Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/Mbpazle_Ha-6iN2u9C7I8VFeE8I.cer
File:                     Mbpazle_Ha-6iN2u9C7I8VFeE8I.cer (raw, json)
Hash identifier:          +sZ7/VwD9HySGmjtIat4CriS0LtdWpt2Ag4BXpZlcfM=
Subject key identifier:   31:BA:5A:CE:57:BF:1D:AF:BA:88:DD:AE:F4:2E:C8:F1:51:5E:13:C2
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       23DE
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/Mbpazle_Ha-6iN2u9C7I8VFeE8I.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:57:36 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 37236
                          IP: 41.79.240.0/22
                          IP: 102.213.128.0/22
                          IP: 102.218.120.0/22
                          IP: 154.119.224.0/19
                          IP: 2c0f:f010::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 07:59:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9182 (0x23de)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 00:57:36 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36312D2AF/serialNumber=31BA5ACE57BF1DAFBA88DDAEF42EC8F1515E13C2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:72:88:5b:0a:76:11:f0:78:01:3a:35:d5:00:
                    5e:37:16:99:5b:ec:40:18:3b:d5:c0:4b:a3:d3:ec:
                    f6:8c:c4:42:5c:50:00:c3:80:08:71:fa:85:37:82:
                    c4:79:59:ef:e1:48:cf:a1:07:79:5e:a8:5d:76:cb:
                    56:46:f3:da:db:2e:04:da:47:76:16:d0:45:85:ac:
                    c5:c8:9b:80:df:e8:00:2b:3c:6e:54:b8:03:b7:d2:
                    d2:c4:67:62:9d:39:b8:83:1c:4d:32:3d:7a:f2:01:
                    3d:8b:87:13:f5:09:fe:1f:05:ec:93:e8:a9:60:3c:
                    5a:46:d7:b7:66:6d:34:73:b3:d4:ac:4f:d0:e3:51:
                    cb:61:3a:85:90:cf:58:2a:a4:2f:b9:44:e9:cf:c1:
                    94:67:e9:d2:61:1f:07:e2:ad:07:52:a7:3b:66:b9:
                    90:cd:09:fa:c5:59:d9:0d:79:84:c6:0d:3a:34:bf:
                    3d:ed:72:ef:c9:95:e3:69:ac:2a:63:91:f7:1f:99:
                    b4:c6:0e:c2:cc:f4:2f:e1:3f:6c:10:d3:37:cd:02:
                    77:b1:0f:f7:f4:11:b5:aa:ae:51:01:a6:44:1d:d0:
                    18:f9:4d:84:76:a4:94:1f:ea:ab:dd:f1:3c:45:ef:
                    05:1a:23:40:4c:1b:db:50:cc:ff:f8:5e:9c:f3:e4:
                    0e:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:BA:5A:CE:57:BF:1D:AF:BA:88:DD:AE:F4:2E:C8:F1:51:5E:13:C2
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/Mbpazle_Ha-6iN2u9C7I8VFeE8I.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  37236

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.79.240.0/22
                  102.213.128.0/22
                  102.218.120.0/22
                  154.119.224.0/19
                IPv6:
                  2c0f:f010::/32

    Signature Algorithm: sha256WithRSAEncryption
         4b:f0:22:50:9f:99:8c:2e:22:79:66:c2:cf:ca:04:09:08:96:
         37:32:87:89:43:d9:b4:f3:6b:5d:99:2e:69:88:86:ef:f2:a5:
         03:65:d0:0a:6f:b2:14:76:60:ac:0e:95:67:ed:5d:1d:7a:0c:
         68:2a:43:d6:be:7a:f9:26:20:fe:83:a6:77:d6:e6:32:db:a1:
         2c:73:1e:6d:4a:7d:13:ee:cd:da:0a:91:0f:c4:b7:4a:c6:38:
         df:f0:52:b5:72:47:ab:17:fb:bc:1a:7c:21:a7:e3:20:c2:9b:
         f1:f7:ae:15:e0:fe:85:3e:ac:b2:93:f5:08:3d:a0:66:dc:fb:
         75:a0:e3:93:c0:75:74:81:a0:e7:a3:a2:9a:d4:92:56:4f:4b:
         8d:e5:79:ad:14:47:c1:31:ae:8d:cb:91:fa:ea:f1:43:e3:b9:
         02:3a:ef:17:b2:cf:88:9a:e2:de:46:29:dd:3f:99:d0:c5:a3:
         64:1a:6d:0a:f5:20:d1:d1:5e:eb:b4:8f:df:18:64:03:5f:b5:
         d3:61:fa:1f:70:35:34:c1:df:63:58:cf:8e:cb:09:c1:b2:67:
         1f:f8:08:f2:d5:52:cc:6f:aa:57:25:69:54:51:86:34:3d:f7:
         4d:78:58:37:74:c3:c5:b0:9f:03:92:cf:10:93:e1:da:bd:06:
         ec:c2:ff:35
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgICI94wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMDU3MzZaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjMxMkQyQUYxMTAvBgNVBAUTKDMxQkE1QUNFNTdCRjFEQUZCQTg4RERB
RUY0MkVDOEYxNTE1RTEzQzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCtcohbCnYR8HgBOjXVAF43Fplb7EAYO9XAS6PT7PaMxEJcUADDgAhx+oU3gsR5
We/hSM+hB3leqF12y1ZG89rbLgTaR3YW0EWFrMXIm4Df6AArPG5UuAO30tLEZ2Kd
ObiDHE0yPXryAT2LhxP1Cf4fBeyT6KlgPFpG17dmbTRzs9SsT9DjUcthOoWQz1gq
pC+5ROnPwZRn6dJhHwfirQdSpztmuZDNCfrFWdkNeYTGDTo0vz3tcu/JleNprCpj
kfcfmbTGDsLM9C/hP2wQ0zfNAnexD/f0EbWqrlEBpkQd0Bj5TYR2pJQf6qvd8TxF
7wUaI0BMG9tQzP/4Xpzz5A6ZAgMBAAGjggMsMIIDKDAdBgNVHQ4EFgQUMbpazle/
Ha+6iN2u9C7I8VFeE8IwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzYzMTJEMi9GRkEyNTE0NEYwRkQx
MUVCQTg1QjY0M0VEOEEwMTRDRS8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzEyRDIvRkZBMjUxNDRGMEZEMTFFQkE4NUI2NDNFRDhBMDE0Q0UvTWJwYXps
ZV9IYS02aU4ydTlDN0k4VkZlRThJLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMAkXQwQAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBAIpT/ADBAJm1YADBAJm
2ngDBAWad+AwDQQCAAIwBwMFACwP8BAwDQYJKoZIhvcNAQELBQADggEBAEvwIlCf
mYwuInlmws/KBAkIljcyh4lD2bTza12ZLmmIhu/ypQNl0ApvshR2YKwOlWftXR16
DGgqQ9a+evkmIP6DpnfW5jLboSxzHm1KfRPuzdoKkQ/Et0rGON/wUrVyR6sX+7wa
fCGn4yDCm/H3rhXg/oU+rLKT9Qg9oGbc+3Wg45PAdXSBoOejoprUklZPS43lea0U
R8Exro3Lkfrq8UPjuQI67xeyz4ia4t5GKd0/mdDFo2QabQr1INHRXuu0j98YZANf
tdNh+h9wNTTB32NYz47LCcGyZx/4CPLVUsxvqlclaVRRhjQ99014WDd0w8WwnwOS
zxCT4dq9BuzC/zU=
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:39:34 2024 by rpki-client on console-fra.rpki-client.org