Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/Ob52uHZXsJfc7qO0DURSok5WA4I.cer
File:                     Ob52uHZXsJfc7qO0DURSok5WA4I.cer (raw, json)
Hash identifier:          8hiUXDemI1Uhrn9Rt6/X6Zj7FIQ8sVvdQAZhr/78YoU=
Subject key identifier:   39:BE:76:B8:76:57:B0:97:DC:EE:A3:B4:0D:44:52:A2:4E:56:03:82
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2A14
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F3688321/894DD8A00DFC11EF94AA185B017001B1/Ob52uHZXsJfc7qO0DURSok5WA4I.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F3688321/894DD8A00DFC11EF94AA185B017001B1/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Thu 09 May 2024 12:06:22 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328019
                          IP: 102.209.96.0/22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10772 (0x2a14)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: May  9 12:06:22 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F3688321AF/serialNumber=39BE76B87657B097DCEEA3B40D4452A24E560382
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:6c:70:fb:ae:27:3d:0b:2e:bb:99:91:32:a6:
                    5e:50:37:64:3d:9e:6e:08:e0:fc:44:70:e3:a8:31:
                    87:28:df:a1:3f:a4:76:54:35:68:6b:e4:34:d2:a2:
                    72:b7:4f:ce:3a:9e:18:cc:bf:10:8c:28:29:52:6a:
                    64:d4:4a:52:91:28:51:fc:ef:59:f0:66:d7:40:8f:
                    e4:81:2a:07:c3:34:ca:86:69:ac:e4:02:95:23:87:
                    6e:39:db:fe:52:a2:78:45:57:31:db:79:36:79:95:
                    2b:5a:10:bc:f8:07:4b:29:8a:b4:f0:29:9f:aa:46:
                    47:60:43:73:ce:57:76:a9:50:7a:52:d9:07:13:39:
                    eb:b9:3b:4e:62:47:2b:31:4b:dd:c7:50:61:33:56:
                    11:27:36:d5:fd:4a:d5:8a:2c:b2:ab:b8:04:7d:e1:
                    8d:ff:70:cc:82:95:d0:d8:52:d6:a6:a8:68:60:38:
                    29:2e:09:55:1a:d0:29:0f:30:d8:9d:0c:df:68:01:
                    48:90:25:63:12:b3:6e:b4:99:e1:50:52:4e:18:99:
                    43:6d:79:a8:40:c0:52:53:83:04:ba:52:a3:89:ff:
                    9a:ce:5b:3c:76:bd:05:43:89:17:7a:f2:4c:e7:76:
                    7f:b2:89:fb:d3:22:3e:cf:2e:4d:04:dd:e3:60:de:
                    1f:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:BE:76:B8:76:57:B0:97:DC:EE:A3:B4:0D:44:52:A2:4E:56:03:82
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F3688321/894DD8A00DFC11EF94AA185B017001B1/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F3688321/894DD8A00DFC11EF94AA185B017001B1/Ob52uHZXsJfc7qO0DURSok5WA4I.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328019

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.209.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         31:1a:7b:d2:3e:4d:c5:3a:ba:1e:19:50:83:90:9e:ea:94:52:
         a3:4f:64:7a:13:6b:a4:0e:6b:cb:16:67:4e:d4:ec:34:8b:c0:
         53:e0:d6:b9:e4:84:b5:ed:4f:da:7b:34:5e:08:da:12:f6:43:
         48:20:13:34:e7:17:2a:4f:9d:51:b8:7f:6c:36:1c:29:b8:97:
         12:dc:c0:d5:8f:b3:b4:f2:f6:95:c1:54:3e:af:70:33:36:3e:
         d8:61:88:60:7f:ae:c9:66:4c:dd:5e:83:aa:23:62:db:4c:7a:
         42:f2:37:5a:b2:a4:3e:d8:92:0b:0c:45:18:87:22:67:13:a0:
         26:16:99:6d:52:27:32:13:3c:23:11:78:f9:9d:ea:df:7b:86:
         3d:cc:04:cd:d6:77:f0:a5:f0:b5:d3:40:93:2e:99:71:7f:60:
         d1:19:28:a5:7e:e4:52:7f:3d:50:85:63:0a:2a:80:02:a9:89:
         c5:1a:30:d4:0a:71:d2:14:ee:ec:40:16:26:11:42:a4:fb:1b:
         26:cb:67:1d:8f:95:d1:ce:46:fc:7c:a3:dc:40:15:12:a8:17:
         d9:e6:68:6e:9b:ef:14:9d:64:44:ec:59:3a:d0:6b:d2:41:53:
         6c:c3:19:f5:dd:f8:6d:46:fb:2e:66:8f:b2:44:ac:d8:8a:2c:
         69:de:7c:1c
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgICKhQwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDA1MDkxMjA2MjJaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjg4MzIxQUYxMTAvBgNVBAUTKDM5QkU3NkI4NzY1N0IwOTdEQ0VFQTNC
NDBENDQ1MkEyNEU1NjAzODIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDTbHD7ric9Cy67mZEypl5QN2Q9nm4I4PxEcOOoMYco36E/pHZUNWhr5DTSonK3
T846nhjMvxCMKClSamTUSlKRKFH871nwZtdAj+SBKgfDNMqGaazkApUjh2452/5S
onhFVzHbeTZ5lStaELz4B0spirTwKZ+qRkdgQ3POV3apUHpS2QcTOeu5O05iRysx
S93HUGEzVhEnNtX9StWKLLKruAR94Y3/cMyCldDYUtamqGhgOCkuCVUa0CkPMNid
DN9oAUiQJWMSs260meFQUk4YmUNteahAwFJTgwS6UqOJ/5rOWzx2vQVDiRd68kzn
dn+yifvTIj7PLk0E3eNg3h9BAgMBAAGjggMLMIIDBzAdBgNVHQ4EFgQUOb52uHZX
sJfc7qO0DURSok5WA4IwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY4ODMyMS84OTRERDhBMDBERkMx
MUVGOTRBQTE4NUIwMTcwMDFCMS8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODgzMjEvODk0REQ4QTAwREZDMTFFRjk0QUExODVCMDE3MDAxQjEvT2I1MnVI
WlhzSmZjN3FPMERVUlNvazVXQTRJLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAVMwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm0WAwDQYJKoZIhvcN
AQELBQADggEBADEae9I+TcU6uh4ZUIOQnuqUUqNPZHoTa6QOa8sWZ07U7DSLwFPg
1rnkhLXtT9p7NF4I2hL2Q0ggEzTnFypPnVG4f2w2HCm4lxLcwNWPs7Ty9pXBVD6v
cDM2PthhiGB/rslmTN1eg6ojYttMekLyN1qypD7YkgsMRRiHImcToCYWmW1SJzIT
PCMRePmd6t97hj3MBM3Wd/Cl8LXTQJMumXF/YNEZKKV+5FJ/PVCFYwoqgAKpicUa
MNQKcdIU7uxAFiYRQqT7GybLZx2PldHORvx8o9xAFRKoF9nmaG6b7xSdZETsWTrQ
a9JBU2zDGfXd+G1G+y5mj7JErNiKLGnefBw=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org