Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/1_pzTirYg6eruOt2mcdBlN3zfqM.cer
File:                     1_pzTirYg6eruOt2mcdBlN3zfqM.cer (raw, json)
Hash identifier:          Z0BjSTpNnVl1RckYsUpb+XFchtaOc3oSmgzQK7e9V7o=
Subject key identifier:   D7:FA:73:4E:2A:D8:83:A7:AB:B8:EB:76:99:C7:41:94:DD:F3:7E:A3
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2827
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36E1EE5/C3A862D6934111ED944CED8CF1222468/1_pzTirYg6eruOt2mcdBlN3zfqM.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36E1EE5/C3A862D6934111ED944CED8CF1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:16:30 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 327982
                          IP: 2c0f:f2d0::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10279 (0x2827)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 04:16:30 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36E1EE5AF/serialNumber=D7FA734E2AD883A7ABB8EB7699C74194DDF37EA3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:2d:96:b3:00:34:40:e0:f2:b3:a1:7b:c8:87:
                    81:e3:47:cc:aa:a5:74:c5:76:03:50:ce:68:14:6d:
                    88:90:81:1d:82:14:df:9c:b8:42:fd:93:0f:02:17:
                    bf:63:f5:cd:f9:41:8f:ae:89:26:6d:ba:2c:48:0a:
                    6e:61:5d:66:c2:69:96:04:70:f3:a9:9c:b3:f0:d9:
                    1f:6d:94:83:92:cf:a8:a5:20:83:6b:7e:b1:51:47:
                    8b:9e:2e:b9:d2:43:b2:58:60:81:8e:7b:f1:c5:6c:
                    29:67:09:64:3d:d9:1e:2e:4e:c5:de:a7:bb:eb:19:
                    e7:c3:2a:69:7f:d6:f2:7f:45:e4:46:ca:ce:17:7a:
                    c8:c1:55:4a:e7:50:b4:28:36:5b:0e:3e:d1:02:12:
                    f1:87:0b:dd:b5:ac:ac:3a:76:43:a8:dd:43:85:2e:
                    1d:ae:fe:08:bf:ea:7e:6a:86:67:59:91:93:bc:a8:
                    58:27:65:94:bc:9d:4e:77:41:4b:23:51:b4:79:3c:
                    08:ab:b0:81:9a:25:84:d2:dd:15:02:6e:db:c8:0b:
                    65:19:85:25:25:78:00:3f:cf:67:cf:e9:99:f5:88:
                    8f:7a:93:b8:47:df:87:97:6f:9f:92:40:d5:95:fb:
                    6c:79:f3:dc:a7:87:aa:81:28:8c:39:d7:16:a1:ae:
                    1b:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:FA:73:4E:2A:D8:83:A7:AB:B8:EB:76:99:C7:41:94:DD:F3:7E:A3
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E1EE5/C3A862D6934111ED944CED8CF1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E1EE5/C3A862D6934111ED944CED8CF1222468/1_pzTirYg6eruOt2mcdBlN3zfqM.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  327982

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f2d0::/32

    Signature Algorithm: sha256WithRSAEncryption
         bc:b2:e3:ad:b0:59:d7:d1:0f:50:e4:26:70:a1:24:cb:cb:ca:
         c1:d9:54:b3:5d:97:6d:ca:93:27:ff:f7:71:35:b8:4b:eb:13:
         04:cc:04:08:d6:66:21:d4:00:41:00:9a:ec:ec:c5:93:cf:bc:
         89:69:ae:5f:83:33:c0:6a:f1:ad:be:48:70:00:0c:b5:28:c7:
         71:09:9c:e3:2e:e1:64:3b:14:7c:49:ba:bc:ca:16:18:d0:fb:
         74:e7:db:b8:3c:c2:c1:08:a7:6e:58:30:92:51:f0:89:7e:79:
         5d:88:a7:5d:01:ee:20:85:07:4e:f6:6d:66:5e:e9:bb:68:69:
         f2:38:1a:09:42:b9:c9:1d:c5:65:3a:b8:49:bf:2b:c3:c7:df:
         dd:e9:fb:59:ff:33:c5:cc:18:68:6a:38:a2:86:ca:c1:2a:5d:
         dc:08:95:f6:ba:67:70:fe:d8:1e:8a:41:9e:f1:0e:4c:27:45:
         09:72:bc:5e:92:4c:28:2c:86:fe:0f:e0:f9:6c:03:93:1e:00:
         c4:c0:ed:fe:e0:21:20:ae:7b:77:ea:c3:ee:de:d3:e2:d3:39:
         6d:31:5b:9f:f4:d0:ff:ef:b1:b6:89:56:21:a5:bd:25:00:b0:
         9a:f3:2c:ef:1f:b7:8c:9d:0f:ec:8c:e3:29:d8:b4:18:7b:fb:
         0a:40:b7:68
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgICKCcwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwNDE2MzBaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkUxRUU1QUYxMTAvBgNVBAUTKEQ3RkE3MzRFMkFEODgzQTdBQkI4RUI3
Njk5Qzc0MTk0RERGMzdFQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5LZazADRA4PKzoXvIh4HjR8yqpXTFdgNQzmgUbYiQgR2CFN+cuEL9kw8CF79j
9c35QY+uiSZtuixICm5hXWbCaZYEcPOpnLPw2R9tlIOSz6ilIINrfrFRR4ueLrnS
Q7JYYIGOe/HFbClnCWQ92R4uTsXep7vrGefDKml/1vJ/ReRGys4XesjBVUrnULQo
NlsOPtECEvGHC921rKw6dkOo3UOFLh2u/gi/6n5qhmdZkZO8qFgnZZS8nU53QUsj
UbR5PAirsIGaJYTS3RUCbtvIC2UZhSUleAA/z2fP6Zn1iI96k7hH34eXb5+SQNWV
+2x589ynh6qBKIw51xahrhslAgMBAAGjggMMMIIDCDAdBgNVHQ4EFgQU1/pzTirY
g6eruOt2mcdBlN3zfqMwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZFMUVFNS9DM0E4NjJENjkzNDEx
MUVEOTQ0Q0VEOENGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTFFRTUvQzNBODYyRDY5MzQxMTFFRDk0NENFRDhDRjEyMjI0NjgvMV9welRp
cllnNmVydU90Mm1jZEJsTjN6ZnFNLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAS4wIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD/LQMA0GCSqGSIb3
DQEBCwUAA4IBAQC8suOtsFnX0Q9Q5CZwoSTLy8rB2VSzXZdtypMn//dxNbhL6xME
zAQI1mYh1ABBAJrs7MWTz7yJaa5fgzPAavGtvkhwAAy1KMdxCZzjLuFkOxR8Sbq8
yhYY0Pt059u4PMLBCKduWDCSUfCJfnldiKddAe4ghQdO9m1mXum7aGnyOBoJQrnJ
HcVlOrhJvyvDx9/d6ftZ/zPFzBhoajiihsrBKl3cCJX2umdw/tgeikGe8Q5MJ0UJ
crxekkwoLIb+D+D5bAOTHgDEwO3+4CEgrnt36sPu3tPi0zltMVuf9ND/77G2iVYh
pb0lALCa8yzvH7eMnQ/sjOMp2LQYe/sKQLdo
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:31 2024 by rpki-client on console-fra.rpki-client.org