Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/PSrzU0Rl4_rsqVu9Ix9yPIoG9dE.cer
File:                     PSrzU0Rl4_rsqVu9Ix9yPIoG9dE.cer (raw, json)
Hash identifier:          Gg/7ICljAS850zm4yhlq292ELLGVO3Gsg9MuqADl05Y=
Subject key identifier:   3D:2A:F3:53:44:65:E3:FA:EC:A9:5B:BD:23:1F:72:3C:8A:06:F5:D1
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2849
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36E8936/7CC16FAE90EC11EDB3D1D3F7F1222468/PSrzU0Rl4_rsqVu9Ix9yPIoG9dE.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36E8936/7CC16FAE90EC11EDB3D1D3F7F1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:22:06 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328216
                          IP: 102.141.96.0/20

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 08:08:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10313 (0x2849)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 04:22:06 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36E8936AF/serialNumber=3D2AF3534465E3FAECA95BBD231F723C8A06F5D1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:36:a4:f9:d5:d1:2b:ca:0d:9f:b0:0e:76:00:
                    99:da:30:8b:6c:1f:0e:3a:57:9d:49:9f:d8:0c:f7:
                    a7:99:e3:b5:3f:36:67:a9:6e:d0:7e:0f:60:70:1c:
                    9b:cd:41:87:e8:85:a7:ab:48:b8:d6:23:86:d6:89:
                    3a:47:2c:d2:0e:f5:ba:14:15:c9:c3:7c:d5:98:29:
                    38:6f:2b:0c:f3:f7:49:04:e9:5d:c4:66:44:74:87:
                    00:91:95:0c:0d:32:86:b5:1c:35:57:7f:49:69:c9:
                    aa:a6:2b:6c:fe:1a:57:b9:08:c7:10:96:39:49:89:
                    8d:2b:c3:9b:6f:0e:d3:b0:26:be:27:56:4d:05:77:
                    09:ea:c6:48:da:4d:8e:7d:73:94:09:57:4d:74:31:
                    53:a3:67:50:8d:39:27:95:36:b5:4b:5f:df:27:9c:
                    7d:99:00:d8:cf:f4:96:6b:06:e8:b3:73:da:95:dc:
                    8d:a4:d5:7c:4f:7d:52:ee:2c:49:47:25:22:a7:e4:
                    30:5f:1e:88:c9:39:c2:fc:b5:21:8f:8d:8b:08:ff:
                    eb:61:f1:a7:1c:d0:6d:76:a6:da:ac:98:75:e4:cb:
                    90:86:3a:d1:df:66:84:f6:69:43:83:c6:53:25:a4:
                    4b:b1:3f:26:2e:8a:6a:67:bd:15:a5:52:d4:bc:5c:
                    f7:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:2A:F3:53:44:65:E3:FA:EC:A9:5B:BD:23:1F:72:3C:8A:06:F5:D1
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E8936/7CC16FAE90EC11EDB3D1D3F7F1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E8936/7CC16FAE90EC11EDB3D1D3F7F1222468/PSrzU0Rl4_rsqVu9Ix9yPIoG9dE.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328216

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.141.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         22:19:fe:be:ce:0e:11:50:61:d7:32:2c:b3:50:53:0a:be:c8:
         7d:da:de:6c:da:38:d7:3e:53:41:1b:ab:29:5b:52:1c:b5:e8:
         51:a9:b0:51:63:7c:77:c5:cb:aa:60:f5:96:14:4a:3c:14:55:
         b7:77:72:3f:1f:24:1a:77:9d:12:dd:80:af:38:dd:1a:66:4b:
         48:74:fb:b6:3c:be:4b:7c:29:cd:d7:de:9f:48:e7:f4:d6:61:
         96:a3:8a:2a:80:75:44:84:64:71:c9:97:27:bb:7b:70:b0:10:
         3d:c5:20:44:55:93:c6:d8:18:ef:c8:c2:09:07:a7:c7:f6:0c:
         f3:bb:8a:be:17:4d:72:7e:3a:d5:53:46:26:ac:98:3a:c1:a0:
         27:1d:7d:53:db:85:c1:30:cf:55:fd:bc:5a:9e:ee:54:fc:fd:
         5f:23:26:59:45:10:0d:ef:07:22:72:a2:cb:6b:b4:67:82:ed:
         ef:83:30:1b:8c:8e:02:75:2e:32:29:e2:07:e1:27:69:fe:59:
         b7:58:2e:5e:6a:39:c3:9b:bd:18:d5:fc:2a:42:78:56:45:f4:
         84:81:54:e1:f1:93:06:72:e5:8c:50:d7:84:e6:61:7e:6c:7d:
         10:8b:e5:3f:95:3d:5b:a1:be:1a:01:47:d7:7c:5f:6e:41:6f:
         13:a1:61:c3
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgICKEkwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwNDIyMDZaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkU4OTM2QUYxMTAvBgNVBAUTKDNEMkFGMzUzNDQ2NUUzRkFFQ0E5NUJC
RDIzMUY3MjNDOEEwNkY1RDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDSNqT51dEryg2fsA52AJnaMItsHw46V51Jn9gM96eZ47U/NmepbtB+D2BwHJvN
QYfohaerSLjWI4bWiTpHLNIO9boUFcnDfNWYKThvKwzz90kE6V3EZkR0hwCRlQwN
Moa1HDVXf0lpyaqmK2z+Gle5CMcQljlJiY0rw5tvDtOwJr4nVk0FdwnqxkjaTY59
c5QJV010MVOjZ1CNOSeVNrVLX98nnH2ZANjP9JZrBuizc9qV3I2k1XxPfVLuLElH
JSKn5DBfHojJOcL8tSGPjYsI/+th8acc0G12ptqsmHXky5CGOtHfZoT2aUODxlMl
pEuxPyYuimpnvRWlUtS8XPeXAgMBAAGjggMLMIIDBzAdBgNVHQ4EFgQUPSrzU0Rl
4/rsqVu9Ix9yPIoG9dEwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZFODkzNi83Q0MxNkZBRTkwRUMx
MUVEQjNEMUQzRjdGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTg5MzYvN0NDMTZGQUU5MEVDMTFFREIzRDFEM0Y3RjEyMjI0NjgvUFNyelUw
Umw0X3JzcVZ1OUl4OXlQSW9HOWRFLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAhgwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBARmjWAwDQYJKoZIhvcN
AQELBQADggEBACIZ/r7ODhFQYdcyLLNQUwq+yH3a3mzaONc+U0EbqylbUhy16FGp
sFFjfHfFy6pg9ZYUSjwUVbd3cj8fJBp3nRLdgK843RpmS0h0+7Y8vkt8Kc3X3p9I
5/TWYZajiiqAdUSEZHHJlye7e3CwED3FIERVk8bYGO/IwgkHp8f2DPO7ir4XTXJ+
OtVTRiasmDrBoCcdfVPbhcEwz1X9vFqe7lT8/V8jJllFEA3vByJyostrtGeC7e+D
MBuMjgJ1LjIp4gfhJ2n+WbdYLl5qOcObvRjV/CpCeFZF9ISBVOHxkwZy5YxQ14Tm
YX5sfRCL5T+VPVuhvhoBR9d8X25BbxOhYcM=
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:21:28 2024 by rpki-client on console-fra.rpki-client.org