Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer
File: dNRNlor0Y--xfAgNX60BDErAl6o.cer (raw, json)
Hash identifier: fM7Rg3VPCnGZ/DjHN5yOTC9C90WHOrG9KuPtKI55OnA=
Subject key identifier: 74:D4:4D:96:8A:F4:63:EF:B1:7C:08:0D:5F:AD:01:0C:4A:C0:97:AA
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 6461
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft
caRepository: rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 30 Apr 2025 16:41:36 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 69.161.221.0/24
IP: 192.131.142.0/24
IP: 205.189.160.0/24
IP: 209.17.118.0/24
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 18 May 2025 17:35:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25697 (0x6461)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Apr 30 16:41:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=A917E0A8, serialNumber=74D44D968AF463EFB17C080D5FAD010C4AC097AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ee:20:2e:13:6a:1c:90:2f:b6:3c:d3:8f:83:
77:fd:27:9d:6a:a3:ee:73:86:fb:fd:18:5c:0d:72:
29:18:17:f6:dc:74:d1:8c:48:58:fa:b4:fe:41:8b:
e8:49:7b:4a:c1:b5:eb:31:70:df:25:0e:b9:9e:30:
b1:ab:a3:62:c4:b9:6d:99:44:5e:c1:dd:86:64:01:
f5:e8:05:2b:b8:9d:69:42:b8:56:5f:18:f2:b5:97:
f7:4a:9c:f1:b2:d1:c7:5f:97:07:46:11:72:e6:10:
99:35:5c:64:9e:98:8c:7c:f6:a5:38:ed:ab:13:4c:
11:30:3a:92:7b:56:dd:0f:75:d5:41:9c:42:48:1c:
47:8c:bb:a2:c0:fd:93:39:45:d3:a9:61:a0:40:8c:
51:b3:08:e8:da:c6:4f:e1:32:d9:8f:60:70:91:eb:
56:3b:a4:42:15:27:90:26:9a:b9:4b:c0:91:7b:0f:
b2:ae:96:3e:1a:c6:ef:3e:d7:45:55:58:8f:5d:b6:
7f:4f:2c:54:f8:67:03:b4:9f:68:ff:8b:e1:b7:a3:
68:32:fb:5c:b7:87:be:9a:7b:2f:d6:9d:88:e6:ed:
4e:09:c2:25:d9:cf:ec:b8:9d:e1:33:83:b0:b2:1e:
96:1e:b5:30:ca:be:59:95:08:ca:a1:40:bb:05:56:
93:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:D4:4D:96:8A:F4:63:EF:B1:7C:08:0D:5F:AD:01:0C:4A:C0:97:AA
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
69.161.221.0/24
192.131.142.0/24
205.189.160.0/24
209.17.118.0/24
Signature Algorithm: sha256WithRSAEncryption
82:8e:75:ba:24:a1:e8:e9:fd:d6:50:98:19:14:89:bf:3b:62:
16:d7:78:88:f4:35:9f:7e:58:a5:54:c0:09:07:5a:fb:b5:85:
95:3f:59:83:ca:8b:d3:c8:7c:61:d0:b3:6b:8c:d8:59:e9:32:
3a:3e:e0:55:08:82:ab:50:38:1b:e6:b9:f0:dc:bf:ab:31:1d:
6a:88:46:e0:08:dc:17:e9:37:49:ed:4f:2b:e1:34:55:c5:e3:
37:a8:00:16:5b:f5:bc:3b:fb:03:72:42:6c:2f:18:9d:c5:1d:
cb:c4:18:11:aa:56:da:81:57:93:24:1d:d1:9b:dd:1e:2c:19:
05:61:78:fa:99:78:5e:e6:c9:65:c5:ab:c5:52:3d:8c:4a:11:
cc:4f:0d:48:f5:71:07:b9:ea:2e:84:06:f2:57:68:e7:8a:68:
7a:7f:8b:09:c5:54:24:43:c3:57:9e:7a:af:24:bc:f2:96:b2:
c1:eb:52:e9:c9:7e:94:72:7a:49:65:2b:90:9b:66:ef:81:fa:
25:b8:64:44:f3:b4:28:05:57:5f:94:83:68:aa:cd:60:fe:fe:
05:f4:66:bf:eb:2b:1d:07:5b:c9:c7:f2:53:03:a9:38:86:2a:
ae:cc:4b:ff:c8:ba:db:92:40:c2:3c:a4:15:8c:e8:f0:cd:8b:
4b:17:4c:1a
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgICZGEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjUwNDMwMTY0MTM2WhcNMjYwNzAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE3RTBBODExMC8GA1UEBRMoNzRENDREOTY4QUY0NjNFRkIxN0MwODBE
NUZBRDAxMEM0QUMwOTdBQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMbuIC4TahyQL7Y804+Dd/0nnWqj7nOG+/0YXA1yKRgX9tx00YxIWPq0/kGL6El7
SsG16zFw3yUOuZ4wsaujYsS5bZlEXsHdhmQB9egFK7idaUK4Vl8Y8rWX90qc8bLR
x1+XB0YRcuYQmTVcZJ6YjHz2pTjtqxNMETA6kntW3Q911UGcQkgcR4y7osD9kzlF
06lhoECMUbMI6NrGT+Ey2Y9gcJHrVjukQhUnkCaauUvAkXsPsq6WPhrG7z7XRVVY
j122f08sVPhnA7SfaP+L4bejaDL7XLeHvpp7L9adiObtTgnCJdnP7Lid4TODsLIe
lh61MMq+WZUIyqFAuwVWk20CAwEAAaOCAwUwggMBMB0GA1UdDgQWBBR01E2WivRj
77F8CA1frQEMSsCXqjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0UwQTgvNkVGQzBCRUU5ODRDMTFFQjhBNDFGQTIwQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTdFMEE4LzZFRkMwQkVFOTg0QzExRUI4QTQxRkEyMEM0RjlBRTAyL2ROUk5sb3Iw
WS0teGZBZ05YNjBCREVyQWw2by5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAxBggrBgEFBQcBBwEB/wQiMCAw
HgQCAAEwGAMEAEWh3QMEAMCDjgMEAM29oAMEANERdjANBgkqhkiG9w0BAQsFAAOC
AQEAgo51uiSh6On91lCYGRSJvztiFtd4iPQ1n35YpVTACQda+7WFlT9Zg8qL08h8
YdCza4zYWekyOj7gVQiCq1A4G+a58Ny/qzEdaohG4AjcF+k3Se1PK+E0VcXjN6gA
Flv1vDv7A3JCbC8YncUdy8QYEapW2oFXkyQd0ZvdHiwZBWF4+pl4XubJZcWrxVI9
jEoRzE8NSPVxB7nqLoQG8ldo54poen+LCcVUJEPDV556ryS88paywetS6cl+lHJ6
SWUrkJtm74H6JbhkRPO0KAVXX5SDaKrNYP7+BfRmv+srHQdbycfyUwOpOIYqrsxL
/8i625JAwjykFYzo8M2LSxdMGg==
-----END CERTIFICATE-----
Generated at Sun May 11 22:28:10 2025 by rpki-client