Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/Peh56gnhe4ORxyjbem-nsnOQS3o.cer
File:                     Peh56gnhe4ORxyjbem-nsnOQS3o.cer (raw, json)
Hash identifier:          WhmCKvXriQD5wjmkuYTDAZTvso+imAqP/nGflsA5yOs=
Subject key identifier:   3D:E8:79:EA:09:E1:7B:83:91:C7:28:DB:7A:6F:A7:B2:73:90:4B:7A
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2704
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36E6D28/0192A7F2EA1D11EBB8B69A0BD8A014CE/Peh56gnhe4ORxyjbem-nsnOQS3o.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36E6D28/0192A7F2EA1D11EBB8B69A0BD8A014CE/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 03:32:20 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328720
                          IP: 102.222.108.0/22
                          IP: 2c0f:7400::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 08:08:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9988 (0x2704)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 03:32:20 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36E6D28AF/serialNumber=3DE879EA09E17B8391C728DB7A6FA7B273904B7A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:aa:87:c4:e8:46:34:4f:2f:86:d8:ae:75:b4:
                    3a:b3:ce:71:83:00:d8:1e:c4:c1:3f:9b:e7:d8:c2:
                    fa:eb:88:7c:01:5a:6e:cf:28:6a:f8:29:0d:3a:66:
                    7a:15:38:eb:2b:ea:38:14:2b:b3:2a:a1:0c:6a:eb:
                    0f:e4:9a:47:5e:91:7b:39:83:28:65:1d:53:5f:ae:
                    52:04:85:6a:b4:0c:90:b8:fc:b2:d8:e7:da:fc:f2:
                    13:4f:3b:8d:72:1e:7f:0d:ce:80:a5:4b:0a:4a:fe:
                    89:05:80:03:11:7d:36:a8:03:9b:20:76:89:b1:f7:
                    3b:b4:17:33:aa:7e:cf:15:3f:6c:ab:f8:6d:18:9b:
                    da:0d:26:3e:2d:55:ce:93:0e:f0:37:d6:6c:c0:81:
                    f4:fa:f4:9a:42:f1:d5:a0:ed:ba:4b:af:f9:34:ea:
                    e6:a5:80:08:12:05:8a:82:9c:76:f3:6d:bd:2f:fb:
                    f9:82:87:c4:a7:1f:c6:36:30:9d:02:41:f4:da:8a:
                    bc:33:40:77:db:48:5e:fc:9d:3b:9a:82:ea:60:03:
                    17:7a:99:c9:f7:5c:54:10:1a:ea:52:ed:10:88:99:
                    cc:c6:0a:ef:f5:28:cb:98:f3:e3:75:0a:c5:6a:d2:
                    f5:c5:19:26:19:11:3f:32:93:87:ac:b6:cb:b5:a4:
                    ae:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:E8:79:EA:09:E1:7B:83:91:C7:28:DB:7A:6F:A7:B2:73:90:4B:7A
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E6D28/0192A7F2EA1D11EBB8B69A0BD8A014CE/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E6D28/0192A7F2EA1D11EBB8B69A0BD8A014CE/Peh56gnhe4ORxyjbem-nsnOQS3o.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328720

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.222.108.0/22
                IPv6:
                  2c0f:7400::/32

    Signature Algorithm: sha256WithRSAEncryption
         69:a9:db:f8:7f:cf:c1:12:a5:e0:fc:3c:16:0b:eb:3c:69:46:
         48:08:25:d3:24:e8:1b:40:f1:37:bd:d9:f6:86:e0:f0:e7:ce:
         93:39:8e:d1:e0:90:c1:ab:33:33:b2:6c:ba:a0:75:68:a1:e5:
         93:e3:7f:d8:b4:71:bd:49:b4:18:64:6b:71:76:f4:cb:a8:c3:
         38:cf:3f:f6:c3:1d:e6:22:8d:40:40:8d:0e:67:e8:20:f4:e0:
         ec:f8:14:a2:f4:aa:2b:84:90:d8:c3:a3:25:7a:5f:0f:b6:e2:
         b0:18:51:93:99:02:21:04:df:d2:8b:5c:ac:5f:28:a7:2d:ce:
         c6:38:62:7b:3c:32:e9:22:05:50:bc:41:1e:15:13:d6:28:37:
         f3:72:33:5c:d6:19:59:8f:0c:7d:43:88:19:c8:6b:16:ab:9d:
         f8:08:e2:0d:b3:e3:e7:59:8b:ec:69:54:4b:12:bf:9f:53:9b:
         6f:d6:09:8d:d3:c5:b1:d3:d0:56:ec:7d:06:b3:88:34:6e:f1:
         d5:d2:fc:ea:1c:0f:32:bf:93:aa:50:b5:67:f9:99:4c:47:e4:
         c0:93:54:db:00:bb:d9:62:74:05:09:e9:3a:98:46:ce:59:fb:
         08:10:b0:99:fe:b2:83:c6:09:39:32:06:23:db:a0:97:25:4e:
         1f:66:bd:f3
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgICJwQwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMzMyMjBaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkU2RDI4QUYxMTAvBgNVBAUTKDNERTg3OUVBMDlFMTdCODM5MUM3MjhE
QjdBNkZBN0IyNzM5MDRCN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCfqofE6EY0Ty+G2K51tDqzznGDANgexME/m+fYwvrriHwBWm7PKGr4KQ06ZnoV
OOsr6jgUK7MqoQxq6w/kmkdekXs5gyhlHVNfrlIEhWq0DJC4/LLY59r88hNPO41y
Hn8NzoClSwpK/okFgAMRfTaoA5sgdomx9zu0FzOqfs8VP2yr+G0Ym9oNJj4tVc6T
DvA31mzAgfT69JpC8dWg7bpLr/k06ualgAgSBYqCnHbzbb0v+/mCh8SnH8Y2MJ0C
QfTairwzQHfbSF78nTuagupgAxd6mcn3XFQQGupS7RCImczGCu/1KMuY8+N1CsVq
0vXFGSYZET8yk4estsu1pK5pAgMBAAGjggMaMIIDFjAdBgNVHQ4EFgQUPeh56gnh
e4ORxyjbem+nsnOQS3owHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZFNkQyOC8wMTkyQTdGMkVBMUQx
MUVCQjhCNjlBMEJEOEEwMTRDRS8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTZEMjgvMDE5MkE3RjJFQTFEMTFFQkI4QjY5QTBCRDhBMDE0Q0UvUGVoNTZn
bmhlNE9SeHlqYmVtLW5zbk9RUzNvLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBBAwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm3mwwDQQCAAIwBwMF
ACwPdAAwDQYJKoZIhvcNAQELBQADggEBAGmp2/h/z8ESpeD8PBYL6zxpRkgIJdMk
6BtA8Te92faG4PDnzpM5jtHgkMGrMzOybLqgdWih5ZPjf9i0cb1JtBhka3F29Muo
wzjPP/bDHeYijUBAjQ5n6CD04Oz4FKL0qiuEkNjDoyV6Xw+24rAYUZOZAiEE39KL
XKxfKKctzsY4Yns8MukiBVC8QR4VE9YoN/NyM1zWGVmPDH1DiBnIaxarnfgI4g2z
4+dZi+xpVEsSv59Tm2/WCY3TxbHT0FbsfQaziDRu8dXS/OocDzK/k6pQtWf5mUxH
5MCTVNsAu9lidAUJ6TqYRs5Z+wgQsJn+soPGCTkyBiPboJclTh9mvfM=
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:21:28 2024 by rpki-client on console-fra.rpki-client.org