Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/FUgKw-djfPKntoh6_VGlPwPmrUc.cer
File:                     FUgKw-djfPKntoh6_VGlPwPmrUc.cer (raw, json)
Hash identifier:          CkDdimCkPqkGYPKLdlFPldwT5dyJaYEjeoMzW7Oqibk=
Subject key identifier:   15:48:0A:C3:E7:63:7C:F2:A7:B6:88:7A:FD:51:A5:3F:03:E6:AD:47
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       27D5
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36D289C/FB7081DCA87411E9AC77AB45F8AEA228/FUgKw-djfPKntoh6_VGlPwPmrUc.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36D289C/FB7081DCA87411E9AC77AB45F8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:04:06 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 327754
                          IP: 102.217.232.0/22
                          IP: 102.223.240.0/23
                          IP: 154.73.208.0/21
                          IP: 2c0f:f508::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10197 (0x27d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 04:04:06 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36D289CAF/serialNumber=15480AC3E7637CF2A7B6887AFD51A53F03E6AD47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:a8:8f:e9:6f:c6:b2:b9:5f:7b:24:07:f4:f6:
                    a0:0a:f5:75:f0:a2:a6:49:81:ab:4c:9a:0d:84:08:
                    fc:ca:9f:5b:26:85:be:d9:76:20:51:0d:91:c9:64:
                    a6:68:a4:9f:58:5a:38:18:d1:5b:56:2b:3f:fb:f6:
                    7a:82:0a:2e:b9:ad:7d:f6:58:ff:ba:b4:b8:d8:13:
                    8d:65:e7:6a:d0:de:ff:cf:88:50:76:63:2e:32:65:
                    8a:cd:18:0a:cc:41:fc:64:dc:4b:bf:28:7a:2e:59:
                    4a:9e:ea:57:ee:e4:5e:d2:a8:81:8e:50:8b:86:5d:
                    74:f2:bc:27:e7:9b:f6:34:2f:ce:ab:5f:0c:99:58:
                    a2:ed:94:66:68:37:40:f7:8f:8e:30:57:e5:fa:ce:
                    d6:f3:07:1e:56:17:9b:38:0c:3b:a6:60:de:04:93:
                    bb:47:6f:08:36:85:17:55:dc:bf:10:6c:69:94:11:
                    74:5a:ff:f1:7a:08:68:e6:a0:d6:24:6a:9b:1e:0d:
                    97:61:d4:0a:5f:ea:bf:18:ff:21:9e:88:4d:c9:5c:
                    dd:1d:88:eb:63:bf:81:c0:33:6e:7b:d5:62:c1:7f:
                    8b:46:5e:f5:5e:8e:d4:8e:ac:2d:ef:04:d2:f4:ac:
                    0c:90:81:6a:9e:12:44:34:fd:c6:8e:3b:29:c9:b7:
                    8c:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:48:0A:C3:E7:63:7C:F2:A7:B6:88:7A:FD:51:A5:3F:03:E6:AD:47
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D289C/FB7081DCA87411E9AC77AB45F8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D289C/FB7081DCA87411E9AC77AB45F8AEA228/FUgKw-djfPKntoh6_VGlPwPmrUc.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  327754

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.217.232.0/22
                  102.223.240.0/23
                  154.73.208.0/21
                IPv6:
                  2c0f:f508::/32

    Signature Algorithm: sha256WithRSAEncryption
         97:7a:70:67:7f:fd:93:d5:eb:5b:10:1f:6a:f6:bc:8b:b6:f6:
         b6:dc:81:9d:9b:2f:71:91:b2:b9:53:e2:22:03:6c:37:7e:e2:
         d9:5b:a2:2b:89:c2:b1:b4:3a:ba:20:31:a2:a8:8c:2e:36:9a:
         e8:73:d1:2d:4a:7e:51:5c:c5:44:e4:05:68:68:d8:9d:db:df:
         44:5d:17:6a:59:c8:2b:72:af:1a:a3:6e:42:95:1f:9b:dc:60:
         ae:0b:83:61:98:8f:8a:be:20:bd:0a:cb:c4:92:b2:89:ef:4f:
         a2:d2:bf:ff:53:09:dd:1a:9f:43:e7:e1:b5:e9:0c:58:f8:5c:
         ce:9c:68:a0:e2:9b:5b:95:ff:9c:f3:2b:37:80:03:b2:4f:d7:
         8e:38:e8:bb:32:7e:9e:6c:44:f8:d9:81:52:bb:ae:8a:b0:34:
         ba:f9:aa:6b:68:7f:b4:2a:68:46:c1:6c:b5:8a:92:15:98:45:
         95:b7:7d:92:c2:18:e3:77:c4:7b:1c:07:7a:7a:d3:84:76:3e:
         7e:8d:f8:9f:ef:c8:4f:9a:5f:60:3b:75:be:3c:1d:ae:56:49:
         53:c9:d5:58:61:ca:c5:70:ea:33:17:8d:53:92:21:d9:fe:ca:
         cc:e2:d5:51:c3:75:7b:2c:26:f2:86:73:ba:f4:9f:64:8d:a2:
         b2:32:ae:a9
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgICJ9UwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwNDA0MDZaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkQyODlDQUYxMTAvBgNVBAUTKDE1NDgwQUMzRTc2MzdDRjJBN0I2ODg3
QUZENTFBNTNGMDNFNkFENDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDZqI/pb8ayuV97JAf09qAK9XXwoqZJgatMmg2ECPzKn1smhb7ZdiBRDZHJZKZo
pJ9YWjgY0VtWKz/79nqCCi65rX32WP+6tLjYE41l52rQ3v/PiFB2Yy4yZYrNGArM
Qfxk3Eu/KHouWUqe6lfu5F7SqIGOUIuGXXTyvCfnm/Y0L86rXwyZWKLtlGZoN0D3
j44wV+X6ztbzBx5WF5s4DDumYN4Ek7tHbwg2hRdV3L8QbGmUEXRa//F6CGjmoNYk
apseDZdh1Apf6r8Y/yGeiE3JXN0diOtjv4HAM2571WLBf4tGXvVejtSOrC3vBNL0
rAyQgWqeEkQ0/caOOynJt4zPAgMBAAGjggMmMIIDIjAdBgNVHQ4EFgQUFUgKw+dj
fPKntoh6/VGlPwPmrUcwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZEMjg5Qy9GQjcwODFEQ0E4NzQx
MUU5QUM3N0FCNDVGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDI4OUMvRkI3MDgxRENBODc0MTFFOUFDNzdBQjQ1RjhBRUEyMjgvRlVnS3ct
ZGpmUEtudG9oNl9WR2xQd1BtclVjLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAEowOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAJm2egDBAFm3/ADBAOa
SdAwDQQCAAIwBwMFACwP9QgwDQYJKoZIhvcNAQELBQADggEBAJd6cGd//ZPV61sQ
H2r2vIu29rbcgZ2bL3GRsrlT4iIDbDd+4tlboiuJwrG0OrogMaKojC42muhz0S1K
flFcxUTkBWho2J3b30RdF2pZyCtyrxqjbkKVH5vcYK4Lg2GYj4q+IL0Ky8SSsonv
T6LSv/9TCd0an0Pn4bXpDFj4XM6caKDim1uV/5zzKzeAA7JP14446Lsyfp5sRPjZ
gVK7roqwNLr5qmtof7QqaEbBbLWKkhWYRZW3fZLCGON3xHscB3p604R2Pn6N+J/v
yE+aX2A7db48Ha5WSVPJ1VhhysVw6jMXjVOSIdn+yszi1VHDdXssJvKGc7r0n2SN
orIyrqk=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:41 2024 by rpki-client on console-fra.rpki-client.org