Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/66ypK4WkK40LicnKqSpfzFyWrBY.cer
File:                     66ypK4WkK40LicnKqSpfzFyWrBY.cer (raw, json)
Hash identifier:          sIj3aQPZIk3QpdISJ0p/5VpddE06Yw7msk4lqVmCO5k=
Subject key identifier:   EB:AC:A9:2B:85:A4:2B:8D:0B:89:C9:CA:A9:2A:5F:CC:5C:96:AC:16
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       1B07
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F361474A/6ECA6C96747F11ECAC1BFE965A40D577/66ypK4WkK40LicnKqSpfzFyWrBY.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F361474A/6ECA6C96747F11ECAC1BFE965A40D577/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 00:03:25 +0000
Certificate not after:    Sun 31 Mar 2024 00:00:00 +0000
Subordinate resources:    AS: 33763
                          AS: 37096
                          IP: 41.218.64.0/18
                          IP: 196.1.28.0/22
                          IP: 196.216.32.0/19
                          IP: 197.234.64.0/18
                          IP: 2c0f:f980::/32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6919 (0x1b07)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 00:03:25 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=F361474AAF/serialNumber=EBACA92B85A42B8D0B89C9CAA92A5FCC5C96AC16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:28:0a:4b:80:cd:da:f8:fe:da:69:35:e8:31:
                    0b:55:22:33:d3:2b:4a:c2:54:3d:48:c9:95:a5:52:
                    86:a8:e5:ab:50:96:8a:95:7e:5a:25:ee:37:5f:ad:
                    a8:2f:6a:b3:2e:08:ae:6c:4d:74:62:48:ec:0d:38:
                    96:94:d0:78:ec:c2:4c:f1:03:53:82:ba:6b:64:e1:
                    7f:ba:d4:f5:93:eb:34:92:a0:95:47:9d:b4:7d:3f:
                    e0:03:c5:84:4a:57:52:29:42:fa:ce:84:7f:53:db:
                    9e:c5:f9:61:9d:39:3f:9a:07:a1:42:da:35:34:ab:
                    8e:77:f8:07:4f:84:16:c2:a7:41:8c:f5:d7:a2:04:
                    d2:00:b3:a9:49:33:d9:38:09:16:55:19:d8:26:42:
                    e6:52:d0:11:34:05:50:29:01:99:91:e9:5f:f5:cd:
                    e2:5e:55:5d:eb:97:97:ee:e1:04:e5:7c:00:6b:39:
                    24:ad:c3:4e:5e:d8:dd:6c:cb:99:ce:dd:f8:7a:09:
                    94:f0:13:b2:73:64:20:61:03:1a:54:de:b2:b7:1b:
                    45:d3:e0:42:a8:8e:71:de:3b:aa:54:6e:1d:d9:88:
                    30:2f:37:14:50:0b:80:b3:55:65:34:4b:37:a6:54:
                    78:90:c7:62:44:16:8f:dc:e8:73:6d:2c:6d:10:e7:
                    f6:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:AC:A9:2B:85:A4:2B:8D:0B:89:C9:CA:A9:2A:5F:CC:5C:96:AC:16
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F361474A/6ECA6C96747F11ECAC1BFE965A40D577/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F361474A/6ECA6C96747F11ECAC1BFE965A40D577/66ypK4WkK40LicnKqSpfzFyWrBY.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  33763
                  37096

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.218.64.0/18
                  196.1.28.0/22
                  196.216.32.0/19
                  197.234.64.0/18
                IPv6:
                  2c0f:f980::/32

    Signature Algorithm: sha256WithRSAEncryption
         81:c9:db:0e:44:b9:ef:03:46:cb:06:17:1a:4b:5a:59:b4:83:
         d2:13:00:46:c0:84:96:23:46:26:c7:8e:fe:b4:72:d0:ba:c8:
         5a:b7:77:05:3e:26:2f:33:0a:93:6e:45:8e:b6:f4:e2:3c:17:
         12:21:e5:d3:27:15:77:20:d0:48:58:c1:9c:59:49:d5:b5:b2:
         4e:26:2c:b5:fa:f6:ba:04:93:0a:27:a9:47:a7:c5:79:8a:5c:
         22:d4:6d:61:a1:59:13:ec:4d:d1:60:99:a4:e6:20:c9:e5:29:
         15:89:db:db:c2:47:76:bb:63:44:74:6a:7a:8f:f5:08:bd:ef:
         8f:5a:a9:ba:a7:b1:ab:46:e6:ec:6e:a7:fe:e6:28:4e:7a:24:
         cb:78:d5:35:cf:40:a6:ff:f3:38:1b:eb:5a:1b:9a:18:8c:df:
         4b:b1:39:c6:ab:93:3b:67:ff:89:0d:43:c4:8c:c6:8f:a5:b9:
         3d:c6:2c:76:66:70:e9:48:30:a6:0e:fd:44:ad:80:6f:d0:e7:
         e4:71:2a:58:52:94:76:65:0e:14:d8:f0:cb:e3:a8:75:72:40:
         aa:be:d7:c6:77:56:fd:48:dd:b9:6b:f9:8c:e9:d2:76:e5:b6:
         84:a2:dc:99:b4:6d:f6:ae:1e:21:d2:14:d1:4a:a9:a9:c0:b5:
         6c:12:f6:1e
-----BEGIN CERTIFICATE-----
MIIGPDCCBSSgAwIBAgICGwcwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yMzAxMDEwMDAzMjVaFw0yNDAzMzEwMDAwMDBaMEgxEzARBgNV
BAMMCkYzNjE0NzRBQUYxMTAvBgNVBAUTKEVCQUNBOTJCODVBNDJCOEQwQjg5QzlD
QUE5MkE1RkNDNUM5NkFDMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCmKApLgM3a+P7aaTXoMQtVIjPTK0rCVD1IyZWlUoao5atQloqVflol7jdfragv
arMuCK5sTXRiSOwNOJaU0HjswkzxA1OCumtk4X+61PWT6zSSoJVHnbR9P+ADxYRK
V1IpQvrOhH9T257F+WGdOT+aB6FC2jU0q453+AdPhBbCp0GM9deiBNIAs6lJM9k4
CRZVGdgmQuZS0BE0BVApAZmR6V/1zeJeVV3rl5fu4QTlfABrOSStw05e2N1sy5nO
3fh6CZTwE7JzZCBhAxpU3rK3G0XT4EKojnHeO6pUbh3ZiDAvNxRQC4CzVWU0Szem
VHiQx2JEFo/c6HNtLG0Q5/aXAgMBAAGjggMxMIIDLTAdBgNVHQ4EFgQU66ypK4Wk
K40LicnKqSpfzFyWrBYwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzYxNDc0QS82RUNBNkM5Njc0N0Yx
MUVDQUMxQkZFOTY1QTQwRDU3Ny8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTQ3NEEvNkVDQTZDOTY3NDdGMTFFQ0FDMUJGRTk2NUE0MEQ1NzcvNjZ5cEs0
V2tLNDBMaWNuS3FTcGZ6RnlXckJZLm1mdDAfBggrBgEFBQcBCAEB/wQQMA6gDDAK
AgMAg+MCAwCQ6DBABggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBinaQAMEAsQB
HAMEBcTYIAMEBsXqQDANBAIAAjAHAwUALA/5gDANBgkqhkiG9w0BAQsFAAOCAQEA
gcnbDkS57wNGywYXGktaWbSD0hMARsCEliNGJseO/rRy0LrIWrd3BT4mLzMKk25F
jrb04jwXEiHl0ycVdyDQSFjBnFlJ1bWyTiYstfr2ugSTCiepR6fFeYpcItRtYaFZ
E+xN0WCZpOYgyeUpFYnb28JHdrtjRHRqeo/1CL3vj1qpuqexq0bm7G6n/uYoTnok
y3jVNc9Apv/zOBvrWhuaGIzfS7E5xquTO2f/iQ1DxIzGj6W5PcYsdmZw6Ugwpg79
RK2Ab9Dn5HEqWFKUdmUOFNjwy+OodXJAqr7XxndW/UjduWv5jOnSduW2hKLcmbRt
9q4eIdIU0UqpqcC1bBL2Hg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:06 2024 by rpki-client on console-fra.rpki-client.org