Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/KSWEoez-KvMJMi1y5i2NXGpe968.cer
File:                     KSWEoez-KvMJMi1y5i2NXGpe968.cer (raw, json)
Hash identifier:          3mTS3bg0a3Yigb4ErV0WGyMr173TkE9HH4Dq4VbhHTk=
Subject key identifier:   29:25:84:A1:EC:FE:2A:F3:09:32:2D:72:E6:2D:8D:5C:6A:5E:F7:AF
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2A20
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F364791E/7EC3F6362F8511EEA83976724AD9E6FC/KSWEoez-KvMJMi1y5i2NXGpe968.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F364791E/7EC3F6362F8511EEA83976724AD9E6FC/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Fri 17 May 2024 09:47:33 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 329206
                          IP: 102.209.20.0/22
                          IP: 102.213.4.0/22
                          IP: 2c0f:7580::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10784 (0x2a20)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: May 17 09:47:33 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F364791EAF/serialNumber=292584A1ECFE2AF309322D72E62D8D5C6A5EF7AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:a0:47:bb:ff:b3:91:b7:e6:49:81:2e:e1:35:
                    34:71:1c:80:9f:f8:0d:79:49:8b:59:6b:75:4b:6d:
                    bd:e9:e3:bb:f8:f0:49:4b:4b:cc:02:91:4d:05:06:
                    bb:43:e5:5e:14:ca:98:39:13:c3:74:0e:49:15:c6:
                    e0:58:7f:50:48:0d:66:da:58:85:11:a0:f4:0d:86:
                    9e:2b:28:e3:d0:cd:b9:91:b4:6c:a0:fd:47:f9:21:
                    39:d1:7e:16:89:00:b0:6a:ad:2c:81:bf:12:78:c0:
                    e3:08:e1:aa:be:ef:b4:53:c2:e2:ee:39:e4:e4:34:
                    c6:67:06:ae:43:28:a5:ac:fd:a4:b2:06:80:88:91:
                    24:bf:72:8d:ac:8c:1e:9f:4d:4f:e3:04:88:c8:69:
                    18:e0:03:45:a3:c0:56:0b:27:58:0b:7f:26:51:44:
                    e4:91:2f:62:a7:c7:23:c7:b7:b4:6a:03:50:e6:03:
                    e2:14:6b:ad:97:19:78:af:16:36:d2:97:5d:58:48:
                    38:43:e6:74:55:58:28:a9:ed:31:f4:7d:b8:e7:9e:
                    a3:29:de:f8:1e:8f:7e:c9:a0:dd:f5:07:fa:12:2d:
                    46:ab:8a:01:75:0b:6e:72:61:6f:34:42:fa:85:1b:
                    b3:eb:24:6c:b9:32:85:92:87:af:1c:82:4f:59:48:
                    ff:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:25:84:A1:EC:FE:2A:F3:09:32:2D:72:E6:2D:8D:5C:6A:5E:F7:AF
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F364791E/7EC3F6362F8511EEA83976724AD9E6FC/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F364791E/7EC3F6362F8511EEA83976724AD9E6FC/KSWEoez-KvMJMi1y5i2NXGpe968.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  329206

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.209.20.0/22
                  102.213.4.0/22
                IPv6:
                  2c0f:7580::/32

    Signature Algorithm: sha256WithRSAEncryption
         44:5e:29:78:e8:b7:43:e4:85:66:43:58:81:ce:7c:af:ff:5e:
         9d:f8:9c:e8:40:08:c9:23:d9:4e:4c:30:31:28:ca:ec:9f:3a:
         2f:78:ab:f9:9d:e0:6c:1a:4d:9c:6a:e0:36:72:04:61:58:a9:
         33:4c:85:60:25:9f:ee:8b:36:01:96:f6:45:f2:e9:4f:a1:87:
         f1:e0:a2:bd:7a:15:a7:b6:32:1b:33:60:c2:57:a1:0a:48:ea:
         d5:7e:e8:79:14:5f:d7:f5:e9:80:2d:41:ee:74:93:68:8a:c1:
         0a:0e:5b:10:c8:a5:3b:0e:65:38:59:0f:10:bf:bf:ac:45:1a:
         be:14:35:2b:24:03:77:15:5d:24:38:6e:3d:e5:3d:71:5c:9c:
         89:08:e9:7d:14:ec:2e:c3:52:5e:9b:92:ce:e3:af:a3:7a:38:
         8a:25:ea:af:7b:82:77:d9:b0:46:1d:cd:96:d2:4d:a2:3a:5b:
         89:10:db:f7:f8:96:ef:e4:87:f8:b6:21:24:d2:99:8d:d3:4e:
         ae:ca:2b:77:de:11:0b:df:9b:0d:7d:df:21:9c:48:26:2f:3b:
         7c:84:f9:17:63:88:8a:a4:79:b4:74:97:4f:28:58:a1:5f:fa:
         a7:39:39:ca:f2:1b:48:91:b4:c9:c4:29:82:43:ef:4b:84:e2:
         51:78:e7:24
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgICKiAwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDA1MTcwOTQ3MzNaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjQ3OTFFQUYxMTAvBgNVBAUTKDI5MjU4NEExRUNGRTJBRjMwOTMyMkQ3
MkU2MkQ4RDVDNkE1RUY3QUYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCroEe7/7ORt+ZJgS7hNTRxHICf+A15SYtZa3VLbb3p47v48ElLS8wCkU0FBrtD
5V4Uypg5E8N0DkkVxuBYf1BIDWbaWIURoPQNhp4rKOPQzbmRtGyg/Uf5ITnRfhaJ
ALBqrSyBvxJ4wOMI4aq+77RTwuLuOeTkNMZnBq5DKKWs/aSyBoCIkSS/co2sjB6f
TU/jBIjIaRjgA0WjwFYLJ1gLfyZRROSRL2KnxyPHt7RqA1DmA+IUa62XGXivFjbS
l11YSDhD5nRVWCip7TH0fbjnnqMp3vgej37JoN31B/oSLUarigF1C25yYW80QvqF
G7PrJGy5MoWSh68cgk9ZSP9xAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUKSWEoez+
KvMJMi1y5i2NXGpe968wHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY0NzkxRS83RUMzRjYzNjJGODUx
MUVFQTgzOTc2NzI0QUQ5RTZGQy8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDc5MUUvN0VDM0Y2MzYyRjg1MTFFRUE4Mzk3NjcyNEFEOUU2RkMvS1NXRW9l
ei1Ldk1KTWkxeTVpMk5YR3BlOTY4Lm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBfYwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAJm0RQDBAJm1QQwDQQC
AAIwBwMFACwPdYAwDQYJKoZIhvcNAQELBQADggEBAEReKXjot0PkhWZDWIHOfK//
Xp34nOhACMkj2U5MMDEoyuyfOi94q/md4GwaTZxq4DZyBGFYqTNMhWAln+6LNgGW
9kXy6U+hh/Hgor16Fae2MhszYMJXoQpI6tV+6HkUX9f16YAtQe50k2iKwQoOWxDI
pTsOZThZDxC/v6xFGr4UNSskA3cVXSQ4bj3lPXFcnIkI6X0U7C7DUl6bks7jr6N6
OIol6q97gnfZsEYdzZbSTaI6W4kQ2/f4lu/kh/i2ISTSmY3TTq7KK3feEQvfmw19
3yGcSCYvO3yE+RdjiIqkebR0l08oWKFf+qc5OcryG0iRtMnEKYJD70uE4lF45yQ=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:31 2024 by rpki-client on console-fra.rpki-client.org