Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer
File:                     4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer (raw, json)
Hash identifier:          xM0v0Iipph61UtUqLX5zT6zXdikOVgaMylsVYc63A+I=
Subject key identifier:   E2:FB:64:37:B4:C9:4D:5F:51:22:1B:16:50:56:3A:48:FF:54:BE:09
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2975
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 04 Mar 2024 13:53:22 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 25543
                          IP: 41.138.96.0/19
                          IP: 41.203.224.0/20
                          IP: 154.66.160.0/20
                          IP: 196.28.240.0/20
                          IP: 2c0f:fd80::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10613 (0x2975)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Mar  4 13:53:22 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36C01B9AF/serialNumber=E2FB6437B4C94D5F51221B1650563A48FF54BE09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:54:e6:5d:d8:5d:7f:93:e6:9c:4f:5f:db:84:
                    05:64:ce:5e:1e:09:61:a8:b9:0b:eb:4f:8b:37:42:
                    ae:ff:2f:f0:4f:2f:24:8c:8f:7a:d0:1b:55:c2:7d:
                    ed:28:b9:f8:d6:82:d3:60:56:05:81:9a:fb:b3:d9:
                    ad:c4:f8:62:2e:b8:2e:e4:d4:7d:b4:7a:54:89:3a:
                    54:1f:fa:99:4b:96:16:c3:1e:17:d6:13:c2:0b:2c:
                    70:fc:ca:11:4a:e1:c5:80:7c:3a:54:50:d6:7c:4c:
                    10:86:e6:68:ff:f5:4d:e7:d5:e6:c1:ea:16:2d:27:
                    6d:64:98:1b:c9:e6:40:73:f4:09:6e:ac:63:e6:e1:
                    29:de:53:9a:58:b5:e3:d2:e5:4a:ce:51:97:d5:59:
                    2f:7f:96:0b:82:07:21:7f:db:56:7a:c9:f0:05:d2:
                    b9:c8:3e:25:af:18:ba:cb:6b:2d:3f:32:a0:09:3f:
                    0a:11:0e:b6:2c:29:b2:20:ca:bc:55:74:e2:46:a2:
                    ae:f6:9f:d0:af:e3:08:4c:de:56:b4:24:10:06:b6:
                    ab:49:90:d0:3c:df:92:f0:56:e2:49:9e:d1:57:fc:
                    2d:14:6f:fa:7e:84:5d:e4:8b:59:54:a3:2d:75:03:
                    90:73:09:71:3e:31:86:45:00:94:dd:2e:53:bd:48:
                    8b:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:FB:64:37:B4:C9:4D:5F:51:22:1B:16:50:56:3A:48:FF:54:BE:09
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  25543

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.138.96.0/19
                  41.203.224.0/20
                  154.66.160.0/20
                  196.28.240.0/20
                IPv6:
                  2c0f:fd80::/32

    Signature Algorithm: sha256WithRSAEncryption
         c2:15:55:ee:25:16:f2:e3:ed:e9:af:e7:bf:bc:ca:81:7c:e2:
         ce:ec:2e:19:0c:03:72:2a:bd:c7:85:cb:bc:5d:9d:9c:93:2d:
         7b:6e:91:3e:6d:da:10:e4:b8:d8:dc:1d:e5:ef:b7:5b:ed:6a:
         f7:d3:28:93:ed:f4:ae:f7:c7:8a:01:63:05:2c:19:04:46:5e:
         26:a2:cf:0d:5d:2b:62:aa:e9:94:1b:7c:f3:1e:26:9e:06:24:
         6a:c7:ce:2b:65:23:1a:12:60:c3:b3:0c:df:c8:2c:10:d5:4e:
         8c:ee:53:cd:e1:6a:88:a1:8b:88:33:da:f7:07:2a:a2:eb:bc:
         64:a2:37:3b:38:f2:c9:b8:31:ca:36:d0:af:1f:02:21:04:22:
         ee:a7:ed:17:34:bc:4a:cd:46:78:fc:4a:58:9c:cb:81:ac:9d:
         2e:fd:1e:02:b4:b9:57:a0:0e:92:6a:32:8f:50:48:75:f2:a3:
         09:61:78:8b:91:14:34:bf:59:b6:7e:7f:f3:1c:06:0e:75:20:
         cc:94:5e:1a:4e:42:1d:41:65:fd:4c:ae:36:03:91:26:ce:db:
         df:2f:c1:ee:cc:93:00:d6:f9:d7:d8:53:b7:21:41:e0:76:ef:
         d0:1a:e2:53:bb:03:69:26:43:37:b8:6e:5a:92:93:f9:cd:de:
         ef:d5:08:0c
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgICKXUwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAzMDQxMzUzMjJaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkMwMUI5QUYxMTAvBgNVBAUTKEUyRkI2NDM3QjRDOTRENUY1MTIyMUIx
NjUwNTYzQTQ4RkY1NEJFMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGVOZd2F1/k+acT1/bhAVkzl4eCWGouQvrT4s3Qq7/L/BPLySMj3rQG1XCfe0o
ufjWgtNgVgWBmvuz2a3E+GIuuC7k1H20elSJOlQf+plLlhbDHhfWE8ILLHD8yhFK
4cWAfDpUUNZ8TBCG5mj/9U3n1ebB6hYtJ21kmBvJ5kBz9AlurGPm4SneU5pYtePS
5UrOUZfVWS9/lguCByF/21Z6yfAF0rnIPiWvGLrLay0/MqAJPwoRDrYsKbIgyrxV
dOJGoq72n9Cv4whM3la0JBAGtqtJkNA835LwVuJJntFX/C0Ub/p+hF3ki1lUoy11
A5BzCXE+MYZFAJTdLlO9SIvFAgMBAAGjggMrMIIDJzAdBgNVHQ4EFgQU4vtkN7TJ
TV9RIhsWUFY6SP9UvgkwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZDMDFCOS84OTVEOTMwMERBMkUx
MUVFQTBCMEM0QTY3NzU0MTJFNi8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzAxQjkvODk1RDkzMDBEQTJFMTFFRUEwQjBDNEE2Nzc1NDEyRTYvNHZ0a043
VEpUVjlSSWhzV1VGWTZTUDlVdmdrLm1mdDAZBggrBgEFBQcBCAEB/wQKMAigBjAE
AgJjxzBABggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBSmKYAMEBCnL4AMEBJpC
oAMEBMQc8DANBAIAAjAHAwUALA/9gDANBgkqhkiG9w0BAQsFAAOCAQEAwhVV7iUW
8uPt6a/nv7zKgXzizuwuGQwDciq9x4XLvF2dnJMte26RPm3aEOS42Nwd5e+3W+1q
99Mok+30rvfHigFjBSwZBEZeJqLPDV0rYqrplBt88x4mngYkasfOK2UjGhJgw7MM
38gsENVOjO5TzeFqiKGLiDPa9wcqouu8ZKI3OzjyybgxyjbQrx8CIQQi7qftFzS8
Ss1GePxKWJzLgaydLv0eArS5V6AOkmoyj1BIdfKjCWF4i5EUNL9Ztn5/8xwGDnUg
zJReGk5CHUFl/UyuNgORJs7b3y/B7syTANb519hTtyFB4Hbv0BriU7sDaSZDN7hu
WpKT+c3e79UIDA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:31 2024 by rpki-client on console-fra.rpki-client.org