Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/QoqJMY5QZ92cjs9n5355xf2jeSs.cer
File:                     QoqJMY5QZ92cjs9n5355xf2jeSs.cer (raw, json)
Hash identifier:          MjeZ5aaKYhoDKpnagugKBSTIp7gqXQv8b8hJWT6qlQ8=
Subject key identifier:   42:8A:89:31:8E:50:67:DD:9C:8E:CF:67:E7:7E:79:C5:FD:A3:79:2B
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2E42
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F3643835/D5B994A8D55E11E9B7571043F8AEA228/QoqJMY5QZ92cjs9n5355xf2jeSs.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F3643835/D5B994A8D55E11E9B7571043F8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 01:27:07 +0000
Certificate not after:    Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources:    AS: 37712
                          IP: 41.79.88.0/22
                          IP: 2c0f:fde8::/32
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11842 (0x2e42)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC
        Validity
            Not Before: Jan  1 01:27:07 2025 GMT
            Not After : Mar 31 00:00:00 2026 GMT
        Subject: CN=F3643835AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:cb:4b:ef:68:9b:dc:cb:d9:6d:60:b6:c6:ac:
                    f4:36:20:a3:92:8e:96:65:89:8e:65:48:67:4d:2a:
                    7f:74:ac:d7:e9:5b:f5:af:73:44:56:5d:ad:2a:08:
                    d3:5c:ef:ff:51:77:33:d5:8f:37:f8:4a:05:e5:65:
                    fa:d8:ba:02:e6:f8:be:61:2c:9a:b0:88:6e:a5:5f:
                    f7:7d:ea:5d:6e:a0:c8:7e:88:44:c9:cd:69:94:71:
                    09:d8:fa:2b:fa:ce:65:14:e9:26:6e:75:3c:f6:30:
                    3b:bf:34:40:c1:2c:bd:24:32:1c:04:ac:fa:a2:cb:
                    be:30:3d:02:67:42:47:3d:47:3a:2b:2e:44:03:26:
                    df:5f:37:ac:6d:cb:fd:78:2c:78:23:2a:46:61:74:
                    5c:c8:88:d0:20:9b:5d:d6:0c:3a:09:57:23:39:8a:
                    93:c1:8d:99:98:1a:a8:b8:42:dc:ea:15:e1:7a:f5:
                    6e:45:da:46:08:42:cb:d9:ff:c5:2a:27:bc:34:93:
                    1f:30:b0:09:33:a7:f1:7a:ad:14:f9:3b:a4:e0:a0:
                    43:30:16:61:2e:9e:69:de:5d:61:f4:eb:3e:77:2d:
                    c1:d9:cd:ab:49:4c:6a:65:b2:8a:14:44:c9:ac:7d:
                    82:6b:47:92:80:aa:82:b7:8a:94:8f:a4:45:88:3a:
                    d0:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:8A:89:31:8E:50:67:DD:9C:8E:CF:67:E7:7E:79:C5:FD:A3:79:2B
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F3643835/D5B994A8D55E11E9B7571043F8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F3643835/D5B994A8D55E11E9B7571043F8AEA228/QoqJMY5QZ92cjs9n5355xf2jeSs.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  37712

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.79.88.0/22
                IPv6:
                  2c0f:fde8::/32

    Signature Algorithm: sha256WithRSAEncryption
         33:bb:cd:95:a9:15:7f:71:05:56:0c:52:c5:1f:8c:e3:59:be:
         cd:4a:47:72:56:a0:cf:46:35:04:6e:01:f0:42:b4:dd:9a:89:
         12:84:70:8a:52:f5:55:b6:fa:a3:e9:3f:6b:d4:9d:03:27:d5:
         d4:4c:ea:5d:c5:58:76:62:4e:7a:e8:d0:3b:91:6c:41:a7:5d:
         c5:00:1f:82:d0:78:8a:ad:f7:20:3d:e8:4a:bb:4c:11:92:87:
         cf:64:b7:e1:dc:cf:e9:96:c1:0a:48:bb:3f:fc:b7:80:1c:d9:
         2d:3b:1e:f6:b0:f9:34:60:d1:50:9a:2b:24:ce:6b:77:26:98:
         64:ec:67:16:85:21:d3:0c:8d:84:63:74:f5:59:af:3b:9a:c0:
         fd:48:6d:fe:10:a7:f6:5d:1b:73:3a:ae:71:2c:66:70:cc:4e:
         c1:80:c7:d9:f2:5a:45:44:78:14:e7:32:54:fb:94:ed:51:4a:
         19:8d:9c:fd:75:e6:f8:ef:79:5e:42:03:f6:8e:cb:85:aa:1d:
         4e:e6:74:a9:96:e6:ef:eb:39:80:02:27:91:09:bb:b1:62:26:
         a4:a4:75:a5:ad:88:1b:b6:8e:76:5c:d4:5b:46:5a:11:8b:44:
         c7:15:22:4b:1a:28:93:24:e5:8b:16:e3:10:9b:c9:d0:1f:b8:
         09:a2:cf:db
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgICLkIwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNTAxMDEwMTI3MDdaFw0yNjAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjQzODM1QUYxMTAvBgNVBAUTKDQyOEE4OTMxOEU1MDY3REQ5QzhFQ0Y2
N0U3N0U3OUM1RkRBMzc5MkIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCny0vvaJvcy9ltYLbGrPQ2IKOSjpZliY5lSGdNKn90rNfpW/Wvc0RWXa0qCNNc
7/9RdzPVjzf4SgXlZfrYugLm+L5hLJqwiG6lX/d96l1uoMh+iETJzWmUcQnY+iv6
zmUU6SZudTz2MDu/NEDBLL0kMhwErPqiy74wPQJnQkc9RzorLkQDJt9fN6xty/14
LHgjKkZhdFzIiNAgm13WDDoJVyM5ipPBjZmYGqi4QtzqFeF69W5F2kYIQsvZ/8Uq
J7w0kx8wsAkzp/F6rRT5O6TgoEMwFmEunmneXWH06z53LcHZzatJTGplsooURMms
fYJrR5KAqoK3ipSPpEWIOtA/AgMBAAGjggMaMIIDFjAdBgNVHQ4EFgQUQoqJMY5Q
Z92cjs9n5355xf2jeSswHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY0MzgzNS9ENUI5OTRBOEQ1NUUx
MUU5Qjc1NzEwNDNGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDM4MzUvRDVCOTk0QThENTVFMTFFOUI3NTcxMDQzRjhBRUEyMjgvUW9xSk1Z
NVFaOTJjanM5bjUzNTV4ZjJqZVNzLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMAk1AwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAIpT1gwDQQCAAIwBwMF
ACwP/egwDQYJKoZIhvcNAQELBQADggEBADO7zZWpFX9xBVYMUsUfjONZvs1KR3JW
oM9GNQRuAfBCtN2aiRKEcIpS9VW2+qPpP2vUnQMn1dRM6l3FWHZiTnro0DuRbEGn
XcUAH4LQeIqt9yA96Eq7TBGSh89kt+Hcz+mWwQpIuz/8t4Ac2S07Hvaw+TRg0VCa
KyTOa3cmmGTsZxaFIdMMjYRjdPVZrzuawP1Ibf4Qp/ZdG3M6rnEsZnDMTsGAx9ny
WkVEeBTnMlT7lO1RShmNnP115vjveV5CA/aOy4WqHU7mdKmW5u/rOYACJ5EJu7Fi
JqSkdaWtiBu2jnZc1FtGWhGLRMcVIksaKJMk5YsW4xCbydAfuAmiz9s=
-----END CERTIFICATE-----