Certificate
$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/XK2jLPsAGrpuTJ9SE9kodlsVozc.cer
File: XK2jLPsAGrpuTJ9SE9kodlsVozc.cer (raw, json)
Hash identifier: Sc6sDaGymWgcBUuwm2FAkunyGC7DswoxijSzgBslQFw=
Subject key identifier: 5C:AD:A3:2C:FB:00:1A:BA:6E:4C:9F:52:13:D9:28:76:5B:15:A3:37
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer: /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial: 2F52
Authority info access: rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest: rsync://rpki.afrinic.net/repository/member_repository/F368588E/A3823956CB2F11E9890D1B27F8AEA228/XK2jLPsAGrpuTJ9SE9kodlsVozc.mft
caRepository: rsync://rpki.afrinic.net/repository/member_repository/F368588E/A3823956CB2F11E9890D1B27F8AEA228/
Notify URL: https://rrdp.afrinic.net/notification.xml
Certificate not before: Wed 01 Jan 2025 02:22:30 +0000
Certificate not after: Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources: IP: 196.250.252.0/22
IP: 196.251.252.0/22
IP: 2001:43f8:e00::/40
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12114 (0x2f52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=AFRINIC
Validity
Not Before: Jan 1 02:22:30 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=F368588EAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:8c:c9:eb:4b:cc:ae:52:e0:79:bd:c5:ac:dc:
d8:a0:e2:47:b7:b7:ff:cb:b4:e4:31:0f:56:07:ac:
92:44:6b:83:3b:d3:aa:7d:ea:06:8f:5f:7e:93:31:
9b:69:1a:2e:47:51:54:bf:09:06:6d:80:e0:ab:ab:
fa:8f:fb:8d:76:be:2e:10:44:9f:c1:e5:52:9e:8b:
f7:44:70:ad:4a:c0:78:e7:6f:c3:03:54:19:1b:91:
a2:53:84:5e:0c:90:14:10:a4:ba:d6:f1:00:92:fe:
e9:2c:85:57:09:05:35:03:87:ff:13:b0:dd:eb:7a:
be:a6:08:a1:be:00:cb:18:b0:88:80:36:24:5e:ac:
f6:e5:18:b1:53:68:5b:e4:30:94:cf:b7:6d:db:d8:
3a:e6:9d:94:b7:82:81:16:4d:f1:db:5d:e8:f8:2b:
b7:47:e6:da:66:13:e5:b1:fa:6f:3b:ab:54:38:fd:
0f:fd:fd:5c:c9:39:9b:ad:25:3c:67:b2:d0:db:10:
34:ed:0e:9d:35:b6:13:41:83:d0:e6:b1:51:c2:85:
8b:62:88:c2:3e:fb:8b:c1:cd:ff:b8:72:0c:39:15:
b8:7b:9a:bb:5e:f2:a8:92:be:4f:b8:a3:fd:0e:6a:
e8:b3:ff:c3:3b:af:49:0d:a1:75:f7:47:5e:76:49:
36:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:AD:A3:2C:FB:00:1A:BA:6E:4C:9F:52:13:D9:28:76:5B:15:A3:37
X509v3 Authority Key Identifier:
keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F368588E/A3823956CB2F11E9890D1B27F8AEA228/
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F368588E/A3823956CB2F11E9890D1B27F8AEA228/XK2jLPsAGrpuTJ9SE9kodlsVozc.mft
sbgp-ipAddrBlock: critical
IPv4:
196.250.252.0/22
196.251.252.0/22
IPv6:
2001:43f8:e00::/40
Signature Algorithm: sha256WithRSAEncryption
1b:1b:54:d5:d0:da:d9:9e:e5:c1:5b:55:10:cb:1f:82:fc:d3:
76:b1:f2:dc:5e:a9:ed:88:1f:fc:99:f3:3f:94:af:85:d2:37:
dc:92:da:aa:b4:a3:7b:2e:e5:38:73:78:29:9f:86:93:02:46:
e5:c4:d3:02:02:2b:af:1a:67:2a:a8:3d:7d:c7:f8:da:b1:5f:
95:8b:43:89:cd:4a:b0:b8:ef:94:4f:37:66:50:f3:cc:ab:09:
a6:1a:af:80:88:af:1b:2d:79:16:7a:68:a6:60:79:15:de:19:
ac:a5:31:cd:f6:5f:1d:ec:15:0f:b5:67:39:9a:12:01:f9:a7:
bd:9e:d8:b8:32:9c:5b:b9:c7:1c:fa:a4:f0:3f:4e:a0:f6:0f:
b6:77:5a:e0:89:94:8f:2a:7e:4f:2d:59:dd:3c:c9:2e:89:03:
09:f5:1a:55:9d:6d:71:5d:54:92:16:b0:95:8c:cf:70:b9:d9:
29:3e:f2:ad:2e:ee:9e:43:1f:50:86:47:bf:55:ae:89:92:4c:
b2:db:92:42:1a:6e:4d:f0:61:61:b6:16:38:82:71:c3:24:c1:
cc:61:1b:03:3b:b6:ab:1d:24:8e:4f:f7:e0:f9:d0:c8:56:09:
f7:1d:90:54:99:74:5a:d3:59:fb:c1:f6:2f:51:f3:df:8f:c2:
00:c5:dc:0b
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgICL1IwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNTAxMDEwMjIyMzBaFw0yNjAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjg1ODhFQUYxMTAvBgNVBAUTKDVDQURBMzJDRkIwMDFBQkE2RTRDOUY1
MjEzRDkyODc2NUIxNUEzMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDhjMnrS8yuUuB5vcWs3Nig4ke3t//LtOQxD1YHrJJEa4M706p96gaPX36TMZtp
Gi5HUVS/CQZtgOCrq/qP+412vi4QRJ/B5VKei/dEcK1KwHjnb8MDVBkbkaJThF4M
kBQQpLrW8QCS/ukshVcJBTUDh/8TsN3rer6mCKG+AMsYsIiANiRerPblGLFTaFvk
MJTPt23b2DrmnZS3goEWTfHbXej4K7dH5tpmE+Wx+m87q1Q4/Q/9/VzJOZutJTxn
stDbEDTtDp01thNBg9DmsVHChYtiiMI++4vBzf+4cgw5Fbh7mrte8qiSvk+4o/0O
auiz/8M7r0kNoXX3R152STYhAgMBAAGjggMFMIIDATAdBgNVHQ4EFgQUXK2jLPsA
GrpuTJ9SE9kodlsVozcwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY4NTg4RS9BMzgyMzk1NkNCMkYx
MUU5ODkwRDFCMjdGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODU4OEUvQTM4MjM5NTZDQjJGMTFFOTg5MEQxQjI3RjhBRUEyMjgvWEsyakxQ
c0FHcnB1VEo5U0U5a29kbHNWb3pjLm1mdDA1BggrBgEFBQcBBwEB/wQmMCQwEgQC
AAEwDAMEAsT6/AMEAsT7/DAOBAIAAjAIAwYAIAFD+A4wDQYJKoZIhvcNAQELBQAD
ggEBABsbVNXQ2tme5cFbVRDLH4L803ax8txeqe2IH/yZ8z+Ur4XSN9yS2qq0o3su
5ThzeCmfhpMCRuXE0wICK68aZyqoPX3H+NqxX5WLQ4nNSrC475RPN2ZQ88yrCaYa
r4CIrxsteRZ6aKZgeRXeGaylMc32Xx3sFQ+1ZzmaEgH5p72e2LgynFu5xxz6pPA/
TqD2D7Z3WuCJlI8qfk8tWd08yS6JAwn1GlWdbXFdVJIWsJWMz3C52Sk+8q0u7p5D
H1CGR79VromSTLLbkkIabk3wYWG2FjiCccMkwcxhGwM7tqsdJI5P9+D50MhWCfcd
kFSZdFrTWfvB9i9R89+PwgDF3As=
-----END CERTIFICATE-----
Generated at Wed Apr 2 08:36:32 2025 by rpki-client