Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/EpiStZvukL-kaOVEXErR0BaeEdk.cer
File:                     EpiStZvukL-kaOVEXErR0BaeEdk.cer (raw, json)
Hash identifier:          g1j0SZKoVT3RzC41oLfF5QYuS/XE4QbAlfi5C9WHDj8=
Subject key identifier:   12:98:92:B5:9B:EE:90:BF:A4:68:E5:44:5C:4A:D1:D0:16:9E:11:D9
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2665
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F3689E12/6C60968A6A3811EBA7C88C32F8AEA228/EpiStZvukL-kaOVEXErR0BaeEdk.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F3689E12/6C60968A6A3811EBA7C88C32F8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 03:07:52 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328735
                          IP: 102.222.136.0/23
                          IP: 2c0f:e9b8::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9829 (0x2665)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 03:07:52 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F3689E12AF/serialNumber=129892B59BEE90BFA468E5445C4AD1D0169E11D9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:a9:f2:8a:26:6f:1a:e2:f0:91:c6:9a:3c:2e:
                    e7:be:10:72:bf:1b:72:0d:58:5c:6f:b5:13:2a:b2:
                    d6:ab:6e:61:da:8d:cc:ce:4d:58:f3:12:db:a6:20:
                    ea:62:c8:ec:98:3f:33:46:00:63:a8:9f:9c:44:4c:
                    1a:28:c4:c6:7c:63:d1:0c:72:8d:12:16:57:e7:51:
                    b0:cc:b9:90:93:8b:89:3f:b1:6b:48:76:8d:36:63:
                    3c:65:bc:cb:89:47:5f:71:be:ef:8b:63:54:38:86:
                    86:73:b9:80:1f:7d:50:20:d8:3d:8d:25:fa:72:97:
                    83:21:67:7c:cf:9b:95:a6:ea:92:3e:61:58:c8:98:
                    97:ec:9b:4e:77:f4:2e:fb:f6:7e:e6:45:e4:b6:a0:
                    a4:85:94:fd:26:61:2d:bd:33:67:59:ad:a7:95:9c:
                    d6:65:da:73:d9:cf:33:86:54:cc:6c:f7:18:19:3f:
                    bc:08:10:51:6d:72:57:5e:ec:5a:2c:00:ec:91:41:
                    f4:55:14:7b:3f:61:9d:6d:24:dd:4e:93:b2:40:9d:
                    3c:08:82:74:bb:fd:3d:e3:77:79:0f:e0:28:7f:2c:
                    f6:03:a2:01:29:cf:70:c4:b1:0a:38:8e:8f:0e:33:
                    15:39:6a:e7:4a:0b:bc:e1:9f:f8:6a:c1:1c:e3:fe:
                    4b:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:98:92:B5:9B:EE:90:BF:A4:68:E5:44:5C:4A:D1:D0:16:9E:11:D9
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F3689E12/6C60968A6A3811EBA7C88C32F8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F3689E12/6C60968A6A3811EBA7C88C32F8AEA228/EpiStZvukL-kaOVEXErR0BaeEdk.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328735

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.222.136.0/23
                IPv6:
                  2c0f:e9b8::/32

    Signature Algorithm: sha256WithRSAEncryption
         a7:13:4d:78:c6:87:fb:00:a0:65:98:c9:24:d0:65:7e:58:1d:
         11:54:f1:72:ab:dc:9b:61:b0:20:cf:ef:90:57:27:c9:4d:a2:
         b3:24:d8:52:d2:1b:2e:53:9e:ea:b7:14:16:9e:20:6c:1d:f3:
         00:1d:ef:02:0a:91:0e:7c:e8:30:1a:33:65:8e:90:b2:b4:b7:
         68:ed:7c:dc:28:e3:eb:9b:34:2c:88:92:5f:55:2c:b4:c4:76:
         06:c8:51:5b:80:29:79:24:a5:3c:97:2a:6f:6f:d5:14:bf:3e:
         e4:98:52:97:06:24:65:a7:12:7b:ef:5f:3f:f4:90:dc:91:d3:
         25:f1:a8:b9:73:f3:6d:5e:60:43:7e:e5:93:e4:7f:e2:fc:c7:
         92:e8:87:8d:10:a7:ea:66:9b:49:f6:09:ba:78:e6:a6:44:02:
         ca:e0:27:46:69:b8:01:05:6f:18:a9:b2:92:62:83:8f:ac:5a:
         bf:44:d9:0c:4b:4f:62:bc:8c:b1:54:88:c4:67:d8:1f:1b:85:
         1c:db:6b:4f:0a:f3:21:c3:92:c4:6d:36:0c:38:b5:c1:a4:b6:
         9f:a7:5a:e5:ca:39:4e:4b:f9:1c:d5:bb:01:77:12:72:c2:ab:
         11:a2:d5:fc:0c:95:58:9a:81:9c:6f:8b:61:29:a0:a0:df:0e:
         4d:08:cb:c9
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgICJmUwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMzA3NTJaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjg5RTEyQUYxMTAvBgNVBAUTKDEyOTg5MkI1OUJFRTkwQkZBNDY4RTU0
NDVDNEFEMUQwMTY5RTExRDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDoqfKKJm8a4vCRxpo8Lue+EHK/G3INWFxvtRMqstarbmHajczOTVjzEtumIOpi
yOyYPzNGAGOon5xETBooxMZ8Y9EMco0SFlfnUbDMuZCTi4k/sWtIdo02YzxlvMuJ
R19xvu+LY1Q4hoZzuYAffVAg2D2NJfpyl4MhZ3zPm5Wm6pI+YVjImJfsm0539C77
9n7mReS2oKSFlP0mYS29M2dZraeVnNZl2nPZzzOGVMxs9xgZP7wIEFFtclde7Fos
AOyRQfRVFHs/YZ1tJN1Ok7JAnTwIgnS7/T3jd3kP4Ch/LPYDogEpz3DEsQo4jo8O
MxU5audKC7zhn/hqwRzj/ktJAgMBAAGjggMaMIIDFjAdBgNVHQ4EFgQUEpiStZvu
kL+kaOVEXErR0BaeEdkwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY4OUUxMi82QzYwOTY4QTZBMzgx
MUVCQTdDODhDMzJGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODlFMTIvNkM2MDk2OEE2QTM4MTFFQkE3Qzg4QzMyRjhBRUEyMjgvRXBpU3Ra
dnVrTC1rYU9WRVhFclIwQmFlRWRrLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBB8wLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAFm3ogwDQQCAAIwBwMF
ACwP6bgwDQYJKoZIhvcNAQELBQADggEBAKcTTXjGh/sAoGWYySTQZX5YHRFU8XKr
3JthsCDP75BXJ8lNorMk2FLSGy5Tnuq3FBaeIGwd8wAd7wIKkQ586DAaM2WOkLK0
t2jtfNwo4+ubNCyIkl9VLLTEdgbIUVuAKXkkpTyXKm9v1RS/PuSYUpcGJGWnEnvv
Xz/0kNyR0yXxqLlz821eYEN+5ZPkf+L8x5Loh40Qp+pmm0n2Cbp45qZEAsrgJ0Zp
uAEFbxipspJig4+sWr9E2QxLT2K8jLFUiMRn2B8bhRzba08K8yHDksRtNgw4tcGk
tp+nWuXKOU5L+RzVuwF3EnLCqxGi1fwMlViagZxvi2EpoKDfDk0Iy8k=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:31 2024 by rpki-client on console-fra.rpki-client.org