Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/S0hmIAQIn1u2gZSrBLgwzUM6K3A.cer
File:                     S0hmIAQIn1u2gZSrBLgwzUM6K3A.cer (raw, json)
Hash identifier:          l0sQcT+CIvjXqewP4qX3KwVCsLHAPLd0EeLc0zCoaS4=
Subject key identifier:   4B:48:66:20:04:08:9F:5B:B6:81:94:AB:04:B8:30:CD:43:3A:2B:70
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       29F2
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/S0hmIAQIn1u2gZSrBLgwzUM6K3A.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Thu 25 Apr 2024 05:23:11 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 36867
                          IP: 41.223.204.0/22
                          IP: 196.1.120.0/21
                          IP: 2001:42e0::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10738 (0x29f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Apr 25 05:23:11 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36A7021AF/serialNumber=4B48662004089F5BB68194AB04B830CD433A2B70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:05:fe:49:bf:c1:53:18:9a:69:ac:9a:b9:ba:
                    5c:79:09:30:30:a4:f4:00:92:05:cd:5d:e3:f1:c5:
                    97:55:88:1a:19:ab:4f:a5:a4:7c:11:dc:6e:52:1f:
                    5b:5a:33:ef:ae:0c:08:39:86:6c:81:f2:66:b7:fe:
                    1d:0f:a3:21:62:f2:6f:7a:2c:c7:c7:d8:76:1d:19:
                    14:da:84:3c:eb:35:66:fe:9a:d2:b2:2e:61:d4:73:
                    ef:9a:13:6e:c1:13:71:57:db:ff:0d:77:18:e4:c8:
                    78:f0:6b:81:a5:10:ff:60:0e:a3:d2:bc:5c:05:71:
                    d1:16:38:fb:ef:c8:46:73:10:a4:c7:32:7c:e5:a9:
                    f0:11:1e:d8:a7:19:b1:a4:d2:eb:12:43:02:4c:46:
                    69:43:c8:72:d8:b3:26:d1:5b:8a:c1:7e:48:28:38:
                    9b:4b:17:eb:bf:79:dd:68:06:98:79:93:17:6e:4a:
                    9d:75:ec:b8:7d:4f:78:ba:6d:8c:38:87:96:67:05:
                    4c:1e:6f:e2:4c:5e:3e:ba:63:e0:ab:1a:90:f7:8b:
                    41:6f:d3:13:59:de:60:35:f9:d8:0e:a0:05:75:1d:
                    c5:61:ff:ca:fb:4b:2c:e9:f7:94:f3:fc:2c:86:6d:
                    be:3e:64:5c:9b:c1:4d:de:8a:3d:57:db:61:07:35:
                    15:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:48:66:20:04:08:9F:5B:B6:81:94:AB:04:B8:30:CD:43:3A:2B:70
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/S0hmIAQIn1u2gZSrBLgwzUM6K3A.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  36867

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.223.204.0/22
                  196.1.120.0/21
                IPv6:
                  2001:42e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         a4:35:97:ad:3f:3f:83:10:f0:a0:5d:23:eb:7d:92:ba:ad:8b:
         e2:5f:96:04:4c:11:e5:a0:0b:c3:45:32:4f:16:04:22:a6:42:
         e2:e9:c0:e0:09:80:f8:52:16:5b:32:c9:c2:e6:aa:ec:ea:45:
         96:17:1a:2a:7e:e4:09:54:8b:d8:a1:f2:92:2c:89:6a:19:5f:
         ae:da:60:94:86:fb:bb:00:94:22:6a:6e:ea:22:f3:c6:95:76:
         c8:0e:55:d1:4c:ca:2f:5a:38:b3:17:0d:f1:f2:b8:08:d9:4f:
         84:c7:a4:dc:ca:de:e9:96:63:35:e2:f4:0a:66:18:1b:c1:59:
         84:6f:c5:a7:64:d0:0c:bb:89:b8:0d:45:2b:d1:9a:83:5a:fb:
         df:a6:1b:9f:33:ef:d7:40:21:84:3e:6b:4e:b3:03:ba:60:3e:
         06:17:14:fd:53:52:76:b8:27:0a:8f:76:9c:53:50:82:4f:74:
         00:55:de:8c:be:0e:06:55:69:a3:b0:8d:27:93:07:fd:5f:28:
         eb:60:bd:9b:6b:9f:0f:d6:02:12:c4:6e:23:da:11:95:e4:cb:
         98:ba:19:58:a7:87:f0:99:0c:7e:36:d8:9e:c0:9f:fd:0d:7c:
         c6:5e:b4:57:55:67:b4:38:e3:7d:da:58:21:0d:89:d2:a4:40:
         d1:88:97:9d
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgICKfIwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDA0MjUwNTIzMTFaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNkE3MDIxQUYxMTAvBgNVBAUTKDRCNDg2NjIwMDQwODlGNUJCNjgxOTRB
QjA0QjgzMENENDMzQTJCNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5Bf5Jv8FTGJpprJq5ulx5CTAwpPQAkgXNXePxxZdViBoZq0+lpHwR3G5SH1ta
M++uDAg5hmyB8ma3/h0PoyFi8m96LMfH2HYdGRTahDzrNWb+mtKyLmHUc++aE27B
E3FX2/8NdxjkyHjwa4GlEP9gDqPSvFwFcdEWOPvvyEZzEKTHMnzlqfARHtinGbGk
0usSQwJMRmlDyHLYsybRW4rBfkgoOJtLF+u/ed1oBph5kxduSp117Lh9T3i6bYw4
h5ZnBUweb+JMXj66Y+CrGpD3i0Fv0xNZ3mA1+dgOoAV1HcVh/8r7Syzp95Tz/CyG
bb4+ZFybwU3eij1X22EHNRX/AgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUS0hmIAQI
n1u2gZSrBLgwzUM6K3AwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzZBNzAyMS9FNTAzOTkxQzAyQzMx
MUVGQkQxMjc3RjUwMDcwMDFCMS8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTcwMjEvRTUwMzk5MUMwMkMzMTFFRkJEMTI3N0Y1MDA3MDAxQjEvUzBobUlB
UUluMXUyZ1pTckJMZ3d6VU02SzNBLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMAkAMwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAIp38wDBAPEAXgwDQQC
AAIwBwMFACABQuAwDQYJKoZIhvcNAQELBQADggEBAKQ1l60/P4MQ8KBdI+t9krqt
i+JflgRMEeWgC8NFMk8WBCKmQuLpwOAJgPhSFlsyycLmquzqRZYXGip+5AlUi9ih
8pIsiWoZX67aYJSG+7sAlCJqbuoi88aVdsgOVdFMyi9aOLMXDfHyuAjZT4THpNzK
3umWYzXi9ApmGBvBWYRvxadk0Ay7ibgNRSvRmoNa+9+mG58z79dAIYQ+a06zA7pg
PgYXFP1TUna4JwqPdpxTUIJPdABV3oy+DgZVaaOwjSeTB/1fKOtgvZtrnw/WAhLE
biPaEZXky5i6GVinh/CZDH422J7An/0NfMZetFdVZ7Q4433aWCENidKkQNGIl50=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org