Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GYxDZM8DLHMNlYWDSYIJbVCnUsk.cer
File: GYxDZM8DLHMNlYWDSYIJbVCnUsk.cer (raw, json)
Hash identifier: fDc8qpv6A1VhgulCBLl0uuIvliA5yP0Yo9IYis1WN8c=
Subject key identifier: 19:8C:43:64:CF:03:2C:73:0D:95:85:83:49:82:09:6D:50:A7:52:C9
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 024354
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91DC931/4A25B6A0F55D11EE9BE19780C4F9AE02/GYxDZM8DLHMNlYWDSYIJbVCnUsk.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91DC931/4A25B6A0F55D11EE9BE19780C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Fri 02 May 2025 05:15:00 +0000
Certificate not after: Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 152668
IP: 117.55.254.0/23
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 16 May 2025 11:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148308 (0x24354)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 2 05:15:00 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=A91DC931, serialNumber=198C4364CF032C730D9585834982096D50A752C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2b:1a:aa:3f:80:1f:4d:f6:6f:e8:40:64:2d:
2a:32:60:3f:8c:02:cf:97:88:9f:8c:c7:78:62:cf:
5f:e7:57:df:a9:da:a0:3f:a7:bc:84:53:32:85:f9:
20:09:ac:79:d4:09:22:77:7f:ad:f6:7c:06:5b:8f:
b6:e7:81:2f:03:d8:c9:6f:3e:d2:1f:03:a0:07:db:
a9:b3:b4:cf:c2:82:44:92:89:80:38:2d:c2:e3:af:
4b:44:55:fe:3d:23:e3:69:17:64:4d:f5:e6:7f:db:
1d:d3:46:2d:62:3f:b7:ab:28:fe:16:33:b1:64:d4:
0d:13:6e:85:ce:95:67:99:94:7b:3c:fa:d7:2f:66:
69:b3:8e:e2:01:13:ee:97:f3:c3:c9:ae:c8:32:0a:
59:72:5b:ba:36:17:11:47:e2:4c:b7:8f:b6:0d:2d:
b0:0f:c9:68:c9:48:57:d5:1f:9e:dc:93:c3:61:b2:
18:54:fe:5b:14:72:44:cf:ed:2a:4c:db:d0:c6:73:
db:03:c1:35:c2:c9:0a:32:3e:fb:d0:5e:ca:72:8f:
85:0f:cf:f2:06:5b:10:35:11:f2:d8:dd:40:5c:28:
f8:ef:ef:d5:24:a2:61:8b:51:a2:78:ab:52:af:1e:
89:0b:8f:0c:44:f9:fc:10:21:a3:09:a6:a1:72:11:
39:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:8C:43:64:CF:03:2C:73:0D:95:85:83:49:82:09:6D:50:A7:52:C9
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91DC931/4A25B6A0F55D11EE9BE19780C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91DC931/4A25B6A0F55D11EE9BE19780C4F9AE02/GYxDZM8DLHMNlYWDSYIJbVCnUsk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
152668
sbgp-ipAddrBlock: critical
IPv4:
117.55.254.0/23
Signature Algorithm: sha256WithRSAEncryption
40:ab:9c:f3:26:0f:bd:10:6e:6c:13:de:07:b3:e4:9b:1b:78:
8c:19:7c:d5:b9:0e:9b:b2:79:28:1d:bf:f5:79:81:7b:87:a7:
6e:3b:36:06:ce:3a:64:cb:ba:26:ad:b8:5a:eb:89:11:56:a4:
05:6f:d0:c1:3b:54:37:da:6b:72:b5:d7:2a:02:f6:f4:16:e9:
64:74:32:34:31:ca:7d:b3:7d:13:7b:0b:90:82:ce:cf:89:67:
9c:54:1b:d7:6a:d7:63:42:cb:1e:8e:51:36:85:00:21:96:92:
a8:30:80:cc:1e:af:0c:83:8c:aa:08:c5:22:a3:be:87:be:6f:
d5:de:2b:c0:43:2a:01:7c:94:36:1e:2e:c2:20:38:3e:71:8d:
d9:1e:58:36:09:31:e6:6c:8c:54:28:cf:13:ad:c2:f2:e4:16:
3c:b5:0f:8c:97:a3:fd:77:f3:7f:9a:25:30:07:ae:03:44:64:
76:e3:8c:ae:9c:46:13:88:7c:dc:da:60:8c:52:8a:7e:98:68:
de:a0:40:02:90:44:a9:a3:c3:a2:f0:16:92:1b:3d:b1:9a:0c:
de:a9:59:9d:df:c7:1f:71:82:ba:c4:b1:84:30:a0:8e:7f:37:
8c:05:24:40:4e:e1:2b:16:da:02:aa:23:ea:f8:80:d3:17:e5:
19:c4:6e:3a
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAkNUMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUwMjA1MTUwMFoXDTI2MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxREM5MzExMTAvBgNVBAUTKDE5OEM0MzY0Q0YwMzJDNzMwRDk1ODU4
MzQ5ODIwOTZENTBBNzUyQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5KxqqP4AfTfZv6EBkLSoyYD+MAs+XiJ+Mx3hiz1/nV9+p2qA/p7yEUzKF+SAJ
rHnUCSJ3f632fAZbj7bngS8D2MlvPtIfA6AH26mztM/CgkSSiYA4LcLjr0tEVf49
I+NpF2RN9eZ/2x3TRi1iP7erKP4WM7Fk1A0TboXOlWeZlHs8+tcvZmmzjuIBE+6X
88PJrsgyCllyW7o2FxFH4ky3j7YNLbAPyWjJSFfVH57ck8NhshhU/lsUckTP7SpM
29DGc9sDwTXCyQoyPvvQXspyj4UPz/IGWxA1EfLY3UBcKPjv79UkomGLUaJ4q1Kv
HokLjwxE+fwQIaMJpqFyETlRAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUGYxDZM8D
LHMNlYWDSYIJbVCnUskwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MURDOTMxLzRBMjVCNkEwRjU1RDExRUU5QkUxOTc4MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEQzkzMS80QTI1QjZBMEY1NUQxMUVFOUJFMTk3ODBDNEY5QUUwMi9HWXhEWk04
RExITU5sWVdEU1lJSmJWQ25Vc2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlRcMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBdTf+MA0GCSqG
SIb3DQEBCwUAA4IBAQBAq5zzJg+9EG5sE94Hs+SbG3iMGXzVuQ6bsnkoHb/1eYF7
h6duOzYGzjpky7omrbha64kRVqQFb9DBO1Q32mtytdcqAvb0FulkdDI0Mcp9s30T
ewuQgs7PiWecVBvXatdjQssejlE2hQAhlpKoMIDMHq8Mg4yqCMUio76Hvm/V3ivA
QyoBfJQ2Hi7CIDg+cY3ZHlg2CTHmbIxUKM8TrcLy5BY8tQ+Ml6P9d/N/miUwB64D
RGR244yunEYTiHzc2mCMUop+mGjeoEACkESpo8Oi8BaSGz2xmgzeqVmd38cfcYK6
xLGEMKCOfzeMBSRATuErFtoCqiPq+IDTF+UZxG46
-----END CERTIFICATE-----
Generated at Fri May 9 13:26:49 2025 by rpki-client