Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer
File:                     AflcxfCmuelnxvjzbH9k1CRLrHI.cer (raw, json)
Hash identifier:          d0cN714SZIXRrCJlLn4nLlfCNIaddSh5sSAyfAM8JiQ=
Subject key identifier:   01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       020A20
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 30 Aug 2024 17:43:37 +0000
Certificate not after:    Fri 31 Oct 2025 00:00:00 +0000
Subordinate resources:    AS: 150138
                          IP: 103.16.208.0/23
                          IP: 2001:df1:ac0::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 04 Dec 2024 01:13:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 133664 (0x20a20)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Aug 30 17:43:37 2024 GMT
            Not After : Oct 31 00:00:00 2025 GMT
        Subject: CN=A9169451/serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:74:5e:0e:28:65:b6:9a:c4:7b:55:97:ae:85:
                    12:70:5d:0e:e9:ca:bf:67:b4:94:13:2a:c7:9c:33:
                    18:64:2c:22:5f:30:8a:46:3d:81:47:e1:96:0a:eb:
                    1f:63:1e:2b:bc:12:04:ae:f5:a8:ac:02:7e:6e:88:
                    d8:06:21:a8:9a:0f:40:40:66:20:d4:1c:cd:78:8a:
                    43:ca:05:bb:74:9d:02:db:37:49:1f:80:38:22:6b:
                    40:34:2b:ce:ef:6c:c6:6e:25:20:19:e4:92:2f:40:
                    5b:28:fe:b9:d5:f2:ad:06:83:4d:0f:8e:7c:dd:be:
                    a9:34:a3:f5:a6:13:95:d6:ca:f1:2e:61:59:ec:f0:
                    a2:52:41:c6:f5:94:fb:ab:47:03:16:31:77:e6:42:
                    d3:51:fe:11:fe:52:e5:04:8b:13:f4:1b:27:c7:6e:
                    9e:bf:08:36:1e:de:fb:b2:46:f2:8e:fa:9c:94:0e:
                    91:9f:88:bb:8e:9f:91:1d:ac:5c:83:ca:3c:e7:95:
                    cb:13:37:b3:2d:7a:3d:38:18:24:85:3b:09:66:f1:
                    32:94:77:73:30:aa:30:4b:a6:97:a7:fa:92:ea:64:
                    fa:27:d8:c9:be:fa:88:b1:c5:4c:4e:45:d7:9e:75:
                    84:bc:48:b8:81:50:8b:8a:b2:9b:bb:26:f8:dd:86:
                    92:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  150138

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.16.208.0/23
                IPv6:
                  2001:df1:ac0::/48

    Signature Algorithm: sha256WithRSAEncryption
         c0:5a:17:e2:d3:b5:a8:d3:fa:d2:9c:7b:25:c5:ae:c1:f9:31:
         c7:0e:ce:63:c3:d2:13:21:eb:b8:3d:a4:bb:bf:bc:07:15:8d:
         87:09:4b:b6:02:5e:35:5c:f2:e3:f7:96:66:bf:7e:d0:17:b2:
         b6:9e:c1:8f:14:bc:bb:d5:ae:c5:79:e5:98:72:72:4b:e5:8c:
         65:66:39:df:55:61:26:54:89:3d:69:07:35:67:61:86:9f:92:
         8c:bf:0d:ce:27:a2:8f:e1:40:aa:8a:7e:c7:c6:13:7a:4c:98:
         61:9d:6d:8c:f9:39:7b:b0:57:db:a2:00:f3:c1:ee:60:35:06:
         44:29:2d:e7:d2:89:90:47:7e:fd:9b:70:3d:66:c9:78:90:04:
         99:9d:d3:3b:47:e3:97:69:b8:c3:99:58:bf:96:8e:e7:98:f1:
         54:8c:24:09:f0:be:25:38:e4:69:d4:76:95:b7:b2:88:0a:3e:
         75:40:3a:43:60:0c:cb:5c:a0:50:bb:50:c6:41:19:c4:56:e2:
         c9:c9:98:63:b8:a0:69:69:b6:d5:b7:17:cb:36:07:3c:f3:65:
         98:07:b3:e0:1a:9c:4a:f4:25:9c:55:9c:e9:0e:91:1c:44:e6:
         6f:87:03:e0:9b:e8:77:a0:c1:65:23:46:ce:6b:a1:93:0d:86:
         d9:3a:18:c0
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAgogMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDgzMDE3NDMzN1oXDTI1MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNjk0NTExMTAvBgNVBAUTKDAxRjk1Q0M1RjBBNkI5RTk2N0M2RjhG
MzZDN0Y2NEQ0MjQ0QkFDNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCodF4OKGW2msR7VZeuhRJwXQ7pyr9ntJQTKsecMxhkLCJfMIpGPYFH4ZYK6x9j
Hiu8EgSu9aisAn5uiNgGIaiaD0BAZiDUHM14ikPKBbt0nQLbN0kfgDgia0A0K87v
bMZuJSAZ5JIvQFso/rnV8q0Gg00Pjnzdvqk0o/WmE5XWyvEuYVns8KJSQcb1lPur
RwMWMXfmQtNR/hH+UuUEixP0GyfHbp6/CDYe3vuyRvKO+pyUDpGfiLuOn5EdrFyD
yjznlcsTN7Mtej04GCSFOwlm8TKUd3MwqjBLppen+pLqZPon2Mm++oixxUxORdee
dYS8SLiBUIuKspu7JvjdhpKTAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUAflcxfCm
uelnxvjzbH9k1CRLrHIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTY5NDUxLzcxREI2N0Q0M0E0RDExRUQ5MDBERTI2RUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2OTQ1MS83MURCNjdENDNBNEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZD
bXVlbG54dmp6Ykg5azFDUkxySEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkp6MDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZxDQMA8EAgAC
MAkDBwAgAQ3xCsAwDQYJKoZIhvcNAQELBQADggEBAMBaF+LTtajT+tKceyXFrsH5
MccOzmPD0hMh67g9pLu/vAcVjYcJS7YCXjVc8uP3lma/ftAXsraewY8UvLvVrsV5
5ZhyckvljGVmOd9VYSZUiT1pBzVnYYafkoy/Dc4noo/hQKqKfsfGE3pMmGGdbYz5
OXuwV9uiAPPB7mA1BkQpLefSiZBHfv2bcD1myXiQBJmd0ztH45dpuMOZWL+WjueY
8VSMJAnwviU45GnUdpW3sogKPnVAOkNgDMtcoFC7UMZBGcRW4snJmGO4oGlpttW3
F8s2BzzzZZgHs+AanEr0JZxVnOkOkRxE5m+HA+Cb6HegwWUjRs5roZMNhtk6GMA=
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:21:32 2024 by rpki-client on console-fra.rpki-client.org