Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/M-hGYU4VRCxoAFpeP85ct1bgSn8.cer
File:                     M-hGYU4VRCxoAFpeP85ct1bgSn8.cer (raw, json)
Hash identifier:          oTqGqtuVx/BLRYnTvelKgAQfGxQjdgYmuzvGQujvxAE=
Subject key identifier:   33:E8:46:61:4E:15:44:2C:68:00:5A:5E:3F:CE:5C:B7:56:E0:4A:7F
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       231E
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F3613F08/BF472C78690511EEB09925884AD9E6FC/M-hGYU4VRCxoAFpeP85ct1bgSn8.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F3613F08/BF472C78690511EEB09925884AD9E6FC/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:04:04 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328917
                          IP: 102.211.124.0/22
                          IP: 102.219.76.0/22
                          IP: 2c0f:5240::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8990 (0x231e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 00:04:04 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F3613F08AF/serialNumber=33E846614E15442C68005A5E3FCE5CB756E04A7F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:71:62:03:04:99:90:ab:8f:26:32:63:9b:2f:
                    94:b5:b4:6f:f3:f8:73:5c:38:c7:3e:33:2d:cf:9b:
                    bb:e9:40:24:f3:1b:89:80:a8:96:b6:5b:83:75:c0:
                    3d:7a:9f:5e:6d:5e:c3:ae:0d:51:2b:1e:17:af:ea:
                    bb:d4:c7:4c:64:97:ec:55:f8:03:e2:50:47:f7:e1:
                    89:66:91:81:af:ef:7e:83:32:fe:bc:59:61:b3:17:
                    e3:ec:e7:89:3e:6c:c1:a6:d7:5e:75:83:d2:33:32:
                    dd:0f:76:5b:c9:ab:db:b7:36:fd:2c:77:92:8b:0c:
                    84:5e:1c:e9:de:02:b3:c6:20:8d:0f:e9:8a:13:3f:
                    f8:24:f8:88:43:05:cb:47:48:35:40:27:f3:23:31:
                    9f:5b:13:1c:57:de:d3:c3:af:8d:2a:e4:91:54:c4:
                    77:03:bc:fe:d9:21:bf:c3:c2:3a:74:0c:5f:97:c9:
                    5f:98:f1:ec:de:20:e2:61:35:32:97:b3:59:4f:51:
                    68:9f:e9:b8:8f:1c:7b:4c:d6:70:7e:69:75:d8:56:
                    4e:5b:0b:d3:c0:d7:62:5d:f4:b9:da:b8:bf:e0:bc:
                    03:b5:c7:65:6a:df:61:ec:68:b7:56:19:4f:4a:26:
                    f3:79:de:a0:af:ff:28:e1:f0:ed:c9:63:bc:83:85:
                    a8:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:E8:46:61:4E:15:44:2C:68:00:5A:5E:3F:CE:5C:B7:56:E0:4A:7F
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F3613F08/BF472C78690511EEB09925884AD9E6FC/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F3613F08/BF472C78690511EEB09925884AD9E6FC/M-hGYU4VRCxoAFpeP85ct1bgSn8.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328917

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.211.124.0/22
                  102.219.76.0/22
                IPv6:
                  2c0f:5240::/32

    Signature Algorithm: sha256WithRSAEncryption
         a1:6e:15:b1:fa:0e:e5:23:88:03:cc:ca:53:43:e2:32:9b:77:
         8f:06:eb:01:42:a0:1b:ca:ac:7e:2c:b5:01:d5:97:0e:21:b3:
         e6:54:6e:d6:36:b7:55:38:ea:74:d9:fd:19:31:2c:27:fc:63:
         6e:05:9c:26:3a:56:f6:d9:1c:5d:6d:63:f0:1e:6c:d2:86:68:
         d2:18:c4:41:71:fc:02:7e:dd:a0:66:80:bc:9d:c0:ab:2e:49:
         2a:b4:a5:59:2e:bd:5d:06:e1:a5:36:a6:09:99:6e:8a:e3:93:
         a4:82:b0:6d:96:79:4f:4f:80:ec:76:a5:0d:60:18:eb:d8:e8:
         29:32:34:12:ba:08:19:4a:63:cf:3c:0f:90:6d:0a:5e:6e:9d:
         f2:a3:86:87:46:23:4a:e8:c8:2b:9e:0e:0b:5d:60:37:58:8e:
         79:f6:53:fe:1b:bf:25:01:24:e0:b3:b5:67:b5:a2:c8:7b:f2:
         25:da:dd:b2:ec:06:9a:3e:56:83:7f:f0:42:a6:4f:40:d5:cb:
         bc:cd:54:db:7a:d6:4a:0c:6e:c9:7b:fd:29:4f:ff:0f:bd:c1:
         71:db:52:60:53:1b:8f:45:dc:d9:9b:74:90:51:3b:d8:f4:8f:
         bf:65:0a:0b:c6:4d:42:c4:ad:aa:68:5c:8e:0b:f6:f7:7b:2e:
         64:7d:d5:55
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgICIx4wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMDA0MDRaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjEzRjA4QUYxMTAvBgNVBAUTKDMzRTg0NjYxNEUxNTQ0MkM2ODAwNUE1
RTNGQ0U1Q0I3NTZFMDRBN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6cWIDBJmQq48mMmObL5S1tG/z+HNcOMc+My3Pm7vpQCTzG4mAqJa2W4N1wD16
n15tXsOuDVErHhev6rvUx0xkl+xV+APiUEf34YlmkYGv736DMv68WWGzF+Ps54k+
bMGm1151g9IzMt0PdlvJq9u3Nv0sd5KLDIReHOneArPGII0P6YoTP/gk+IhDBctH
SDVAJ/MjMZ9bExxX3tPDr40q5JFUxHcDvP7ZIb/Dwjp0DF+XyV+Y8ezeIOJhNTKX
s1lPUWif6biPHHtM1nB+aXXYVk5bC9PA12Jd9LnauL/gvAO1x2Vq32HsaLdWGU9K
JvN53qCv/yjh8O3JY7yDhajHAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUM+hGYU4V
RCxoAFpeP85ct1bgSn8wHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzYxM0YwOC9CRjQ3MkM3ODY5MDUx
MUVFQjA5OTI1ODg0QUQ5RTZGQy8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTNGMDgvQkY0NzJDNzg2OTA1MTFFRUIwOTkyNTg4NEFEOUU2RkMvTS1oR1lV
NFZSQ3hvQUZwZVA4NWN0MWJnU244Lm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBNUwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAJm03wDBAJm20wwDQQC
AAIwBwMFACwPUkAwDQYJKoZIhvcNAQELBQADggEBAKFuFbH6DuUjiAPMylND4jKb
d48G6wFCoBvKrH4stQHVlw4hs+ZUbtY2t1U46nTZ/RkxLCf8Y24FnCY6VvbZHF1t
Y/AebNKGaNIYxEFx/AJ+3aBmgLydwKsuSSq0pVkuvV0G4aU2pgmZborjk6SCsG2W
eU9PgOx2pQ1gGOvY6CkyNBK6CBlKY888D5BtCl5unfKjhodGI0royCueDgtdYDdY
jnn2U/4bvyUBJOCztWe1osh78iXa3bLsBpo+VoN/8EKmT0DVy7zNVNt61koMbsl7
/SlP/w+9wXHbUmBTG49F3NmbdJBRO9j0j79lCgvGTULErapoXI4L9vd7LmR91VU=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:31 2024 by rpki-client on console-fra.rpki-client.org