Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/PVXHhOoXkS8OlgolxsqSDhACMAo.cer
File:                     PVXHhOoXkS8OlgolxsqSDhACMAo.cer (raw, json)
Hash identifier:          6ou4DiCJvC0Xv1WI3m5LWtf5+p+iNRYVOL5cZlgi6rI=
Subject key identifier:   3D:55:C7:84:EA:17:91:2F:0E:96:0A:25:C6:CA:92:0E:10:02:30:0A
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2473
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F364712F/E9C4BAA2A0E811EB88958D10F8AEA228/PVXHhOoXkS8OlgolxsqSDhACMAo.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F364712F/E9C4BAA2A0E811EB88958D10F8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 01:35:18 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 29975
                          AS: 36994
                          AS: 37311
                          IP: 41.0.0.0/11
                          IP: 41.192.0.0/16
                          IP: 105.240.0.0/12
                          IP: 196.6.123.0 -- 196.6.130.255
                          IP: 196.6.254.0/24
                          IP: 196.11.58.0/24
                          IP: 196.11.146.0 -- 196.11.149.255
                          IP: 196.46.160.0/20
                          IP: 196.207.32.0/20
                          IP: 2c0e:4000::/24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9331 (0x2473)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 01:35:18 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F364712FAF/serialNumber=3D55C784EA17912F0E960A25C6CA920E1002300A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:33:18:87:f7:32:ce:cb:59:0b:1f:1f:12:85:
                    0b:ee:37:4d:eb:ed:f9:d7:47:5e:06:cf:34:8f:11:
                    7f:b7:60:a1:83:39:26:19:5e:6e:61:ae:1c:e9:5e:
                    23:ad:12:cd:4a:93:09:20:df:cf:61:73:5a:59:e2:
                    d3:72:fe:52:8b:ba:a5:ca:37:d9:b6:9b:97:e2:a5:
                    a0:34:70:ef:a7:f6:91:2e:85:d0:ff:57:eb:29:4b:
                    3a:83:be:86:9b:18:6f:03:93:5d:c8:e1:b4:e9:3f:
                    bc:b8:ef:eb:75:08:99:2c:69:56:da:c6:c1:a8:6b:
                    62:87:f6:2f:e1:96:26:be:94:2f:bc:0e:cb:ba:0c:
                    26:ed:b5:60:16:cc:d4:40:76:0a:79:db:e3:c0:5d:
                    99:2b:2b:e3:f9:47:72:a7:b9:29:b1:15:1e:b0:37:
                    fc:34:5e:e9:48:42:1f:42:1b:02:57:3a:04:24:b5:
                    fb:ec:2a:18:a7:a4:d9:30:d8:7e:dd:7b:19:bf:16:
                    84:eb:19:98:d7:49:11:ed:40:6f:ea:a5:5d:20:c2:
                    df:b6:9a:b8:0a:85:fe:a0:fb:d0:0a:c8:75:71:fd:
                    09:fe:e5:cf:55:64:fd:6f:9c:2e:e2:fb:a9:7a:b3:
                    d6:b6:d2:5b:b1:8a:cf:4f:50:e2:43:98:0e:5a:04:
                    f7:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:55:C7:84:EA:17:91:2F:0E:96:0A:25:C6:CA:92:0E:10:02:30:0A
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F364712F/E9C4BAA2A0E811EB88958D10F8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F364712F/E9C4BAA2A0E811EB88958D10F8AEA228/PVXHhOoXkS8OlgolxsqSDhACMAo.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  29975
                  36994
                  37311

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.0.0.0/11
                  41.192.0.0/16
                  105.240.0.0/12
                  196.6.123.0-196.6.130.255
                  196.6.254.0/24
                  196.11.58.0/24
                  196.11.146.0-196.11.149.255
                  196.46.160.0/20
                  196.207.32.0/20
                IPv6:
                  2c0e:4000::/24

    Signature Algorithm: sha256WithRSAEncryption
         87:e6:e9:30:f5:aa:e9:76:6c:dd:41:86:21:4f:ed:e1:9a:f9:
         9e:50:92:97:b2:1b:a7:6f:52:35:af:71:7a:7a:08:3d:b3:2a:
         e9:b0:31:77:24:ec:8f:c0:03:44:b2:71:04:82:3f:1b:0b:71:
         cc:5d:c6:1e:a0:5d:bd:78:83:d0:47:b2:ab:e8:8d:10:f8:5a:
         a1:51:d0:c1:24:17:00:a6:90:2b:b6:84:82:8e:81:e3:96:2a:
         fa:e2:1c:6f:cd:b2:21:8b:b7:b4:69:4e:ae:66:07:c1:c4:19:
         75:ef:3f:c3:ac:fa:c9:3a:e9:1f:6f:e6:20:a3:08:c7:a2:88:
         9d:0d:fe:fa:30:39:bd:20:ec:09:7e:60:b6:5d:73:84:70:b2:
         1f:19:97:dd:83:10:3e:9f:1b:9c:5f:73:11:53:a9:e6:17:b7:
         90:6b:aa:5d:66:c5:1c:d2:e5:44:47:d2:00:08:db:58:fb:a4:
         ac:2c:58:4a:36:97:6f:a3:a6:f4:85:79:be:c6:91:3b:16:57:
         ae:bd:2d:97:f9:35:d2:22:7b:cf:71:d0:05:83:06:78:fd:aa:
         f4:59:3a:d9:ed:8b:cf:f3:c7:02:65:ce:c3:59:cf:bf:c5:92:
         44:a7:8f:3b:14:f6:f4:24:f9:ed:ba:99:95:21:68:2e:93:9c:
         36:a2:81:32
-----BEGIN CERTIFICATE-----
MIIGajCCBVKgAwIBAgICJHMwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMTM1MThaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjQ3MTJGQUYxMTAvBgNVBAUTKDNENTVDNzg0RUExNzkxMkYwRTk2MEEy
NUM2Q0E5MjBFMTAwMjMwMEEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDSMxiH9zLOy1kLHx8ShQvuN03r7fnXR14GzzSPEX+3YKGDOSYZXm5hrhzpXiOt
Es1Kkwkg389hc1pZ4tNy/lKLuqXKN9m2m5fipaA0cO+n9pEuhdD/V+spSzqDvoab
GG8Dk13I4bTpP7y47+t1CJksaVbaxsGoa2KH9i/hlia+lC+8Dsu6DCbttWAWzNRA
dgp52+PAXZkrK+P5R3KnuSmxFR6wN/w0XulIQh9CGwJXOgQktfvsKhinpNkw2H7d
exm/FoTrGZjXSRHtQG/qpV0gwt+2mrgKhf6g+9AKyHVx/Qn+5c9VZP1vnC7i+6l6
s9a20luxis9PUOJDmA5aBPcPAgMBAAGjggNfMIIDWzAdBgNVHQ4EFgQUPVXHhOoX
kS8OlgolxsqSDhACMAowHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY0NzEyRi9FOUM0QkFBMkEwRTgx
MUVCODg5NThEMTBGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDcxMkYvRTlDNEJBQTJBMEU4MTFFQjg4OTU4RDEwRjhBRUEyMjgvUFZYSGhP
b1hrUzhPbGdvbHhzcVNEaEFDTUFvLm1mdDAjBggrBgEFBQcBCAEB/wQUMBKgEDAO
AgJ1FwIDAJCCAgMAkb8wagYIKwYBBQUHAQcBAf8EWzBZMEkEAgABMEMDAwUpAAMD
ACnAAwMEafAwDAMEAMQGewMEAMQGggMEAMQG/gMEAMQLOjAMAwQBxAuSAwQBxAuU
AwQExC6gAwQExM8gMAwEAgACMAYDBAAsDkAwDQYJKoZIhvcNAQELBQADggEBAIfm
6TD1qul2bN1BhiFP7eGa+Z5QkpeyG6dvUjWvcXp6CD2zKumwMXck7I/AA0SycQSC
PxsLccxdxh6gXb14g9BHsqvojRD4WqFR0MEkFwCmkCu2hIKOgeOWKvriHG/NsiGL
t7RpTq5mB8HEGXXvP8Os+sk66R9v5iCjCMeiiJ0N/vowOb0g7Al+YLZdc4Rwsh8Z
l92DED6fG5xfcxFTqeYXt5Brql1mxRzS5URH0gAI21j7pKwsWEo2l2+jpvSFeb7G
kTsWV669LZf5NdIie89x0AWDBnj9qvRZOtnti8/zxwJlzsNZz7/FkkSnjzsU9vQk
+e26mZUhaC6TnDaigTI=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:31 2024 by rpki-client on console-fra.rpki-client.org