Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/PdV0GGdrVqud5W-qgMJ4h5vZRc4.cer
File:                     PdV0GGdrVqud5W-qgMJ4h5vZRc4.cer (raw, json)
Hash identifier:          Fj8iluXPIqPuHcKy82sRlzqtp4Bw0Z+IvEqK9Qs0cOg=
Subject key identifier:   3D:D5:74:18:67:6B:56:AB:9D:E5:6F:AA:80:C2:78:87:9B:D9:45:CE
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2A6F
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F3645590/95C1A38A27F811EFA48126167DDC24C2/PdV0GGdrVqud5W-qgMJ4h5vZRc4.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F3645590/95C1A38A27F811EFA48126167DDC24C2/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Tue 11 Jun 2024 13:43:42 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328596
                          IP: 2c0f:eba0::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10863 (0x2a6f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jun 11 13:43:42 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F3645590AF/serialNumber=3DD57418676B56AB9DE56FAA80C278879BD945CE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:6f:33:f4:10:79:26:fa:a9:1b:c7:dc:a4:94:
                    70:f3:14:5e:09:bf:bd:48:ac:0e:2b:7d:e8:a1:09:
                    d2:b7:52:59:8b:1e:0f:23:39:e9:00:70:cb:64:49:
                    2d:8a:e3:84:a9:62:6b:19:ce:58:62:1e:d6:d1:ea:
                    55:f7:a0:90:c5:b3:18:91:ff:90:d1:78:0b:51:8a:
                    ac:a2:85:c2:04:ba:cc:36:7a:11:d1:57:c1:e6:5f:
                    01:47:88:9e:95:8a:7b:48:dc:ad:10:47:b8:b9:ab:
                    86:1a:02:8d:91:91:3d:82:69:24:e2:7a:e2:ee:fe:
                    5f:69:cd:49:6a:c5:10:42:a7:96:aa:9d:2e:e4:9f:
                    c2:51:9b:1a:a6:6c:87:5c:e2:cc:48:96:69:bb:41:
                    bd:83:cc:66:1a:74:1d:f3:e3:c5:7a:7c:dd:27:28:
                    75:8d:03:ac:e4:9f:4e:21:58:8c:32:5c:07:62:26:
                    4b:08:71:48:da:55:4d:d7:03:41:69:8b:73:a5:d8:
                    9a:88:1e:b3:ec:b9:4d:b4:e6:16:a8:21:e3:d3:f5:
                    60:c8:c0:17:81:22:d7:57:f1:b8:13:a1:84:ff:5a:
                    36:6b:e7:23:89:5b:bc:bf:20:65:3c:6b:d1:3b:9d:
                    e2:39:fd:32:2a:09:d0:51:8e:8a:bb:61:ab:3a:b5:
                    b0:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:D5:74:18:67:6B:56:AB:9D:E5:6F:AA:80:C2:78:87:9B:D9:45:CE
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F3645590/95C1A38A27F811EFA48126167DDC24C2/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F3645590/95C1A38A27F811EFA48126167DDC24C2/PdV0GGdrVqud5W-qgMJ4h5vZRc4.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328596

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:eba0::/32

    Signature Algorithm: sha256WithRSAEncryption
         1f:11:50:43:b7:fb:d3:24:c4:72:d6:1c:d1:36:ca:70:45:7e:
         58:21:ae:0f:0c:de:0e:3d:a9:fc:47:65:e5:f1:8a:29:b6:56:
         5d:97:ca:81:4d:40:c8:bb:74:6b:b5:36:fd:9f:7c:39:1f:14:
         d2:bc:c7:74:eb:19:b2:ed:77:59:a9:11:f6:19:be:84:7b:cf:
         c8:7f:3d:fc:14:38:cb:8b:61:17:26:ad:1d:e0:87:f8:a0:8d:
         8a:6a:91:59:10:0e:97:e4:fe:f5:cf:8d:a2:23:04:a7:da:b8:
         49:8b:db:ed:8a:05:80:d1:7e:fd:52:42:21:d7:5f:3e:c0:31:
         76:3a:dd:db:48:09:c2:84:97:a6:4e:47:ab:c3:81:93:14:1e:
         1f:fe:ec:45:3f:3e:50:b5:a8:f2:1f:ea:f0:6b:fc:19:88:b4:
         2d:9c:91:02:3b:9c:74:95:82:e5:eb:3f:d2:27:a7:fc:84:92:
         34:0d:e2:5b:78:a5:41:56:c6:8f:94:75:33:c1:6e:81:6d:54:
         f9:37:7f:89:72:b9:e1:cd:fe:5e:cc:83:cf:cb:6e:4f:67:ed:
         d9:04:44:4e:f8:c4:f9:ea:9f:ff:f2:35:3e:68:33:18:77:f6:
         06:49:5e:c6:f0:3a:b5:3a:c8:7e:c5:c7:91:3d:2a:91:09:ce:
         d5:b7:d0:4b
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgICKm8wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDA2MTExMzQzNDJaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjQ1NTkwQUYxMTAvBgNVBAUTKDNERDU3NDE4Njc2QjU2QUI5REU1NkZB
QTgwQzI3ODg3OUJEOTQ1Q0UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDXbzP0EHkm+qkbx9yklHDzFF4Jv71IrA4rfeihCdK3UlmLHg8jOekAcMtkSS2K
44SpYmsZzlhiHtbR6lX3oJDFsxiR/5DReAtRiqyihcIEusw2ehHRV8HmXwFHiJ6V
intI3K0QR7i5q4YaAo2RkT2CaSTieuLu/l9pzUlqxRBCp5aqnS7kn8JRmxqmbIdc
4sxIlmm7Qb2DzGYadB3z48V6fN0nKHWNA6zkn04hWIwyXAdiJksIcUjaVU3XA0Fp
i3Ol2JqIHrPsuU205haoIePT9WDIwBeBItdX8bgToYT/WjZr5yOJW7y/IGU8a9E7
neI5/TIqCdBRjoq7Yas6tbApAgMBAAGjggMMMIIDCDAdBgNVHQ4EFgQUPdV0GGdr
Vqud5W+qgMJ4h5vZRc4wHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY0NTU5MC85NUMxQTM4QTI3Rjgx
MUVGQTQ4MTI2MTY3RERDMjRDMi8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDU1OTAvOTVDMUEzOEEyN0Y4MTFFRkE0ODEyNjE2N0REQzI0QzIvUGRWMEdH
ZHJWcXVkNVctcWdNSjRoNXZaUmM0Lm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFA5QwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD+ugMA0GCSqGSIb3
DQEBCwUAA4IBAQAfEVBDt/vTJMRy1hzRNspwRX5YIa4PDN4OPan8R2Xl8YoptlZd
l8qBTUDIu3RrtTb9n3w5HxTSvMd06xmy7XdZqRH2Gb6Ee8/Ifz38FDjLi2EXJq0d
4If4oI2KapFZEA6X5P71z42iIwSn2rhJi9vtigWA0X79UkIh118+wDF2Ot3bSAnC
hJemTkerw4GTFB4f/uxFPz5QtajyH+rwa/wZiLQtnJECO5x0lYLl6z/SJ6f8hJI0
DeJbeKVBVsaPlHUzwW6BbVT5N3+Jcrnhzf5ezIPPy25PZ+3ZBERO+MT56p//8jU+
aDMYd/YGSV7G8Dq1Osh+xceRPSqRCc7Vt9BL
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org