Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/KxftsiWoqa1OodSC-tfzt4JwvaQ.cer
File:                     KxftsiWoqa1OodSC-tfzt4JwvaQ.cer (raw, json)
Hash identifier:          2c4Ub7tEkvHFpnNtGoXJx9Bl1iVKWYjvu+Pz9bHGXoc=
Subject key identifier:   2B:17:ED:B2:25:A8:A9:AD:4E:A1:D4:82:FA:D7:F3:B7:82:70:BD:A4
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       25D3
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36746EB/0C564C5E5E4711ECB9A1AED95A40D577/KxftsiWoqa1OodSC-tfzt4JwvaQ.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36746EB/0C564C5E5E4711ECB9A1AED95A40D577/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:46:55 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328978
                          IP: 102.219.23.0/24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 08:08:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9683 (0x25d3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 02:46:55 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36746EBAF/serialNumber=2B17EDB225A8A9AD4EA1D482FAD7F3B78270BDA4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ee:2c:ca:ab:d4:80:1e:2a:62:4e:af:42:b1:
                    75:25:5b:c6:23:d6:5a:04:59:cf:f5:5c:2c:c1:53:
                    f2:e0:5c:6d:10:b6:3b:1c:22:dc:5c:21:fc:02:66:
                    2b:c1:49:71:57:5b:36:64:17:da:01:06:c2:f9:70:
                    f3:c0:b1:95:d8:95:cd:d4:fd:d5:75:2b:a5:57:05:
                    55:90:b1:de:3a:e2:3b:c0:2a:3a:c1:73:b9:b8:fb:
                    2f:76:37:bf:f7:f3:f9:7a:a2:fe:de:6d:c7:b4:31:
                    d4:1a:60:51:6e:87:43:aa:58:32:d5:f9:a5:33:cc:
                    c9:94:16:de:c8:c1:33:e3:3e:3c:79:a0:ce:30:9c:
                    62:4d:9e:18:44:c4:11:6b:ce:a8:db:32:0b:d6:60:
                    b6:06:aa:e3:5e:32:e7:a8:4e:59:c1:00:ad:0d:af:
                    a9:6a:44:8a:51:30:55:99:64:15:26:9f:8b:37:0b:
                    e7:17:e9:08:76:e7:d8:e7:19:db:4e:40:c2:6e:9b:
                    8d:47:4a:72:ee:84:10:05:70:cb:04:c1:f1:8c:a9:
                    56:37:b5:7b:9a:3c:5d:98:5c:86:19:39:5b:e3:a2:
                    c4:df:a8:d8:30:8d:e2:c5:97:1d:4b:3b:62:0a:b9:
                    0c:50:b0:e1:16:6c:6e:7b:8a:7b:10:f2:cd:5a:0f:
                    6c:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:17:ED:B2:25:A8:A9:AD:4E:A1:D4:82:FA:D7:F3:B7:82:70:BD:A4
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36746EB/0C564C5E5E4711ECB9A1AED95A40D577/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36746EB/0C564C5E5E4711ECB9A1AED95A40D577/KxftsiWoqa1OodSC-tfzt4JwvaQ.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328978

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.219.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:4b:3d:14:6e:5b:e3:4d:0a:6a:79:32:3b:0b:22:5b:28:d3:
         72:d6:dc:1c:fc:7f:53:07:78:f7:7d:eb:fd:2f:c0:e1:84:08:
         11:f4:d4:59:5a:dc:54:d3:03:a8:81:90:33:99:bc:2e:1f:da:
         47:91:a8:29:ad:11:7b:60:c7:0a:6d:13:19:eb:d4:25:53:2e:
         03:6e:2e:c5:4f:ea:4c:e9:b9:e8:d8:3f:d9:19:10:ba:3d:e1:
         0b:4e:93:f3:00:81:a0:fe:5e:b3:5b:3c:ae:aa:e6:e2:08:61:
         fb:86:8f:f2:fd:ef:29:8d:f6:60:5d:be:a7:82:8a:31:05:da:
         b8:7c:b9:90:25:d9:25:58:b2:5b:7f:87:e0:cb:b9:db:5c:61:
         4d:76:e9:53:81:26:25:de:85:4f:ad:27:49:ef:a8:1d:47:0a:
         a7:ee:d2:e5:12:e2:56:85:18:d1:ef:ac:53:21:98:61:39:d6:
         c9:ae:d3:8d:bb:c7:c1:65:5f:5a:0e:18:32:53:a1:cb:3b:4d:
         46:08:38:ea:ab:cf:ea:f5:15:34:cf:1d:2c:fd:01:24:2e:c6:
         8c:31:9d:a7:0d:31:73:04:6a:ba:48:15:0c:63:0a:2f:53:bf:
         42:2b:2f:9e:f2:d7:8c:cb:04:16:52:8a:22:c4:83:d8:ff:62:
         0b:05:e4:62
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgICJdMwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMjQ2NTVaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjc0NkVCQUYxMTAvBgNVBAUTKDJCMTdFREIyMjVBOEE5QUQ0RUExRDQ4
MkZBRDdGM0I3ODI3MEJEQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC87izKq9SAHipiTq9CsXUlW8Yj1loEWc/1XCzBU/LgXG0QtjscItxcIfwCZivB
SXFXWzZkF9oBBsL5cPPAsZXYlc3U/dV1K6VXBVWQsd464jvAKjrBc7m4+y92N7/3
8/l6ov7ebce0MdQaYFFuh0OqWDLV+aUzzMmUFt7IwTPjPjx5oM4wnGJNnhhExBFr
zqjbMgvWYLYGquNeMueoTlnBAK0Nr6lqRIpRMFWZZBUmn4s3C+cX6Qh259jnGdtO
QMJum41HSnLuhBAFcMsEwfGMqVY3tXuaPF2YXIYZOVvjosTfqNgwjeLFlx1LO2IK
uQxQsOEWbG57insQ8s1aD2z7AgMBAAGjggMLMIIDBzAdBgNVHQ4EFgQUKxftsiWo
qa1OodSC+tfzt4JwvaQwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY3NDZFQi8wQzU2NEM1RTVFNDcx
MUVDQjlBMUFFRDk1QTQwRDU3Ny8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzQ2RUIvMEM1NjRDNUU1RTQ3MTFFQ0I5QTFBRUQ5NUE0MEQ1NzcvS3hmdHNp
V29xYTFPb2RTQy10Znp0NEp3dmFRLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBRIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm2xcwDQYJKoZIhvcN
AQELBQADggEBAD9LPRRuW+NNCmp5MjsLIlso03LW3Bz8f1MHePd96/0vwOGECBH0
1Fla3FTTA6iBkDOZvC4f2keRqCmtEXtgxwptExnr1CVTLgNuLsVP6kzpuejYP9kZ
ELo94QtOk/MAgaD+XrNbPK6q5uIIYfuGj/L97ymN9mBdvqeCijEF2rh8uZAl2SVY
slt/h+DLudtcYU126VOBJiXehU+tJ0nvqB1HCqfu0uUS4laFGNHvrFMhmGE51smu
0427x8FlX1oOGDJTocs7TUYIOOqrz+r1FTTPHSz9ASQuxowxnacNMXMEarpIFQxj
Ci9Tv0IrL57y14zLBBZSiiLEg9j/YgsF5GI=
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:21:28 2024 by rpki-client on console-fra.rpki-client.org