Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/5MLmv0RjyOw0LEVfP-AW5c5TiH8.cer
File:                     5MLmv0RjyOw0LEVfP-AW5c5TiH8.cer (raw, json)
Hash identifier:          2/81BuEAGXQKgB/VoJX6WQK7w1fO/91u2Ti9v/5POIU=
Subject key identifier:   E4:C2:E6:BF:44:63:C8:EC:34:2C:45:5F:3F:E0:16:E5:CE:53:88:7F
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       27E4
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36D6E6D/324E8CBC814711E98C0F4E24F8AEA228/5MLmv0RjyOw0LEVfP-AW5c5TiH8.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36D6E6D/324E8CBC814711E98C0F4E24F8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:06:31 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 37599
                          IP: 102.220.102.0/23
                          IP: 196.10.98.0/23
                          IP: 2001:43f8:3e0::/44

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10212 (0x27e4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 04:06:31 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36D6E6DAF/serialNumber=E4C2E6BF4463C8EC342C455F3FE016E5CE53887F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:f4:bb:74:bc:46:5f:bf:f9:e2:a4:69:a6:dd:
                    55:3f:ba:6d:e0:b4:43:e6:e6:e8:3b:6e:b7:07:f8:
                    f9:6d:e1:55:04:11:29:35:8e:f0:8e:d7:33:82:bb:
                    b9:c1:d0:40:fa:af:b5:08:86:8f:1c:0e:74:1b:24:
                    1a:0f:92:e0:2c:1b:e9:82:8e:51:fb:87:d4:4a:2f:
                    83:56:f2:62:e9:17:de:2b:61:0c:6d:1d:31:75:07:
                    ef:ae:f7:9c:ac:80:77:a2:34:36:0c:d1:49:8e:af:
                    28:dc:7e:32:de:68:90:15:f7:b4:6c:85:05:81:03:
                    ac:1d:7c:7e:c3:b0:34:74:7b:ad:fe:98:34:09:9d:
                    9c:37:ed:fe:37:c8:b3:0a:80:66:1b:b4:e2:24:7b:
                    5c:8b:09:77:fc:66:68:30:1c:e6:c0:0f:0f:24:f4:
                    8b:8f:52:0c:77:60:2d:7d:1a:5b:a9:d5:e5:e4:a5:
                    48:f8:6f:86:a3:76:b2:44:7a:8e:24:e9:e9:a7:ff:
                    e6:be:c6:b6:83:85:9f:c9:44:88:cc:19:f0:ca:45:
                    59:6f:64:81:e7:6a:02:95:56:5f:b8:6a:2a:2d:7c:
                    87:d0:e1:8f:ad:d3:6e:05:db:77:81:f9:e3:2d:a5:
                    81:dc:f6:8a:1a:98:dd:57:55:04:01:08:29:ab:f1:
                    1a:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:C2:E6:BF:44:63:C8:EC:34:2C:45:5F:3F:E0:16:E5:CE:53:88:7F
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D6E6D/324E8CBC814711E98C0F4E24F8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D6E6D/324E8CBC814711E98C0F4E24F8AEA228/5MLmv0RjyOw0LEVfP-AW5c5TiH8.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  37599

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.220.102.0/23
                  196.10.98.0/23
                IPv6:
                  2001:43f8:3e0::/44

    Signature Algorithm: sha256WithRSAEncryption
         74:37:3f:3e:05:97:6a:d7:1d:44:fc:5c:6a:14:91:af:d7:ac:
         f7:d8:d9:fc:fe:f2:0a:02:14:7f:7d:1c:c2:4e:36:31:b2:20:
         40:ac:32:ca:72:61:fe:d2:07:55:61:36:b7:f3:75:6a:ba:3d:
         1c:bb:e0:a6:3f:3b:53:57:7c:ae:bb:93:23:25:5d:22:6d:b8:
         78:49:90:f5:50:04:8c:92:55:55:26:a7:9c:af:ae:35:14:2c:
         fa:98:b9:65:0c:b5:19:39:a3:2d:db:31:10:90:d1:75:46:6f:
         94:0a:f6:43:bc:1d:1c:4b:48:80:03:ef:2d:e4:b9:2e:4b:52:
         09:30:6c:80:79:e7:6c:a7:a5:27:ee:ea:54:d0:c2:4e:12:cf:
         91:df:20:0b:8f:27:c7:ea:e4:79:41:85:e2:d2:e3:e6:ed:20:
         a2:b0:ac:ab:b9:16:f9:8f:e0:87:99:63:e9:ab:8f:3a:ed:60:
         c4:96:2a:08:53:1e:c8:86:e5:c5:0d:4a:c8:55:3e:07:1e:fb:
         48:d5:89:f6:f8:52:a1:ed:dc:4f:88:a5:c3:e0:6b:9e:fe:5d:
         79:93:a5:ca:1e:70:b1:9b:c9:c4:45:52:c6:0b:9a:4c:5d:84:
         a7:d4:9b:9d:e7:e3:d5:77:cd:51:15:33:71:34:2b:5e:78:43:
         91:0d:3f:19
-----BEGIN CERTIFICATE-----
MIIGLTCCBRWgAwIBAgICJ+QwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwNDA2MzFaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkQ2RTZEQUYxMTAvBgNVBAUTKEU0QzJFNkJGNDQ2M0M4RUMzNDJDNDU1
RjNGRTAxNkU1Q0U1Mzg4N0YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC59Lt0vEZfv/nipGmm3VU/um3gtEPm5ug7brcH+Plt4VUEESk1jvCO1zOCu7nB
0ED6r7UIho8cDnQbJBoPkuAsG+mCjlH7h9RKL4NW8mLpF94rYQxtHTF1B++u95ys
gHeiNDYM0UmOryjcfjLeaJAV97RshQWBA6wdfH7DsDR0e63+mDQJnZw37f43yLMK
gGYbtOIke1yLCXf8ZmgwHObADw8k9IuPUgx3YC19Glup1eXkpUj4b4ajdrJEeo4k
6emn/+a+xraDhZ/JRIjMGfDKRVlvZIHnagKVVl+4aiotfIfQ4Y+t024F23eB+eMt
pYHc9ooamN1XVQQBCCmr8RqVAgMBAAGjggMiMIIDHjAdBgNVHQ4EFgQU5MLmv0Rj
yOw0LEVfP+AW5c5TiH8wHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZENkU2RC8zMjRFOENCQzgxNDcx
MUU5OEMwRjRFMjRGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDZFNkQvMzI0RThDQkM4MTQ3MTFFOThDMEY0RTI0RjhBRUEyMjgvNU1MbXYw
Ump5T3cwTEVWZlAtQVc1YzVUaUg4Lm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMAkt8wNgYIKwYBBQUHAQcBAf8EJzAlMBIEAgABMAwDBAFm3GYDBAHECmIwDwQC
AAIwCQMHBCABQ/gD4DANBgkqhkiG9w0BAQsFAAOCAQEAdDc/PgWXatcdRPxcahSR
r9es99jZ/P7yCgIUf30cwk42MbIgQKwyynJh/tIHVWE2t/N1aro9HLvgpj87U1d8
rruTIyVdIm24eEmQ9VAEjJJVVSannK+uNRQs+pi5ZQy1GTmjLdsxEJDRdUZvlAr2
Q7wdHEtIgAPvLeS5LktSCTBsgHnnbKelJ+7qVNDCThLPkd8gC48nx+rkeUGF4tLj
5u0gorCsq7kW+Y/gh5lj6auPOu1gxJYqCFMeyIblxQ1KyFU+Bx77SNWJ9vhSoe3c
T4ilw+Brnv5deZOlyh5wsZvJxEVSxguaTF2Ep9Sbnefj1XfNURUzcTQrXnhDkQ0/
GQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:21 2024 by rpki-client on console-ams.rpki-client.org