Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/4XMtl9E2FxNisFGPaiFEVFy_Ok8.cer
File:                     4XMtl9E2FxNisFGPaiFEVFy_Ok8.cer (raw, json)
Hash identifier:          AaNWR0M+AE40CbXzZcToIAv1Ec4chuk1N5SutS6f4T4=
Subject key identifier:   E1:73:2D:97:D1:36:17:13:62:B0:51:8F:6A:21:44:54:5C:BF:3A:4F
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       307A
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F367FC4F/442A9E2080BF11E6AB3BA07EF8AEA228/4XMtl9E2FxNisFGPaiFEVFy_Ok8.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F367FC4F/442A9E2080BF11E6AB3BA07EF8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 03:22:14 +0000
Certificate not after:    Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources:    AS: 328039
                          IP: 2c0f:f288::/32
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12410 (0x307a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC
        Validity
            Not Before: Jan  1 03:22:14 2025 GMT
            Not After : Mar 31 00:00:00 2026 GMT
        Subject: CN=F367FC4FAF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:45:54:18:84:72:00:7e:14:5f:c6:13:bf:23:
                    70:07:a7:06:f3:3a:31:1c:d0:f4:7b:20:c1:9e:8a:
                    b4:94:55:92:cb:a0:b2:a8:75:3e:6f:88:f0:25:c1:
                    bb:60:8f:1b:8d:ac:0d:bf:29:a4:f7:b5:06:52:99:
                    88:88:39:06:82:39:7f:ff:20:f0:f2:74:c5:1c:6b:
                    c3:2b:a4:c3:2c:61:f4:75:c9:a0:7d:0a:e4:b8:e3:
                    82:9f:3e:01:43:04:6f:42:1d:c5:4e:e2:b0:10:a0:
                    d6:39:34:ab:f1:a6:ce:95:f4:41:e4:f9:81:3f:c1:
                    c7:be:b4:a3:44:79:57:ee:5a:44:a2:c3:1a:3a:a0:
                    45:0f:07:30:49:34:ab:21:8d:dd:a2:a0:ed:a8:b9:
                    78:02:d9:dc:64:ab:10:35:2a:07:31:78:68:cf:ee:
                    06:10:e1:1a:20:88:ea:79:cd:fe:31:b9:39:1f:da:
                    21:f8:36:23:ec:c7:41:9e:99:1b:a7:57:7f:9c:dc:
                    a7:53:d5:27:18:67:c7:c3:f2:fd:85:a1:42:aa:12:
                    fa:a5:ab:c3:c3:49:1f:bd:04:53:aa:95:7c:d4:26:
                    de:83:6b:3e:33:9b:1a:af:f8:9b:19:73:e1:1e:7b:
                    75:28:32:4c:26:89:16:e6:bd:a1:6b:82:67:7a:17:
                    c1:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:73:2D:97:D1:36:17:13:62:B0:51:8F:6A:21:44:54:5C:BF:3A:4F
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F367FC4F/442A9E2080BF11E6AB3BA07EF8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F367FC4F/442A9E2080BF11E6AB3BA07EF8AEA228/4XMtl9E2FxNisFGPaiFEVFy_Ok8.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328039

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f288::/32

    Signature Algorithm: sha256WithRSAEncryption
         b7:df:d2:11:30:96:ac:ad:08:97:fa:2e:b7:6b:ea:6d:12:43:
         7c:8c:87:1b:07:a0:b3:4e:eb:b2:48:f3:e7:fb:97:d1:c7:15:
         0d:59:a3:f6:ce:88:09:d4:2c:2e:fa:79:5d:09:ac:1e:c5:38:
         8b:f1:d8:c0:51:f3:c0:58:62:e1:c5:ab:c5:9b:ab:66:b7:ad:
         d4:ad:c7:72:ee:a6:86:83:02:46:2f:0d:8f:d2:23:26:bd:4d:
         1a:60:46:4c:cb:a3:b5:17:5d:d2:2c:47:5a:69:dc:f8:ad:38:
         f6:63:41:f3:b8:1a:91:fd:09:87:ac:31:cb:8e:ce:f3:94:57:
         8d:cb:ee:0c:05:84:d1:93:fd:72:b8:cf:9d:d3:5b:be:2f:21:
         1d:82:9d:4b:61:a3:87:22:89:50:2e:6a:55:2c:ba:a5:a8:d4:
         d5:83:47:1f:db:69:62:b3:e6:ab:2a:a4:6b:f5:16:b4:00:55:
         f8:36:61:0f:f5:ee:a8:e9:f9:65:a5:24:c7:45:47:8f:76:84:
         57:8f:f0:d3:2c:1b:00:40:82:26:6b:94:cb:c2:0d:49:50:99:
         8c:a7:7d:c0:d1:88:e8:7b:5b:c3:a8:4c:24:94:cb:2a:f3:9b:
         fa:b5:66:5c:f3:af:36:d8:55:dd:12:81:c7:aa:76:3f:b7:ec:
         17:e0:96:08
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgICMHowDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNTAxMDEwMzIyMTRaFw0yNjAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjdGQzRGQUYxMTAvBgNVBAUTKEUxNzMyRDk3RDEzNjE3MTM2MkIwNTE4
RjZBMjE0NDU0NUNCRjNBNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCsRVQYhHIAfhRfxhO/I3AHpwbzOjEc0PR7IMGeirSUVZLLoLKodT5viPAlwbtg
jxuNrA2/KaT3tQZSmYiIOQaCOX//IPDydMUca8MrpMMsYfR1yaB9CuS444KfPgFD
BG9CHcVO4rAQoNY5NKvxps6V9EHk+YE/wce+tKNEeVfuWkSiwxo6oEUPBzBJNKsh
jd2ioO2ouXgC2dxkqxA1KgcxeGjP7gYQ4RogiOp5zf4xuTkf2iH4NiPsx0GemRun
V3+c3KdT1ScYZ8fD8v2FoUKqEvqlq8PDSR+9BFOqlXzUJt6Daz4zmxqv+JsZc+Ee
e3UoMkwmiRbmvaFrgmd6F8ExAgMBAAGjggMMMIIDCDAdBgNVHQ4EFgQU4XMtl9E2
FxNisFGPaiFEVFy/Ok8wHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY3RkM0Ri80NDJBOUUyMDgwQkYx
MUU2QUIzQkEwN0VGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0ZDNEYvNDQyQTlFMjA4MEJGMTFFNkFCM0JBMDdFRjhBRUEyMjgvNFhNdGw5
RTJGeE5pc0ZHUGFpRkVWRnlfT2s4Lm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAWcwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD/KIMA0GCSqGSIb3
DQEBCwUAA4IBAQC339IRMJasrQiX+i63a+ptEkN8jIcbB6CzTuuySPPn+5fRxxUN
WaP2zogJ1Cwu+nldCawexTiL8djAUfPAWGLhxavFm6tmt63Urcdy7qaGgwJGLw2P
0iMmvU0aYEZMy6O1F13SLEdaadz4rTj2Y0HzuBqR/QmHrDHLjs7zlFeNy+4MBYTR
k/1yuM+d01u+LyEdgp1LYaOHIolQLmpVLLqlqNTVg0cf22lis+arKqRr9Ra0AFX4
NmEP9e6o6fllpSTHRUePdoRXj/DTLBsAQIIma5TLwg1JUJmMp33A0Yjoe1vDqEwk
lMsq85v6tWZc86822FXdEoHHqnY/t+wX4JYI
-----END CERTIFICATE-----