Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/ATo4w5zLZNj-6M3mvzaPRtpzjEA.cer
File:                     ATo4w5zLZNj-6M3mvzaPRtpzjEA.cer (raw, json)
Hash identifier:          80RaxeIbahGvUkW6J0gb5aiA1AddngmhsJNLDyTy4bk=
Subject key identifier:   01:3A:38:C3:9C:CB:64:D8:FE:E8:CD:E6:BF:36:8F:46:DA:73:8C:40
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       27A0
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36C4E2C/E0F97572FD6511ECA2EAAFE1F1222468/ATo4w5zLZNj-6M3mvzaPRtpzjEA.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36C4E2C/E0F97572FD6511ECA2EAAFE1F1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 03:56:01 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 36982
                          IP: 196.13.250.0/24
                          IP: 196.42.64.0/18
                          IP: 196.47.192.0/18
                          IP: 197.239.128.0/18
                          IP: 2001:43f8:70::/45

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10144 (0x27a0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 03:56:01 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36C4E2CAF/serialNumber=013A38C39CCB64D8FEE8CDE6BF368F46DA738C40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:b6:af:d0:09:49:b1:d6:3e:40:c9:b7:d1:8a:
                    d2:b0:c0:6d:0f:fa:98:ff:3b:be:fd:88:5a:b9:e5:
                    6b:f3:08:7c:e4:f6:9c:84:d4:03:43:8a:b7:79:6c:
                    13:26:4a:18:26:8b:47:22:3c:f9:06:36:8e:67:25:
                    1d:56:2a:92:75:bd:d5:e7:6c:42:e1:12:55:d8:33:
                    b1:2d:98:f7:37:b1:86:28:e7:97:4b:cd:1c:e3:9b:
                    71:92:a6:60:74:25:6b:1c:a5:b1:ae:e7:ae:4d:0b:
                    00:d8:d5:3c:5c:30:06:18:5a:fb:36:9e:91:54:bc:
                    75:47:fc:6b:25:41:cf:7c:5a:c3:a5:26:0d:dc:5e:
                    fc:a1:e4:61:91:86:aa:6b:ac:19:40:11:e8:61:a1:
                    38:a6:a8:5b:ae:9e:ef:66:ea:1f:39:b7:be:a9:de:
                    f7:e4:fc:88:7d:6c:43:7c:48:3c:23:e1:52:65:fc:
                    eb:d4:21:4d:6b:f6:6b:3c:37:7c:85:43:10:86:90:
                    1e:6e:ce:88:08:28:05:13:f9:c3:07:42:e9:c7:8a:
                    76:4a:1c:6c:b1:78:96:46:14:3b:59:62:2a:ca:81:
                    46:ff:98:8c:f9:cd:45:f8:38:62:aa:47:6d:2a:e8:
                    a1:98:d5:65:72:8b:88:c6:61:20:b0:f9:73:1c:78:
                    67:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:3A:38:C3:9C:CB:64:D8:FE:E8:CD:E6:BF:36:8F:46:DA:73:8C:40
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C4E2C/E0F97572FD6511ECA2EAAFE1F1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C4E2C/E0F97572FD6511ECA2EAAFE1F1222468/ATo4w5zLZNj-6M3mvzaPRtpzjEA.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  36982

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.13.250.0/24
                  196.42.64.0/18
                  196.47.192.0/18
                  197.239.128.0/18
                IPv6:
                  2001:43f8:70::/45

    Signature Algorithm: sha256WithRSAEncryption
         2d:10:6a:f2:35:66:fb:a8:3e:f1:a8:1e:b4:9b:4d:cc:de:16:
         f5:e8:76:a6:b3:46:1b:cb:1d:2f:58:36:5c:18:90:69:71:82:
         ee:b3:36:82:c1:1a:e5:21:9d:0c:3b:d4:33:49:e0:8e:f0:be:
         d0:bc:4f:96:18:07:e7:1b:fc:da:12:ae:bb:55:3a:cc:f7:70:
         87:4a:f8:5b:d9:ac:9b:3a:0f:f5:c0:0b:cd:be:6d:b7:e2:6a:
         bb:47:d7:d9:4d:59:15:3b:9f:5b:63:6f:34:e8:6b:ca:6b:2b:
         3b:06:e9:61:64:21:0d:2b:f1:2c:8d:ef:e5:09:dc:28:e6:8b:
         4b:ea:3f:27:8e:0d:e6:40:10:cc:f6:98:1c:d8:33:a8:32:dd:
         02:8e:c3:1d:cd:a3:0f:ad:80:85:5b:81:c2:a9:f1:f5:78:71:
         b6:d7:e2:89:b4:5b:91:20:1a:b3:02:92:27:bb:58:2c:be:4f:
         52:57:b5:58:b3:23:2c:16:0a:98:22:be:6c:c4:66:cf:e4:ee:
         b1:4e:26:cd:03:4b:98:05:64:9e:43:3f:08:9f:6e:85:a5:40:
         93:6b:65:eb:a9:86:ad:b6:71:6b:21:7d:77:84:9f:51:57:3e:
         de:58:49:4b:6d:49:71:4e:59:2c:75:e4:64:e6:e2:eb:9a:f0:
         a1:1e:c0:9c
-----BEGIN CERTIFICATE-----
MIIGOTCCBSGgAwIBAgICJ6AwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMzU2MDFaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkM0RTJDQUYxMTAvBgNVBAUTKDAxM0EzOEMzOUNDQjY0RDhGRUU4Q0RF
NkJGMzY4RjQ2REE3MzhDNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD3tq/QCUmx1j5AybfRitKwwG0P+pj/O779iFq55WvzCHzk9pyE1ANDird5bBMm
Shgmi0ciPPkGNo5nJR1WKpJ1vdXnbELhElXYM7EtmPc3sYYo55dLzRzjm3GSpmB0
JWscpbGu565NCwDY1TxcMAYYWvs2npFUvHVH/GslQc98WsOlJg3cXvyh5GGRhqpr
rBlAEehhoTimqFuunu9m6h85t76p3vfk/Ih9bEN8SDwj4VJl/OvUIU1r9ms8N3yF
QxCGkB5uzogIKAUT+cMHQunHinZKHGyxeJZGFDtZYirKgUb/mIz5zUX4OGKqR20q
6KGY1WVyi4jGYSCw+XMceGfdAgMBAAGjggMuMIIDKjAdBgNVHQ4EFgQUATo4w5zL
ZNj+6M3mvzaPRtpzjEAwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZDNEUyQy9FMEY5NzU3MkZENjUx
MUVDQTJFQUFGRTFGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzRFMkMvRTBGOTc1NzJGRDY1MTFFQ0EyRUFBRkUxRjEyMjI0NjgvQVRvNHc1
ekxaTmotNk0zbXZ6YVBSdHB6akVBLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMAkHYwQgYIKwYBBQUHAQcBAf8EMzAxMB4EAgABMBgDBADEDfoDBAbEKkADBAbE
L8ADBAbF74AwDwQCAAIwCQMHAyABQ/gAcDANBgkqhkiG9w0BAQsFAAOCAQEALRBq
8jVm+6g+8agetJtNzN4W9eh2prNGG8sdL1g2XBiQaXGC7rM2gsEa5SGdDDvUM0ng
jvC+0LxPlhgH5xv82hKuu1U6zPdwh0r4W9msmzoP9cALzb5tt+Jqu0fX2U1ZFTuf
W2NvNOhrymsrOwbpYWQhDSvxLI3v5QncKOaLS+o/J44N5kAQzPaYHNgzqDLdAo7D
Hc2jD62AhVuBwqnx9XhxttfiibRbkSAaswKSJ7tYLL5PUle1WLMjLBYKmCK+bMRm
z+TusU4mzQNLmAVknkM/CJ9uhaVAk2tl66mGrbZxayF9d4SfUVc+3lhJS21JcU5Z
LHXkZObi65rwoR7AnA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:31 2024 by rpki-client on console-fra.rpki-client.org