Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/HduOkx9XqSgXZJgwxO2K3XTvSfk.cer
File:                     HduOkx9XqSgXZJgwxO2K3XTvSfk.cer (raw, json)
Hash identifier:          PCorhgSZaJ2Jip4LvqDAUrW16/E+JlGvf+1GwxGqkT0=
Subject key identifier:   1D:DB:8E:93:1F:57:A9:28:17:64:98:30:C4:ED:8A:DD:74:EF:49:F9
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       288A
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36F505D/1FB1B4B0EE5F11EDA8219C5A4AD9E6FC/HduOkx9XqSgXZJgwxO2K3XTvSfk.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36F505D/1FB1B4B0EE5F11EDA8219C5A4AD9E6FC/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:31:40 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 329243
                          IP: 102.212.44.0/22
                          IP: 2c0f:240::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10378 (0x288a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 04:31:40 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36F505DAF/serialNumber=1DDB8E931F57A92817649830C4ED8ADD74EF49F9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:b9:0b:d8:2e:ba:3e:3d:0c:a9:ac:87:2b:62:
                    07:a2:13:1d:9a:91:20:d6:ec:e0:73:1c:d7:c3:3f:
                    ad:75:0c:b3:8f:a4:d2:6b:74:fb:d5:e3:80:2a:24:
                    14:a4:83:be:37:a5:d7:c6:81:77:34:5f:92:41:31:
                    97:11:27:3e:2d:bc:f8:69:5b:13:61:f8:92:5c:85:
                    06:82:7e:89:8f:d3:ac:9f:c4:92:69:0d:51:f8:7c:
                    29:e7:4e:e2:61:36:47:e1:09:e6:01:a2:d7:c2:61:
                    e4:aa:6b:4a:75:22:e4:fa:4a:ef:e2:58:cb:08:fe:
                    f3:46:c0:c4:19:9f:bd:5a:73:a7:b4:e4:2d:e8:86:
                    e6:af:7c:47:5d:bc:1d:d1:fb:5f:2f:55:bc:0f:2a:
                    a9:a4:be:98:18:d7:f2:65:1f:60:ad:f2:d7:d6:fc:
                    ba:52:6d:fb:42:e0:bf:c5:bb:cc:1d:34:f3:80:b9:
                    8c:21:22:da:4f:74:a0:80:fd:da:e0:97:37:26:87:
                    ef:36:04:03:5d:ef:de:81:7b:43:cd:7a:94:fa:e5:
                    e5:46:5a:ed:70:2f:28:6e:1f:bb:20:53:6a:98:cf:
                    42:37:09:0e:d4:5c:4e:d4:1b:cc:29:6c:40:52:d8:
                    85:8f:9f:17:0d:29:25:77:ae:77:1f:3b:6d:16:b2:
                    8d:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:DB:8E:93:1F:57:A9:28:17:64:98:30:C4:ED:8A:DD:74:EF:49:F9
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F505D/1FB1B4B0EE5F11EDA8219C5A4AD9E6FC/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F505D/1FB1B4B0EE5F11EDA8219C5A4AD9E6FC/HduOkx9XqSgXZJgwxO2K3XTvSfk.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  329243

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.212.44.0/22
                IPv6:
                  2c0f:240::/32

    Signature Algorithm: sha256WithRSAEncryption
         74:3b:52:5b:68:81:21:af:9a:55:d1:e6:20:7c:6c:f8:c2:37:
         d4:89:82:00:75:8e:5a:a8:d7:27:a5:8b:2e:82:11:af:a5:03:
         b0:dc:04:d6:4d:37:f7:8e:99:14:3c:4d:f5:5d:d3:31:ba:2f:
         9a:5d:c3:60:13:bd:f4:a5:9e:a2:6a:12:61:e9:64:e1:1b:5a:
         51:b9:f6:ff:02:81:04:90:6f:ae:81:40:92:a8:e0:52:34:0c:
         c1:d4:ab:a6:57:43:11:62:9a:7b:72:a0:be:a8:7a:f1:30:e4:
         dc:ec:86:b6:dc:01:58:6f:33:f8:65:a2:dd:7d:80:2c:12:87:
         a4:2a:1b:5a:0e:24:ec:f4:fb:45:79:fa:3b:9e:c8:81:42:5b:
         f6:b9:54:3a:12:cb:f1:a0:17:a6:a1:65:15:50:1c:82:77:b2:
         74:66:da:4b:b7:ea:db:31:c6:61:a8:0f:1c:3e:e4:c8:e7:9c:
         3a:2f:c3:d8:d9:d1:4d:3c:3b:d8:1f:3d:cc:1b:52:20:be:9f:
         6d:d1:9c:5e:0c:06:13:ba:40:ad:1c:b6:56:c7:e0:d2:b1:bc:
         15:67:3f:15:69:16:4d:10:b7:2c:26:91:dd:91:b3:5a:e5:a8:
         55:33:88:dc:36:cc:c6:5d:e1:0c:ec:35:da:3e:27:9b:26:11:
         cc:fd:f3:79
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgICKIowDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwNDMxNDBaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkY1MDVEQUYxMTAvBgNVBAUTKDFEREI4RTkzMUY1N0E5MjgxNzY0OTgz
MEM0RUQ4QURENzRFRjQ5RjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC7uQvYLro+PQyprIcrYgeiEx2akSDW7OBzHNfDP611DLOPpNJrdPvV44AqJBSk
g743pdfGgXc0X5JBMZcRJz4tvPhpWxNh+JJchQaCfomP06yfxJJpDVH4fCnnTuJh
NkfhCeYBotfCYeSqa0p1IuT6Su/iWMsI/vNGwMQZn71ac6e05C3ohuavfEddvB3R
+18vVbwPKqmkvpgY1/JlH2Ct8tfW/LpSbftC4L/Fu8wdNPOAuYwhItpPdKCA/drg
lzcmh+82BANd796Be0PNepT65eVGWu1wLyhuH7sgU2qYz0I3CQ7UXE7UG8wpbEBS
2IWPnxcNKSV3rncfO20Wso1bAgMBAAGjggMaMIIDFjAdBgNVHQ4EFgQUHduOkx9X
qSgXZJgwxO2K3XTvSfkwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZGNTA1RC8xRkIxQjRCMEVFNUYx
MUVEQTgyMTlDNUE0QUQ5RTZGQy8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RjUwNUQvMUZCMUI0QjBFRTVGMTFFREE4MjE5QzVBNEFEOUU2RkMvSGR1T2t4
OVhxU2dYWkpnd3hPMkszWFR2U2ZrLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBhswLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm1CwwDQQCAAIwBwMF
ACwPAkAwDQYJKoZIhvcNAQELBQADggEBAHQ7UltogSGvmlXR5iB8bPjCN9SJggB1
jlqo1yeliy6CEa+lA7DcBNZNN/eOmRQ8TfVd0zG6L5pdw2ATvfSlnqJqEmHpZOEb
WlG59v8CgQSQb66BQJKo4FI0DMHUq6ZXQxFimntyoL6oevEw5NzshrbcAVhvM/hl
ot19gCwSh6QqG1oOJOz0+0V5+jueyIFCW/a5VDoSy/GgF6ahZRVQHIJ3snRm2ku3
6tsxxmGoDxw+5MjnnDovw9jZ0U08O9gfPcwbUiC+n23RnF4MBhO6QK0ctlbH4NKx
vBVnPxVpFk0Qtywmkd2Rs1rlqFUziNw2zMZd4QzsNdo+J5smEcz983k=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:21 2024 by rpki-client on console-ams.rpki-client.org