Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/DcCyLHQvAlOAX0GvcE4dfeG4v5g.cer
File:                     DcCyLHQvAlOAX0GvcE4dfeG4v5g.cer (raw, json)
Hash identifier:          3gUZpRs4UrTzSCarfKx5E5emgXaoplzcFdYIXB/x83U=
Subject key identifier:   0D:C0:B2:2C:74:2F:02:53:80:5F:41:AF:70:4E:1D:7D:E1:B8:BF:98
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2340
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36177FD/7EE2ED1ADCD011ECAAFFC58FF1222468/DcCyLHQvAlOAX0GvcE4dfeG4v5g.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36177FD/7EE2ED1ADCD011ECAAFFC58FF1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:14:26 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 102.217.96.0/22
                          IP: 2c0f:3700::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9024 (0x2340)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 00:14:26 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36177FDAF/serialNumber=0DC0B22C742F0253805F41AF704E1D7DE1B8BF98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:a6:35:b4:46:7f:50:c6:ed:04:02:91:9e:5d:
                    45:85:56:e0:e9:cf:6a:2a:ac:87:a3:db:cf:1f:59:
                    db:b1:97:23:61:a0:88:61:08:26:d8:a9:93:29:54:
                    c9:24:86:d0:de:82:61:11:7c:77:4d:5a:e1:eb:bf:
                    76:b8:35:f0:20:ca:b0:6d:d6:7f:6c:e2:18:b5:40:
                    e9:4f:66:c8:8d:69:38:f9:b6:98:a7:8b:94:fa:4f:
                    74:2f:ef:c9:0a:21:09:a1:83:d0:26:84:cd:e8:75:
                    b6:40:84:ab:80:9d:6f:11:b2:71:33:e6:1d:81:c0:
                    ba:e0:90:f6:bc:d4:26:b9:4c:d4:2e:00:58:76:b8:
                    16:0b:b7:29:ea:95:d5:e2:71:23:77:df:aa:47:37:
                    6a:d6:0a:81:f5:86:1f:d6:0c:85:4d:6e:62:3d:66:
                    3d:8e:eb:17:20:60:b7:aa:8c:10:fa:af:1a:ee:7a:
                    c2:d6:35:53:6c:29:44:b2:78:79:f8:70:d5:c1:35:
                    4c:84:33:e0:d7:4c:72:88:cc:85:e0:ce:54:64:be:
                    30:22:fb:cb:e5:9b:46:ac:20:1d:fc:72:93:1a:a9:
                    f6:4d:90:54:63:5a:a9:67:3d:a8:73:fa:0b:2d:e8:
                    eb:3b:d5:46:92:0d:a2:9e:a1:5b:25:76:9b:da:96:
                    72:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:C0:B2:2C:74:2F:02:53:80:5F:41:AF:70:4E:1D:7D:E1:B8:BF:98
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36177FD/7EE2ED1ADCD011ECAAFFC58FF1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36177FD/7EE2ED1ADCD011ECAAFFC58FF1222468/DcCyLHQvAlOAX0GvcE4dfeG4v5g.mft

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.217.96.0/22
                IPv6:
                  2c0f:3700::/32

    Signature Algorithm: sha256WithRSAEncryption
         5b:6b:56:27:5d:fe:ed:ac:00:c4:b7:ae:b9:31:ec:2d:c0:8b:
         8f:22:7d:14:8b:a6:32:b5:f9:79:ab:da:b2:51:9e:b8:3c:ac:
         88:50:31:ee:85:9a:0a:d4:fb:41:46:d6:e6:7b:4e:19:de:80:
         1d:fb:1d:84:f4:58:e6:6b:b2:a7:4a:ff:7c:84:98:66:d0:9f:
         75:ec:8b:e3:4d:13:04:05:f7:25:73:85:87:67:0b:0b:3c:15:
         31:40:53:1c:49:83:2d:c4:19:7d:56:b4:dd:49:f0:11:77:7e:
         8f:02:21:7b:93:78:f7:c0:fb:4b:1b:7d:08:40:9f:a1:c4:c2:
         f5:f8:5b:76:b3:76:fb:38:b8:56:57:46:78:05:cf:99:22:06:
         d4:b2:50:4b:06:af:7a:78:81:eb:fa:98:03:3d:c2:a7:50:ce:
         23:4d:34:52:7e:3c:ec:19:88:6e:90:46:e4:26:4a:fa:3b:a4:
         9e:b1:2a:90:89:14:70:5a:05:86:fc:a7:82:f3:42:7a:89:66:
         d6:49:c4:4f:ba:9d:f7:ff:3d:90:c7:02:0c:03:9d:ce:02:75:
         a3:5a:ce:86:4f:85:c4:1c:56:c2:38:d8:47:b3:74:24:73:ba:
         96:2a:71:04:e7:01:8f:99:06:60:95:e1:fa:6f:f9:1e:fd:0e:
         ca:dd:9d:75
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgICI0AwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMDE0MjZaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjE3N0ZEQUYxMTAvBgNVBAUTKDBEQzBCMjJDNzQyRjAyNTM4MDVGNDFB
RjcwNEUxRDdERTFCOEJGOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDNpjW0Rn9Qxu0EApGeXUWFVuDpz2oqrIej288fWduxlyNhoIhhCCbYqZMpVMkk
htDegmERfHdNWuHrv3a4NfAgyrBt1n9s4hi1QOlPZsiNaTj5tpini5T6T3Qv78kK
IQmhg9AmhM3odbZAhKuAnW8RsnEz5h2BwLrgkPa81Ca5TNQuAFh2uBYLtynqldXi
cSN336pHN2rWCoH1hh/WDIVNbmI9Zj2O6xcgYLeqjBD6rxruesLWNVNsKUSyeHn4
cNXBNUyEM+DXTHKIzIXgzlRkvjAi+8vlm0asIB38cpMaqfZNkFRjWqlnPahz+gst
6Os71UaSDaKeoVsldpvalnIHAgMBAAGjggL+MIIC+jAdBgNVHQ4EFgQUDcCyLHQv
AlOAX0GvcE4dfeG4v5gwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzYxNzdGRC83RUUyRUQxQURDRDAx
MUVDQUFGRkM1OEZGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTc3RkQvN0VFMkVEMUFEQ0QwMTFFQ0FBRkZDNThGRjEyMjI0NjgvRGNDeUxI
UXZBbE9BWDBHdmNFNGRmZUc0djVnLm1mdDAuBggrBgEFBQcBBwEB/wQfMB0wDAQC
AAEwBgMEAmbZYDANBAIAAjAHAwUALA83ADANBgkqhkiG9w0BAQsFAAOCAQEAW2tW
J13+7awAxLeuuTHsLcCLjyJ9FIumMrX5eavaslGeuDysiFAx7oWaCtT7QUbW5ntO
Gd6AHfsdhPRY5muyp0r/fISYZtCfdeyL400TBAX3JXOFh2cLCzwVMUBTHEmDLcQZ
fVa03UnwEXd+jwIhe5N498D7Sxt9CECfocTC9fhbdrN2+zi4VldGeAXPmSIG1LJQ
SwaveniB6/qYAz3Cp1DOI000Un487BmIbpBG5CZK+juknrEqkIkUcFoFhvyngvNC
eolm1knET7qd9/89kMcCDAOdzgJ1o1rOhk+FxBxWwjjYR7N0JHO6lipxBOcBj5kG
YJXh+m/5Hv0Oyt2ddQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:21 2024 by rpki-client on console-ams.rpki-client.org