Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/Is1vGHd1wj4nUVsv44CC5L_qj_Q.cer
File:                     Is1vGHd1wj4nUVsv44CC5L_qj_Q.cer (raw, json)
Hash identifier:          SgGcqh/I7hG/oRfyLhE47ZCeZnWI+AhMd/vjuSQUxWc=
Subject key identifier:   22:CD:6F:18:77:75:C2:3E:27:51:5B:2F:E3:80:82:E4:BF:EA:8F:F4
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2F1F
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F365AA12/76D92404BF8511EBACD38C2DF8AEA228/Is1vGHd1wj4nUVsv44CC5L_qj_Q.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F365AA12/76D92404BF8511EBACD38C2DF8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 02:12:16 +0000
Certificate not after:    Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources:    AS: 328656
                          IP: 102.223.40.0/22
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12063 (0x2f1f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC
        Validity
            Not Before: Jan  1 02:12:16 2025 GMT
            Not After : Mar 31 00:00:00 2026 GMT
        Subject: CN=F365AA12AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:f8:01:00:c3:e0:98:76:50:c5:3b:e7:16:db:
                    bd:80:fe:11:22:f3:bd:f6:ec:05:02:94:75:19:30:
                    71:37:37:5a:25:20:b0:2b:00:f3:c6:5b:eb:07:42:
                    01:8a:56:ea:d0:bb:af:78:90:f9:45:30:f4:b7:04:
                    6b:e4:fb:08:51:71:3d:b8:98:41:80:41:43:2c:34:
                    1f:aa:ed:e2:05:71:27:cc:b0:f1:02:e2:39:d6:06:
                    84:47:ae:5f:e6:88:cb:ad:0f:aa:18:3f:e5:d1:0c:
                    88:4f:76:0b:22:c3:a6:ea:35:88:4d:37:02:17:b5:
                    64:bd:5d:25:ba:97:df:fe:1d:06:5f:a9:41:c5:cb:
                    33:d5:64:ab:c6:9d:a0:46:c8:a4:f9:1b:eb:a9:9e:
                    c5:c2:a2:4d:6b:8d:01:c7:72:bd:53:1c:07:e4:ad:
                    89:df:d2:c0:c8:6f:02:71:c0:c2:97:3e:bf:54:b7:
                    c0:89:54:47:02:6a:64:e4:83:03:82:74:7e:29:e7:
                    47:7e:de:e9:9e:b7:2c:6a:95:ce:c0:e3:be:d1:e2:
                    c2:12:05:13:a9:f4:4a:3e:9b:78:47:86:1f:17:42:
                    db:0d:68:0b:d2:8e:95:6a:a6:19:69:38:0f:ec:51:
                    16:ce:75:5b:50:94:91:4a:b0:d3:0c:68:71:f1:ab:
                    a5:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:CD:6F:18:77:75:C2:3E:27:51:5B:2F:E3:80:82:E4:BF:EA:8F:F4
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F365AA12/76D92404BF8511EBACD38C2DF8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F365AA12/76D92404BF8511EBACD38C2DF8AEA228/Is1vGHd1wj4nUVsv44CC5L_qj_Q.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328656

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.223.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         69:9a:58:6e:61:6e:0d:da:5a:e1:08:da:6f:1a:32:bf:a6:5b:
         0e:b4:02:b5:2c:e6:c3:2b:b6:cd:d5:a8:af:82:e3:ee:13:10:
         43:bc:12:4b:5c:90:94:5a:ab:db:01:ff:dd:c1:20:bc:89:79:
         2e:e7:c3:d5:8b:37:8d:7c:62:64:d1:bd:24:89:c6:c7:5a:3b:
         d1:1d:57:46:14:fb:ce:29:1a:67:e1:cb:0d:62:59:41:8e:47:
         39:b6:da:e4:9b:81:bb:cf:e0:a1:54:f0:19:76:3a:8a:89:34:
         c0:fe:1b:c8:32:3b:43:cb:d8:55:30:20:89:0c:cd:0b:39:cc:
         28:98:1a:89:c1:2a:40:d0:72:24:2b:28:86:9f:ae:06:32:7a:
         b9:92:e5:84:2b:06:d2:c4:5c:af:65:93:46:aa:41:d6:64:03:
         ab:e5:7a:c5:59:a1:08:c0:97:63:4f:13:b1:c4:89:f4:ba:cd:
         92:56:bf:5f:a9:19:27:6e:af:9d:f6:a0:33:50:3e:c3:08:fa:
         5c:5f:73:0d:4f:f4:87:7c:e6:0a:5e:09:11:9f:58:4a:b0:f1:
         ca:14:e1:af:40:72:8d:ea:a2:f4:f2:a3:6d:c0:28:dd:b8:b1:
         c1:94:79:59:d2:2e:aa:8f:2a:37:1e:7d:9a:8e:80:63:89:5b:
         8c:98:1f:9c
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgICLx8wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNTAxMDEwMjEyMTZaFw0yNjAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjVBQTEyQUYxMTAvBgNVBAUTKDIyQ0Q2RjE4Nzc3NUMyM0UyNzUxNUIy
RkUzODA4MkU0QkZFQThGRjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCz+AEAw+CYdlDFO+cW272A/hEi87327AUClHUZMHE3N1olILArAPPGW+sHQgGK
VurQu694kPlFMPS3BGvk+whRcT24mEGAQUMsNB+q7eIFcSfMsPEC4jnWBoRHrl/m
iMutD6oYP+XRDIhPdgsiw6bqNYhNNwIXtWS9XSW6l9/+HQZfqUHFyzPVZKvGnaBG
yKT5G+upnsXCok1rjQHHcr1THAfkrYnf0sDIbwJxwMKXPr9Ut8CJVEcCamTkgwOC
dH4p50d+3umetyxqlc7A477R4sISBROp9Eo+m3hHhh8XQtsNaAvSjpVqphlpOA/s
URbOdVtQlJFKsNMMaHHxq6U7AgMBAAGjggMLMIIDBzAdBgNVHQ4EFgQUIs1vGHd1
wj4nUVsv44CC5L/qj/QwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY1QUExMi83NkQ5MjQwNEJGODUx
MUVCQUNEMzhDMkRGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUFBMTIvNzZEOTI0MDRCRjg1MTFFQkFDRDM4QzJERjhBRUEyMjgvSXMxdkdI
ZDF3ajRuVVZzdjQ0Q0M1TF9xal9RLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFA9AwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm3ygwDQYJKoZIhvcN
AQELBQADggEBAGmaWG5hbg3aWuEI2m8aMr+mWw60ArUs5sMrts3VqK+C4+4TEEO8
EktckJRaq9sB/93BILyJeS7nw9WLN418YmTRvSSJxsdaO9EdV0YU+84pGmfhyw1i
WUGORzm22uSbgbvP4KFU8Bl2OoqJNMD+G8gyO0PL2FUwIIkMzQs5zCiYGonBKkDQ
ciQrKIafrgYyermS5YQrBtLEXK9lk0aqQdZkA6vlesVZoQjAl2NPE7HEifS6zZJW
v1+pGSdur532oDNQPsMI+lxfcw1P9Id85gpeCRGfWEqw8coU4a9Aco3qovTyo23A
KN24scGUeVnSLqqPKjcefZqOgGOJW4yYH5w=
-----END CERTIFICATE-----