Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/Qb6TZmqjyInGqe0lr_9rhlyB6Ao.cer
File:                     Qb6TZmqjyInGqe0lr_9rhlyB6Ao.cer (raw, json)
Hash identifier:          ednmtmbhMn0uxWQysFs7JMlVuUkza99Y8ZAYSCrT7sg=
Subject key identifier:   41:BE:93:66:6A:A3:C8:89:C6:A9:ED:25:AF:FF:6B:86:5C:81:E8:0A
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2683
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36FDB6D/237A7BF0816E11EBA47A295BF8AEA228/Qb6TZmqjyInGqe0lr_9rhlyB6Ao.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36FDB6D/237A7BF0816E11EBA47A295BF8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 03:12:18 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 41.76.0.0/21
                          IP: 41.77.32.0/21
                          IP: 196.40.112.0/20
                          IP: 197.242.160.0/20
                          IP: 2c0f:fb90::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9859 (0x2683)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 03:12:18 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36FDB6DAF/serialNumber=41BE93666AA3C889C6A9ED25AFFF6B865C81E80A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:af:0a:1f:36:5d:38:ae:0e:ee:55:fa:c7:58:
                    78:b0:f0:eb:04:51:03:76:64:be:91:d7:fa:45:77:
                    1c:fd:60:97:78:af:46:b1:3d:43:c4:b5:15:cb:1b:
                    82:77:b6:7c:0e:c0:37:11:4c:c5:0f:35:cd:c6:8e:
                    35:0b:24:bb:01:02:e1:4c:d0:83:e3:25:51:70:d3:
                    ed:cf:02:54:c1:f7:e4:ba:96:67:1d:b1:6a:b7:16:
                    5f:95:c3:c8:ed:f8:f7:be:41:2c:ed:71:b6:c3:e1:
                    23:23:78:be:1b:d0:40:e2:e0:8e:52:ea:be:ea:52:
                    0c:9d:26:b7:93:2f:76:46:8b:a8:f2:48:fb:a4:5f:
                    6f:df:d8:cf:b0:ca:eb:d7:98:60:36:01:3b:18:13:
                    93:24:b2:ea:1b:1f:41:fb:89:31:72:ce:d7:f2:d2:
                    6a:80:fb:22:1d:97:12:a8:72:3e:df:11:10:98:64:
                    4f:dc:c5:90:c5:43:a8:76:c4:de:b2:f8:e5:8b:20:
                    85:3f:ec:73:d6:8a:68:f4:0a:32:d1:1d:df:4c:be:
                    e4:cf:64:a1:e6:27:7f:22:67:65:26:2a:90:af:3e:
                    49:35:ba:c0:86:c5:97:37:00:c6:ea:9a:cf:c9:8d:
                    2f:a4:00:c8:7e:05:38:7c:71:82:d9:a9:8b:00:1e:
                    ac:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:BE:93:66:6A:A3:C8:89:C6:A9:ED:25:AF:FF:6B:86:5C:81:E8:0A
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FDB6D/237A7BF0816E11EBA47A295BF8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FDB6D/237A7BF0816E11EBA47A295BF8AEA228/Qb6TZmqjyInGqe0lr_9rhlyB6Ao.mft

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.76.0.0/21
                  41.77.32.0/21
                  196.40.112.0/20
                  197.242.160.0/20
                IPv6:
                  2c0f:fb90::/32

    Signature Algorithm: sha256WithRSAEncryption
         ac:ef:44:5c:65:3b:81:b7:6a:7e:f9:a6:b9:37:65:a9:82:4e:
         ed:88:64:27:3f:40:b6:ba:e8:04:b8:b7:cc:2f:0c:2b:11:93:
         5d:2e:7d:5f:5f:f6:89:e4:01:bc:c6:2e:af:4d:d0:13:0d:26:
         4c:32:83:dd:04:2d:a8:d1:8c:9e:ff:8c:b8:cd:1f:b7:1f:bd:
         41:68:ab:6e:24:67:6f:14:1a:2c:ef:74:d9:6c:a2:91:3d:49:
         f7:aa:81:a3:c9:d0:cf:a5:8e:e6:2f:f5:14:08:90:87:0b:f7:
         53:ad:45:87:21:4e:5b:7e:be:06:b3:4b:95:19:cd:d1:73:ee:
         1e:03:8e:ea:92:ee:34:16:a1:9e:d7:43:fc:28:77:ee:01:d6:
         07:4e:45:72:15:95:22:9d:69:89:48:64:30:d8:d4:19:ef:cb:
         30:74:d8:af:15:0f:67:ab:29:77:42:cf:a2:94:39:c3:8d:2e:
         41:6b:64:b3:07:ba:2e:60:fb:c9:ab:9a:74:42:5d:9b:e6:62:
         ee:26:96:7d:07:21:bf:04:1f:6d:5b:38:7c:96:cb:5a:f6:c0:
         25:d7:13:2b:e8:9a:1f:e0:24:fc:9d:0f:b1:aa:e7:b3:e2:4f:
         88:26:56:1e:12:80:ff:76:39:b5:f2:02:ef:33:c2:dc:fd:cc:
         57:fa:4e:75
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgICJoMwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMzEyMThaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkZEQjZEQUYxMTAvBgNVBAUTKDQxQkU5MzY2NkFBM0M4ODlDNkE5RUQy
NUFGRkY2Qjg2NUM4MUU4MEEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJrwofNl04rg7uVfrHWHiw8OsEUQN2ZL6R1/pFdxz9YJd4r0axPUPEtRXLG4J3
tnwOwDcRTMUPNc3GjjULJLsBAuFM0IPjJVFw0+3PAlTB9+S6lmcdsWq3Fl+Vw8jt
+Pe+QSztcbbD4SMjeL4b0EDi4I5S6r7qUgydJreTL3ZGi6jySPukX2/f2M+wyuvX
mGA2ATsYE5MksuobH0H7iTFyztfy0mqA+yIdlxKocj7fERCYZE/cxZDFQ6h2xN6y
+OWLIIU/7HPWimj0CjLRHd9MvuTPZKHmJ38iZ2UmKpCvPkk1usCGxZc3AMbqms/J
jS+kAMh+BTh8cYLZqYsAHqxlAgMBAAGjggMQMIIDDDAdBgNVHQ4EFgQUQb6TZmqj
yInGqe0lr/9rhlyB6AowHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZGREI2RC8yMzdBN0JGMDgxNkUx
MUVCQTQ3QTI5NUJGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkRCNkQvMjM3QTdCRjA4MTZFMTFFQkE0N0EyOTVCRjhBRUEyMjgvUWI2VFpt
cWp5SW5HcWUwbHJfOXJobHlCNkFvLm1mdDBABggrBgEFBQcBBwEB/wQxMC8wHgQC
AAEwGAMEAylMAAMEAylNIAMEBMQocAMEBMXyoDANBAIAAjAHAwUALA/7kDANBgkq
hkiG9w0BAQsFAAOCAQEArO9EXGU7gbdqfvmmuTdlqYJO7YhkJz9AtrroBLi3zC8M
KxGTXS59X1/2ieQBvMYur03QEw0mTDKD3QQtqNGMnv+MuM0ftx+9QWirbiRnbxQa
LO902WyikT1J96qBo8nQz6WO5i/1FAiQhwv3U61FhyFOW36+BrNLlRnN0XPuHgOO
6pLuNBahntdD/Ch37gHWB05FchWVIp1piUhkMNjUGe/LMHTYrxUPZ6spd0LPopQ5
w40uQWtkswe6LmD7yauadEJdm+Zi7iaWfQchvwQfbVs4fJbLWvbAJdcTK+iaH+Ak
/J0Psarns+JPiCZWHhKA/3Y5tfIC7zPC3P3MV/pOdQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org