Certificate
$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/7fjY2rSy5miVSkC6Vt0hxkUoOdw.cer
File: 7fjY2rSy5miVSkC6Vt0hxkUoOdw.cer (raw, json)
Hash identifier: /cKh2luq6KHJuiRhxcNBUP7rGMPFO2VoXR9QE9XLW+A=
Subject key identifier: ED:F8:D8:DA:B4:B2:E6:68:95:4A:40:BA:56:DD:21:C6:45:28:39:DC
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer: /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial: 2D9F
Authority info access: rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest: rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/7fjY2rSy5miVSkC6Vt0hxkUoOdw.mft
caRepository: rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/
Notify URL: https://rrdp.afrinic.net/notification.xml
Certificate not before: Wed 01 Jan 2025 00:53:36 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: AS: 328763
IP: 102.221.0.0/22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 04 Apr 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11679 (0x2d9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=AFRINIC
Validity
Not Before: Jan 1 00:53:36 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=F362F418AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5c:88:ea:a5:c4:23:35:b3:4e:68:cc:ff:44:
dc:a8:aa:3e:01:30:4e:a5:6b:6d:e5:a5:9b:80:1f:
9f:3e:8a:99:d4:ac:7a:3a:ed:83:3c:7e:69:9f:c6:
ae:f1:19:8c:f5:c3:9c:d0:da:f7:0e:46:1c:5c:71:
e4:fb:98:c6:57:a2:c6:78:bd:bb:8a:38:4c:86:0e:
63:a6:a3:75:01:6c:7e:71:d5:c7:69:26:76:70:02:
46:9c:46:c9:3a:e4:c0:1c:bc:b9:47:22:0a:df:56:
7d:64:47:05:12:8a:46:67:ee:e2:4d:39:85:24:86:
ab:82:19:5f:b1:80:0b:21:01:36:fc:de:cd:f0:bd:
49:4c:a0:b3:38:bc:1c:43:8a:28:24:fe:a1:3b:cb:
d3:ac:33:90:67:b5:36:c2:00:68:82:8a:59:ac:31:
bf:e1:1d:c2:87:5f:2b:09:0b:7b:83:20:d8:29:a9:
63:8b:78:ec:51:1c:da:bc:20:5d:31:bc:9e:eb:a1:
7e:10:22:71:6f:67:00:a6:1d:ad:4d:a4:13:72:f3:
c8:26:33:e0:c5:c2:b8:49:f3:ef:ac:f8:7e:10:cd:
31:aa:7f:51:4c:39:61:4d:a8:94:63:f6:80:44:d9:
92:85:11:21:6d:04:ef:c2:f9:a7:cc:86:fd:10:2d:
f8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:F8:D8:DA:B4:B2:E6:68:95:4A:40:BA:56:DD:21:C6:45:28:39:DC
X509v3 Authority Key Identifier:
keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/7fjY2rSy5miVSkC6Vt0hxkUoOdw.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
328763
sbgp-ipAddrBlock: critical
IPv4:
102.221.0.0/22
Signature Algorithm: sha256WithRSAEncryption
48:73:9a:1a:ab:6e:b8:e7:ea:ef:26:8e:35:cf:1c:7c:31:a2:
26:1f:18:1e:52:8f:c9:21:77:c9:09:b5:cd:51:ec:93:23:12:
e2:cc:a9:96:ab:13:9f:a1:b0:27:4a:73:6d:b3:63:f9:d3:32:
60:9a:7a:37:fc:a5:60:44:a9:b8:0c:83:60:17:a1:78:6c:5b:
5c:fd:57:13:0e:ea:2b:f2:79:b2:6d:0d:3b:7f:a7:ab:2c:40:
d6:32:6a:7e:af:c2:18:24:58:54:9e:0d:2a:c2:31:49:0f:79:
04:8b:d8:74:7d:2e:6c:ad:2c:32:1a:0d:61:10:e7:b6:3d:8d:
dc:d3:be:ed:e8:d0:0f:c3:a0:6d:60:6e:9b:93:5d:1a:77:69:
af:35:d5:0f:9e:bf:d5:d5:b5:10:7a:d6:5f:97:6f:f1:73:b1:
77:f5:21:13:6c:1d:89:b9:ef:71:99:e0:f0:a6:1d:55:b1:d3:
2f:bb:22:18:74:e3:8f:8e:3e:27:f7:a2:4c:59:bb:0c:9e:f4:
2d:05:c0:6e:f5:6d:0a:82:bf:fe:3d:26:2b:91:db:68:a6:81:
f6:ed:66:29:08:6f:dd:1a:c3:2e:1d:85:1f:b0:de:3a:7a:e4:
c8:e5:f8:b8:ed:d5:85:bc:01:7d:64:81:16:38:6b:91:7b:ab:
bf:17:4f:82
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgICLZ8wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNTAxMDEwMDUzMzZaFw0yNjAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjJGNDE4QUYxMTAvBgNVBAUTKEVERjhEOERBQjRCMkU2Njg5NTRBNDBC
QTU2REQyMUM2NDUyODM5REMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC1XIjqpcQjNbNOaMz/RNyoqj4BME6la23lpZuAH58+ipnUrHo67YM8fmmfxq7x
GYz1w5zQ2vcORhxcceT7mMZXosZ4vbuKOEyGDmOmo3UBbH5x1cdpJnZwAkacRsk6
5MAcvLlHIgrfVn1kRwUSikZn7uJNOYUkhquCGV+xgAshATb83s3wvUlMoLM4vBxD
iigk/qE7y9OsM5BntTbCAGiCilmsMb/hHcKHXysJC3uDINgpqWOLeOxRHNq8IF0x
vJ7roX4QInFvZwCmHa1NpBNy88gmM+DFwrhJ8++s+H4QzTGqf1FMOWFNqJRj9oBE
2ZKFESFtBO/C+afMhv0QLfjPAgMBAAGjggMLMIIDBzAdBgNVHQ4EFgQU7fjY2rSy
5miVSkC6Vt0hxkUoOdwwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzYyRjQxOC81QjAxNDY1OEYxNjYx
MUVDOUZDQjIxQzFGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MkY0MTgvNUIwMTQ2NThGMTY2MTFFQzlGQ0IyMUMxRjEyMjI0NjgvN2ZqWTJy
U3k1bWlWU2tDNlZ0MGh4a1VvT2R3Lm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBDswHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm3QAwDQYJKoZIhvcN
AQELBQADggEBAEhzmhqrbrjn6u8mjjXPHHwxoiYfGB5Sj8khd8kJtc1R7JMjEuLM
qZarE5+hsCdKc22zY/nTMmCaejf8pWBEqbgMg2AXoXhsW1z9VxMO6ivyebJtDTt/
p6ssQNYyan6vwhgkWFSeDSrCMUkPeQSL2HR9LmytLDIaDWEQ57Y9jdzTvu3o0A/D
oG1gbpuTXRp3aa811Q+ev9XVtRB61l+Xb/FzsXf1IRNsHYm573GZ4PCmHVWx0y+7
Ihh044+OPif3okxZuwye9C0FwG71bQqCv/49JiuR22imgfbtZikIb90awy4dhR+w
3jp65Mjl+Ljt1YW8AX1kgRY4a5F7q78XT4I=
-----END CERTIFICATE-----
Generated at Wed Apr 2 08:55:22 2025 by rpki-client