Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/Py4lhz-TCj4vdaXCxhVisCIN5ls.cer
File:                     Py4lhz-TCj4vdaXCxhVisCIN5ls.cer (raw, json)
Hash identifier:          XRqDlOJ8xkXhSge1nYtGWdGT0HsGq551jj6pnuOeqKs=
Subject key identifier:   3F:2E:25:87:3F:93:0A:3E:2F:75:A5:C2:C6:15:62:B0:22:0D:E6:5B
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2541
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F365F31B/D52C184A973311EDB423448DF1222468/Py4lhz-TCj4vdaXCxhVisCIN5ls.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F365F31B/D52C184A973311EDB423448DF1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:25:01 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 37718
                          AS: 328091
                          IP: 196.49.38.0/24
                          IP: 196.60.6.0/23
                          IP: 2001:43f8:d70::/47

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9537 (0x2541)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 02:25:01 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F365F31BAF/serialNumber=3F2E25873F930A3E2F75A5C2C61562B0220DE65B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:8a:0a:4f:4f:76:e4:ba:39:b3:55:f6:c9:74:
                    a4:33:1c:43:96:e3:9e:f9:fe:2b:83:5a:98:f5:63:
                    31:48:c6:1b:b9:6c:57:b7:33:33:d6:96:18:99:38:
                    54:b5:18:8f:3d:59:4f:cf:e6:22:78:e8:fc:a3:e3:
                    58:19:d0:59:76:98:4e:4b:52:c3:1f:40:34:1c:a4:
                    8b:86:44:9c:be:33:b7:5c:c6:3f:6d:75:c3:0e:7c:
                    51:b7:42:3d:5a:af:5a:c9:9d:a4:ca:ca:a4:25:11:
                    b3:d0:d5:5d:03:e7:f9:9b:da:a5:a0:47:ee:24:37:
                    9a:01:e8:99:69:42:cd:29:05:dc:a8:b3:41:75:11:
                    7c:09:74:8a:a0:bf:2e:92:a2:11:7e:e7:dc:1c:c9:
                    ad:18:76:21:9c:97:1b:c6:75:10:29:b7:06:d6:4c:
                    df:d9:42:4a:ac:4e:61:d1:76:5d:6c:67:81:b1:90:
                    2a:fe:b8:72:b5:48:2a:21:21:ae:66:a6:f6:4a:bc:
                    1b:6f:06:37:d5:ad:ba:68:32:a1:69:e0:90:d5:b3:
                    7f:b4:90:a7:09:98:e1:6b:6b:e8:78:28:db:d8:df:
                    bc:91:68:50:bf:8d:95:c1:d6:17:a3:f7:38:bc:01:
                    74:ef:28:3b:88:3b:a0:d1:10:ab:6f:69:57:42:09:
                    7f:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:2E:25:87:3F:93:0A:3E:2F:75:A5:C2:C6:15:62:B0:22:0D:E6:5B
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F365F31B/D52C184A973311EDB423448DF1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F365F31B/D52C184A973311EDB423448DF1222468/Py4lhz-TCj4vdaXCxhVisCIN5ls.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  37718
                  328091

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.49.38.0/24
                  196.60.6.0/23
                IPv6:
                  2001:43f8:d70::/47

    Signature Algorithm: sha256WithRSAEncryption
         2a:08:0e:fa:85:cf:f2:fe:fc:df:d7:7c:bc:a2:73:2d:47:15:
         cb:46:b3:ac:26:28:8f:63:db:23:a1:9c:a2:82:ef:95:4b:81:
         62:0d:05:fa:86:73:70:ea:0f:f0:68:a5:23:04:0a:be:70:a7:
         a7:97:34:a5:87:4c:95:d8:91:55:66:30:dc:63:09:6e:1e:e0:
         2c:d1:1f:4c:b6:43:58:e9:1e:d5:ad:a2:f4:9a:b1:fa:05:cf:
         21:b7:a2:60:9d:89:17:bd:3a:6d:da:34:2f:c7:cd:ad:9d:4f:
         d0:7e:39:56:cf:28:48:df:7d:02:0d:a6:f2:c5:61:4e:24:af:
         e8:71:a7:4d:0d:8f:58:c3:58:bf:48:2f:3a:b9:96:a0:31:99:
         89:92:53:29:a1:84:15:97:62:09:c0:fa:e8:e2:be:a8:ca:48:
         22:b8:8e:aa:c8:10:b3:ab:df:a1:af:0e:ce:9c:b9:f5:0f:03:
         0c:f2:e6:42:33:d8:0d:26:d2:5c:87:f9:8c:7d:44:37:c1:6c:
         ec:dc:82:2f:1b:ec:9f:5a:35:cd:e1:ef:e1:d4:fc:8e:23:ce:
         7e:7c:7b:b3:50:c6:e7:d7:3a:fe:71:56:76:fb:9d:0e:76:ab:
         ab:ad:14:86:50:fe:63:8a:07:21:0d:de:2a:a2:69:7a:b9:34:
         f8:de:e4:9d
-----BEGIN CERTIFICATE-----
MIIGMjCCBRqgAwIBAgICJUEwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMjI1MDFaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjVGMzFCQUYxMTAvBgNVBAUTKDNGMkUyNTg3M0Y5MzBBM0UyRjc1QTVD
MkM2MTU2MkIwMjIwREU2NUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCrigpPT3bkujmzVfbJdKQzHEOW4575/iuDWpj1YzFIxhu5bFe3MzPWlhiZOFS1
GI89WU/P5iJ46Pyj41gZ0Fl2mE5LUsMfQDQcpIuGRJy+M7dcxj9tdcMOfFG3Qj1a
r1rJnaTKyqQlEbPQ1V0D5/mb2qWgR+4kN5oB6JlpQs0pBdyos0F1EXwJdIqgvy6S
ohF+59wcya0YdiGclxvGdRAptwbWTN/ZQkqsTmHRdl1sZ4GxkCr+uHK1SCohIa5m
pvZKvBtvBjfVrbpoMqFp4JDVs3+0kKcJmOFra+h4KNvY37yRaFC/jZXB1hej9zi8
AXTvKDuIO6DREKtvaVdCCX+zAgMBAAGjggMnMIIDIzAdBgNVHQ4EFgQUPy4lhz+T
Cj4vdaXCxhVisCIN5lswHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY1RjMxQi9ENTJDMTg0QTk3MzMx
MUVEQjQyMzQ0OERGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUYzMUIvRDUyQzE4NEE5NzMzMTFFREI0MjM0NDhERjEyMjI0NjgvUHk0bGh6
LVRDajR2ZGFYQ3hoVmlzQ0lONWxzLm1mdDAfBggrBgEFBQcBCAEB/wQQMA6gDDAK
AgMAk1YCAwUBmzA2BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAMQxJgMEAcQ8
BjAPBAIAAjAJAwcBIAFD+A1wMA0GCSqGSIb3DQEBCwUAA4IBAQAqCA76hc/y/vzf
13y8onMtRxXLRrOsJiiPY9sjoZyigu+VS4FiDQX6hnNw6g/waKUjBAq+cKenlzSl
h0yV2JFVZjDcYwluHuAs0R9MtkNY6R7VraL0mrH6Bc8ht6JgnYkXvTpt2jQvx82t
nU/QfjlWzyhI330CDabyxWFOJK/ocadNDY9Yw1i/SC86uZagMZmJklMpoYQVl2IJ
wPro4r6oykgiuI6qyBCzq9+hrw7OnLn1DwMM8uZCM9gNJtJch/mMfUQ3wWzs3IIv
G+yfWjXN4e/h1PyOI85+fHuzUMbn1zr+cVZ2+50OdqurrRSGUP5jigchDd4qoml6
uTT43uSd
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org