Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/OlU7bvgL-SIxL5a43cHyGajEEhs.cer
File:                     OlU7bvgL-SIxL5a43cHyGajEEhs.cer (raw, json)
Hash identifier:          VzYOKRq+0ZHxVoBTDv8djRRtVzWmKmCigrdV7fZ8gUI=
Subject key identifier:   3A:55:3B:6E:F8:0B:F9:22:31:2F:96:B8:DD:C1:F2:19:A8:C4:12:1B
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       336F
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/OlU7bvgL-SIxL5a43cHyGajEEhs.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 06:05:41 +0000
Certificate not after:    Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources:    AS: 329250
                          IP: 102.211.232.0/22
                          IP: 102.212.4.0/22
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13167 (0x336f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC
        Validity
            Not Before: Jan  1 06:05:41 2025 GMT
            Not After : Mar 31 00:00:00 2026 GMT
        Subject: CN=F36EF7D0AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:28:83:47:60:3c:e2:9e:3a:73:4e:5a:2b:b5:
                    bd:9f:fc:dd:10:7d:07:2b:7b:8f:f2:4d:09:5e:f1:
                    e5:99:e9:f7:ef:73:d3:e3:57:c6:9e:2a:fd:c5:da:
                    8d:3f:01:93:df:c3:5d:ee:cd:d2:92:c8:28:c0:9b:
                    4a:7e:85:bc:d1:87:5c:28:85:bb:17:03:29:8a:be:
                    75:e0:ef:21:fe:a4:75:d5:2a:42:73:8a:3f:7e:94:
                    f5:17:c9:a3:47:ff:e0:c0:47:85:9c:c8:1c:96:aa:
                    9f:38:61:7a:2c:7e:94:1c:84:89:4e:96:17:f4:b2:
                    51:c6:c1:49:7f:d6:54:b9:36:b8:ee:1a:2a:5c:32:
                    b3:f2:15:0e:af:9e:c7:fb:da:b2:dc:e6:68:61:2e:
                    5a:1c:86:7e:81:f7:a6:da:08:ae:17:96:80:0f:33:
                    93:4d:41:64:f9:6c:9e:cf:1c:42:6b:df:d0:83:4d:
                    37:f4:4f:ab:ba:71:05:96:2c:08:7f:d2:72:a7:eb:
                    13:f5:da:b4:bd:2b:da:11:f8:34:c5:99:f5:fe:57:
                    a9:cf:bc:da:d0:a6:c6:8c:68:7b:5b:58:6e:b0:4c:
                    16:c4:b8:26:fb:b7:68:80:75:bf:29:ca:0f:4d:f1:
                    52:72:a2:36:26:b4:4d:66:e8:4b:54:d7:d7:5a:7b:
                    c1:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:55:3B:6E:F8:0B:F9:22:31:2F:96:B8:DD:C1:F2:19:A8:C4:12:1B
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/OlU7bvgL-SIxL5a43cHyGajEEhs.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  329250

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.211.232.0/22
                  102.212.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6e:8e:ea:ad:77:73:1c:3e:7b:ef:0a:29:5a:9c:dc:ce:e1:53:
         ab:c4:0d:d8:95:5b:b1:fc:75:cd:47:6b:d1:d9:d4:5e:63:2a:
         d3:fe:03:fa:46:a9:0e:7a:bf:2f:55:c0:57:2d:c7:33:04:40:
         0d:3a:fb:48:dd:2d:01:60:45:67:15:bd:59:54:fa:be:7c:37:
         94:b8:16:16:3d:5e:56:a1:be:57:37:8f:9c:79:9d:8f:a4:60:
         9a:bb:30:c2:f1:56:6a:3a:3e:81:9b:52:c9:68:23:fc:45:98:
         0b:58:fc:b9:c6:54:7f:bc:4f:0d:20:fa:be:54:28:12:0d:15:
         b4:68:c7:8a:2f:87:43:a2:17:4a:fd:b9:36:20:12:35:dd:2a:
         86:8f:4d:0b:36:8c:9b:7c:31:8a:73:80:41:29:e7:d9:e2:89:
         e9:7a:22:60:53:0f:20:6b:c9:d5:06:17:71:47:61:b3:3d:f9:
         13:03:9b:13:e3:a2:23:91:23:a4:ad:55:ed:4f:64:3e:a2:77:
         2a:1e:d6:ad:79:55:b4:7d:57:5d:e0:35:b0:17:5d:6f:03:5e:
         1c:bd:f0:1f:37:3c:c7:54:83:03:b5:15:24:ab:df:a6:84:6e:
         b0:c7:d4:b4:cd:dd:27:4e:a4:ed:8f:4f:21:30:b9:a2:8e:82:
         33:d7:28:66
-----BEGIN CERTIFICATE-----
MIIGHDCCBQSgAwIBAgICM28wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNTAxMDEwNjA1NDFaFw0yNjAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkVGN0QwQUYxMTAvBgNVBAUTKDNBNTUzQjZFRjgwQkY5MjIzMTJGOTZC
OEREQzFGMjE5QThDNDEyMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/KINHYDzinjpzTlortb2f/N0QfQcre4/yTQle8eWZ6ffvc9PjV8aeKv3F2o0/
AZPfw13uzdKSyCjAm0p+hbzRh1wohbsXAymKvnXg7yH+pHXVKkJzij9+lPUXyaNH
/+DAR4WcyByWqp84YXosfpQchIlOlhf0slHGwUl/1lS5NrjuGipcMrPyFQ6vnsf7
2rLc5mhhLlochn6B96baCK4XloAPM5NNQWT5bJ7PHEJr39CDTTf0T6u6cQWWLAh/
0nKn6xP12rS9K9oR+DTFmfX+V6nPvNrQpsaMaHtbWG6wTBbEuCb7t2iAdb8pyg9N
8VJyojYmtE1m6EtU19dae8GzAgMBAAGjggMRMIIDDTAdBgNVHQ4EFgQUOlU7bvgL
+SIxL5a43cHyGajEEhswHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZFRjdEMC8zNkU0MEExNkYyRkIx
MUVEODIxQjlEODA0QUQ5RTZGQy8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RUY3RDAvMzZFNDBBMTZGMkZCMTFFRDgyMUI5RDgwNEFEOUU2RkMvT2xVN2J2
Z0wtU0l4TDVhNDNjSHlHYWpFRWhzLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBiIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAJm0+gDBAJm1AQwDQYJ
KoZIhvcNAQELBQADggEBAG6O6q13cxw+e+8KKVqc3M7hU6vEDdiVW7H8dc1Ha9HZ
1F5jKtP+A/pGqQ56vy9VwFctxzMEQA06+0jdLQFgRWcVvVlU+r58N5S4FhY9Xlah
vlc3j5x5nY+kYJq7MMLxVmo6PoGbUsloI/xFmAtY/LnGVH+8Tw0g+r5UKBINFbRo
x4ovh0OiF0r9uTYgEjXdKoaPTQs2jJt8MYpzgEEp59niiel6ImBTDyBrydUGF3FH
YbM9+RMDmxPjoiORI6StVe1PZD6idyoe1q15VbR9V13gNbAXXW8DXhy98B83PMdU
gwO1FSSr36aEbrDH1LTN3SdOpO2PTyEwuaKOgjPXKGY=
-----END CERTIFICATE-----