Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/4XMtl9E2FxNisFGPaiFEVFy_Ok8.cer
File:                     4XMtl9E2FxNisFGPaiFEVFy_Ok8.cer (raw, json)
Hash identifier:          rYNvP40DtMwG0CC6Nf0OxJHJ8zuxmLWb5Vhmube4NmQ=
Subject key identifier:   E1:73:2D:97:D1:36:17:13:62:B0:51:8F:6A:21:44:54:5C:BF:3A:4F
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       240A
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F367FC4F/442A9E2080BF11E6AB3BA07EF8AEA228/4XMtl9E2FxNisFGPaiFEVFy_Ok8.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F367FC4F/442A9E2080BF11E6AB3BA07EF8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 01:08:39 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328039
                          IP: 2c0f:f288::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9226 (0x240a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 01:08:39 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F367FC4FAF/serialNumber=E1732D97D136171362B0518F6A2144545CBF3A4F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:45:54:18:84:72:00:7e:14:5f:c6:13:bf:23:
                    70:07:a7:06:f3:3a:31:1c:d0:f4:7b:20:c1:9e:8a:
                    b4:94:55:92:cb:a0:b2:a8:75:3e:6f:88:f0:25:c1:
                    bb:60:8f:1b:8d:ac:0d:bf:29:a4:f7:b5:06:52:99:
                    88:88:39:06:82:39:7f:ff:20:f0:f2:74:c5:1c:6b:
                    c3:2b:a4:c3:2c:61:f4:75:c9:a0:7d:0a:e4:b8:e3:
                    82:9f:3e:01:43:04:6f:42:1d:c5:4e:e2:b0:10:a0:
                    d6:39:34:ab:f1:a6:ce:95:f4:41:e4:f9:81:3f:c1:
                    c7:be:b4:a3:44:79:57:ee:5a:44:a2:c3:1a:3a:a0:
                    45:0f:07:30:49:34:ab:21:8d:dd:a2:a0:ed:a8:b9:
                    78:02:d9:dc:64:ab:10:35:2a:07:31:78:68:cf:ee:
                    06:10:e1:1a:20:88:ea:79:cd:fe:31:b9:39:1f:da:
                    21:f8:36:23:ec:c7:41:9e:99:1b:a7:57:7f:9c:dc:
                    a7:53:d5:27:18:67:c7:c3:f2:fd:85:a1:42:aa:12:
                    fa:a5:ab:c3:c3:49:1f:bd:04:53:aa:95:7c:d4:26:
                    de:83:6b:3e:33:9b:1a:af:f8:9b:19:73:e1:1e:7b:
                    75:28:32:4c:26:89:16:e6:bd:a1:6b:82:67:7a:17:
                    c1:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:73:2D:97:D1:36:17:13:62:B0:51:8F:6A:21:44:54:5C:BF:3A:4F
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F367FC4F/442A9E2080BF11E6AB3BA07EF8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F367FC4F/442A9E2080BF11E6AB3BA07EF8AEA228/4XMtl9E2FxNisFGPaiFEVFy_Ok8.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328039

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f288::/32

    Signature Algorithm: sha256WithRSAEncryption
         a2:eb:0f:8f:7b:56:7e:32:50:03:ec:86:17:03:4a:4b:14:09:
         6f:83:87:bc:ba:3a:89:6b:99:e8:9a:2e:7f:2e:95:d3:e1:56:
         e4:05:eb:33:95:d7:e2:d2:73:d9:0a:38:31:33:00:f2:7b:41:
         0c:fe:c3:96:a4:b6:07:14:21:fd:80:b1:d0:d1:59:96:be:85:
         42:72:5d:c0:29:10:66:fc:f4:ad:89:fa:ee:76:48:b5:2e:fa:
         c3:70:16:2d:00:cb:0a:74:ff:bd:83:2c:b4:1a:9f:df:b9:9d:
         5e:ea:d4:7c:d6:75:7e:6f:eb:dd:e9:31:40:f7:d4:3e:8b:d8:
         98:cb:9e:07:90:e9:f3:67:5a:38:31:96:ea:b3:0e:1e:81:82:
         21:9e:bb:e3:2b:33:c2:b4:3e:19:71:6d:da:48:ee:5d:85:cb:
         ea:c0:f5:ac:7c:14:e7:40:d8:1f:73:ae:b3:46:51:30:de:22:
         26:28:76:2f:55:de:6d:a4:d6:c5:12:a9:b7:b1:5f:d4:2a:7c:
         e3:cc:20:ad:bb:69:06:9c:63:66:69:df:36:0d:c1:1e:5a:74:
         b3:f2:0f:0d:e8:61:c0:f8:ab:6c:cd:ff:07:1e:13:ae:c6:7e:
         dd:a3:d7:2f:6e:22:92:10:1f:3e:9f:0e:ef:f4:25:e3:46:09:
         18:54:97:d6
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgICJAowDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMTA4MzlaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjdGQzRGQUYxMTAvBgNVBAUTKEUxNzMyRDk3RDEzNjE3MTM2MkIwNTE4
RjZBMjE0NDU0NUNCRjNBNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCsRVQYhHIAfhRfxhO/I3AHpwbzOjEc0PR7IMGeirSUVZLLoLKodT5viPAlwbtg
jxuNrA2/KaT3tQZSmYiIOQaCOX//IPDydMUca8MrpMMsYfR1yaB9CuS444KfPgFD
BG9CHcVO4rAQoNY5NKvxps6V9EHk+YE/wce+tKNEeVfuWkSiwxo6oEUPBzBJNKsh
jd2ioO2ouXgC2dxkqxA1KgcxeGjP7gYQ4RogiOp5zf4xuTkf2iH4NiPsx0GemRun
V3+c3KdT1ScYZ8fD8v2FoUKqEvqlq8PDSR+9BFOqlXzUJt6Daz4zmxqv+JsZc+Ee
e3UoMkwmiRbmvaFrgmd6F8ExAgMBAAGjggMMMIIDCDAdBgNVHQ4EFgQU4XMtl9E2
FxNisFGPaiFEVFy/Ok8wHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY3RkM0Ri80NDJBOUUyMDgwQkYx
MUU2QUIzQkEwN0VGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0ZDNEYvNDQyQTlFMjA4MEJGMTFFNkFCM0JBMDdFRjhBRUEyMjgvNFhNdGw5
RTJGeE5pc0ZHUGFpRkVWRnlfT2s4Lm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAWcwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD/KIMA0GCSqGSIb3
DQEBCwUAA4IBAQCi6w+Pe1Z+MlAD7IYXA0pLFAlvg4e8ujqJa5nomi5/LpXT4Vbk
Beszldfi0nPZCjgxMwDye0EM/sOWpLYHFCH9gLHQ0VmWvoVCcl3AKRBm/PStifru
dki1LvrDcBYtAMsKdP+9gyy0Gp/fuZ1e6tR81nV+b+vd6TFA99Q+i9iYy54HkOnz
Z1o4MZbqsw4egYIhnrvjKzPCtD4ZcW3aSO5dhcvqwPWsfBTnQNgfc66zRlEw3iIm
KHYvVd5tpNbFEqm3sV/UKnzjzCCtu2kGnGNmad82DcEeWnSz8g8N6GHA+Ktszf8H
HhOuxn7do9cvbiKSEB8+nw7v9CXjRgkYVJfW
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:21 2024 by rpki-client on console-ams.rpki-client.org