Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/RWkxUBlkzbiEsUdbVtaPMGnCKvI.cer
File:                     RWkxUBlkzbiEsUdbVtaPMGnCKvI.cer (raw, json)
Hash identifier:          lX/FgVmaVKnoN8fD0e70XeONf1I79a7ShEydkC6a6HI=
Subject key identifier:   45:69:31:50:19:64:CD:B8:84:B1:47:5B:56:D6:8F:30:69:C2:2A:F2
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2839
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36E3941/5818052445D111EE8A5CA6574AD9E6FC/RWkxUBlkzbiEsUdbVtaPMGnCKvI.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36E3941/5818052445D111EE8A5CA6574AD9E6FC/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:19:24 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328780
                          IP: 102.221.84.0/22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10297 (0x2839)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 04:19:24 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36E3941AF/serialNumber=456931501964CDB884B1475B56D68F3069C22AF2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:e7:db:cb:c9:61:99:9e:4b:67:2b:57:49:57:
                    4c:84:9c:a0:48:f2:aa:67:66:57:11:c3:8e:9b:0f:
                    ae:45:29:3d:a4:f9:fc:3e:09:f7:84:b6:ca:2d:c4:
                    91:d4:0c:21:8d:83:84:7b:75:90:a7:34:07:1b:24:
                    bc:9d:51:23:6c:7d:24:a2:69:73:5a:40:12:af:d2:
                    9d:87:3c:eb:2c:05:bc:1d:de:75:d9:b7:16:c9:31:
                    3e:f2:01:7f:f1:ff:26:99:e4:9f:b3:c7:99:b4:53:
                    d6:7b:6f:b2:db:29:5e:b8:59:07:1f:c3:a4:a5:ac:
                    25:fd:03:22:af:5a:9a:36:08:a4:68:63:c0:b8:04:
                    01:2d:e6:8e:ca:6f:bb:38:62:a6:78:03:0e:cf:38:
                    5d:b6:81:2f:69:20:41:b6:1e:64:dd:b6:b3:e3:f6:
                    df:51:1e:96:db:0e:58:60:0b:5b:09:f4:5e:01:5a:
                    a0:1d:81:a2:fd:bb:92:a0:04:3f:bb:07:a5:b9:7d:
                    da:30:ce:2b:86:20:3a:82:30:0c:d1:04:bc:6b:27:
                    7e:34:41:09:33:67:5e:76:a3:41:dc:0f:19:60:1d:
                    63:d0:ad:6e:71:f2:69:56:ec:79:6b:fe:52:23:ac:
                    e5:f5:03:e3:6f:58:ed:a8:95:fd:1e:f9:5a:2c:29:
                    43:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:69:31:50:19:64:CD:B8:84:B1:47:5B:56:D6:8F:30:69:C2:2A:F2
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E3941/5818052445D111EE8A5CA6574AD9E6FC/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E3941/5818052445D111EE8A5CA6574AD9E6FC/RWkxUBlkzbiEsUdbVtaPMGnCKvI.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328780

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.221.84.0/22

    Signature Algorithm: sha256WithRSAEncryption
         46:c9:1d:d6:11:10:28:37:48:67:23:2b:7f:4c:1d:ea:8d:48:
         6a:5d:b7:b2:c4:f4:90:92:cf:26:a0:5f:4e:c3:20:98:93:14:
         09:7c:34:6b:eb:3a:f8:18:88:9f:26:87:79:1a:d3:99:e2:cf:
         2a:88:95:03:5d:01:bc:39:a6:09:39:55:27:e6:0f:0b:53:93:
         a4:cb:44:8d:f9:c1:61:3e:5b:f2:9d:71:11:e1:21:b4:64:37:
         6d:83:21:e3:0a:e4:c0:58:1a:4c:b8:5f:ae:53:32:41:fc:e2:
         56:c1:7b:10:50:15:3a:72:aa:fd:59:fe:8e:72:33:ad:36:81:
         e0:8e:a5:01:6d:55:0c:2c:f7:06:83:7e:8a:66:fe:8b:df:8c:
         88:30:e8:91:5c:7b:55:64:87:4d:38:f6:06:24:e4:78:a6:d0:
         90:36:43:62:0b:3f:75:d4:5c:fc:fb:ea:50:95:1c:1f:fc:ab:
         4a:03:68:8d:08:82:98:75:40:0e:d0:bc:ac:9e:b1:48:e5:bc:
         f1:e9:a7:f0:20:a6:23:e5:08:f5:22:e2:c3:f6:e8:64:8b:0d:
         f0:62:13:cf:6e:2f:e7:be:02:5c:5d:84:b0:7d:ee:d7:c0:93:
         99:e5:38:9b:02:c3:7d:e3:41:2a:d4:d3:3b:f3:bd:45:5f:15:
         c4:3b:bc:50
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgICKDkwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwNDE5MjRaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkUzOTQxQUYxMTAvBgNVBAUTKDQ1NjkzMTUwMTk2NENEQjg4NEIxNDc1
QjU2RDY4RjMwNjlDMjJBRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD459vLyWGZnktnK1dJV0yEnKBI8qpnZlcRw46bD65FKT2k+fw+CfeEtsotxJHU
DCGNg4R7dZCnNAcbJLydUSNsfSSiaXNaQBKv0p2HPOssBbwd3nXZtxbJMT7yAX/x
/yaZ5J+zx5m0U9Z7b7LbKV64WQcfw6SlrCX9AyKvWpo2CKRoY8C4BAEt5o7Kb7s4
YqZ4Aw7POF22gS9pIEG2HmTdtrPj9t9RHpbbDlhgC1sJ9F4BWqAdgaL9u5KgBD+7
B6W5fdowziuGIDqCMAzRBLxrJ340QQkzZ152o0HcDxlgHWPQrW5x8mlW7Hlr/lIj
rOX1A+NvWO2olf0e+VosKUN7AgMBAAGjggMLMIIDBzAdBgNVHQ4EFgQURWkxUBlk
zbiEsUdbVtaPMGnCKvIwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZFMzk0MS81ODE4MDUyNDQ1RDEx
MUVFOEE1Q0E2NTc0QUQ5RTZGQy8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTM5NDEvNTgxODA1MjQ0NUQxMTFFRThBNUNBNjU3NEFEOUU2RkMvUldreFVC
bGt6YmlFc1VkYlZ0YVBNR25DS3ZJLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBEwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm3VQwDQYJKoZIhvcN
AQELBQADggEBAEbJHdYRECg3SGcjK39MHeqNSGpdt7LE9JCSzyagX07DIJiTFAl8
NGvrOvgYiJ8mh3ka05nizyqIlQNdAbw5pgk5VSfmDwtTk6TLRI35wWE+W/KdcRHh
IbRkN22DIeMK5MBYGky4X65TMkH84lbBexBQFTpyqv1Z/o5yM602geCOpQFtVQws
9waDfopm/ovfjIgw6JFce1Vkh0049gYk5Him0JA2Q2ILP3XUXPz76lCVHB/8q0oD
aI0Igph1QA7QvKyesUjlvPHpp/AgpiPlCPUi4sP26GSLDfBiE89uL+e+AlxdhLB9
7tfAk5nlOJsCw33jQSrU0zvzvUVfFcQ7vFA=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org