Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/1mi-yvPLFNtiSjQl1mZgm_J7Uu4.cer
File:                     1mi-yvPLFNtiSjQl1mZgm_J7Uu4.cer (raw, json)
Hash identifier:          grzVY0vxJfvGHa4BJ2f3lYXJXz4OB+a/WxE9ky5b2Vs=
Subject key identifier:   D6:68:BE:CA:F3:CB:14:DB:62:4A:34:25:D6:66:60:9B:F2:7B:52:EE
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       239C
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36D8DFA/0E9B19BA140A11E5A7F5FC4CF8AEA228/1mi-yvPLFNtiSjQl1mZgm_J7Uu4.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36D8DFA/0E9B19BA140A11E5A7F5FC4CF8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:41:27 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 37271
                          IP: 41.78.188.0/22
                          IP: 197.157.64.0/19
                          IP: 2c0f:fa90::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9116 (0x239c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 00:41:27 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36D8DFAAF/serialNumber=D668BECAF3CB14DB624A3425D666609BF27B52EE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:e2:70:01:df:fe:72:d0:ee:1c:4c:fb:66:0c:
                    8d:b5:d6:8a:a7:98:66:b3:8b:b8:eb:fa:61:3e:e6:
                    89:dd:8e:37:60:02:0e:a3:a2:e5:42:bb:8e:b6:3f:
                    26:75:6f:94:0b:d8:1d:22:23:9a:c3:4a:ea:39:c8:
                    95:c3:ea:be:55:e9:3f:64:3c:e0:d4:3e:db:28:47:
                    02:28:1e:a1:c3:1c:40:93:63:da:a0:b5:ee:3d:88:
                    5c:b4:18:c0:ea:c9:d9:bf:77:18:3b:17:6c:ae:81:
                    6f:93:5f:09:95:21:9b:64:65:4e:e4:0c:2f:e8:0b:
                    00:e2:3c:94:7a:f2:65:67:7a:ab:00:2e:1b:5f:85:
                    b3:73:b4:02:53:4d:4e:16:9c:76:12:2c:01:8f:ba:
                    c0:34:36:88:20:1e:9a:66:74:9d:6c:ca:8b:3d:89:
                    cf:25:d8:65:81:cd:5e:35:1c:14:d8:a1:f3:bb:c8:
                    6e:86:cf:c1:12:7d:44:18:3d:10:48:73:b1:99:b8:
                    e7:f9:60:69:85:92:81:e5:7e:30:e6:33:96:80:b8:
                    c0:2a:88:ce:2d:af:c6:8f:07:48:89:0a:2f:9f:d9:
                    8d:df:0f:76:b9:80:1a:ce:5b:81:2e:01:cf:57:7b:
                    18:72:4a:ff:05:bb:cd:a4:a4:6e:de:77:4e:da:61:
                    ac:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:68:BE:CA:F3:CB:14:DB:62:4A:34:25:D6:66:60:9B:F2:7B:52:EE
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D8DFA/0E9B19BA140A11E5A7F5FC4CF8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D8DFA/0E9B19BA140A11E5A7F5FC4CF8AEA228/1mi-yvPLFNtiSjQl1mZgm_J7Uu4.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  37271

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.78.188.0/22
                  197.157.64.0/19
                IPv6:
                  2c0f:fa90::/32

    Signature Algorithm: sha256WithRSAEncryption
         52:a5:a1:37:b5:82:1e:8e:69:f5:53:24:9a:9c:12:09:71:52:
         42:b0:b3:41:3b:ca:e6:3c:45:6e:a2:75:6e:16:51:7f:cc:8e:
         58:b7:ff:b0:69:a8:99:22:55:a0:22:c4:a9:be:43:33:9a:c8:
         31:bc:bc:30:7c:d4:e4:75:ce:d2:9d:ce:96:63:b6:6e:49:5b:
         09:58:98:bf:66:78:1e:4f:7f:8c:7c:36:1f:53:db:15:12:9a:
         0c:f1:4b:cb:6a:cd:20:6a:20:43:32:6e:13:28:f2:97:f3:6c:
         99:69:4e:b4:ff:a5:d7:ca:8d:17:d3:06:20:2f:44:d8:2f:ce:
         76:4a:f2:57:1b:84:dc:33:0d:7f:6a:d8:de:33:55:52:ce:de:
         17:64:c2:87:98:85:89:df:b4:c3:50:41:5a:38:96:37:ee:b8:
         ce:c5:14:a1:38:02:7b:76:46:9e:84:c4:21:98:ab:66:3b:e7:
         62:35:52:bd:c0:88:71:19:35:89:76:f4:b9:3e:b6:6e:01:e7:
         aa:a3:75:20:cf:95:74:70:68:91:20:54:31:b2:45:95:4d:3c:
         30:ad:28:45:a8:1e:4d:1e:54:ff:e7:a1:26:c3:86:1c:3f:c7:
         f2:55:67:7d:fe:e1:9f:a8:cb:17:4d:53:00:b0:2c:39:de:22:
         07:aa:f3:c5
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgICI5wwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMDQxMjdaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkQ4REZBQUYxMTAvBgNVBAUTKEQ2NjhCRUNBRjNDQjE0REI2MjRBMzQy
NUQ2NjY2MDlCRjI3QjUyRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDW4nAB3/5y0O4cTPtmDI211oqnmGazi7jr+mE+5ondjjdgAg6jouVCu462PyZ1
b5QL2B0iI5rDSuo5yJXD6r5V6T9kPODUPtsoRwIoHqHDHECTY9qgte49iFy0GMDq
ydm/dxg7F2yugW+TXwmVIZtkZU7kDC/oCwDiPJR68mVneqsALhtfhbNztAJTTU4W
nHYSLAGPusA0NoggHppmdJ1syos9ic8l2GWBzV41HBTYofO7yG6Gz8ESfUQYPRBI
c7GZuOf5YGmFkoHlfjDmM5aAuMAqiM4tr8aPB0iJCi+f2Y3fD3a5gBrOW4EuAc9X
exhySv8Fu82kpG7ed07aYawbAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQU1mi+yvPL
FNtiSjQl1mZgm/J7Uu4wHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZEOERGQS8wRTlCMTlCQTE0MEEx
MUU1QTdGNUZDNENGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDhERkEvMEU5QjE5QkExNDBBMTFFNUE3RjVGQzRDRjhBRUEyMjgvMW1pLXl2
UExGTnRpU2pRbDFtWmdtX0o3VXU0Lm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMAkZcwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAIpTrwDBAXFnUAwDQQC
AAIwBwMFACwP+pAwDQYJKoZIhvcNAQELBQADggEBAFKloTe1gh6OafVTJJqcEglx
UkKws0E7yuY8RW6idW4WUX/Mjli3/7BpqJkiVaAixKm+QzOayDG8vDB81OR1ztKd
zpZjtm5JWwlYmL9meB5Pf4x8Nh9T2xUSmgzxS8tqzSBqIEMybhMo8pfzbJlpTrT/
pdfKjRfTBiAvRNgvznZK8lcbhNwzDX9q2N4zVVLO3hdkwoeYhYnftMNQQVo4ljfu
uM7FFKE4Ant2Rp6ExCGYq2Y752I1Ur3AiHEZNYl29Lk+tm4B56qjdSDPlXRwaJEg
VDGyRZVNPDCtKEWoHk0eVP/noSbDhhw/x/JVZ33+4Z+oyxdNUwCwLDneIgeq88U=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:40 2024 by rpki-client on console-fra.rpki-client.org