Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/apnic/U_eNgMrA6y6s13sBdd8xno91J5Y.cer
File:                     U_eNgMrA6y6s13sBdd8xno91J5Y.cer (raw, json)
Hash identifier:          P3NsfXdO5vrMHdYhIy8uvRdjymdgUbzwN5r3J2L3w5k=
Subject key identifier:   53:F7:8D:80:CA:C0:EB:2E:AC:D7:7B:01:75:DF:31:9E:8F:75:27:96
Authority key identifier: 6F:1A:10:3E:14:27:FF:03:48:3A:BF:D9:E3:4D:AC:BE:15:24:FF:8B
Certificate issuer:       /CN=APNICTOAFRINIC/serialNumber=6F1A103E1427FF03483ABFD9E34DACBE1524FF8B
Certificate serial:       0C91
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/apnic-to-afrinic.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36AC63A/3017B30240C311EEA7230C444AD9E6FC/U_eNgMrA6y6s13sBdd8xno91J5Y.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36AC63A/3017B30240C311EEA7230C444AD9E6FC/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:11:20 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 163.199.0.0/16
                          IP: 163.201.0.0/16

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/apnic/bxoQPhQn_wNIOr_Z402svhUk_4s.crl
                          rsync://rpki.afrinic.net/repository/apnic/bxoQPhQn_wNIOr_Z402svhUk_4s.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/apnic-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:15:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3217 (0xc91)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=APNICTOAFRINIC/serialNumber=6F1A103E1427FF03483ABFD9E34DACBE1524FF8B
        Validity
            Not Before: Jan  1 00:11:20 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36AC63AAP/serialNumber=53F78D80CAC0EB2EACD77B0175DF319E8F752796
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:56:0e:92:c6:3d:13:d6:0d:1a:a1:64:49:75:
                    0b:dc:65:3f:dc:7e:57:c0:73:21:a6:aa:23:0e:8c:
                    3c:c1:09:de:fe:cc:4b:91:76:53:e4:f4:d3:80:6c:
                    2d:1f:94:96:b6:3e:ca:68:4a:23:eb:7f:d4:c1:7c:
                    f8:1b:39:d9:50:6c:0d:3e:9d:7f:e8:13:4b:fc:99:
                    2f:98:31:5f:b2:aa:44:5f:e3:b9:c3:cc:12:d4:07:
                    97:31:85:74:f1:0c:ff:e2:4a:ab:d3:18:73:6b:ac:
                    2f:ec:c0:23:2f:d4:c5:e9:7c:73:38:63:b3:c1:35:
                    b5:34:1e:eb:1d:49:86:2b:46:4c:8c:b8:9d:5f:2d:
                    7f:79:dc:05:2c:13:26:90:10:f5:0e:e0:6b:3a:a5:
                    a7:af:d6:99:bc:fb:a3:46:b6:6e:c4:d0:01:13:80:
                    1a:62:70:58:e2:f5:0d:63:2f:14:54:d0:40:e6:62:
                    34:79:7e:65:e8:70:77:bb:f5:87:37:d3:de:5a:88:
                    82:cc:2b:50:0e:a9:3e:b8:9f:29:a6:e0:35:4e:69:
                    87:d4:4a:85:ac:ac:5e:48:6c:ca:84:01:f2:fe:75:
                    e6:39:6b:af:ec:96:d2:d8:c3:c4:fb:97:9f:66:8a:
                    79:6b:ae:d1:20:15:ff:59:10:05:ec:53:27:14:fd:
                    09:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:F7:8D:80:CA:C0:EB:2E:AC:D7:7B:01:75:DF:31:9E:8F:75:27:96
            X509v3 Authority Key Identifier:
                keyid:6F:1A:10:3E:14:27:FF:03:48:3A:BF:D9:E3:4D:AC:BE:15:24:FF:8B

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/apnic/bxoQPhQn_wNIOr_Z402svhUk_4s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/apnic-to-afrinic.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36AC63A/3017B30240C311EEA7230C444AD9E6FC/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36AC63A/3017B30240C311EEA7230C444AD9E6FC/U_eNgMrA6y6s13sBdd8xno91J5Y.mft

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.199.0.0/16
                  163.201.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b1:24:14:ba:9f:11:de:50:53:5a:1d:87:1d:a2:d9:1e:86:58:
         db:45:12:30:16:ef:57:53:be:16:19:9b:2a:8c:2a:7a:e0:a3:
         3d:f5:85:a3:11:97:40:cf:3c:12:88:50:49:37:39:d9:95:8a:
         af:5d:11:31:c1:de:fc:fd:3f:97:2a:f5:b9:25:ae:46:14:25:
         e3:5f:7c:0d:9e:2f:87:11:e7:1c:5c:3e:e2:75:32:02:ba:93:
         c6:b7:b2:41:02:9b:5e:82:8d:a7:93:ac:76:b9:dc:6d:77:59:
         7a:9c:31:2b:36:c8:da:b3:33:96:36:00:c4:95:1b:c5:86:7b:
         b0:a5:91:d4:b1:a6:ae:06:91:9e:c5:e6:02:49:27:cc:a2:83:
         9b:ab:7a:93:2c:3d:68:f9:47:82:a5:a3:f8:03:95:92:b3:1f:
         1c:fe:ec:58:b0:d9:c2:87:02:b0:96:ec:a8:e9:de:62:73:36:
         40:85:b0:2a:50:b4:0c:c6:b5:c8:b2:37:b5:6c:c3:3e:ae:12:
         7c:8d:b7:59:a0:fb:a6:4a:34:44:30:db:26:a3:41:94:d1:39:
         72:6a:2f:09:82:09:28:d3:70:54:ca:7c:61:d6:f0:3e:a3:30:
         2b:c4:0e:25:e3:d9:c2:8c:8a:9a:de:47:62:6a:ab:29:77:49:
         2e:62:01:aa
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgICDJEwDQYJKoZIhvcNAQELBQAwTDEXMBUGA1UEAxMOQVBO
SUNUT0FGUklOSUMxMTAvBgNVBAUTKDZGMUExMDNFMTQyN0ZGMDM0ODNBQkZEOUUz
NERBQ0JFMTUyNEZGOEIwHhcNMjQwMTAxMDAxMTIwWhcNMjUwMzMxMDAwMDAwWjBI
MRMwEQYDVQQDEwpGMzZBQzYzQUFQMTEwLwYDVQQFEyg1M0Y3OEQ4MENBQzBFQjJF
QUNENzdCMDE3NURGMzE5RThGNzUyNzk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAz1YOksY9E9YNGqFkSXUL3GU/3H5XwHMhpqojDow8wQne/sxLkXZT
5PTTgGwtH5SWtj7KaEoj63/UwXz4GznZUGwNPp1/6BNL/JkvmDFfsqpEX+O5w8wS
1AeXMYV08Qz/4kqr0xhza6wv7MAjL9TF6XxzOGOzwTW1NB7rHUmGK0ZMjLidXy1/
edwFLBMmkBD1DuBrOqWnr9aZvPujRrZuxNABE4AaYnBY4vUNYy8UVNBA5mI0eX5l
6HB3u/WHN9PeWoiCzCtQDqk+uJ8ppuA1TmmH1EqFrKxeSGzKhAHy/nXmOWuv7JbS
2MPE+5efZop5a67RIBX/WRAF7FMnFP0J3QIDAQABo4IC9zCCAvMwHQYDVR0OBBYE
FFP3jYDKwOsurNd7AXXfMZ6PdSeWMB8GA1UdIwQYMBaAFG8aED4UJ/8DSDq/2eNN
rL4VJP+LMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MFoGA1UdHwRT
MFEwT6BNoEuGSXJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fw
bmljL2J4b1FQaFFuX3dOSU9yX1o0MDJzdmhVa180cy5jcmwwdQYIKwYBBQUHAQEE
aTBnMGUGCCsGAQUFBzAChllyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3Np
dG9yeS8wNEU4QjBEODBGNEQxMUUwQjY1N0Q4OTMxMzY3QUU3RC9hcG5pYy10by1h
ZnJpbmljLmNlcjBPBgNVHSABAf8ERTBDMEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUH
AgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5ldC9wb2xpY3kvQ1BTLnBkZjCCAUUG
CCsGAQUFBwELBIIBNzCCATMwbAYIKwYBBQUHMAWGYHJzeW5jOi8vcnBraS5hZnJp
bmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5L0YzNkFDNjNBLzMw
MTdCMzAyNDBDMzExRUVBNzIzMEM0NDRBRDlFNkZDLzA1BggrBgEFBQcwDYYpaHR0
cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYsGCCsGAQUF
BzAKhn9yc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzZBQzYzQS8zMDE3QjMwMjQwQzMxMUVFQTcyMzBDNDQ0QUQ5
RTZGQy9VX2VOZ01yQTZ5NnMxM3NCZGQ4eG5vOTFKNVkubWZ0MCMGCCsGAQUFBwEH
AQH/BBQwEjAQBAIAATAKAwMAo8cDAwCjyTANBgkqhkiG9w0BAQsFAAOCAQEAsSQU
up8R3lBTWh2HHaLZHoZY20USMBbvV1O+FhmbKowqeuCjPfWFoxGXQM88EohQSTc5
2ZWKr10RMcHe/P0/lyr1uSWuRhQl4198DZ4vhxHnHFw+4nUyArqTxreyQQKbXoKN
p5OsdrncbXdZepwxKzbI2rMzljYAxJUbxYZ7sKWR1LGmrgaRnsXmAkknzKKDm6t6
kyw9aPlHgqWj+AOVkrMfHP7sWLDZwocCsJbsqOneYnM2QIWwKlC0DMa1yLI3tWzD
Pq4SfI23WaD7pko0RDDbJqNBlNE5cmovCYIJKNNwVMp8YdbwPqMwK8QOJePZwoyK
mt5HYmqrKXdJLmIBqg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:25:54 2024 by rpki-client on console-ams.rpki-client.org