Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/NaE6RzFmxUdFBUsur-85WeOenW8.cer
File:                     NaE6RzFmxUdFBUsur-85WeOenW8.cer (raw, json)
Hash identifier:          S/9pkyyNwnWC16YoRjrrXiYFCf3SY7CluR+zFiqQqss=
Subject key identifier:   35:A1:3A:47:31:66:C5:47:45:05:4B:2E:AF:EF:39:59:E3:9E:9D:6F
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       256E
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F3666101/4AD5EC589BA211ECB39203765A40D577/NaE6RzFmxUdFBUsur-85WeOenW8.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F3666101/4AD5EC589BA211ECB39203765A40D577/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:32:44 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 102.67.168.0/22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9582 (0x256e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 02:32:44 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F3666101AF/serialNumber=35A13A473166C54745054B2EAFEF3959E39E9D6F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:b7:6b:ef:23:c5:a8:56:f4:0e:05:2f:55:ee:
                    0b:55:72:41:a7:32:ec:78:e5:c4:e1:79:02:e8:33:
                    7d:d7:c5:6e:72:a2:2a:b1:36:71:ab:9b:fb:ee:65:
                    3d:30:70:93:35:51:22:00:4d:b3:6a:15:55:64:8d:
                    9d:0a:12:2b:fa:b1:2c:49:b1:04:2f:c1:51:48:9e:
                    b1:b5:71:d2:cb:e4:0a:97:19:a1:3c:3b:b1:aa:8e:
                    72:0d:9d:89:42:3a:1a:d9:fd:28:7c:81:b9:94:4a:
                    4d:90:cd:01:61:e4:71:a6:fe:d7:8c:f5:fb:9e:b4:
                    16:f3:58:86:ca:7b:78:95:91:d1:97:f5:ef:9f:d6:
                    9a:4b:11:da:da:5c:e6:16:b3:95:b0:f5:40:30:e5:
                    9c:a7:f5:1e:4c:71:32:07:5a:da:4a:05:ed:d5:87:
                    87:a2:30:d2:0f:05:7b:c9:d0:06:ac:1e:1a:04:71:
                    b7:cc:47:f5:51:32:0a:03:bd:55:81:e4:e7:1f:96:
                    27:4e:40:e4:4f:fd:20:4e:53:f4:61:7d:65:f0:52:
                    02:34:1b:1c:c7:86:0e:7c:a3:e1:e5:9f:99:a7:5a:
                    45:4a:8d:13:54:ce:11:9d:e5:c9:a1:f4:fd:2e:73:
                    56:13:1f:ec:22:d2:4e:02:10:13:a3:13:36:f1:2b:
                    81:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:A1:3A:47:31:66:C5:47:45:05:4B:2E:AF:EF:39:59:E3:9E:9D:6F
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F3666101/4AD5EC589BA211ECB39203765A40D577/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F3666101/4AD5EC589BA211ECB39203765A40D577/NaE6RzFmxUdFBUsur-85WeOenW8.mft

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.67.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8e:69:53:e6:4c:a4:59:e6:84:6d:a2:a2:6a:0d:0d:d3:73:21:
         b1:78:79:74:7b:dc:ce:78:9c:2a:16:1f:c7:3e:e4:64:7b:33:
         da:8e:8e:53:30:62:a9:87:d0:d8:f4:66:70:1c:ea:7f:b8:06:
         71:ab:9c:fe:61:ad:15:5b:41:38:37:60:34:8d:93:69:58:c0:
         2e:42:43:98:eb:60:23:4f:7a:55:3f:7c:a1:66:86:ab:eb:25:
         9f:86:e4:0a:55:6c:52:83:e8:90:5f:d9:fc:1f:47:ab:4b:dd:
         98:0a:a4:59:79:54:4a:d6:e0:53:56:6f:76:2f:48:23:0a:bd:
         18:07:23:49:8d:e4:ef:ff:a2:1f:de:cb:bb:14:10:0f:09:62:
         ec:f8:b2:a0:ee:53:aa:05:8d:67:5d:72:72:4a:e1:1b:a1:05:
         f2:8a:42:77:75:df:c5:2e:b8:7f:ba:18:bc:aa:30:4a:d8:be:
         f2:0a:09:2d:62:f8:64:14:13:4a:dd:d7:40:25:1f:1a:29:7d:
         2d:31:e5:a7:58:88:ef:40:ef:8a:ab:9b:d1:e1:02:5f:9a:ac:
         0c:30:95:54:23:95:a0:35:37:82:59:1e:be:69:e5:54:fa:ea:
         d3:dd:6a:58:f4:4f:9f:08:7b:f1:d4:ab:9b:0b:6f:f6:83:79:
         e5:0b:52:7e
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgICJW4wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMjMyNDRaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjY2MTAxQUYxMTAvBgNVBAUTKDM1QTEzQTQ3MzE2NkM1NDc0NTA1NEIy
RUFGRUYzOTU5RTM5RTlENkYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC1t2vvI8WoVvQOBS9V7gtVckGnMux45cTheQLoM33XxW5yoiqxNnGrm/vuZT0w
cJM1USIATbNqFVVkjZ0KEiv6sSxJsQQvwVFInrG1cdLL5AqXGaE8O7GqjnINnYlC
OhrZ/Sh8gbmUSk2QzQFh5HGm/teM9fuetBbzWIbKe3iVkdGX9e+f1ppLEdraXOYW
s5Ww9UAw5Zyn9R5McTIHWtpKBe3Vh4eiMNIPBXvJ0AasHhoEcbfMR/VRMgoDvVWB
5OcflidOQORP/SBOU/RhfWXwUgI0GxzHhg58o+Hln5mnWkVKjRNUzhGd5cmh9P0u
c1YTH+wi0k4CEBOjEzbxK4GnAgMBAAGjggLvMIIC6zAdBgNVHQ4EFgQUNaE6RzFm
xUdFBUsur+85WeOenW8wHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY2NjEwMS80QUQ1RUM1ODlCQTIx
MUVDQjM5MjAzNzY1QTQwRDU3Ny8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjYxMDEvNEFENUVDNTg5QkEyMTFFQ0IzOTIwMzc2NUE0MEQ1NzcvTmFFNlJ6
Rm14VWRGQlVzdXItODVXZU9lblc4Lm1mdDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAmZDqDANBgkqhkiG9w0BAQsFAAOCAQEAjmlT5kykWeaEbaKiag0N03Mh
sXh5dHvcznicKhYfxz7kZHsz2o6OUzBiqYfQ2PRmcBzqf7gGcauc/mGtFVtBODdg
NI2TaVjALkJDmOtgI096VT98oWaGq+sln4bkClVsUoPokF/Z/B9Hq0vdmAqkWXlU
StbgU1Zvdi9IIwq9GAcjSY3k7/+iH97LuxQQDwli7PiyoO5TqgWNZ11yckrhG6EF
8opCd3XfxS64f7oYvKowSti+8goJLWL4ZBQTSt3XQCUfGil9LTHlp1iI70Dviqub
0eECX5qsDDCVVCOVoDU3glkevmnlVPrq091qWPRPnwh78dSrmwtv9oN55QtSfg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org