Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rUZnzujj-e3_kuf7uzf_xmwAc6I.cer
File: rUZnzujj-e3_kuf7uzf_xmwAc6I.cer (raw, json)
Hash identifier: COUWXDJnznL/Coun5tf9Zw6LOJcTeBytcJEEADSW3JY=
Subject key identifier: AD:46:67:CE:E8:E3:F9:ED:FF:92:E7:FB:BB:37:FF:C6:6C:00:73:A2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02432D
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A919C0F6/D2BB755AEF4F11EDB5D71F46C4F9AE02/rUZnzujj-e3_kuf7uzf_xmwAc6I.mft
caRepository: rsync://rpki.apnic.net/member_repository/A919C0F6/D2BB755AEF4F11EDB5D71F46C4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Thu 01 May 2025 22:36:43 +0000
Certificate not after: Thu 30 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 58594
IP: 43.250.120.0/22
IP: 103.9.12.0/22
IP: 2401:27c0::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 21 May 2025 02:05:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148269 (0x2432d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: May 1 22:36:43 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=A919C0F6, serialNumber=AD4667CEE8E3F9EDFF92E7FBBB37FFC66C0073A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:39:11:f5:10:c3:50:67:d0:8c:49:ce:fc:93:
b6:ac:9e:c4:50:6b:e0:7a:3a:e6:e8:87:c4:ac:b1:
0d:b5:0a:2e:8c:1f:bc:b5:60:13:30:18:4e:1b:6b:
c8:88:d1:39:fc:bd:50:b3:27:37:84:d4:8f:e6:c3:
65:10:f0:b0:2c:2c:7c:2c:56:5b:28:0f:a2:ec:43:
d2:7d:ce:7e:b6:4e:9b:c3:b1:21:f5:24:d3:87:c7:
6b:42:63:96:dc:ba:fb:28:cb:c0:23:8f:d6:6c:fd:
98:1d:7d:8a:a1:1e:4f:10:27:87:c2:45:a9:6e:31:
b6:79:99:6c:28:7b:a1:7b:f3:76:82:e7:61:34:d3:
e1:67:20:f7:eb:ce:45:cb:99:40:d6:ea:d0:b2:dc:
62:63:05:22:bd:2a:ba:c6:30:fa:b2:40:ad:93:0c:
73:7b:ba:3b:fd:a9:28:a5:5e:85:0f:b3:26:6f:fe:
d6:ad:95:69:65:4c:18:4c:24:b6:9b:f2:c0:15:4c:
4f:10:f3:a3:ad:4f:c9:b4:b1:9f:78:b5:6e:32:af:
f3:b5:26:cf:d7:7f:16:96:cc:5f:4d:42:7d:42:0a:
a0:53:df:57:4f:45:f5:e0:fe:c9:ca:ef:86:b0:b0:
77:56:3b:df:61:c6:85:f4:d2:f2:47:ab:0b:a7:44:
59:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:46:67:CE:E8:E3:F9:ED:FF:92:E7:FB:BB:37:FF:C6:6C:00:73:A2
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919C0F6/D2BB755AEF4F11EDB5D71F46C4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919C0F6/D2BB755AEF4F11EDB5D71F46C4F9AE02/rUZnzujj-e3_kuf7uzf_xmwAc6I.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
58594
sbgp-ipAddrBlock: critical
IPv4:
43.250.120.0/22
103.9.12.0/22
IPv6:
2401:27c0::/32
Signature Algorithm: sha256WithRSAEncryption
b6:81:6d:3f:dd:45:02:48:38:49:9a:8c:a9:ea:6a:6a:29:a3:
b0:f2:b6:30:76:d3:ff:1a:8a:bf:d7:36:da:a8:21:ce:7c:db:
bb:36:53:b1:aa:ae:f8:67:8c:ce:1e:e1:e2:e2:a5:4f:2a:a3:
65:4f:09:dd:20:ff:08:2b:ac:20:32:45:13:06:df:15:18:3c:
f9:ff:6f:13:b7:54:52:47:96:8c:b3:1a:2d:5d:45:a5:d9:4f:
a9:00:3e:8e:62:4d:48:9e:ef:12:98:bf:c5:bc:85:f0:a6:18:
3e:3e:8c:a2:05:8c:65:93:92:13:ef:d1:b7:7a:cf:a8:fc:1a:
ee:cc:49:d9:ea:05:6d:81:a8:46:8e:b6:4e:43:1c:0f:56:26:
f6:ae:56:99:ab:70:ce:e3:2d:2d:a2:f2:f8:30:04:c5:88:d1:
70:34:00:7f:21:38:e1:da:44:28:e0:0f:53:4d:e5:36:e6:0c:
0b:39:e9:23:f9:76:34:4f:37:c5:62:8c:60:b1:72:b4:05:4f:
40:8b:21:f6:fa:0e:31:da:38:93:59:aa:bf:9e:bb:2d:4b:7f:
53:08:15:ca:42:45:78:bf:50:fc:96:0d:72:f4:e9:b9:40:6a:
0c:7e:5b:a5:4b:d6:2d:04:0e:c4:21:e4:87:ae:cc:96:52:13:
b3:74:c4:c7
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAkMtMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDUwMTIyMzY0M1oXDTI2MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOUMwRjYxMTAvBgNVBAUTKEFENDY2N0NFRThFM0Y5RURGRjkyRTdG
QkJCMzdGRkM2NkMwMDczQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFORH1EMNQZ9CMSc78k7asnsRQa+B6Ouboh8SssQ21Ci6MH7y1YBMwGE4ba8iI
0Tn8vVCzJzeE1I/mw2UQ8LAsLHwsVlsoD6LsQ9J9zn62TpvDsSH1JNOHx2tCY5bc
uvsoy8Ajj9Zs/ZgdfYqhHk8QJ4fCRaluMbZ5mWwoe6F783aC52E00+FnIPfrzkXL
mUDW6tCy3GJjBSK9KrrGMPqyQK2TDHN7ujv9qSilXoUPsyZv/tatlWllTBhMJLab
8sAVTE8Q86OtT8m0sZ94tW4yr/O1Js/XfxaWzF9NQn1CCqBT31dPRfXg/snK74aw
sHdWO99hxoX00vJHqwunRFkVAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUrUZnzujj
+e3/kuf7uzf/xmwAc6IwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTlDMEY2L0QyQkI3NTVBRUY0RjExRURCNUQ3MUY0NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5QzBGNi9EMkJCNzU1QUVGNEYxMUVEQjVENzFGNDZDNEY5QUUwMi9yVVpuenVq
ai1lM19rdWY3dXpmX3htd0FjNkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAOTiMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCK/p4AwQCZwkM
MA0EAgACMAcDBQAkASfAMA0GCSqGSIb3DQEBCwUAA4IBAQC2gW0/3UUCSDhJmoyp
6mpqKaOw8rYwdtP/Goq/1zbaqCHOfNu7NlOxqq74Z4zOHuHi4qVPKqNlTwndIP8I
K6wgMkUTBt8VGDz5/28Tt1RSR5aMsxotXUWl2U+pAD6OYk1Inu8SmL/FvIXwphg+
PoyiBYxlk5IT79G3es+o/BruzEnZ6gVtgahGjrZOQxwPVib2rlaZq3DO4y0tovL4
MATFiNFwNAB/ITjh2kQo4A9TTeU25gwLOekj+XY0TzfFYoxgsXK0BU9AiyH2+g4x
2jiTWaq/nrstS39TCBXKQkV4v1D8lg1y9Om5QGoMflulS9YtBA7EIeSHrsyWUhOz
dMTH
-----END CERTIFICATE-----
Generated at Wed May 14 04:32:35 2025 by rpki-client