Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/AjFjgfORycHBtlB5K7N-_nj13ZM.cer
File:                     AjFjgfORycHBtlB5K7N-_nj13ZM.cer (raw, json)
Hash identifier:          kTcn0dzb2xGUyhhcDPE7yg4tBT70ZJLJNTIni7L1+kA=
Subject key identifier:   02:31:63:81:F3:91:C9:C1:C1:B6:50:79:2B:B3:7E:FE:78:F5:DD:93
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       27A8
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36C684F/B28E290CD48311E989417F1CF8AEA228/AjFjgfORycHBtlB5K7N-_nj13ZM.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36C684F/B28E290CD48311E989417F1CF8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 03:57:09 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 37170
                          IP: 196.45.48.0/20
                          IP: 196.220.240.0/20
                          IP: 2001:43f8:160::/48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10152 (0x27a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 03:57:09 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36C684FAF/serialNumber=02316381F391C9C1C1B650792BB37EFE78F5DD93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:a8:9e:3f:af:03:cc:e5:d0:77:68:75:58:74:
                    6b:34:dc:63:7b:72:0c:b0:af:d7:ed:f5:54:2f:4e:
                    2a:58:08:dd:af:75:1b:19:95:f7:36:c4:f6:4a:b8:
                    59:c6:79:44:ca:90:ce:f7:9d:80:96:6f:76:be:f5:
                    56:81:6c:6c:1b:7b:e3:b6:46:71:64:6c:df:17:4d:
                    67:9d:e7:e5:f8:ad:5d:2d:81:3a:68:3b:b2:a7:13:
                    7a:3a:54:e7:3e:9c:df:a9:6b:35:aa:16:59:79:ea:
                    c2:dc:c3:a0:32:1a:9f:1d:b1:7f:74:73:2e:93:cc:
                    ce:cd:22:c1:63:d4:21:df:b0:b7:25:b2:d5:b1:87:
                    98:1f:eb:c6:fd:62:3f:d8:80:ee:58:e5:37:7a:f2:
                    95:ad:2f:fe:75:32:7b:fc:1c:0e:a3:7e:02:86:2e:
                    b3:95:91:82:a3:56:6c:9a:12:51:a7:ac:f1:63:16:
                    66:af:20:a6:07:80:18:5f:db:4a:fe:72:5a:eb:21:
                    87:f4:2f:76:11:00:db:f9:75:17:8c:04:6e:ad:28:
                    2b:46:bf:2d:4d:63:0e:e9:6b:ed:b8:3b:66:f9:84:
                    23:a9:43:0a:91:92:69:de:d3:0c:c4:4f:65:91:16:
                    c7:2c:99:bb:c6:33:9f:3b:70:03:f9:45:b0:b8:b2:
                    62:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:31:63:81:F3:91:C9:C1:C1:B6:50:79:2B:B3:7E:FE:78:F5:DD:93
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C684F/B28E290CD48311E989417F1CF8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C684F/B28E290CD48311E989417F1CF8AEA228/AjFjgfORycHBtlB5K7N-_nj13ZM.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  37170

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.45.48.0/20
                  196.220.240.0/20
                IPv6:
                  2001:43f8:160::/48

    Signature Algorithm: sha256WithRSAEncryption
         c0:14:16:99:5f:be:dc:9b:f7:53:54:6c:db:e9:4f:dd:15:fd:
         06:28:e8:66:61:0f:a0:80:b4:f8:03:95:8e:76:84:5f:56:4a:
         04:f5:53:9a:03:a6:13:3e:a3:0d:7b:d1:d0:70:b8:81:2c:52:
         79:16:94:d9:c2:0f:34:b1:4c:90:08:e1:30:d7:09:0c:12:7a:
         f1:aa:8b:51:3e:3b:22:0d:a9:71:3b:80:db:54:cc:6c:92:cb:
         bd:cf:b9:4b:f7:56:98:dc:d5:48:7b:c5:40:57:f1:4f:19:1c:
         65:32:8e:87:78:7d:a4:cc:7b:db:17:38:e2:b0:ff:27:2d:69:
         c7:6a:a8:21:46:46:69:e9:1b:99:09:02:d9:f1:9b:1c:19:50:
         2d:e7:17:e1:ab:0c:cc:9d:9a:16:85:cb:e5:27:49:c5:81:fd:
         bc:ee:30:b8:86:d7:d4:94:48:a4:0a:9b:51:73:56:31:82:9a:
         51:d1:32:0a:6f:c5:45:ce:1c:26:1d:2a:e9:df:40:42:a5:1e:
         84:25:05:ca:ca:1c:75:ec:0a:de:49:84:01:49:b1:46:59:b9:
         05:3d:5c:8d:86:6b:17:d5:6b:e2:53:9e:f4:2e:6c:35:23:28:
         06:56:d5:55:55:bc:c6:a5:1c:82:80:7f:85:1a:db:f8:ec:29:
         a9:a3:36:f3
-----BEGIN CERTIFICATE-----
MIIGLTCCBRWgAwIBAgICJ6gwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMzU3MDlaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkM2ODRGQUYxMTAvBgNVBAUTKDAyMzE2MzgxRjM5MUM5QzFDMUI2NTA3
OTJCQjM3RUZFNzhGNUREOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCnqJ4/rwPM5dB3aHVYdGs03GN7cgywr9ft9VQvTipYCN2vdRsZlfc2xPZKuFnG
eUTKkM73nYCWb3a+9VaBbGwbe+O2RnFkbN8XTWed5+X4rV0tgTpoO7KnE3o6VOc+
nN+pazWqFll56sLcw6AyGp8dsX90cy6TzM7NIsFj1CHfsLclstWxh5gf68b9Yj/Y
gO5Y5Td68pWtL/51Mnv8HA6jfgKGLrOVkYKjVmyaElGnrPFjFmavIKYHgBhf20r+
clrrIYf0L3YRANv5dReMBG6tKCtGvy1NYw7pa+24O2b5hCOpQwqRkmne0wzET2WR
FscsmbvGM587cAP5RbC4smKfAgMBAAGjggMiMIIDHjAdBgNVHQ4EFgQUAjFjgfOR
ycHBtlB5K7N+/nj13ZMwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZDNjg0Ri9CMjhFMjkwQ0Q0ODMx
MUU5ODk0MTdGMUNGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzY4NEYvQjI4RTI5MENENDgzMTFFOTg5NDE3RjFDRjhBRUEyMjgvQWpGamdm
T1J5Y0hCdGxCNUs3Ti1fbmoxM1pNLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMAkTIwNgYIKwYBBQUHAQcBAf8EJzAlMBIEAgABMAwDBATELTADBATE3PAwDwQC
AAIwCQMHACABQ/gBYDANBgkqhkiG9w0BAQsFAAOCAQEAwBQWmV++3Jv3U1Rs2+lP
3RX9BijoZmEPoIC0+AOVjnaEX1ZKBPVTmgOmEz6jDXvR0HC4gSxSeRaU2cIPNLFM
kAjhMNcJDBJ68aqLUT47Ig2pcTuA21TMbJLLvc+5S/dWmNzVSHvFQFfxTxkcZTKO
h3h9pMx72xc44rD/Jy1px2qoIUZGaekbmQkC2fGbHBlQLecX4asMzJ2aFoXL5SdJ
xYH9vO4wuIbX1JRIpAqbUXNWMYKaUdEyCm/FRc4cJh0q6d9AQqUehCUFysocdewK
3kmEAUmxRlm5BT1cjYZrF9Vr4lOe9C5sNSMoBlbVVVW8xqUcgoB/hRrb+OwpqaM2
8w==
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:31 2024 by rpki-client on console-fra.rpki-client.org