Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g1pslrIJJMfl2PEvBtud0j4lL10.cer
File: g1pslrIJJMfl2PEvBtud0j4lL10.cer (raw, json)
Hash identifier: I6oxPJE/HxDV7E0Jw/NgsI9WNjKlkoBHrzNCZqaAKxg=
Subject key identifier: 83:5A:6C:96:B2:09:24:C7:E5:D8:F1:2F:06:DB:9D:D2:3E:25:2F:5D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0203AD
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91676D4/E17ECE2EE2E611EBB7596A75C4F9AE02/g1pslrIJJMfl2PEvBtud0j4lL10.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91676D4/E17ECE2EE2E611EBB7596A75C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 31 Jul 2024 16:34:43 +0000
Certificate not after: Sun 31 Aug 2025 00:00:00 +0000
Subordinate resources: AS: 9255
AS: 10149
AS: 133497
AS: 136041
IP: 1.32.128.0/18
IP: 27.114.192.0/18
IP: 43.225.152.0/22
IP: 101.234.0.0/18
IP: 103.44.112.0/22
IP: 111.92.192.0/19
IP: 112.78.224.0/19
IP: 115.31.224.0/19
IP: 117.58.160.0/19
IP: 119.42.192.0/19
IP: 123.49.64.0/18
IP: 183.81.192.0/18
IP: 202.160.192.0/18
IP: 202.163.32.0/19
IP: 203.101.192.0/19
IP: 220.232.0.0/18
IP: 2407:e000::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 28 Oct 2024 02:50:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132013 (0x203ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 31 16:34:43 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=A91676D4/serialNumber=835A6C96B20924C7E5D8F12F06DB9DD23E252F5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:bd:13:cd:9f:6c:5f:e9:fa:0f:af:4d:a7:56:
6e:d4:d3:3c:01:eb:97:49:12:ec:ce:e2:f5:5a:c5:
93:0e:c1:47:d5:9c:1e:2d:1c:98:86:8b:55:23:db:
a4:ab:ab:2f:69:2b:03:d6:a1:df:37:73:58:e4:25:
74:54:b1:d9:c5:b9:ec:dc:19:2c:66:a7:a7:7e:3d:
94:a0:8b:c9:42:76:a2:4e:01:d4:88:c6:7f:39:ca:
99:74:ca:94:0f:0b:70:2c:38:d2:20:13:d6:44:92:
31:89:ee:67:04:14:82:71:9f:f3:73:4e:c6:18:62:
fd:26:a6:36:63:a9:f4:12:e1:75:54:0c:49:d4:52:
6e:1f:d9:37:8b:19:11:cb:c5:d5:f6:33:e8:23:01:
c8:b3:c8:99:1b:29:7d:93:a9:ed:0c:b0:db:cd:bf:
7f:71:7d:4a:6e:85:34:cb:68:de:1f:07:db:62:7f:
5d:80:37:95:73:0b:d1:bd:41:c8:f9:61:8d:bf:64:
32:7c:fc:aa:7b:42:3d:0f:eb:70:d1:e3:4c:b5:5e:
01:75:d5:e0:22:f9:7d:8d:a1:bd:77:eb:39:35:e8:
bc:ee:f2:1a:33:1e:c4:ad:30:ab:47:08:09:b1:69:
12:65:fa:a4:ab:20:29:af:04:06:91:f5:37:fb:81:
c7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:5A:6C:96:B2:09:24:C7:E5:D8:F1:2F:06:DB:9D:D2:3E:25:2F:5D
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91676D4/E17ECE2EE2E611EBB7596A75C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91676D4/E17ECE2EE2E611EBB7596A75C4F9AE02/g1pslrIJJMfl2PEvBtud0j4lL10.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9255
10149
133497
136041
sbgp-ipAddrBlock: critical
IPv4:
1.32.128.0/18
27.114.192.0/18
43.225.152.0/22
101.234.0.0/18
103.44.112.0/22
111.92.192.0/19
112.78.224.0/19
115.31.224.0/19
117.58.160.0/19
119.42.192.0/19
123.49.64.0/18
183.81.192.0/18
202.160.192.0/18
202.163.32.0/19
203.101.192.0/19
220.232.0.0/18
IPv6:
2407:e000::/32
Signature Algorithm: sha256WithRSAEncryption
c3:72:cf:cb:d9:6c:b7:12:8e:51:6b:59:0b:36:21:5f:27:9f:
0b:c7:1d:ee:69:8a:fd:27:37:47:fb:96:68:77:5d:8f:f5:96:
33:5c:73:41:00:21:a3:41:62:a7:42:30:d5:9c:16:7e:05:52:
21:b3:15:4b:8f:78:b8:af:7a:12:b4:8b:fb:cc:aa:ef:65:3f:
8e:d3:08:7b:49:0a:e2:78:4f:d4:98:87:27:22:c9:36:0e:31:
5c:91:a0:8b:82:0f:66:03:b6:bb:8e:8c:65:8f:a2:a3:fa:9b:
91:05:89:36:5d:a3:4e:2d:ac:cf:ab:39:eb:02:4a:06:c2:b4:
e5:1f:09:a4:d7:ba:c4:12:65:09:55:af:6c:d5:8a:c3:9c:eb:
f4:8b:3f:e5:c5:eb:18:74:8b:b3:00:fa:b4:06:d6:fe:8b:c9:
45:f3:e7:32:3c:3c:36:60:42:d0:4e:19:b9:44:8b:1f:41:05:
17:56:29:af:6c:8e:25:68:0f:61:8b:75:e8:c7:22:f5:11:d1:
0f:16:ea:e8:c9:cb:fe:56:00:0d:e4:9e:3d:12:9b:37:99:dc:
2f:d6:a2:1c:56:3d:3d:63:4a:fe:d2:31:50:f2:7c:8a:f2:88:
e5:b3:e4:0f:de:b3:46:7b:59:f7:a0:49:a3:26:2a:5a:73:09:
a9:aa:5c:1b
-----BEGIN CERTIFICATE-----
MIIGkTCCBXmgAwIBAgIDAgOtMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDczMTE2MzQ0M1oXDTI1MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNjc2RDQxMTAvBgNVBAUTKDgzNUE2Qzk2QjIwOTI0QzdFNUQ4RjEy
RjA2REI5REQyM0UyNTJGNUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDavRPNn2xf6foPr02nVm7U0zwB65dJEuzO4vVaxZMOwUfVnB4tHJiGi1Uj26Sr
qy9pKwPWod83c1jkJXRUsdnFuezcGSxmp6d+PZSgi8lCdqJOAdSIxn85ypl0ypQP
C3AsONIgE9ZEkjGJ7mcEFIJxn/NzTsYYYv0mpjZjqfQS4XVUDEnUUm4f2TeLGRHL
xdX2M+gjAcizyJkbKX2Tqe0MsNvNv39xfUpuhTTLaN4fB9tif12AN5VzC9G9Qcj5
YY2/ZDJ8/Kp7Qj0P63DR40y1XgF11eAi+X2Nob136zk16Lzu8hozHsStMKtHCAmx
aRJl+qSrICmvBAaR9Tf7gcc3AgMBAAGjggOGMIIDgjAdBgNVHQ4EFgQUg1pslrIJ
JMfl2PEvBtud0j4lL10wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTY3NkQ0L0UxN0VDRTJFRTJFNjExRUJCNzU5NkE3NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2NzZENC9FMTdFQ0UyRUUyRTYxMUVCQjc1OTZBNzVDNEY5QUUwMi9nMXBzbHJJ
SkpNZmwyUEV2QnR1ZDBqNGxMMTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQgBAf8EGDAW
oBQwEgICJCcCAielAgMCCXkCAwITaTCBiAYIKwYBBQUHAQcBAf8EeTB3MGYEAgAB
MGADBAYBIIADBAYbcsADBAIr4ZgDBAZl6gADBAJnLHADBAVvXMADBAVwTuADBAVz
H+ADBAV1OqADBAV3KsADBAZ7MUADBAa3UcADBAbKoMADBAXKoyADBAXLZcADBAbc
6AAwDQQCAAIwBwMFACQH4AAwDQYJKoZIhvcNAQELBQADggEBAMNyz8vZbLcSjlFr
WQs2IV8nnwvHHe5piv0nN0f7lmh3XY/1ljNcc0EAIaNBYqdCMNWcFn4FUiGzFUuP
eLivehK0i/vMqu9lP47TCHtJCuJ4T9SYhyciyTYOMVyRoIuCD2YDtruOjGWPoqP6
m5EFiTZdo04trM+rOesCSgbCtOUfCaTXusQSZQlVr2zVisOc6/SLP+XF6xh0i7MA
+rQG1v6LyUXz5zI8PDZgQtBOGblEix9BBRdWKa9sjiVoD2GLdejHIvUR0Q8W6ujJ
y/5WAA3knj0SmzeZ3C/WohxWPT1jSv7SMVDyfIryiOWz5A/es0Z7WfegSaMmKlpz
CamqXBs=
-----END CERTIFICATE-----
Generated at Mon Oct 21 04:29:02 2024 by rpki-client on console.sobornost.net