Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/D1lQgYEt8Vl-hOwRRk5kwYfuOAg.cer
File:                     D1lQgYEt8Vl-hOwRRk5kwYfuOAg.cer (raw, json)
Hash identifier:          jvZyW7iCyLO895XUgvn+mFMnfiwPlk1pan1uXGX/hAM=
Subject key identifier:   0F:59:50:81:81:2D:F1:59:7E:84:EC:11:46:4E:64:C1:87:EE:38:08
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       238C
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/F51239688BD811EBAEE28A37F8AEA228/D1lQgYEt8Vl-hOwRRk5kwYfuOAg.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/F51239688BD811EBAEE28A37F8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:37:54 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328227

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9100 (0x238c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 00:37:54 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F3626CB6AF/serialNumber=0F595081812DF1597E84EC11464E64C187EE3808
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:c6:5a:84:85:90:80:f2:44:7b:0e:68:20:39:
                    0a:bc:95:d5:e3:8a:c7:ce:7b:db:9d:e2:31:be:16:
                    9a:8a:f4:21:b9:01:b1:ee:cd:5a:70:73:bc:49:cc:
                    9b:3e:c2:33:a2:d7:55:1d:15:87:59:13:38:87:c1:
                    a3:27:73:d4:7b:4e:4c:c3:fd:0d:e5:56:6c:6d:d7:
                    29:a2:5a:fb:12:79:1c:83:de:03:70:5f:60:1e:0e:
                    fa:81:90:21:33:e7:47:3e:76:50:2f:eb:28:20:c5:
                    2e:32:52:d3:ef:9f:cf:89:10:71:9a:ad:7e:ca:7c:
                    ee:c3:33:2e:d8:66:59:a2:a8:e6:6e:d0:5d:a3:24:
                    e1:01:d9:c7:c8:2c:e2:8e:1c:f1:c9:ed:85:57:92:
                    5c:4f:3b:bf:d8:1b:8b:5d:26:3c:bb:ce:d4:0b:8f:
                    1b:dc:fa:b3:5d:11:9e:c0:0c:82:97:91:b4:95:f3:
                    0f:f2:e4:af:0b:f8:b5:fe:77:b5:98:4b:b2:30:e5:
                    c4:3b:83:21:49:00:f7:bb:90:df:e4:f3:1e:29:3f:
                    ee:f5:12:57:9e:d0:f3:66:5c:0b:2b:6b:07:1c:38:
                    ed:c0:78:05:52:97:88:36:2f:07:7b:0f:f5:b0:ae:
                    06:f2:9c:cd:3e:ee:29:a7:3b:de:04:eb:93:e0:07:
                    70:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:59:50:81:81:2D:F1:59:7E:84:EC:11:46:4E:64:C1:87:EE:38:08
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/F51239688BD811EBAEE28A37F8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/F51239688BD811EBAEE28A37F8AEA228/D1lQgYEt8Vl-hOwRRk5kwYfuOAg.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328227

    Signature Algorithm: sha256WithRSAEncryption
         95:2c:cc:8f:ca:67:99:10:4f:81:08:cc:ba:10:ba:52:83:37:
         80:f7:a0:e7:18:37:e8:20:42:c5:9a:ea:51:ff:8c:79:01:6d:
         d1:66:b2:12:0b:81:70:f3:b4:ec:e3:c6:72:6e:e1:81:0f:df:
         98:79:5c:8e:47:67:a4:13:46:2a:c2:98:ac:35:ba:b2:68:76:
         4a:c3:06:9d:c6:dd:a9:5b:cc:fa:d1:1f:f5:fa:39:9f:12:fb:
         6f:81:a3:87:5b:0d:3d:7c:0b:01:18:2c:82:f3:38:e5:f8:4b:
         5f:9a:a6:4a:e4:60:36:75:d6:ad:40:e2:bc:24:cb:2b:0c:a4:
         33:f3:b1:e8:9a:0f:d9:91:08:a5:8f:64:58:31:76:e3:12:7c:
         bb:47:15:66:70:ee:dd:a8:4b:5b:dd:bd:79:9d:5b:a2:79:f8:
         68:4d:7c:8f:32:75:29:ad:70:cb:04:f4:99:e0:ab:1c:fb:b9:
         2c:a3:94:6c:fb:b7:32:46:81:96:7c:83:68:d1:1d:78:0a:6f:
         6b:c1:57:69:0e:51:f6:7f:00:99:28:4d:a8:1c:af:fb:da:81:
         36:03:56:a9:42:f1:d5:9b:c3:c2:d0:15:b2:96:da:75:81:23:
         6d:6a:4c:73:65:b3:ec:61:a7:33:96:dd:ce:c3:93:06:ff:a3:
         7a:9d:49:f8
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgICI4wwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMDM3NTRaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjI2Q0I2QUYxMTAvBgNVBAUTKDBGNTk1MDgxODEyREYxNTk3RTg0RUMx
MTQ2NEU2NEMxODdFRTM4MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC1xlqEhZCA8kR7DmggOQq8ldXjisfOe9ud4jG+FpqK9CG5AbHuzVpwc7xJzJs+
wjOi11UdFYdZEziHwaMnc9R7TkzD/Q3lVmxt1ymiWvsSeRyD3gNwX2AeDvqBkCEz
50c+dlAv6yggxS4yUtPvn8+JEHGarX7KfO7DMy7YZlmiqOZu0F2jJOEB2cfILOKO
HPHJ7YVXklxPO7/YG4tdJjy7ztQLjxvc+rNdEZ7ADIKXkbSV8w/y5K8L+LX+d7WY
S7Iw5cQ7gyFJAPe7kN/k8x4pP+71Elee0PNmXAsrawccOO3AeAVSl4g2Lwd7D/Ww
rgbynM0+7imnO94E65PgB3DvAgMBAAGjggLqMIIC5jAdBgNVHQ4EFgQUD1lQgYEt
8Vl+hOwRRk5kwYfuOAgwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzYyNkNCNi9GNTEyMzk2ODhCRDgx
MUVCQUVFMjhBMzdGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjZDQjYvRjUxMjM5Njg4QkQ4MTFFQkFFRTI4QTM3RjhBRUEyMjgvRDFsUWdZ
RXQ4VmwtaE93UlJrNWt3WWZ1T0FnLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAiMwDQYJKoZIhvcNAQELBQADggEBAJUszI/KZ5kQT4EIzLoQulKDN4D3oOcY
N+ggQsWa6lH/jHkBbdFmshILgXDztOzjxnJu4YEP35h5XI5HZ6QTRirCmKw1urJo
dkrDBp3G3albzPrRH/X6OZ8S+2+Bo4dbDT18CwEYLILzOOX4S1+apkrkYDZ11q1A
4rwkyysMpDPzseiaD9mRCKWPZFgxduMSfLtHFWZw7t2oS1vdvXmdW6J5+GhNfI8y
dSmtcMsE9Jngqxz7uSyjlGz7tzJGgZZ8g2jRHXgKb2vBV2kOUfZ/AJkoTagcr/va
gTYDVqlC8dWbw8LQFbKW2nWBI21qTHNls+xhpzOW3c7Dkwb/o3qdSfg=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:41 2024 by rpki-client on console-fra.rpki-client.org