Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/Rd8OHH-lNNrKIJKaup5jKPur-1E.cer
File:                     Rd8OHH-lNNrKIJKaup5jKPur-1E.cer (raw, json)
Hash identifier:          Ywqiozio1Xd/HtcFzEQI/AUr9JJA2lAqDER1eBULfWY=
Subject key identifier:   45:DF:0E:1C:7F:A5:34:DA:CA:20:92:9A:BA:9E:63:28:FB:AB:FB:51
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2862
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36EE1C1/050BE1D635B311ED9721E3F0F1222468/Rd8OHH-lNNrKIJKaup5jKPur-1E.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36EE1C1/050BE1D635B311ED9721E3F0F1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:25:49 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 329121
                          IP: 102.214.232.0/22
                          IP: 2c0f:7080::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10338 (0x2862)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 04:25:49 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36EE1C1AF/serialNumber=45DF0E1C7FA534DACA20929ABA9E6328FBABFB51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:3f:f4:8a:29:ad:6f:82:15:02:67:9a:3f:33:
                    6e:b3:1e:2a:53:11:13:11:8b:78:0c:ee:46:31:cb:
                    28:4c:b0:4e:59:e2:b4:22:50:2a:02:b1:a0:75:4a:
                    df:01:e8:b0:29:cb:3e:94:84:3b:33:5a:44:72:96:
                    7a:0b:a1:b2:d0:80:db:5e:b5:81:26:91:18:07:14:
                    63:e9:13:f1:5d:e5:8f:e2:7a:c3:b6:c9:8a:36:68:
                    92:f4:cb:c9:24:db:e4:8b:cb:8e:80:6d:ce:34:92:
                    b7:ef:1e:95:7d:37:e8:b9:a5:f8:be:78:c9:96:04:
                    c3:3e:44:e6:e3:71:67:16:e2:f2:92:e4:29:7a:68:
                    d4:6d:b2:0e:b3:75:db:7e:30:5d:2b:29:76:58:5d:
                    25:79:1f:81:8b:ee:68:89:b0:1b:a1:ee:ea:81:a7:
                    f1:99:af:5a:86:6b:35:c3:28:f0:78:33:04:86:2f:
                    db:53:a1:9d:ca:2f:f1:1c:60:63:be:d1:0c:27:46:
                    5e:2a:2d:69:de:ea:93:fe:67:5b:11:78:a0:62:9b:
                    4f:e3:cc:51:cc:57:60:2d:69:d7:46:09:35:98:e0:
                    2b:85:3b:8b:c7:4f:86:94:d9:cd:9f:c4:90:55:f3:
                    e2:be:43:b2:12:ad:59:10:b3:08:4f:94:b3:38:d7:
                    a7:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:DF:0E:1C:7F:A5:34:DA:CA:20:92:9A:BA:9E:63:28:FB:AB:FB:51
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EE1C1/050BE1D635B311ED9721E3F0F1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EE1C1/050BE1D635B311ED9721E3F0F1222468/Rd8OHH-lNNrKIJKaup5jKPur-1E.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  329121

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.214.232.0/22
                IPv6:
                  2c0f:7080::/32

    Signature Algorithm: sha256WithRSAEncryption
         71:0a:49:d8:f8:86:28:30:29:d0:38:9e:83:df:f0:7e:1a:08:
         5f:e1:d5:05:f7:fa:97:38:09:64:3f:88:5e:7d:10:04:0a:01:
         f9:01:68:27:ee:31:f7:d1:c3:45:ac:5f:01:32:17:34:67:3e:
         ae:65:0d:cc:8d:45:ca:ce:4a:e1:a2:fd:18:b9:9e:c4:5f:4e:
         d2:35:c9:3a:55:8e:5b:6c:5b:e1:2b:60:2c:33:df:84:84:54:
         7c:00:26:09:1f:d6:2a:15:9e:f3:28:30:68:25:bd:30:b2:71:
         50:ae:9f:95:8a:ff:62:e5:32:cb:4c:70:33:b5:8c:53:8c:d9:
         65:5f:93:d3:16:18:1d:35:23:43:04:bc:ee:0d:f0:04:c0:45:
         33:dd:60:ad:e5:c3:30:62:f0:fe:0a:dc:8e:63:80:ea:e1:95:
         4d:b6:f0:8c:f4:11:5b:ba:5a:16:91:31:fa:fd:46:a9:1d:0d:
         d9:ed:7f:92:c6:f1:cb:43:5d:ec:e8:cc:fb:14:9d:d2:67:bc:
         e4:0c:31:12:4c:07:29:d0:c9:9d:3d:f4:64:1f:0e:9f:33:e5:
         64:d5:bb:a1:1a:27:22:b0:5b:b8:0d:fc:81:9c:62:a9:c0:39:
         eb:13:ee:49:98:87:1b:cb:a7:6b:3f:29:be:1e:4b:ef:28:62:
         c0:f6:f3:d9
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgICKGIwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwNDI1NDlaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkVFMUMxQUYxMTAvBgNVBAUTKDQ1REYwRTFDN0ZBNTM0REFDQTIwOTI5
QUJBOUU2MzI4RkJBQkZCNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCnP/SKKa1vghUCZ5o/M26zHipTERMRi3gM7kYxyyhMsE5Z4rQiUCoCsaB1St8B
6LApyz6UhDszWkRylnoLobLQgNtetYEmkRgHFGPpE/Fd5Y/iesO2yYo2aJL0y8kk
2+SLy46Abc40krfvHpV9N+i5pfi+eMmWBMM+RObjcWcW4vKS5Cl6aNRtsg6zddt+
MF0rKXZYXSV5H4GL7miJsBuh7uqBp/GZr1qGazXDKPB4MwSGL9tToZ3KL/EcYGO+
0QwnRl4qLWne6pP+Z1sReKBim0/jzFHMV2AtaddGCTWY4CuFO4vHT4aU2c2fxJBV
8+K+Q7ISrVkQswhPlLM416e1AgMBAAGjggMaMIIDFjAdBgNVHQ4EFgQURd8OHH+l
NNrKIJKaup5jKPur+1EwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZFRTFDMS8wNTBCRTFENjM1QjMx
MUVEOTcyMUUzRjBGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RUUxQzEvMDUwQkUxRDYzNUIzMTFFRDk3MjFFM0YwRjEyMjI0NjgvUmQ4T0hI
LWxOTnJLSUpLYXVwNWpLUHVyLTFFLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBaEwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm1ugwDQQCAAIwBwMF
ACwPcIAwDQYJKoZIhvcNAQELBQADggEBAHEKSdj4higwKdA4noPf8H4aCF/h1QX3
+pc4CWQ/iF59EAQKAfkBaCfuMffRw0WsXwEyFzRnPq5lDcyNRcrOSuGi/Ri5nsRf
TtI1yTpVjltsW+ErYCwz34SEVHwAJgkf1ioVnvMoMGglvTCycVCun5WK/2LlMstM
cDO1jFOM2WVfk9MWGB01I0MEvO4N8ATARTPdYK3lwzBi8P4K3I5jgOrhlU228Iz0
EVu6WhaRMfr9RqkdDdntf5LG8ctDXezozPsUndJnvOQMMRJMBynQyZ099GQfDp8z
5WTVu6EaJyKwW7gN/IGcYqnAOesT7kmYhxvLp2s/Kb4eS+8oYsD289k=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org