Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer
File:                     9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer (raw, json)
Hash identifier:          JvLkYB7Rscqo4v4526ydLOgWusfAOEEA9sWMxp6aIpw=
Subject key identifier:   F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2803
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:11:11 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 25726
                          IP: 102.217.164.0/22
                          IP: 154.72.40.0/21
                          IP: 2c0f:f7a8::/29

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 08:08:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10243 (0x2803)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 04:11:11 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:85:0e:4c:8d:00:c0:0e:36:b8:16:89:cc:b9:
                    8f:b5:78:20:e2:8a:76:e9:09:30:af:59:35:a6:31:
                    c8:19:97:57:b7:c2:6c:b4:a0:bf:a4:68:3c:36:3d:
                    a1:be:db:53:86:d4:d0:f2:1e:b2:aa:fc:41:f9:30:
                    f6:34:37:61:1a:5c:f2:8f:ec:90:12:04:e8:83:f5:
                    30:45:ac:91:42:51:c8:f4:27:c0:ee:52:da:a6:e3:
                    b0:3f:c6:d4:14:e1:96:48:fe:aa:a3:41:ce:9f:71:
                    6f:ca:92:17:0e:81:6d:24:1b:15:95:0f:6f:ff:ce:
                    0e:2c:35:86:1a:25:30:d2:de:7b:cf:7c:cd:3d:a8:
                    99:43:39:5b:fa:ee:32:f1:f3:0c:e2:24:c0:88:e4:
                    21:8f:57:ed:e4:91:da:e4:c3:be:12:a0:b1:be:64:
                    36:61:94:ad:bb:e6:6a:5f:9f:a3:c7:4d:94:c3:e7:
                    16:f2:b0:ec:af:69:31:67:73:1d:1d:83:fb:a4:1f:
                    44:32:cb:5e:54:19:74:6d:a0:72:0c:1c:f2:c3:90:
                    58:0f:51:cf:62:d7:72:8d:10:16:ab:1b:a8:b0:85:
                    83:2e:23:fa:82:af:5d:53:a4:0a:b0:f3:17:26:0b:
                    a8:7f:98:83:96:86:43:48:c0:f8:b7:7c:04:dd:f2:
                    a6:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  25726

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.217.164.0/22
                  154.72.40.0/21
                IPv6:
                  2c0f:f7a8::/29

    Signature Algorithm: sha256WithRSAEncryption
         34:cd:11:ce:1f:35:29:45:0c:5e:aa:ce:6b:8c:e8:eb:5d:3d:
         67:17:51:07:d6:cb:a6:dc:f6:93:34:f1:b1:53:25:0c:ec:da:
         95:78:88:ad:64:c8:dd:78:e2:53:5b:70:30:3f:57:a8:f2:e6:
         45:0b:49:c8:52:03:c6:f3:09:4b:a0:f3:9a:e6:bc:d2:4a:d4:
         75:b1:9e:0b:0a:6c:c8:24:3b:4f:88:5c:16:b8:7e:7b:a0:86:
         bc:fe:c7:95:f5:14:4e:29:58:5c:83:4b:6c:f2:48:34:04:76:
         6e:e3:6d:37:03:ef:0f:9a:2f:ff:11:7d:dd:11:10:d6:5f:8b:
         d7:7a:79:60:67:b4:73:7b:c2:ec:03:7a:e9:8d:ca:62:d5:30:
         bf:28:f7:b1:19:91:37:30:57:c5:93:7e:ac:2a:2e:3f:8a:0d:
         26:ac:4a:1b:1b:52:96:24:8d:e1:fe:d4:28:44:75:3e:e8:70:
         37:25:cb:a3:ec:49:c8:12:70:e2:34:2a:51:48:59:91:a3:39:
         42:4a:5a:29:54:b4:5a:67:84:88:66:59:5a:f5:1c:3c:d4:c9:
         75:5c:8c:a0:e0:59:38:ab:66:1f:9b:f1:1a:00:67:b0:19:33:
         28:14:5c:68:87:7d:57:47:df:88:19:7a:fe:86:5b:55:ec:1b:
         e7:95:46:ff
-----BEGIN CERTIFICATE-----
MIIGKjCCBRKgAwIBAgICKAMwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwNDExMTFaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkRCNDkyQUYxMTAvBgNVBAUTKEY0M0UwNjY4RUY3MkJEODdGQTUzNjhC
RTJCNjgxNUMwQkNCNDAxNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDhhQ5MjQDADja4FonMuY+1eCDiinbpCTCvWTWmMcgZl1e3wmy0oL+kaDw2PaG+
21OG1NDyHrKq/EH5MPY0N2EaXPKP7JASBOiD9TBFrJFCUcj0J8DuUtqm47A/xtQU
4ZZI/qqjQc6fcW/KkhcOgW0kGxWVD2//zg4sNYYaJTDS3nvPfM09qJlDOVv67jLx
8wziJMCI5CGPV+3kkdrkw74SoLG+ZDZhlK275mpfn6PHTZTD5xbysOyvaTFncx0d
g/ukH0Qyy15UGXRtoHIMHPLDkFgPUc9i13KNEBarG6iwhYMuI/qCr11TpAqw8xcm
C6h/mIOWhkNIwPi3fATd8qbpAgMBAAGjggMfMIIDGzAdBgNVHQ4EFgQU9D4GaO9y
vYf6U2i+K2gVwLy0AUkwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZEQjQ5Mi8xMERBOTk3NjRBMDMx
MUVEOEY1OUQ4OUVGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2REI0OTIvMTBEQTk5NzY0QTAzMTFFRDhGNTlEODlFRjEyMjI0NjgvOUQ0R2FP
OXl2WWY2VTJpLUsyZ1Z3THkwQVVrLm1mdDAZBggrBgEFBQcBCAEB/wQKMAigBjAE
AgJkfjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAmbZpAMEA5pIKDANBAIA
AjAHAwUDLA/3qDANBgkqhkiG9w0BAQsFAAOCAQEANM0Rzh81KUUMXqrOa4zo6109
ZxdRB9bLptz2kzTxsVMlDOzalXiIrWTI3XjiU1twMD9XqPLmRQtJyFIDxvMJS6Dz
mua80krUdbGeCwpsyCQ7T4hcFrh+e6CGvP7HlfUUTilYXINLbPJINAR2buNtNwPv
D5ov/xF93REQ1l+L13p5YGe0c3vC7AN66Y3KYtUwvyj3sRmRNzBXxZN+rCouP4oN
JqxKGxtSliSN4f7UKER1PuhwNyXLo+xJyBJw4jQqUUhZkaM5QkpaKVS0WmeEiGZZ
WvUcPNTJdVyMoOBZOKtmH5vxGgBnsBkzKBRcaId9V0ffiBl6/oZbVewb55VG/w==
-----END CERTIFICATE-----
Generated at Thu Mar 28 10:50:24 2024 by rpki-client on console-ams.rpki-client.org