Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/X2s0EhZiPYWnTyzopeKbXurPolM.cer
File:                     X2s0EhZiPYWnTyzopeKbXurPolM.cer (raw, json)
Hash identifier:          BsFV8+i4GTAcqhoXqCDEIGz3EWQ+5blkJDK1jXi3Gs0=
Subject key identifier:   5F:6B:34:12:16:62:3D:85:A7:4F:2C:E8:A5:E2:9B:5E:EA:CF:A2:53
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       26BF
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F369C632/364C4FF82E9511EDA659BB7DF1222468/X2s0EhZiPYWnTyzopeKbXurPolM.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F369C632/364C4FF82E9511EDA659BB7DF1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 03:21:33 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 37792
                          AS: 329105
                          IP: 196.49.88.0/24
                          IP: 196.60.94.0/24
                          IP: 2001:43f8:1680::/47

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 07:59:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9919 (0x26bf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 03:21:33 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F369C632AF/serialNumber=5F6B341216623D85A74F2CE8A5E29B5EEACFA253
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:5e:e5:86:74:ee:80:ba:f0:1b:32:18:3b:c3:
                    f9:4b:fc:7b:39:46:14:c5:2e:45:82:ae:82:21:a1:
                    b2:73:38:fc:c8:58:96:44:22:b3:4c:1e:c2:5f:02:
                    08:6d:62:8c:4b:e7:71:19:4a:60:ab:4b:74:e2:8f:
                    ea:c8:84:8c:18:6f:4d:89:84:f9:ac:6e:cd:e9:27:
                    9f:25:3f:49:eb:73:21:9d:e0:54:14:f8:d0:eb:9a:
                    32:b5:38:3c:7c:71:03:96:08:e1:39:dd:78:cd:62:
                    cb:84:70:93:d6:22:1d:58:9d:df:c2:d3:33:ca:db:
                    21:86:9f:96:ba:c6:cf:c5:ec:60:89:ab:d1:4d:f8:
                    d3:4a:38:21:d6:52:54:18:4c:42:a5:4e:73:8b:83:
                    c8:42:cd:a0:03:c7:7d:af:73:fe:5b:4c:9f:d2:97:
                    22:f3:4d:df:3e:72:d1:d3:e0:ba:b8:e4:f8:b0:39:
                    dc:e0:8c:cf:6a:b5:bc:9e:fe:df:b9:f0:30:e0:b1:
                    2d:ba:8d:8b:4d:25:92:75:1d:bd:c8:72:f2:ae:fb:
                    bb:f7:74:e3:f7:b5:0a:70:57:99:e2:b7:2e:ec:0c:
                    ef:4a:39:b5:db:1f:9f:73:c8:0c:f2:e8:25:31:2b:
                    79:94:22:73:ce:e1:6e:09:41:8e:15:e8:e9:63:57:
                    58:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:6B:34:12:16:62:3D:85:A7:4F:2C:E8:A5:E2:9B:5E:EA:CF:A2:53
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F369C632/364C4FF82E9511EDA659BB7DF1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F369C632/364C4FF82E9511EDA659BB7DF1222468/X2s0EhZiPYWnTyzopeKbXurPolM.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  37792
                  329105

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.49.88.0/24
                  196.60.94.0/24
                IPv6:
                  2001:43f8:1680::/47

    Signature Algorithm: sha256WithRSAEncryption
         25:56:7a:de:97:cc:da:b6:19:15:1d:7b:41:6c:be:38:2e:f3:
         d0:85:da:bc:99:c6:d6:03:62:76:33:4c:c3:59:52:a9:9c:a3:
         77:71:66:ec:b4:79:c3:0f:e2:50:5e:83:15:45:be:8d:b9:a1:
         60:da:27:11:38:2d:fd:27:0f:77:6a:75:00:dc:fc:2a:a5:e9:
         74:31:d0:22:43:91:10:96:97:5b:7f:96:28:14:32:fe:ea:26:
         f5:7e:de:7f:0a:30:95:7f:c2:13:82:fb:46:88:03:12:37:71:
         4e:0a:05:49:59:49:d7:f7:af:86:f2:63:ac:37:f8:40:3b:d0:
         f8:23:25:60:e1:b2:9f:f1:c9:fb:30:42:e9:ab:af:e6:f2:f2:
         4f:47:1e:f5:4b:e7:a0:6a:8b:a1:cc:86:b2:c9:41:8e:13:f5:
         0d:50:34:ba:aa:95:ef:df:5f:29:59:dd:2a:06:a1:fe:88:3f:
         c5:43:4c:61:ac:96:72:14:e9:72:d9:9d:63:17:b5:1c:95:ba:
         b1:aa:a2:6e:ed:a1:46:20:7a:fb:29:cf:af:e7:02:e5:3f:23:
         06:90:e3:cd:f5:f9:59:08:fb:38:29:47:33:20:d0:c7:83:86:
         84:ac:81:6c:cc:c1:e7:85:1a:39:0c:3f:14:bd:c5:8d:b4:1f:
         11:39:0d:5a
-----BEGIN CERTIFICATE-----
MIIGMjCCBRqgAwIBAgICJr8wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMzIxMzNaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjlDNjMyQUYxMTAvBgNVBAUTKDVGNkIzNDEyMTY2MjNEODVBNzRGMkNF
OEE1RTI5QjVFRUFDRkEyNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8XuWGdO6AuvAbMhg7w/lL/Hs5RhTFLkWCroIhobJzOPzIWJZEIrNMHsJfAght
YoxL53EZSmCrS3Tij+rIhIwYb02JhPmsbs3pJ58lP0nrcyGd4FQU+NDrmjK1ODx8
cQOWCOE53XjNYsuEcJPWIh1Ynd/C0zPK2yGGn5a6xs/F7GCJq9FN+NNKOCHWUlQY
TEKlTnOLg8hCzaADx32vc/5bTJ/SlyLzTd8+ctHT4Lq45PiwOdzgjM9qtbye/t+5
8DDgsS26jYtNJZJ1Hb3IcvKu+7v3dOP3tQpwV5nity7sDO9KObXbH59zyAzy6CUx
K3mUInPO4W4JQY4V6OljV1gbAgMBAAGjggMnMIIDIzAdBgNVHQ4EFgQUX2s0EhZi
PYWnTyzopeKbXurPolMwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY5QzYzMi8zNjRDNEZGODJFOTUx
MUVEQTY1OUJCN0RGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OUM2MzIvMzY0QzRGRjgyRTk1MTFFREE2NTlCQjdERjEyMjI0NjgvWDJzMEVo
WmlQWVduVHl6b3BlS2JYdXJQb2xNLm1mdDAfBggrBgEFBQcBCAEB/wQQMA6gDDAK
AgMAk6ACAwUFkTA2BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAMQxWAMEAMQ8
XjAPBAIAAjAJAwcBIAFD+BaAMA0GCSqGSIb3DQEBCwUAA4IBAQAlVnrel8zathkV
HXtBbL44LvPQhdq8mcbWA2J2M0zDWVKpnKN3cWbstHnDD+JQXoMVRb6NuaFg2icR
OC39Jw93anUA3Pwqpel0MdAiQ5EQlpdbf5YoFDL+6ib1ft5/CjCVf8ITgvtGiAMS
N3FOCgVJWUnX96+G8mOsN/hAO9D4IyVg4bKf8cn7MELpq6/m8vJPRx71S+egaouh
zIayyUGOE/UNUDS6qpXv318pWd0qBqH+iD/FQ0xhrJZyFOly2Z1jF7UclbqxqqJu
7aFGIHr7Kc+v5wLlPyMGkOPN9flZCPs4KUczINDHg4aErIFszMHnhRo5DD8UvcWN
tB8ROQ1a
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:39:35 2024 by rpki-client on console-fra.rpki-client.org