Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/5_gJqmoxZrjFrsmPz6j2VQ4P6F0.cer
File:                     5_gJqmoxZrjFrsmPz6j2VQ4P6F0.cer (raw, json)
Hash identifier:          DL+SNjFDGWIxbw9kX+BMQ8vy1QPd2YXCRbzw+YcGwB8=
Subject key identifier:   E7:F8:09:AA:6A:31:66:B8:C5:AE:C9:8F:CF:A8:F6:55:0E:0F:E8:5D
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       30FF
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F3691854/5CFF4AE071AD11EEA2EC74334AD9E6FC/5_gJqmoxZrjFrsmPz6j2VQ4P6F0.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F3691854/5CFF4AE071AD11EEA2EC74334AD9E6FC/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 03:49:57 +0000
Certificate not after:    Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources:    AS: 329296
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12543 (0x30ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC
        Validity
            Not Before: Jan  1 03:49:57 2025 GMT
            Not After : Mar 31 00:00:00 2026 GMT
        Subject: CN=F3691854AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:b6:17:ab:4a:34:78:49:e7:c8:ad:43:24:1f:
                    5e:e2:48:63:77:a2:9b:1e:e8:dd:0a:7f:cb:28:3c:
                    a4:e5:72:17:e4:03:56:b0:3f:20:23:68:e6:6c:4c:
                    cb:38:03:d0:8e:9b:c2:a0:32:fe:0a:51:8a:38:d7:
                    25:24:cf:a3:40:37:36:ed:d9:80:9b:42:50:1b:fd:
                    11:69:51:84:e9:88:d7:bb:e0:23:e2:71:cf:71:db:
                    7b:5e:6d:e7:a1:e0:a0:b0:c7:bb:6e:76:31:20:c6:
                    ad:3f:05:8e:75:3e:99:ec:4e:9a:2c:3a:0e:41:31:
                    fb:d4:2c:c5:4a:7b:b6:2b:83:17:4e:a8:16:08:3c:
                    ca:94:61:9f:9b:a1:b1:b3:b0:01:ec:98:f4:5b:44:
                    ba:85:e6:78:48:90:af:18:5c:41:10:e2:10:91:1e:
                    6e:f8:b0:db:be:ad:cc:c1:20:b0:e4:31:5f:ce:07:
                    be:1b:e2:e7:80:e7:65:eb:a7:50:87:aa:cd:e7:5a:
                    d4:2d:a6:a3:0d:d0:12:fc:05:da:3e:a7:e4:b2:8b:
                    1f:e8:23:1c:f6:37:a4:22:53:27:a9:98:3a:04:ee:
                    bd:b1:4d:da:0e:1e:cf:c6:44:69:a9:41:aa:36:7d:
                    65:d4:e6:ec:39:6a:9f:f1:0c:ff:a3:59:b6:84:3e:
                    f2:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:F8:09:AA:6A:31:66:B8:C5:AE:C9:8F:CF:A8:F6:55:0E:0F:E8:5D
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F3691854/5CFF4AE071AD11EEA2EC74334AD9E6FC/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F3691854/5CFF4AE071AD11EEA2EC74334AD9E6FC/5_gJqmoxZrjFrsmPz6j2VQ4P6F0.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  329296

    Signature Algorithm: sha256WithRSAEncryption
         c3:5f:d4:b2:1e:99:90:a6:14:5c:66:5d:c1:ec:56:9d:da:f2:
         79:7f:a7:25:f4:4a:bf:e5:ad:eb:47:dc:0a:0d:d1:91:9a:6d:
         f5:a2:18:e5:63:da:aa:4c:49:7b:96:64:c9:ba:d8:e1:6c:08:
         e4:3d:f5:fd:76:62:62:a8:1f:72:d5:3a:02:3a:f7:2f:ec:2c:
         a6:37:de:5f:35:af:07:c0:50:76:56:86:a6:ec:37:e2:c1:07:
         d2:1d:0d:6a:a4:05:5b:f8:83:f9:6b:35:97:3d:6e:4a:c6:f6:
         0d:23:94:87:31:86:51:1c:4e:09:67:2a:05:98:2e:4a:b9:d6:
         65:74:be:6f:6b:8b:4e:a9:79:eb:71:2f:10:47:a3:ce:18:03:
         ef:e1:e2:6a:db:9f:ab:e2:43:4c:7d:82:e8:b9:4b:55:dd:2d:
         92:9b:70:4d:c4:1b:4a:f5:20:c2:30:36:8c:c3:2e:d3:90:58:
         ba:a0:62:3b:42:cc:b4:92:98:be:89:24:d3:2b:c0:79:96:a8:
         e2:2e:6f:41:24:77:8a:08:23:ca:e7:17:8b:ed:a5:56:7e:e9:
         85:bd:40:f5:0b:fd:8f:30:08:d5:c1:f8:64:5f:91:d7:c5:3f:
         ba:10:c4:45:6b:0c:1f:91:c2:aa:4c:c6:90:77:bb:16:05:d1:
         18:ca:21:dd
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgICMP8wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNTAxMDEwMzQ5NTdaFw0yNjAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjkxODU0QUYxMTAvBgNVBAUTKEU3RjgwOUFBNkEzMTY2QjhDNUFFQzk4
RkNGQThGNjU1MEUwRkU4NUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCgtherSjR4SefIrUMkH17iSGN3opse6N0Kf8soPKTlchfkA1awPyAjaOZsTMs4
A9COm8KgMv4KUYo41yUkz6NANzbt2YCbQlAb/RFpUYTpiNe74CPicc9x23tebeeh
4KCwx7tudjEgxq0/BY51PpnsTposOg5BMfvULMVKe7YrgxdOqBYIPMqUYZ+bobGz
sAHsmPRbRLqF5nhIkK8YXEEQ4hCRHm74sNu+rczBILDkMV/OB74b4ueA52Xrp1CH
qs3nWtQtpqMN0BL8Bdo+p+Syix/oIxz2N6QiUyepmDoE7r2xTdoOHs/GRGmpQao2
fWXU5uw5ap/xDP+jWbaEPvIvAgMBAAGjggLqMIIC5jAdBgNVHQ4EFgQU5/gJqmox
ZrjFrsmPz6j2VQ4P6F0wHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY5MTg1NC81Q0ZGNEFFMDcxQUQx
MUVFQTJFQzc0MzM0QUQ5RTZGQy8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OTE4NTQvNUNGRjRBRTA3MUFEMTFFRUEyRUM3NDMzNEFEOUU2RkMvNV9nSnFt
b3hacmpGcnNtUHo2ajJWUTRQNkYwLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBlAwDQYJKoZIhvcNAQELBQADggEBAMNf1LIemZCmFFxmXcHsVp3a8nl/pyX0
Sr/lretH3AoN0ZGabfWiGOVj2qpMSXuWZMm62OFsCOQ99f12YmKoH3LVOgI69y/s
LKY33l81rwfAUHZWhqbsN+LBB9IdDWqkBVv4g/lrNZc9bkrG9g0jlIcxhlEcTgln
KgWYLkq51mV0vm9ri06peetxLxBHo84YA+/h4mrbn6viQ0x9gui5S1XdLZKbcE3E
G0r1IMIwNozDLtOQWLqgYjtCzLSSmL6JJNMrwHmWqOIub0Ekd4oII8rnF4vtpVZ+
6YW9QPUL/Y8wCNXB+GRfkdfFP7oQxEVrDB+RwqpMxpB3uxYF0RjKId0=
-----END CERTIFICATE-----