Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/Qb6TZmqjyInGqe0lr_9rhlyB6Ao.cer
File:                     Qb6TZmqjyInGqe0lr_9rhlyB6Ao.cer (raw, json)
Hash identifier:          Lda8KmAckZ2ddJVJYlo+hb0m25bensdPWl0HhmGtGdQ=
Subject key identifier:   41:BE:93:66:6A:A3:C8:89:C6:A9:ED:25:AF:FF:6B:86:5C:81:E8:0A
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       3099
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36FDB6D/237A7BF0816E11EBA47A295BF8AEA228/Qb6TZmqjyInGqe0lr_9rhlyB6Ao.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36FDB6D/237A7BF0816E11EBA47A295BF8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 03:28:27 +0000
Certificate not after:    Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources:    IP: 41.76.0.0/21
                          IP: 41.77.32.0/21
                          IP: 196.40.112.0/20
                          IP: 197.242.160.0/20
                          IP: 2c0f:fb90::/32
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12441 (0x3099)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC
        Validity
            Not Before: Jan  1 03:28:27 2025 GMT
            Not After : Mar 31 00:00:00 2026 GMT
        Subject: CN=F36FDB6DAF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:af:0a:1f:36:5d:38:ae:0e:ee:55:fa:c7:58:
                    78:b0:f0:eb:04:51:03:76:64:be:91:d7:fa:45:77:
                    1c:fd:60:97:78:af:46:b1:3d:43:c4:b5:15:cb:1b:
                    82:77:b6:7c:0e:c0:37:11:4c:c5:0f:35:cd:c6:8e:
                    35:0b:24:bb:01:02:e1:4c:d0:83:e3:25:51:70:d3:
                    ed:cf:02:54:c1:f7:e4:ba:96:67:1d:b1:6a:b7:16:
                    5f:95:c3:c8:ed:f8:f7:be:41:2c:ed:71:b6:c3:e1:
                    23:23:78:be:1b:d0:40:e2:e0:8e:52:ea:be:ea:52:
                    0c:9d:26:b7:93:2f:76:46:8b:a8:f2:48:fb:a4:5f:
                    6f:df:d8:cf:b0:ca:eb:d7:98:60:36:01:3b:18:13:
                    93:24:b2:ea:1b:1f:41:fb:89:31:72:ce:d7:f2:d2:
                    6a:80:fb:22:1d:97:12:a8:72:3e:df:11:10:98:64:
                    4f:dc:c5:90:c5:43:a8:76:c4:de:b2:f8:e5:8b:20:
                    85:3f:ec:73:d6:8a:68:f4:0a:32:d1:1d:df:4c:be:
                    e4:cf:64:a1:e6:27:7f:22:67:65:26:2a:90:af:3e:
                    49:35:ba:c0:86:c5:97:37:00:c6:ea:9a:cf:c9:8d:
                    2f:a4:00:c8:7e:05:38:7c:71:82:d9:a9:8b:00:1e:
                    ac:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:BE:93:66:6A:A3:C8:89:C6:A9:ED:25:AF:FF:6B:86:5C:81:E8:0A
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FDB6D/237A7BF0816E11EBA47A295BF8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FDB6D/237A7BF0816E11EBA47A295BF8AEA228/Qb6TZmqjyInGqe0lr_9rhlyB6Ao.mft

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.76.0.0/21
                  41.77.32.0/21
                  196.40.112.0/20
                  197.242.160.0/20
                IPv6:
                  2c0f:fb90::/32

    Signature Algorithm: sha256WithRSAEncryption
         63:2c:32:d2:1e:c2:42:13:5e:bd:50:16:80:39:3a:27:e1:fc:
         d9:12:e4:29:67:17:0f:fd:77:d2:72:c9:f9:b2:90:9a:1b:a2:
         9b:df:b5:86:86:b5:39:d9:b7:b8:54:c4:2a:a1:36:c1:1d:f0:
         49:e0:01:24:34:3e:f5:f7:9c:2e:af:6d:53:d1:67:6a:ba:dd:
         01:9c:71:ad:8d:82:65:c8:5c:74:e5:2d:13:56:c9:8e:df:66:
         a3:a9:f0:6d:a0:f2:99:4d:ef:ba:18:93:f4:80:72:5a:aa:96:
         e3:1a:9f:75:20:48:8d:25:93:a5:b6:ee:b8:7c:5c:42:49:a1:
         4e:5a:40:2c:8d:3b:56:d5:ec:b2:53:db:de:f9:9e:22:d9:c4:
         53:cd:bc:5b:1d:ed:31:99:64:ce:84:f9:af:b9:af:e6:5a:9e:
         b4:27:7f:f3:22:79:81:33:d5:8c:86:22:8e:88:51:28:83:d6:
         fc:85:74:85:23:58:91:30:93:a7:2f:fb:0c:4f:6c:34:5d:d5:
         44:8e:02:0d:a4:7d:78:03:02:a4:36:84:2d:f6:53:6a:45:50:
         e0:65:1a:90:c4:4c:bd:b4:18:7a:d1:ec:8b:57:bf:9d:e2:38:
         80:e8:5d:54:f8:28:2b:26:c1:ca:96:04:b7:33:a6:9c:b0:03:
         87:6f:9e:c9
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgICMJkwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNTAxMDEwMzI4MjdaFw0yNjAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkZEQjZEQUYxMTAvBgNVBAUTKDQxQkU5MzY2NkFBM0M4ODlDNkE5RUQy
NUFGRkY2Qjg2NUM4MUU4MEEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJrwofNl04rg7uVfrHWHiw8OsEUQN2ZL6R1/pFdxz9YJd4r0axPUPEtRXLG4J3
tnwOwDcRTMUPNc3GjjULJLsBAuFM0IPjJVFw0+3PAlTB9+S6lmcdsWq3Fl+Vw8jt
+Pe+QSztcbbD4SMjeL4b0EDi4I5S6r7qUgydJreTL3ZGi6jySPukX2/f2M+wyuvX
mGA2ATsYE5MksuobH0H7iTFyztfy0mqA+yIdlxKocj7fERCYZE/cxZDFQ6h2xN6y
+OWLIIU/7HPWimj0CjLRHd9MvuTPZKHmJ38iZ2UmKpCvPkk1usCGxZc3AMbqms/J
jS+kAMh+BTh8cYLZqYsAHqxlAgMBAAGjggMQMIIDDDAdBgNVHQ4EFgQUQb6TZmqj
yInGqe0lr/9rhlyB6AowHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZGREI2RC8yMzdBN0JGMDgxNkUx
MUVCQTQ3QTI5NUJGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkRCNkQvMjM3QTdCRjA4MTZFMTFFQkE0N0EyOTVCRjhBRUEyMjgvUWI2VFpt
cWp5SW5HcWUwbHJfOXJobHlCNkFvLm1mdDBABggrBgEFBQcBBwEB/wQxMC8wHgQC
AAEwGAMEAylMAAMEAylNIAMEBMQocAMEBMXyoDANBAIAAjAHAwUALA/7kDANBgkq
hkiG9w0BAQsFAAOCAQEAYywy0h7CQhNevVAWgDk6J+H82RLkKWcXD/130nLJ+bKQ
mhuim9+1hoa1Odm3uFTEKqE2wR3wSeABJDQ+9fecLq9tU9FnarrdAZxxrY2CZchc
dOUtE1bJjt9mo6nwbaDymU3vuhiT9IByWqqW4xqfdSBIjSWTpbbuuHxcQkmhTlpA
LI07VtXsslPb3vmeItnEU828Wx3tMZlkzoT5r7mv5lqetCd/8yJ5gTPVjIYijohR
KIPW/IV0hSNYkTCTpy/7DE9sNF3VRI4CDaR9eAMCpDaELfZTakVQ4GUakMRMvbQY
etHsi1e/neI4gOhdVPgoKybBypYEtzOmnLADh2+eyQ==
-----END CERTIFICATE-----