Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/2_aMnFwB1o68DJDe5MB0naI6L9Y.cer
File:                     2_aMnFwB1o68DJDe5MB0naI6L9Y.cer (raw, json)
Hash identifier:          2kzT+bx1DDopi2G2KsXJ3B5iW/mthmocXU0mIOmeiJg=
Subject key identifier:   DB:F6:8C:9C:5C:01:D6:8E:BC:0C:90:DE:E4:C0:74:9D:A2:3A:2F:D6
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       24F6
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/2_aMnFwB1o68DJDe5MB0naI6L9Y.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:06:50 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 327991
                          IP: 102.64.32.0/20
                          IP: 102.129.48.0/20
                          IP: 102.211.188.0/22
                          IP: 2c0f:ec48::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9462 (0x24f6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 02:06:50 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36576E8AF/serialNumber=DBF68C9C5C01D68EBC0C90DEE4C0749DA23A2FD6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:c1:fe:c4:6d:ff:df:54:c4:ba:61:7c:78:a6:
                    a9:62:c4:40:c7:cf:cb:8c:f4:1d:d4:69:18:ce:1e:
                    80:dd:bc:dd:d0:c8:fc:ac:3e:52:3f:f0:1d:31:d3:
                    1d:39:26:a6:83:67:60:aa:0f:8e:79:f6:27:6c:3f:
                    2a:db:c2:b9:ff:85:54:af:ca:08:1f:2e:2f:86:e4:
                    4b:28:08:f8:08:eb:b4:51:03:49:69:ac:88:c0:9e:
                    be:2c:d7:9b:fd:6e:e3:c4:bd:9a:94:3b:30:48:a0:
                    13:a8:51:bf:f7:5f:63:58:04:4d:b6:ef:f1:10:c1:
                    a8:12:7f:3c:15:71:fe:a7:d2:dc:13:8a:b4:c2:82:
                    41:63:a1:ce:5e:5a:66:8d:41:3c:09:c6:45:86:6c:
                    fb:57:20:7b:61:f9:09:d6:eb:ae:72:f6:b5:35:36:
                    b3:f3:be:e2:ef:6a:35:17:81:50:5e:ae:96:74:ef:
                    34:b5:21:33:68:23:e5:30:94:c0:81:48:65:3b:ed:
                    fc:a6:29:62:25:28:c4:13:ac:63:41:a6:68:3f:66:
                    9d:5c:e0:09:1a:f8:ba:20:60:fa:4c:69:41:dc:b5:
                    07:13:f0:6e:f6:6a:dc:25:f1:73:39:44:a3:6a:82:
                    68:83:df:31:57:77:3c:57:8a:89:55:c3:b7:98:19:
                    f7:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:F6:8C:9C:5C:01:D6:8E:BC:0C:90:DE:E4:C0:74:9D:A2:3A:2F:D6
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/2_aMnFwB1o68DJDe5MB0naI6L9Y.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  327991

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.64.32.0/20
                  102.129.48.0/20
                  102.211.188.0/22
                IPv6:
                  2c0f:ec48::/32

    Signature Algorithm: sha256WithRSAEncryption
         45:6b:9e:1f:72:89:c6:dd:c4:65:e8:4a:2e:f2:13:f7:ef:5e:
         75:e1:07:4b:22:97:b3:ed:5d:5a:aa:93:a2:3e:5b:9a:d7:dd:
         e7:ef:83:56:de:8d:81:01:d9:78:00:69:71:69:6e:cd:63:d0:
         39:a9:51:39:b0:1b:15:39:f2:00:5a:88:9a:c0:87:cc:db:52:
         c9:2c:fe:34:31:4b:41:9b:4f:50:51:3f:c5:c3:b7:bb:c6:4e:
         60:8b:09:93:22:67:32:07:30:63:a9:76:15:bb:72:85:64:34:
         2f:eb:2c:87:e0:a4:11:c9:65:3a:6b:c4:b6:aa:97:9b:8c:36:
         f0:d2:7a:bc:39:ce:7c:70:b2:f0:7d:5e:59:93:42:52:8c:c1:
         ed:f9:6d:65:f3:ba:06:bb:af:d6:e8:e9:10:46:22:3f:47:89:
         58:c9:90:ee:56:3d:3d:d5:d4:34:f0:58:5c:5d:aa:19:96:62:
         8b:3b:69:5f:bd:27:42:82:d4:b8:4d:3d:e3:6c:ce:e3:6d:90:
         94:3d:be:81:cf:58:24:e4:e1:79:1f:f1:d2:e6:e0:c8:88:e4:
         2b:45:92:bb:18:23:eb:d1:96:e3:60:a5:ca:db:a4:82:07:ec:
         56:72:69:e5:6b:57:11:b4:c1:18:31:52:6c:24:df:1c:01:99:
         34:9e:35:9e
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgICJPYwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMjA2NTBaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjU3NkU4QUYxMTAvBgNVBAUTKERCRjY4QzlDNUMwMUQ2OEVCQzBDOTBE
RUU0QzA3NDlEQTIzQTJGRDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCtwf7Ebf/fVMS6YXx4pqlixEDHz8uM9B3UaRjOHoDdvN3QyPysPlI/8B0x0x05
JqaDZ2CqD4559idsPyrbwrn/hVSvyggfLi+G5EsoCPgI67RRA0lprIjAnr4s15v9
buPEvZqUOzBIoBOoUb/3X2NYBE227/EQwagSfzwVcf6n0twTirTCgkFjoc5eWmaN
QTwJxkWGbPtXIHth+QnW665y9rU1NrPzvuLvajUXgVBerpZ07zS1ITNoI+UwlMCB
SGU77fymKWIlKMQTrGNBpmg/Zp1c4Aka+LogYPpMaUHctQcT8G72atwl8XM5RKNq
gmiD3zFXdzxXiolVw7eYGfefAgMBAAGjggMmMIIDIjAdBgNVHQ4EFgQU2/aMnFwB
1o68DJDe5MB0naI6L9YwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY1NzZFOC9DMzgwODk4NkZDNjEx
MUVDQjE3RTIyQUJGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTc2RTgvQzM4MDg5ODZGQzYxMTFFQ0IxN0UyMkFCRjEyMjI0NjgvMl9hTW5G
d0IxbzY4REpEZTVNQjBuYUk2TDlZLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFATcwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBARmQCADBARmgTADBAJm
07wwDQQCAAIwBwMFACwP7EgwDQYJKoZIhvcNAQELBQADggEBAEVrnh9yicbdxGXo
Si7yE/fvXnXhB0sil7PtXVqqk6I+W5rX3efvg1bejYEB2XgAaXFpbs1j0DmpUTmw
GxU58gBaiJrAh8zbUsks/jQxS0GbT1BRP8XDt7vGTmCLCZMiZzIHMGOpdhW7coVk
NC/rLIfgpBHJZTprxLaql5uMNvDSerw5znxwsvB9XlmTQlKMwe35bWXzuga7r9bo
6RBGIj9HiVjJkO5WPT3V1DTwWFxdqhmWYos7aV+9J0KC1LhNPeNszuNtkJQ9voHP
WCTk4Xkf8dLm4MiI5CtFkrsYI+vRluNgpcrbpIIH7FZyaeVrVxG0wRgxUmwk3xwB
mTSeNZ4=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:31 2024 by rpki-client on console-fra.rpki-client.org