Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/3YlMw4XaLW71JrsLssqqX8pm8MM.cer
File:                     3YlMw4XaLW71JrsLssqqX8pm8MM.cer (raw, json)
Hash identifier:          gk52+NjLp6xeg3f/ju5JIq5L5ximL2KhJzUdUznm4Og=
Subject key identifier:   DD:89:4C:C3:85:DA:2D:6E:F5:26:BB:0B:B2:CA:AA:5F:CA:66:F0:C3
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       26F4
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36A39CE/792DDDBE0B5311EEA6555E5D4AD9E6FC/3YlMw4XaLW71JrsLssqqX8pm8MM.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36A39CE/792DDDBE0B5311EEA6555E5D4AD9E6FC/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 03:29:55 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 327786
                          IP: 2c0f:6740::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9972 (0x26f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 03:29:55 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36A39CEAF/serialNumber=DD894CC385DA2D6EF526BB0BB2CAAA5FCA66F0C3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:2e:bc:18:9b:94:e9:07:9a:fa:8c:dc:02:f6:
                    e0:83:91:de:03:6a:0c:27:b5:4e:4f:9d:51:38:c0:
                    4e:92:5b:f3:94:dc:5a:68:02:85:f2:22:e2:31:a6:
                    c1:1e:13:7f:e0:7e:f5:a7:a9:8b:40:bc:39:21:2f:
                    aa:dd:e1:4e:e6:c6:8d:20:87:a5:4e:17:70:3f:22:
                    06:47:22:e0:32:df:c7:0e:08:94:39:45:c1:76:43:
                    3d:ae:47:5a:af:80:69:46:7d:27:f9:24:07:d4:a4:
                    88:bb:6a:15:b5:70:b8:2c:e2:84:68:57:63:20:39:
                    d1:c1:3a:da:7e:e1:95:54:a6:c5:bd:63:74:4a:47:
                    a1:4c:71:4b:4b:40:be:da:a6:3f:ee:64:19:85:4e:
                    a2:38:87:4c:19:fa:15:68:ba:40:13:48:7e:d7:48:
                    ea:10:ac:b4:14:49:60:c0:db:2b:c6:7a:29:42:e4:
                    71:99:92:1d:89:fb:c0:06:58:08:4b:0e:77:c6:17:
                    6b:46:e6:26:81:0b:ca:bd:4f:b6:c4:6c:58:c3:a1:
                    44:06:64:5b:66:26:47:ac:3e:f4:f9:8c:a2:c2:d4:
                    cd:54:80:eb:cf:2e:a1:78:cc:b8:fa:44:35:ef:46:
                    d8:f1:71:b8:ff:be:05:ae:6f:41:ab:14:1a:5e:e1:
                    10:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:89:4C:C3:85:DA:2D:6E:F5:26:BB:0B:B2:CA:AA:5F:CA:66:F0:C3
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A39CE/792DDDBE0B5311EEA6555E5D4AD9E6FC/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A39CE/792DDDBE0B5311EEA6555E5D4AD9E6FC/3YlMw4XaLW71JrsLssqqX8pm8MM.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  327786

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:6740::/32

    Signature Algorithm: sha256WithRSAEncryption
         94:6f:46:53:46:d6:52:37:0a:6d:a7:8f:6b:35:13:38:cb:95:
         f0:da:6c:92:cb:16:11:dd:35:a2:c8:ed:96:e3:fd:0e:19:09:
         31:00:20:63:66:4f:3d:cf:b8:e7:14:6a:b3:68:b0:d1:b4:36:
         2d:fe:97:51:b2:5e:ac:93:78:12:1c:4b:ed:ff:e6:e4:32:01:
         d4:18:1b:86:21:91:a6:8a:2e:97:61:80:3e:d0:6e:5d:2a:45:
         94:6f:8e:8c:82:69:fd:ff:9b:be:b0:5d:bc:ee:13:ab:d8:3b:
         3a:de:a7:ac:cb:c5:6d:b6:3d:db:e1:6c:69:9a:af:e8:dc:7e:
         c1:4c:8f:39:59:13:83:0a:28:0a:c0:70:30:a4:b5:e4:f7:e1:
         40:ab:b1:22:8e:c4:4d:3f:69:46:81:dc:c9:17:7c:22:01:d6:
         9a:5f:3f:74:9b:1e:c1:a4:5c:a5:99:27:4a:c2:cd:97:8e:bb:
         07:d2:0a:4c:1d:6d:10:5e:08:85:37:cc:c2:80:13:bc:43:6a:
         51:a6:ce:d3:7c:54:ac:2c:5e:0b:e1:d6:5e:99:7e:fc:c7:cb:
         29:23:82:3b:3a:22:33:cf:d1:94:89:14:55:51:ae:c4:1a:77:
         46:74:d9:ad:86:1f:fe:93:42:dc:c8:fa:0e:18:d9:16:f5:40:
         44:b2:32:dd
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgICJvQwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMzI5NTVaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkEzOUNFQUYxMTAvBgNVBAUTKEREODk0Q0MzODVEQTJENkVGNTI2QkIw
QkIyQ0FBQTVGQ0E2NkYwQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCpLrwYm5TpB5r6jNwC9uCDkd4DagwntU5PnVE4wE6SW/OU3FpoAoXyIuIxpsEe
E3/gfvWnqYtAvDkhL6rd4U7mxo0gh6VOF3A/IgZHIuAy38cOCJQ5RcF2Qz2uR1qv
gGlGfSf5JAfUpIi7ahW1cLgs4oRoV2MgOdHBOtp+4ZVUpsW9Y3RKR6FMcUtLQL7a
pj/uZBmFTqI4h0wZ+hVoukATSH7XSOoQrLQUSWDA2yvGeilC5HGZkh2J+8AGWAhL
DnfGF2tG5iaBC8q9T7bEbFjDoUQGZFtmJkesPvT5jKLC1M1UgOvPLqF4zLj6RDXv
Rtjxcbj/vgWub0GrFBpe4RDzAgMBAAGjggMMMIIDCDAdBgNVHQ4EFgQU3YlMw4Xa
LW71JrsLssqqX8pm8MMwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZBMzlDRS83OTJERERCRTBCNTMx
MUVFQTY1NTVFNUQ0QUQ5RTZGQy8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTM5Q0UvNzkyREREQkUwQjUzMTFFRUE2NTU1RTVENEFEOUU2RkMvM1lsTXc0
WGFMVzcxSnJzTHNzcXFYOHBtOE1NLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAGowIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD2dAMA0GCSqGSIb3
DQEBCwUAA4IBAQCUb0ZTRtZSNwptp49rNRM4y5Xw2mySyxYR3TWiyO2W4/0OGQkx
ACBjZk89z7jnFGqzaLDRtDYt/pdRsl6sk3gSHEvt/+bkMgHUGBuGIZGmii6XYYA+
0G5dKkWUb46Mgmn9/5u+sF287hOr2Ds63qesy8Vttj3b4Wxpmq/o3H7BTI85WROD
CigKwHAwpLXk9+FAq7EijsRNP2lGgdzJF3wiAdaaXz90mx7BpFylmSdKws2XjrsH
0gpMHW0QXgiFN8zCgBO8Q2pRps7TfFSsLF4L4dZemX78x8spI4I7OiIzz9GUiRRV
Ua7EGndGdNmthh/+k0LcyPoOGNkW9UBEsjLd
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:21 2024 by rpki-client on console-ams.rpki-client.org