1a:33:8d:b3:bb:2f:37:c4:9d:29:bd:44:32:28:1f:17:c5:
8f:90:d1:1b:4f:b0:00:9c:94:82:c7:bc:d1:17:b9:0e:e9:96:
0d:7a:d5:b1:0a:57:a9:95:eb:37:2c:37:d4:b5:55:ff:cc:0f:
23:e5:87:6a:54:62:e5:ad:08:9b:d6:6a:6d:e2:78:b7:57:a8:
26:2f:7f:8b:80:0e:59:06:58:6a:d8:35:f5:e8:7e:13:10:06:
bd:be:a1:93:0f:62:00:8a:f0:75:1a:3c:3a:ac:e6:03:81:5e:
56:32:bb:00:2a:6c:8c:02:1a:ed:4e:75:6e:36:45:61:d7:54:
61:22:07:ed:36:59:fb:74:70:b7:de:c4:93:e5:8b:70:ad:69:
36:62:e4:70:66:79:69:89:b4:ed:65:e2:46:bf:43:b9:07:67:
18:db:0e:03:a3:a3:fc:fb:34:7e:d1:3c:50:ef:81:43:a2:7c:
79:66:3b:87
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgIDAg4CMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDkxNzE3NTI0OFoXDTI1MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTlCMUIxMTAvBgNVBAUTKDRCNDQxNEFFNjg1RTQ4OEY0MkIxQjY0
N0VFQTAxREVCQjBDNEYzQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCaCGIt1J6Vp3qJd/Nm4e1MhdI6cpUoaqlJxjT9gTi+6aRFONcN8RWA199NhXBc
0nao097+6n3aqhB2ASpTi2IJr6recb0I4mTQwxGUBHBBSM+rU2Q8oBSaT+bjCov7
f53qZWFJ+k7CJDtDQ4xmYue67RMm55g1m4Kwz8rxirzgJ2wkyZZTVkWnIoCd0hfX
YE6gXYk7wbLJEdcuUEQeEGq/Bwwy+wIxGnpT+6BpVqw3dF/QBrLsYgkmVG4JPkqi
4oyLaOOCdiobIccRC9w4acGeU2beLdZz23zL8hPEYgOqmOgXeaU0AgM7ozKMrq3V
ZwlpUru0J8u4qchO127+ORktAgMBAAGjggMCMIIC/jAdBgNVHQ4EFgQUS0QUrmhe
SI9CsbZH7qAd67DE86AwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE5QjFCLzRCMzg2NEQ4MEUwQjExRURBOEQxMkU1OEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBOUIxQi80QjM4NjREODBFMEIxMUVEQThEMTJFNThDNEY5QUUwMi9TMFFVcm1o
ZVNJOUNzYlpIN3FBZDY3REU4NkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8EHzAd
MAwEAgABMAYDBAFnF0QwDQQCAAIwBwMFACQAmSAwDQYJKoZIhvcNAQELBQADggEB
ANHl1wP7OhWpphRvi+u459+mOpvNlR3u0i2cJGXUdHcqG1VxhcK9fOo8ioQUZAsT
/U5Mw6GQwBW/iC1bNnUvvyldNltP1HCF+0waM42zuy83xJ0pvUQyKB8XxY+Q0RtP
sACclILHvNEXuQ7plg161bEKV6mV6zcsN9S1Vf/MDyPlh2pUYuWtCJvWam3ieLdX
qCYvf4uADlkGWGrYNfXofhMQBr2+oZMPYgCK8HUaPDqs5gOBXlYyuwAqbIwCGu1O
dW42RWHXVGEiB+02Wft0cLfexJPli3CtaTZi5HBmeWmJtO1l4ka/Q7kHZxjbDgOj
o/z7NH7RPFDvgUOifHlmO4c=
-----END CERTIFICATE-----
Generated at Mon Oct 21 04:28:50 2024 by rpki-client on console.sobornost.net