Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/U3W2ePNrjZxrXcMoG29etnFqEQk.cer
File:                     U3W2ePNrjZxrXcMoG29etnFqEQk.cer (raw, json)
Hash identifier:          JHFuSz/TCQUC7gn93r1MDUwEcWqYw6wtAvHm/YfQRoE=
Subject key identifier:   53:75:B6:78:F3:6B:8D:9C:6B:5D:C3:28:1B:6F:5E:B6:71:6A:11:09
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2366
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F361F1DA/2DA8F37A77E011EEA233EA7B4AD9E6FC/U3W2ePNrjZxrXcMoG29etnFqEQk.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F361F1DA/2DA8F37A77E011EEA233EA7B4AD9E6FC/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:25:38 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 327907
                          IP: 102.135.128.0/19
                          IP: 102.214.216.0/22
                          IP: 2c0f:f020::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9062 (0x2366)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 00:25:38 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F361F1DAAF/serialNumber=5375B678F36B8D9C6B5DC3281B6F5EB6716A1109
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:46:be:1b:4b:14:a3:09:a3:31:ee:30:28:55:
                    c7:62:ed:63:75:bb:48:a9:e5:56:5b:7c:0d:02:21:
                    b2:3f:8e:64:74:c8:8b:08:bb:f3:cd:80:38:dc:1a:
                    64:44:72:a4:11:26:1b:9e:95:67:7e:c1:35:65:b5:
                    f9:67:bd:8e:77:ea:5e:4e:23:73:31:dc:5e:7a:7e:
                    0f:56:aa:e8:08:23:ab:f1:a9:f1:51:02:f8:e0:5a:
                    5b:fd:32:fa:7b:04:de:a3:a1:e0:89:f1:5c:7d:8a:
                    0c:32:7b:84:ce:58:e8:46:32:20:da:f5:ee:bc:c1:
                    2f:49:56:3f:6f:29:18:78:79:05:e8:81:18:aa:eb:
                    cf:cf:87:11:83:99:8b:5d:82:13:8d:cb:88:35:05:
                    2e:e1:15:19:98:39:f7:82:3a:85:87:49:b7:a8:0b:
                    5b:4f:78:d2:12:66:71:78:b0:be:92:81:4a:7f:26:
                    10:8e:34:e0:19:3a:6f:dc:42:ff:99:ff:6a:48:d1:
                    e8:34:92:4a:c4:3a:15:99:f8:ff:76:27:25:a5:2a:
                    dc:5e:ba:d7:64:c5:44:b5:64:b5:99:9d:d7:33:ea:
                    a8:4e:8e:db:3e:a5:89:b1:0a:ca:02:6d:76:da:23:
                    67:14:d4:44:d4:dd:30:14:fa:d3:08:66:87:53:aa:
                    74:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:75:B6:78:F3:6B:8D:9C:6B:5D:C3:28:1B:6F:5E:B6:71:6A:11:09
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F361F1DA/2DA8F37A77E011EEA233EA7B4AD9E6FC/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F361F1DA/2DA8F37A77E011EEA233EA7B4AD9E6FC/U3W2ePNrjZxrXcMoG29etnFqEQk.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  327907

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.135.128.0/19
                  102.214.216.0/22
                IPv6:
                  2c0f:f020::/32

    Signature Algorithm: sha256WithRSAEncryption
         5b:d5:94:ef:d7:3e:5a:90:59:80:cf:bf:60:3d:f8:f2:e7:68:
         ea:69:18:7e:41:63:d6:c9:48:fa:36:99:38:19:71:09:3a:84:
         fa:67:fe:49:bc:2d:6f:11:54:c3:62:18:26:b3:fb:ec:96:37:
         6b:0d:7a:55:64:ee:16:cd:6c:ee:82:d0:1c:e9:7b:ee:8b:9b:
         75:c5:29:87:5c:ec:93:6a:ec:54:8d:df:29:55:0b:21:b0:5b:
         86:25:b1:26:50:37:9b:bf:fc:de:9d:1a:bd:ce:ec:1f:64:fd:
         3a:87:a4:03:f9:be:9c:70:c3:d4:09:b3:5b:c9:f4:85:62:57:
         71:14:28:3b:53:ad:89:99:b8:8a:ae:ff:cc:e3:d5:2a:86:69:
         c8:dd:96:d6:ac:ad:0f:aa:eb:51:cf:b0:d2:9c:8a:be:f6:9d:
         21:1a:c1:59:3d:a1:0d:72:79:35:9c:0e:3c:60:d2:70:84:d6:
         9d:e6:af:07:e2:23:f7:c4:7b:55:b8:a2:94:b9:fa:ec:1b:44:
         42:90:5e:ea:e8:9d:e6:a8:83:0d:81:51:a6:5b:4a:28:a6:c6:
         23:e7:90:14:4c:5c:e0:51:fa:82:3f:92:10:7c:db:4a:32:4b:
         38:ec:d7:e9:8c:cc:89:b4:9d:7d:42:63:cc:24:1f:74:3e:65:
         7f:0b:15:c2
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgICI2YwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMDI1MzhaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjFGMURBQUYxMTAvBgNVBAUTKDUzNzVCNjc4RjM2QjhEOUM2QjVEQzMy
ODFCNkY1RUI2NzE2QTExMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCURr4bSxSjCaMx7jAoVcdi7WN1u0ip5VZbfA0CIbI/jmR0yIsIu/PNgDjcGmRE
cqQRJhuelWd+wTVltflnvY536l5OI3Mx3F56fg9WqugII6vxqfFRAvjgWlv9Mvp7
BN6joeCJ8Vx9igwye4TOWOhGMiDa9e68wS9JVj9vKRh4eQXogRiq68/PhxGDmYtd
ghONy4g1BS7hFRmYOfeCOoWHSbeoC1tPeNISZnF4sL6SgUp/JhCONOAZOm/cQv+Z
/2pI0eg0kkrEOhWZ+P92JyWlKtxeutdkxUS1ZLWZndcz6qhOjts+pYmxCsoCbXba
I2cU1ETU3TAU+tMIZodTqnTjAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUU3W2ePNr
jZxrXcMoG29etnFqEQkwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzYxRjFEQS8yREE4RjM3QTc3RTAx
MUVFQTIzM0VBN0I0QUQ5RTZGQy8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MUYxREEvMkRBOEYzN0E3N0UwMTFFRUEyMzNFQTdCNEFEOUU2RkMvVTNXMmVQ
TnJqWnhyWGNNb0cyOWV0bkZxRVFrLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAOMwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAVmh4ADBAJm1tgwDQQC
AAIwBwMFACwP8CAwDQYJKoZIhvcNAQELBQADggEBAFvVlO/XPlqQWYDPv2A9+PLn
aOppGH5BY9bJSPo2mTgZcQk6hPpn/km8LW8RVMNiGCaz++yWN2sNelVk7hbNbO6C
0Bzpe+6Lm3XFKYdc7JNq7FSN3ylVCyGwW4YlsSZQN5u//N6dGr3O7B9k/TqHpAP5
vpxww9QJs1vJ9IViV3EUKDtTrYmZuIqu/8zj1SqGacjdltasrQ+q61HPsNKcir72
nSEawVk9oQ1yeTWcDjxg0nCE1p3mrwfiI/fEe1W4opS5+uwbREKQXuroneaogw2B
UaZbSiimxiPnkBRMXOBR+oI/khB820oySzjs1+mMzIm0nX1CY8wkH3Q+ZX8LFcI=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org