Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/Pct5xzhsFKacQ1XzTDvFs09ES64.cer
File:                     Pct5xzhsFKacQ1XzTDvFs09ES64.cer (raw, json)
Hash identifier:          83D5DeArmivmZkCSsv0KIZJ2TrU/lx4tWC1EfKarPfY=
Subject key identifier:   3D:CB:79:C7:38:6C:14:A6:9C:43:55:F3:4C:3B:C5:B3:4F:44:4B:AE
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       28A0
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36FA5EA/0B1437CA38B211ED8B64E4DBF1222468/Pct5xzhsFKacQ1XzTDvFs09ES64.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36FA5EA/0B1437CA38B211ED8B64E4DBF1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:35:14 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 36909
                          IP: 41.78.168.0/22
                          IP: 41.220.128.0/20
                          IP: 154.0.152.0/21
                          IP: 2c0f:fd20::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10400 (0x28a0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 04:35:14 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36FA5EAAF/serialNumber=3DCB79C7386C14A69C4355F34C3BC5B34F444BAE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:01:77:17:fd:14:7a:e2:bf:a6:e7:85:7f:af:
                    f9:61:b9:05:ea:76:3d:48:77:59:2a:57:b4:3c:7c:
                    48:80:7f:40:ea:44:e7:61:5d:da:05:5c:c3:9f:6c:
                    85:29:fc:df:61:b9:2e:8c:30:bc:58:65:14:4c:87:
                    81:04:85:42:e9:a1:2c:a1:59:c5:43:13:6b:57:f7:
                    06:3b:e6:ee:dc:69:47:cc:10:dc:3c:61:40:30:bc:
                    19:19:0d:af:ac:3f:14:2e:76:a8:ac:14:b0:87:9f:
                    cc:89:ee:8f:a6:83:67:d6:51:c5:29:22:eb:3f:6c:
                    78:b9:8b:da:ee:16:75:3f:1f:69:98:1e:ce:f2:be:
                    70:e4:3d:87:9b:e9:7d:82:db:20:54:61:8c:e7:d7:
                    11:d1:c5:88:00:30:92:07:34:27:27:75:ca:7a:5b:
                    c3:04:86:ef:65:d8:b9:6c:80:3a:4b:2d:29:22:30:
                    ee:cf:ec:1a:18:5e:f7:50:87:4d:84:ac:b7:c0:ab:
                    cc:f3:66:27:82:42:58:9f:db:7f:d9:2b:67:b8:0b:
                    b4:13:51:2a:60:79:0f:bc:3b:b7:9d:40:ef:0a:a8:
                    23:1c:40:cb:2b:f9:d2:0e:93:dc:ee:3c:68:c4:4d:
                    11:4e:7a:f6:96:0a:44:3b:38:79:d5:d7:7a:bb:c4:
                    96:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:CB:79:C7:38:6C:14:A6:9C:43:55:F3:4C:3B:C5:B3:4F:44:4B:AE
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA5EA/0B1437CA38B211ED8B64E4DBF1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA5EA/0B1437CA38B211ED8B64E4DBF1222468/Pct5xzhsFKacQ1XzTDvFs09ES64.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  36909

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.78.168.0/22
                  41.220.128.0/20
                  154.0.152.0/21
                IPv6:
                  2c0f:fd20::/32

    Signature Algorithm: sha256WithRSAEncryption
         95:12:56:53:8e:eb:8c:e9:c5:0b:22:bb:25:ce:67:5c:c3:5e:
         ac:58:41:ea:87:64:03:cb:5c:d2:bf:ff:24:80:63:f2:54:51:
         61:18:58:03:e1:9b:c5:c2:55:21:b4:26:ab:40:0e:5a:98:3b:
         0e:16:3d:8b:04:7a:e7:70:f1:e1:a4:04:fb:2b:3b:d6:fc:96:
         49:86:e6:66:ce:4c:ec:e2:82:db:bd:7b:3b:b7:37:fc:e1:ea:
         bf:a6:4f:66:ba:a1:f2:b7:91:3f:ef:9c:95:e4:61:c4:0d:cc:
         46:ef:17:ce:2a:70:ba:88:35:c8:9c:a6:54:ad:9d:f2:0b:1e:
         b7:62:db:76:8d:f2:4d:6d:1e:06:e2:0e:ff:4f:94:fb:fb:72:
         88:40:0c:49:fc:89:5d:11:da:b1:dd:37:7e:db:78:78:21:af:
         99:ef:3d:a4:25:54:94:35:8f:58:98:e3:9c:20:e2:38:ae:ca:
         67:b0:01:b5:a1:00:09:1f:e0:d3:1e:c7:14:2c:1d:53:7f:d9:
         00:21:db:32:73:3f:3e:11:8c:5e:06:2f:0b:12:9e:ce:6b:10:
         86:66:f8:be:0d:7a:9e:56:75:05:22:44:d7:fa:7a:5c:79:5b:
         40:97:be:a9:c2:f8:a6:0e:ba:4b:b6:f7:8a:80:9e:40:4d:df:
         32:a5:f3:12
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgICKKAwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwNDM1MTRaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkZBNUVBQUYxMTAvBgNVBAUTKDNEQ0I3OUM3Mzg2QzE0QTY5QzQzNTVG
MzRDM0JDNUIzNEY0NDRCQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDtAXcX/RR64r+m54V/r/lhuQXqdj1Id1kqV7Q8fEiAf0DqROdhXdoFXMOfbIUp
/N9huS6MMLxYZRRMh4EEhULpoSyhWcVDE2tX9wY75u7caUfMENw8YUAwvBkZDa+s
PxQudqisFLCHn8yJ7o+mg2fWUcUpIus/bHi5i9ruFnU/H2mYHs7yvnDkPYeb6X2C
2yBUYYzn1xHRxYgAMJIHNCcndcp6W8MEhu9l2LlsgDpLLSkiMO7P7BoYXvdQh02E
rLfAq8zzZieCQlif23/ZK2e4C7QTUSpgeQ+8O7edQO8KqCMcQMsr+dIOk9zuPGjE
TRFOevaWCkQ7OHnV13q7xJYPAgMBAAGjggMmMIIDIjAdBgNVHQ4EFgQUPct5xzhs
FKacQ1XzTDvFs09ES64wHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZGQTVFQS8wQjE0MzdDQTM4QjIx
MUVEOEI2NEU0REJGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkE1RUEvMEIxNDM3Q0EzOEIyMTFFRDhCNjRFNERCRjEyMjI0NjgvUGN0NXh6
aHNGS2FjUTFYelREdkZzMDlFUzY0Lm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMAkC0wOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAIpTqgDBAQp3IADBAOa
AJgwDQQCAAIwBwMFACwP/SAwDQYJKoZIhvcNAQELBQADggEBAJUSVlOO64zpxQsi
uyXOZ1zDXqxYQeqHZAPLXNK//ySAY/JUUWEYWAPhm8XCVSG0JqtADlqYOw4WPYsE
eudw8eGkBPsrO9b8lkmG5mbOTOzigtu9ezu3N/zh6r+mT2a6ofK3kT/vnJXkYcQN
zEbvF84qcLqINcicplStnfILHrdi23aN8k1tHgbiDv9PlPv7cohADEn8iV0R2rHd
N37beHghr5nvPaQlVJQ1j1iY45wg4jiuymewAbWhAAkf4NMexxQsHVN/2QAh2zJz
Pz4RjF4GLwsSns5rEIZm+L4Nep5WdQUiRNf6elx5W0CXvqnC+KYOuku294qAnkBN
3zKl8xI=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:31 2024 by rpki-client on console-fra.rpki-client.org