Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/Ex2mcDsWwqK0jDriza4e_9rh-zo.cer
File:                     Ex2mcDsWwqK0jDriza4e_9rh-zo.cer (raw, json)
Hash identifier:          rX7ZCa1Od2RmWCqPjZ1JI1SYldU7UjRMD5GDMLh+M8I=
Subject key identifier:   13:1D:A6:70:3B:16:C2:A2:B4:8C:3A:E2:CD:AE:1E:FF:DA:E1:FB:3A
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2B3A
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F365052E/7BC482DE5E4B11EFBC78A1A3762E951A/Ex2mcDsWwqK0jDriza4e_9rh-zo.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F365052E/7BC482DE5E4B11EFBC78A1A3762E951A/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 19 Aug 2024 16:53:06 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 36920
                          AS: 37433
                          IP: 41.78.172.0/22
                          IP: 41.215.244.0/22
                          IP: 41.223.64.0/22
                          IP: 102.67.0.0/19
                          IP: 102.216.200.0/22
                          IP: 102.219.152.0/22
                          IP: 197.157.216.0/22
                          IP: 2c0f:fba8::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11066 (0x2b3a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Aug 19 16:53:06 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F365052EAF/serialNumber=131DA6703B16C2A2B48C3AE2CDAE1EFFDAE1FB3A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:cc:45:db:7e:f5:98:5e:e6:30:dc:59:ee:fb:
                    72:79:1c:ec:57:c9:f4:59:5c:3e:d2:2b:37:f7:15:
                    d2:76:5d:e7:10:6e:7f:55:86:16:a8:c8:79:89:d0:
                    00:c3:5e:27:15:7f:a4:26:1d:42:6f:cb:4f:a1:c7:
                    88:48:ff:27:fa:4c:4b:ee:13:6e:66:80:1f:13:c2:
                    d9:41:6f:14:9b:74:7b:d8:4a:68:f0:20:82:48:7e:
                    fa:cb:98:f8:db:2d:1d:4c:47:b7:cf:4f:58:0e:a0:
                    c2:ff:ce:a8:dd:f6:de:73:98:27:62:25:8b:04:95:
                    9a:e2:db:44:bb:08:cf:cb:9f:f2:a9:95:95:43:a2:
                    f2:6f:53:ec:a0:ce:21:b1:c4:af:c9:12:ba:98:62:
                    92:07:06:ff:29:c7:f2:dc:40:78:19:e2:1c:5f:95:
                    2a:99:55:1f:48:56:3a:a3:2a:01:e1:a7:e6:41:99:
                    92:a3:0e:54:8d:b7:1a:3b:78:c0:be:d3:4c:08:4f:
                    6b:73:91:5e:51:8a:5d:5d:e9:36:52:7c:85:86:28:
                    ef:95:56:a6:07:b3:65:19:88:72:59:d4:66:7f:17:
                    3b:90:6b:0e:52:dd:91:fb:ac:f2:58:8f:a8:e3:82:
                    44:6e:d7:57:9d:eb:0b:a1:e5:d4:2d:24:c8:dd:12:
                    60:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:1D:A6:70:3B:16:C2:A2:B4:8C:3A:E2:CD:AE:1E:FF:DA:E1:FB:3A
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F365052E/7BC482DE5E4B11EFBC78A1A3762E951A/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F365052E/7BC482DE5E4B11EFBC78A1A3762E951A/Ex2mcDsWwqK0jDriza4e_9rh-zo.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  36920
                  37433

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.78.172.0/22
                  41.215.244.0/22
                  41.223.64.0/22
                  102.67.0.0/19
                  102.216.200.0/22
                  102.219.152.0/22
                  197.157.216.0/22
                IPv6:
                  2c0f:fba8::/32

    Signature Algorithm: sha256WithRSAEncryption
         8a:51:a7:95:69:71:cb:67:fc:52:f6:e0:63:cc:ac:e1:fe:58:
         48:76:d2:89:a4:28:15:14:39:bf:99:e5:d9:22:7f:58:16:e1:
         c1:62:88:29:04:1a:e1:69:1b:21:4c:a8:40:1d:94:24:8c:99:
         e6:d0:02:61:0e:cf:7d:d3:31:f2:6f:f9:09:c3:2e:fb:f0:b6:
         13:27:a4:06:20:ec:51:68:18:16:89:fc:27:f9:53:a3:7b:1a:
         4a:14:fd:d6:9e:29:5f:53:9e:2c:a2:59:6e:e4:2b:3f:09:26:
         54:22:f1:93:51:76:33:03:ab:c1:f5:4f:1d:42:bc:59:4b:8d:
         5f:2e:85:55:15:2d:a2:13:13:30:af:cd:a5:79:e6:9a:30:71:
         1d:de:ec:f7:bb:c0:59:a4:91:bb:c1:a4:34:94:10:c2:7a:c2:
         9e:fc:c9:61:b7:30:6b:36:9e:2c:f2:05:6f:92:e0:70:50:e3:
         27:00:6f:12:a3:e2:a1:9b:6c:15:99:78:ed:07:1c:76:64:e3:
         59:9d:d5:77:74:bd:f9:22:3e:38:74:c0:8c:23:2f:7e:05:10:
         23:c9:a0:bb:4e:44:ca:93:81:43:f5:33:09:4f:1d:44:bc:3d:
         db:2e:e4:ef:86:fd:44:e1:7d:14:4a:38:02:60:74:7b:35:30:
         f6:52:d3:6b
-----BEGIN CERTIFICATE-----
MIIGTjCCBTagAwIBAgICKzowDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDA4MTkxNjUzMDZaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjUwNTJFQUYxMTAvBgNVBAUTKDEzMURBNjcwM0IxNkMyQTJCNDhDM0FF
MkNEQUUxRUZGREFFMUZCM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCtzEXbfvWYXuYw3Fnu+3J5HOxXyfRZXD7SKzf3FdJ2XecQbn9VhhaoyHmJ0ADD
XicVf6QmHUJvy0+hx4hI/yf6TEvuE25mgB8TwtlBbxSbdHvYSmjwIIJIfvrLmPjb
LR1MR7fPT1gOoML/zqjd9t5zmCdiJYsElZri20S7CM/Ln/KplZVDovJvU+ygziGx
xK/JErqYYpIHBv8px/LcQHgZ4hxflSqZVR9IVjqjKgHhp+ZBmZKjDlSNtxo7eMC+
00wIT2tzkV5Ril1d6TZSfIWGKO+VVqYHs2UZiHJZ1GZ/FzuQaw5S3ZH7rPJYj6jj
gkRu11ed6wuh5dQtJMjdEmClAgMBAAGjggNDMIIDPzAdBgNVHQ4EFgQUEx2mcDsW
wqK0jDriza4e/9rh+zowHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY1MDUyRS83QkM0ODJERTVFNEIx
MUVGQkM3OEExQTM3NjJFOTUxQS8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTA1MkUvN0JDNDgyREU1RTRCMTFFRkJDNzhBMUEzNzYyRTk1MUEvRXgybWNE
c1d3cUswakRyaXphNGVfOXJoLXpvLm1mdDAfBggrBgEFBQcBCAEB/wQQMA6gDDAK
AgMAkDgCAwCSOTBSBggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAilOrAMEAinX
9AMEAinfQAMEBWZDAAMEAmbYyAMEAmbbmAMEAsWd2DANBAIAAjAHAwUALA/7qDAN
BgkqhkiG9w0BAQsFAAOCAQEAilGnlWlxy2f8UvbgY8ys4f5YSHbSiaQoFRQ5v5nl
2SJ/WBbhwWKIKQQa4WkbIUyoQB2UJIyZ5tACYQ7PfdMx8m/5CcMu+/C2EyekBiDs
UWgYFon8J/lTo3saShT91p4pX1OeLKJZbuQrPwkmVCLxk1F2MwOrwfVPHUK8WUuN
Xy6FVRUtohMTMK/NpXnmmjBxHd7s97vAWaSRu8GkNJQQwnrCnvzJYbcwazaeLPIF
b5LgcFDjJwBvEqPioZtsFZl47QccdmTjWZ3Vd3S9+SI+OHTAjCMvfgUQI8mgu05E
ypOBQ/UzCU8dRLw92y7k74b9ROF9FEo4AmB0ezUw9lLTaw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:31 2024 by rpki-client on console-fra.rpki-client.org