Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/Nc8GfcJu5IlfSxatm9MA_qvDo1M.cer
File:                     Nc8GfcJu5IlfSxatm9MA_qvDo1M.cer (raw, json)
Hash identifier:          IDlhna4R0dtzsdfgVw8jShkt2aq9TL1pQh1l1cjbPnk=
Subject key identifier:   35:CF:06:7D:C2:6E:E4:89:5F:4B:16:AD:9B:D3:00:FE:AB:C3:A3:53
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       27D7
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36D3930/63C46EC8A0F311EC946EDA945A40D577/Nc8GfcJu5IlfSxatm9MA_qvDo1M.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36D3930/63C46EC8A0F311EC946EDA945A40D577/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:04:27 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 17652
                          AS: 23889
                          IP: 102.112.0.0/13
                          IP: 196.20.128.0/17
                          IP: 196.192.0.0/20

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10199 (0x27d7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 04:04:27 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36D3930AF/serialNumber=35CF067DC26EE4895F4B16AD9BD300FEABC3A353
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:3a:a9:fe:54:f8:2d:3a:20:b9:29:8d:48:3a:
                    7c:22:60:25:78:b5:6b:54:35:ca:c1:1a:6c:17:d0:
                    6e:fc:94:d6:fd:f6:71:b9:28:ff:fe:b9:74:f9:84:
                    0a:61:03:80:35:cb:1d:18:b2:83:9e:57:88:79:fb:
                    4e:b3:df:a7:c4:00:f8:33:3c:a1:99:0b:3c:70:27:
                    33:7b:af:6e:de:21:fe:63:7e:56:85:df:47:c6:04:
                    44:93:e1:2f:95:37:98:47:53:aa:7c:e3:2b:a0:37:
                    68:08:09:97:6f:9c:80:93:1c:b3:36:3b:79:e1:64:
                    a5:72:32:96:63:40:75:92:22:ad:76:aa:69:81:0f:
                    e6:17:31:db:48:ce:ff:a5:de:3d:ba:5d:41:08:fe:
                    a5:6b:a5:c2:4a:6e:66:8c:be:bd:82:32:1d:7b:df:
                    bf:3e:f7:a2:03:ff:a1:1b:c6:47:ec:04:78:9b:bb:
                    cb:43:e0:70:af:bb:01:33:0a:1c:0d:1e:b1:77:e6:
                    b6:94:a5:12:5e:14:4d:8e:f9:03:f4:dc:f9:56:18:
                    12:e7:89:37:c3:7b:8d:50:42:d2:b5:e9:35:ee:f3:
                    06:d7:b1:3e:19:bc:e8:d2:ef:76:1b:58:bc:70:2e:
                    4a:e3:9c:6a:a1:95:a6:22:10:16:88:8b:1a:23:62:
                    66:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:CF:06:7D:C2:6E:E4:89:5F:4B:16:AD:9B:D3:00:FE:AB:C3:A3:53
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D3930/63C46EC8A0F311EC946EDA945A40D577/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D3930/63C46EC8A0F311EC946EDA945A40D577/Nc8GfcJu5IlfSxatm9MA_qvDo1M.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  17652
                  23889

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.112.0.0/13
                  196.20.128.0/17
                  196.192.0.0/20

    Signature Algorithm: sha256WithRSAEncryption
         a1:00:4f:ca:8f:d1:61:c1:80:4b:42:db:06:ca:9c:5d:cc:9f:
         82:a8:91:f0:52:35:ad:0e:a7:52:79:8d:37:f6:dd:27:80:50:
         b1:3a:93:50:a0:09:96:10:c4:da:56:e0:b4:ab:ea:22:97:62:
         b2:8e:9e:7a:d5:68:ed:95:c1:30:38:a3:2c:40:ab:6e:12:dd:
         a1:99:d1:5c:b9:66:21:49:55:03:a5:58:7a:b8:22:4c:eb:69:
         fb:4b:ac:cd:9a:59:76:48:d6:31:3d:18:01:d4:27:19:6c:b0:
         05:0f:65:35:53:ee:87:c9:06:99:2a:d3:95:e2:cc:99:df:95:
         e3:4c:62:c1:13:22:83:5e:b5:d2:19:67:9b:94:6d:9b:2d:60:
         32:7d:11:27:d1:5f:4b:7a:83:2e:a4:ca:a0:0c:ed:97:e1:27:
         98:6a:54:57:35:77:7c:aa:ce:0a:66:97:00:52:9b:96:25:aa:
         63:74:5b:e6:b6:7e:45:84:77:bd:d4:c1:ab:aa:32:32:cd:f3:
         53:60:07:e8:46:04:d0:3a:93:c4:c9:a9:35:82:21:42:37:21:
         6f:2b:d8:55:eb:56:36:82:a6:c0:25:a4:05:b5:c3:9f:f5:53:
         f1:c8:43:e0:e8:fb:e3:a3:aa:b4:21:80:d2:3b:b4:15:e0:7c:
         cf:ab:2e:1a
-----BEGIN CERTIFICATE-----
MIIGJDCCBQygAwIBAgICJ9cwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwNDA0MjdaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkQzOTMwQUYxMTAvBgNVBAUTKDM1Q0YwNjdEQzI2RUU0ODk1RjRCMTZB
RDlCRDMwMEZFQUJDM0EzNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCwOqn+VPgtOiC5KY1IOnwiYCV4tWtUNcrBGmwX0G78lNb99nG5KP/+uXT5hAph
A4A1yx0YsoOeV4h5+06z36fEAPgzPKGZCzxwJzN7r27eIf5jflaF30fGBEST4S+V
N5hHU6p84yugN2gICZdvnICTHLM2O3nhZKVyMpZjQHWSIq12qmmBD+YXMdtIzv+l
3j26XUEI/qVrpcJKbmaMvr2CMh17378+96ID/6EbxkfsBHibu8tD4HCvuwEzChwN
HrF35raUpRJeFE2O+QP03PlWGBLniTfDe41QQtK16TXu8wbXsT4ZvOjS73YbWLxw
LkrjnGqhlaYiEBaIixojYmbLAgMBAAGjggMZMIIDFTAdBgNVHQ4EFgQUNc8GfcJu
5IlfSxatm9MA/qvDo1MwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZEMzkzMC82M0M0NkVDOEEwRjMx
MUVDOTQ2RURBOTQ1QTQwRDU3Ny8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDM5MzAvNjNDNDZFQzhBMEYzMTFFQzk0NkVEQTk0NUE0MEQ1NzcvTmM4R2Zj
SnU1SWxmU3hhdG05TUFfcXZEbzFNLm1mdDAdBggrBgEFBQcBCAEB/wQOMAygCjAI
AgJE9AICXVEwKgYIKwYBBQUHAQcBAf8EGzAZMBcEAgABMBEDAwNmcAMEB8QUgAME
BMTAADANBgkqhkiG9w0BAQsFAAOCAQEAoQBPyo/RYcGAS0LbBsqcXcyfgqiR8FI1
rQ6nUnmNN/bdJ4BQsTqTUKAJlhDE2lbgtKvqIpdiso6eetVo7ZXBMDijLECrbhLd
oZnRXLlmIUlVA6VYergiTOtp+0uszZpZdkjWMT0YAdQnGWywBQ9lNVPuh8kGmSrT
leLMmd+V40xiwRMig1610hlnm5Rtmy1gMn0RJ9FfS3qDLqTKoAztl+EnmGpUVzV3
fKrOCmaXAFKbliWqY3Rb5rZ+RYR3vdTBq6oyMs3zU2AH6EYE0DqTxMmpNYIhQjch
byvYVetWNoKmwCWkBbXDn/VT8chD4Oj746OqtCGA0ju0FeB8z6suGg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org