Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/Py4lhz-TCj4vdaXCxhVisCIN5ls.cer
File:                     Py4lhz-TCj4vdaXCxhVisCIN5ls.cer (raw, json)
Hash identifier:          1kI0lWa6QabWqUMwWC4xEJba/h7wNvn2oeU2vOEcM8A=
Subject key identifier:   3F:2E:25:87:3F:93:0A:3E:2F:75:A5:C2:C6:15:62:B0:22:0D:E6:5B
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2F5C
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F365F31B/D52C184A973311EDB423448DF1222468/Py4lhz-TCj4vdaXCxhVisCIN5ls.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F365F31B/D52C184A973311EDB423448DF1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 02:24:30 +0000
Certificate not after:    Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources:    AS: 37718
                          AS: 328091
                          IP: 196.49.38.0/24
                          IP: 196.60.6.0/23
                          IP: 2001:43f8:d70::/47
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12124 (0x2f5c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC
        Validity
            Not Before: Jan  1 02:24:30 2025 GMT
            Not After : Mar 31 00:00:00 2026 GMT
        Subject: CN=F365F31BAF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:8a:0a:4f:4f:76:e4:ba:39:b3:55:f6:c9:74:
                    a4:33:1c:43:96:e3:9e:f9:fe:2b:83:5a:98:f5:63:
                    31:48:c6:1b:b9:6c:57:b7:33:33:d6:96:18:99:38:
                    54:b5:18:8f:3d:59:4f:cf:e6:22:78:e8:fc:a3:e3:
                    58:19:d0:59:76:98:4e:4b:52:c3:1f:40:34:1c:a4:
                    8b:86:44:9c:be:33:b7:5c:c6:3f:6d:75:c3:0e:7c:
                    51:b7:42:3d:5a:af:5a:c9:9d:a4:ca:ca:a4:25:11:
                    b3:d0:d5:5d:03:e7:f9:9b:da:a5:a0:47:ee:24:37:
                    9a:01:e8:99:69:42:cd:29:05:dc:a8:b3:41:75:11:
                    7c:09:74:8a:a0:bf:2e:92:a2:11:7e:e7:dc:1c:c9:
                    ad:18:76:21:9c:97:1b:c6:75:10:29:b7:06:d6:4c:
                    df:d9:42:4a:ac:4e:61:d1:76:5d:6c:67:81:b1:90:
                    2a:fe:b8:72:b5:48:2a:21:21:ae:66:a6:f6:4a:bc:
                    1b:6f:06:37:d5:ad:ba:68:32:a1:69:e0:90:d5:b3:
                    7f:b4:90:a7:09:98:e1:6b:6b:e8:78:28:db:d8:df:
                    bc:91:68:50:bf:8d:95:c1:d6:17:a3:f7:38:bc:01:
                    74:ef:28:3b:88:3b:a0:d1:10:ab:6f:69:57:42:09:
                    7f:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:2E:25:87:3F:93:0A:3E:2F:75:A5:C2:C6:15:62:B0:22:0D:E6:5B
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F365F31B/D52C184A973311EDB423448DF1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F365F31B/D52C184A973311EDB423448DF1222468/Py4lhz-TCj4vdaXCxhVisCIN5ls.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  37718
                  328091

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.49.38.0/24
                  196.60.6.0/23
                IPv6:
                  2001:43f8:d70::/47

    Signature Algorithm: sha256WithRSAEncryption
         26:7c:23:73:66:49:af:bd:f3:00:d0:32:87:73:59:d9:ea:2b:
         fb:10:e0:ac:0c:8f:d4:ce:3c:07:0b:65:51:a3:1e:9c:e6:36:
         d1:9b:fd:74:5f:f2:de:45:14:48:e1:74:a0:c0:95:4a:23:b3:
         57:b7:18:cb:2e:b6:ed:b9:b9:58:af:ee:58:23:27:5a:aa:da:
         c9:d5:63:c3:9c:0f:97:3d:94:6c:6a:12:3c:8a:1b:f8:df:3a:
         fe:d5:a6:94:3a:d6:ee:1d:36:28:17:f6:df:49:6a:60:90:f0:
         7c:92:aa:8e:b7:bb:1d:0f:7a:88:f1:0e:d3:fd:d6:9a:7b:c1:
         02:86:4d:52:29:dc:35:bc:ef:92:54:2f:19:68:71:79:eb:df:
         6c:bc:55:de:68:60:43:9b:e0:a8:a8:18:3a:15:86:e6:b1:18:
         86:80:ab:46:83:40:ef:90:d0:dd:4d:ad:cb:b0:89:99:d4:61:
         d8:dd:3f:c0:31:84:29:26:7d:68:a6:74:75:93:0f:35:6c:05:
         81:74:08:86:b8:f4:78:b3:65:f9:be:05:4a:8d:36:74:58:66:
         8f:4e:4e:af:b9:f3:49:da:2c:a5:42:bb:d8:77:54:64:ba:6b:
         23:56:5e:7c:19:09:84:e3:0f:55:bf:59:02:3c:5a:4e:7c:2d:
         75:9e:32:29
-----BEGIN CERTIFICATE-----
MIIGMjCCBRqgAwIBAgICL1wwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNTAxMDEwMjI0MzBaFw0yNjAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjVGMzFCQUYxMTAvBgNVBAUTKDNGMkUyNTg3M0Y5MzBBM0UyRjc1QTVD
MkM2MTU2MkIwMjIwREU2NUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCrigpPT3bkujmzVfbJdKQzHEOW4575/iuDWpj1YzFIxhu5bFe3MzPWlhiZOFS1
GI89WU/P5iJ46Pyj41gZ0Fl2mE5LUsMfQDQcpIuGRJy+M7dcxj9tdcMOfFG3Qj1a
r1rJnaTKyqQlEbPQ1V0D5/mb2qWgR+4kN5oB6JlpQs0pBdyos0F1EXwJdIqgvy6S
ohF+59wcya0YdiGclxvGdRAptwbWTN/ZQkqsTmHRdl1sZ4GxkCr+uHK1SCohIa5m
pvZKvBtvBjfVrbpoMqFp4JDVs3+0kKcJmOFra+h4KNvY37yRaFC/jZXB1hej9zi8
AXTvKDuIO6DREKtvaVdCCX+zAgMBAAGjggMnMIIDIzAdBgNVHQ4EFgQUPy4lhz+T
Cj4vdaXCxhVisCIN5lswHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY1RjMxQi9ENTJDMTg0QTk3MzMx
MUVEQjQyMzQ0OERGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUYzMUIvRDUyQzE4NEE5NzMzMTFFREI0MjM0NDhERjEyMjI0NjgvUHk0bGh6
LVRDajR2ZGFYQ3hoVmlzQ0lONWxzLm1mdDAfBggrBgEFBQcBCAEB/wQQMA6gDDAK
AgMAk1YCAwUBmzA2BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAMQxJgMEAcQ8
BjAPBAIAAjAJAwcBIAFD+A1wMA0GCSqGSIb3DQEBCwUAA4IBAQAmfCNzZkmvvfMA
0DKHc1nZ6iv7EOCsDI/UzjwHC2VRox6c5jbRm/10X/LeRRRI4XSgwJVKI7NXtxjL
LrbtublYr+5YIydaqtrJ1WPDnA+XPZRsahI8ihv43zr+1aaUOtbuHTYoF/bfSWpg
kPB8kqqOt7sdD3qI8Q7T/daae8EChk1SKdw1vO+SVC8ZaHF5699svFXeaGBDm+Co
qBg6FYbmsRiGgKtGg0DvkNDdTa3LsImZ1GHY3T/AMYQpJn1opnR1kw81bAWBdAiG
uPR4s2X5vgVKjTZ0WGaPTk6vufNJ2iylQrvYd1RkumsjVl58GQmE4w9Vv1kCPFpO
fC11njIp
-----END CERTIFICATE-----