Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/UsjVbfSu4mPoplESmKYZzpjIrA4.cer
File:                     UsjVbfSu4mPoplESmKYZzpjIrA4.cer (raw, json)
Hash identifier:          lnpKH3hVL8WPUcSWdu5gwnFXpXbBEPHMRiVQHtPpaPo=
Subject key identifier:   52:C8:D5:6D:F4:AE:E2:63:E8:A6:51:12:98:A6:19:CE:98:C8:AC:0E
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       251D
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F365BF9E/E18FB3DECA2411EDA24C598BF1222468/UsjVbfSu4mPoplESmKYZzpjIrA4.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F365BF9E/E18FB3DECA2411EDA24C598BF1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:16:32 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328884
                          IP: 102.217.152.0/22
                          IP: 102.219.40.0/22
                          IP: 2c0f:5100::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9501 (0x251d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 02:16:32 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F365BF9EAF/serialNumber=52C8D56DF4AEE263E8A6511298A619CE98C8AC0E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:00:3f:8e:54:47:24:4c:0f:76:3d:3d:8a:4e:
                    b0:72:78:ae:64:69:4e:dd:38:cd:f1:55:60:93:7e:
                    f9:a4:01:37:72:9e:92:8e:d0:d1:81:99:a0:99:c1:
                    f4:5b:9c:23:11:0f:02:06:1f:9a:0f:1b:b2:48:7c:
                    7f:31:be:d5:11:60:69:3e:43:36:cf:4f:74:4b:c0:
                    67:23:03:da:f8:24:bc:19:b4:ef:e3:f0:80:79:3d:
                    91:90:cd:d9:a4:43:a2:b4:ed:00:61:4d:19:6a:ec:
                    77:58:55:a9:4d:6b:7a:b0:b2:e2:0a:e8:13:3b:fd:
                    e6:b2:00:72:12:3f:a4:9a:eb:35:66:12:47:83:cb:
                    d3:c0:4c:d4:ec:21:44:e5:a5:e4:d9:84:e1:43:dd:
                    f8:fb:ec:e7:a2:92:81:77:3a:08:48:1b:5b:5a:6a:
                    19:12:4a:ec:55:7e:3d:f7:cb:c6:1c:ee:89:24:8c:
                    6e:00:63:c9:c7:39:ed:33:a9:89:23:f1:d2:c6:e4:
                    d3:97:5a:20:a8:01:94:06:0c:26:5c:a7:37:1f:31:
                    29:04:89:77:d4:01:83:61:f7:cc:d8:18:d3:4d:a7:
                    5c:8a:c1:7f:fb:66:b4:2a:95:40:c6:19:d6:a6:52:
                    08:a1:c6:08:f3:88:1a:c7:66:63:57:c7:c4:0c:54:
                    12:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:C8:D5:6D:F4:AE:E2:63:E8:A6:51:12:98:A6:19:CE:98:C8:AC:0E
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F365BF9E/E18FB3DECA2411EDA24C598BF1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F365BF9E/E18FB3DECA2411EDA24C598BF1222468/UsjVbfSu4mPoplESmKYZzpjIrA4.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328884

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.217.152.0/22
                  102.219.40.0/22
                IPv6:
                  2c0f:5100::/32

    Signature Algorithm: sha256WithRSAEncryption
         88:af:4e:bb:5c:c9:52:48:0e:61:94:4f:15:f3:8a:d8:db:d3:
         f0:bf:49:85:40:ef:c8:ed:91:c1:ab:f1:7a:94:10:1c:cf:3e:
         67:3d:38:0d:85:45:ff:dd:aa:ac:f7:25:db:ac:37:ad:0a:cc:
         37:eb:46:97:27:60:d6:16:ad:7d:f9:e2:ef:e9:d8:75:63:cc:
         87:0f:7b:ad:88:1a:14:c1:e2:64:9c:9a:95:cd:c7:d2:e1:e4:
         13:32:de:be:32:21:ab:93:09:56:27:c0:38:92:72:bb:29:e5:
         92:8e:03:ab:e3:ee:02:bc:5d:26:f8:c2:95:d3:de:0f:5b:f6:
         9f:b3:ee:e7:01:e2:1e:e5:c1:7a:bc:f5:c7:34:b8:5c:80:34:
         56:49:5e:1e:cf:ff:f0:cf:f2:d2:f7:34:3d:c9:6f:12:e6:fc:
         5a:3f:93:53:84:a8:ce:91:cd:96:f8:e7:b2:31:26:57:c1:cc:
         e6:67:c8:e7:b0:59:05:35:33:41:7b:88:9c:38:f4:eb:66:a3:
         76:b7:af:d1:f3:b1:e3:fd:f9:b6:a8:03:59:ac:2b:54:98:ae:
         0a:7a:be:58:b7:fd:7a:60:3a:88:8f:26:19:00:9c:c8:9c:3c:
         c6:71:cc:ae:66:94:08:a2:3b:ca:71:cd:bc:32:e0:9f:9b:2c:
         60:6d:cd:f3
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgICJR0wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMjE2MzJaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjVCRjlFQUYxMTAvBgNVBAUTKDUyQzhENTZERjRBRUUyNjNFOEE2NTEx
Mjk4QTYxOUNFOThDOEFDMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDuAD+OVEckTA92PT2KTrByeK5kaU7dOM3xVWCTfvmkATdynpKO0NGBmaCZwfRb
nCMRDwIGH5oPG7JIfH8xvtURYGk+QzbPT3RLwGcjA9r4JLwZtO/j8IB5PZGQzdmk
Q6K07QBhTRlq7HdYValNa3qwsuIK6BM7/eayAHISP6Sa6zVmEkeDy9PATNTsIUTl
peTZhOFD3fj77OeikoF3OghIG1taahkSSuxVfj33y8Yc7okkjG4AY8nHOe0zqYkj
8dLG5NOXWiCoAZQGDCZcpzcfMSkEiXfUAYNh98zYGNNNp1yKwX/7ZrQqlUDGGdam
UgihxgjziBrHZmNXx8QMVBLZAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUUsjVbfSu
4mPoplESmKYZzpjIrA4wHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY1QkY5RS9FMThGQjNERUNBMjQx
MUVEQTI0QzU5OEJGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUJGOUUvRTE4RkIzREVDQTI0MTFFREEyNEM1OThCRjEyMjI0NjgvVXNqVmJm
U3U0bVBvcGxFU21LWVp6cGpJckE0Lm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBLQwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAJm2ZgDBAJm2ygwDQQC
AAIwBwMFACwPUQAwDQYJKoZIhvcNAQELBQADggEBAIivTrtcyVJIDmGUTxXzitjb
0/C/SYVA78jtkcGr8XqUEBzPPmc9OA2FRf/dqqz3JdusN60KzDfrRpcnYNYWrX35
4u/p2HVjzIcPe62IGhTB4mScmpXNx9Lh5BMy3r4yIauTCVYnwDiScrsp5ZKOA6vj
7gK8XSb4wpXT3g9b9p+z7ucB4h7lwXq89cc0uFyANFZJXh7P//DP8tL3ND3JbxLm
/Fo/k1OEqM6RzZb457IxJlfBzOZnyOewWQU1M0F7iJw49Otmo3a3r9HzseP9+bao
A1msK1SYrgp6vli3/XpgOoiPJhkAnMicPMZxzK5mlAiiO8pxzbwy4J+bLGBtzfM=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:32 2024 by rpki-client on console-fra.rpki-client.org