Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/UJroMu1ribFqno9wWdMQAuvfVRY.cer
File:                     UJroMu1ribFqno9wWdMQAuvfVRY.cer (raw, json)
Hash identifier:          fZTmDmIWAKwPcKijXoWT4tqcBq+vZVhR5sYTiA0NjI4=
Subject key identifier:   50:9A:E8:32:ED:6B:89:B1:6A:9E:8F:70:59:D3:10:02:EB:DF:55:16
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2B45
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F3652893/9742A64C5EED11EF8C934379762E951A/UJroMu1ribFqno9wWdMQAuvfVRY.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F3652893/9742A64C5EED11EF8C934379762E951A/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Tue 20 Aug 2024 12:13:37 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328480
                          IP: 102.68.120.0/22
                          IP: 102.219.168.0/22
                          IP: 102.221.232.0/22
                          IP: 2c0f:ed80::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11077 (0x2b45)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Aug 20 12:13:37 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F3652893AF/serialNumber=509AE832ED6B89B16A9E8F7059D31002EBDF5516
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:e6:f8:78:77:1f:66:47:c5:9a:ae:db:81:07:
                    d2:91:71:d5:6a:2f:55:d2:b6:6f:62:db:32:76:0e:
                    46:63:40:00:0b:0e:f3:41:bf:f7:36:d1:a9:93:04:
                    97:a0:04:a2:ed:92:d1:a9:b0:49:f5:9a:f2:c6:74:
                    dd:3e:b0:7f:f6:a9:0a:3f:34:d0:fb:8d:60:c9:5c:
                    e3:72:c4:25:f3:82:07:bd:fe:96:7c:ff:bc:bb:1f:
                    a8:3d:6b:c4:ff:de:38:1a:8a:f9:c4:c8:8a:9c:d8:
                    70:27:56:17:ad:79:ce:a3:42:0b:9a:08:50:31:34:
                    97:71:27:5e:89:fb:9e:4e:9e:14:eb:38:e5:0f:0f:
                    b6:32:59:98:85:3a:d2:cc:24:02:58:85:fb:80:f6:
                    30:03:79:8c:4d:91:03:24:77:5d:c8:f8:b4:78:73:
                    11:ef:29:80:b3:12:a6:03:ff:b5:4a:75:b0:22:87:
                    c8:57:60:46:ac:f8:b3:ca:c9:e9:37:0c:96:f3:1f:
                    55:f9:45:31:31:9c:e2:8b:fa:96:26:cd:ed:8d:f5:
                    7a:4e:8d:31:c6:ee:59:a3:e7:6f:3f:e1:aa:df:15:
                    2e:05:c4:1b:f0:25:73:4c:f8:be:b8:4f:c2:c8:43:
                    36:5e:bf:af:95:22:c7:78:02:64:fc:04:23:97:31:
                    3d:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:9A:E8:32:ED:6B:89:B1:6A:9E:8F:70:59:D3:10:02:EB:DF:55:16
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F3652893/9742A64C5EED11EF8C934379762E951A/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F3652893/9742A64C5EED11EF8C934379762E951A/UJroMu1ribFqno9wWdMQAuvfVRY.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328480

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.68.120.0/22
                  102.219.168.0/22
                  102.221.232.0/22
                IPv6:
                  2c0f:ed80::/32

    Signature Algorithm: sha256WithRSAEncryption
         86:40:5a:3c:14:09:b4:78:af:00:e3:26:22:72:5c:0d:e8:30:
         e2:cb:00:ff:04:a7:40:35:45:8a:85:38:a7:3f:d0:58:28:f5:
         ec:d6:a7:57:b6:5a:26:e2:07:45:14:47:38:a1:b9:49:a8:73:
         44:58:69:9e:a2:70:2a:f4:2f:56:f5:b1:38:3b:15:9c:d7:06:
         ba:73:c3:70:b2:47:fc:d9:7d:34:91:3d:e4:c5:e6:a8:6a:b6:
         b6:eb:7e:57:43:35:85:1a:1b:4e:0c:1d:2e:6f:6b:ca:51:38:
         ca:0d:40:43:9b:51:b7:a2:42:df:05:f8:01:16:97:e4:9c:e2:
         da:51:ef:04:74:4d:60:ba:e1:6b:87:44:4f:7f:e7:53:c1:c8:
         bb:c2:03:a5:c6:af:f2:82:8e:fb:b2:5e:8d:5f:5b:8f:2c:f3:
         bc:55:33:8d:9e:0d:4b:9c:4f:ef:6d:c9:22:28:b6:1a:5a:27:
         e7:d5:79:d8:44:10:a4:b9:3d:ca:aa:15:cf:6a:72:d9:d8:47:
         fc:73:4e:77:74:62:13:0b:0f:9b:ee:38:f1:e6:75:4e:bb:b8:
         08:61:4e:56:11:57:cb:b8:4a:0c:60:44:2c:dd:57:c1:dd:d3:
         3f:86:4f:7e:39:55:6c:bc:6d:28:bc:9b:62:c8:89:0b:29:f8:
         82:1a:58:98
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgICK0UwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDA4MjAxMjEzMzdaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjUyODkzQUYxMTAvBgNVBAUTKDUwOUFFODMyRUQ2Qjg5QjE2QTlFOEY3
MDU5RDMxMDAyRUJERjU1MTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDz5vh4dx9mR8WartuBB9KRcdVqL1XStm9i2zJ2DkZjQAALDvNBv/c20amTBJeg
BKLtktGpsEn1mvLGdN0+sH/2qQo/NND7jWDJXONyxCXzgge9/pZ8/7y7H6g9a8T/
3jgaivnEyIqc2HAnVhetec6jQguaCFAxNJdxJ16J+55OnhTrOOUPD7YyWZiFOtLM
JAJYhfuA9jADeYxNkQMkd13I+LR4cxHvKYCzEqYD/7VKdbAih8hXYEas+LPKyek3
DJbzH1X5RTExnOKL+pYmze2N9XpOjTHG7lmj528/4arfFS4FxBvwJXNM+L64T8LI
QzZev6+VIsd4AmT8BCOXMT3BAgMBAAGjggMmMIIDIjAdBgNVHQ4EFgQUUJroMu1r
ibFqno9wWdMQAuvfVRYwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY1Mjg5My85NzQyQTY0QzVFRUQx
MUVGOEM5MzQzNzk3NjJFOTUxQS8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTI4OTMvOTc0MkE2NEM1RUVEMTFFRjhDOTM0Mzc5NzYyRTk1MUEvVUpyb011
MXJpYkZxbm85d1dkTVFBdXZmVlJZLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAyAwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAJmRHgDBAJm26gDBAJm
3egwDQQCAAIwBwMFACwP7YAwDQYJKoZIhvcNAQELBQADggEBAIZAWjwUCbR4rwDj
JiJyXA3oMOLLAP8Ep0A1RYqFOKc/0Fgo9ezWp1e2WibiB0UURzihuUmoc0RYaZ6i
cCr0L1b1sTg7FZzXBrpzw3CyR/zZfTSRPeTF5qhqtrbrfldDNYUaG04MHS5va8pR
OMoNQEObUbeiQt8F+AEWl+Sc4tpR7wR0TWC64WuHRE9/51PByLvCA6XGr/KCjvuy
Xo1fW48s87xVM42eDUucT+9tySIothpaJ+fVedhEEKS5PcqqFc9qctnYR/xzTnd0
YhMLD5vuOPHmdU67uAhhTlYRV8u4SgxgRCzdV8Hd0z+GT345VWy8bSi8m2LIiQsp
+IIaWJg=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org