Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/XKqYLAMXkyYzLWt3CljoeVy4RZ8.cer
File:                     XKqYLAMXkyYzLWt3CljoeVy4RZ8.cer (raw, json)
Hash identifier:          hqruE5xWpiZ2gtlQnDmB4eWVUTQ1SC2mojUY1ylEerU=
Subject key identifier:   5C:AA:98:2C:03:17:93:26:33:2D:6B:77:0A:58:E8:79:5C:B8:45:9F
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       25E6
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/XKqYLAMXkyYzLWt3CljoeVy4RZ8.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:50:01 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 328633
                          IP: 102.217.184.0/22
                          IP: 102.223.104.0/22
                          IP: 2c0f:e848::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9702 (0x25e6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 02:50:01 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F3678967AF/serialNumber=5CAA982C03179326332D6B770A58E8795CB8459F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:82:6b:22:64:0a:8a:5c:e8:e1:69:02:e6:1e:
                    55:78:c7:55:1a:0a:78:98:86:ef:71:53:e7:83:6b:
                    df:ad:b1:26:9f:95:71:7c:c6:da:fa:41:9e:c9:d9:
                    f5:5d:55:e3:e5:4e:ca:81:51:68:96:dc:b2:9b:ea:
                    10:1b:da:ee:65:5b:f0:c8:29:a3:7e:42:76:f5:74:
                    f7:06:b1:5f:83:b0:02:9b:33:44:a5:46:ef:ad:03:
                    1d:29:a1:14:35:47:09:d3:09:3a:2c:e0:96:19:b0:
                    88:f7:45:d7:63:98:24:e1:13:f6:7b:2f:3b:23:88:
                    20:76:19:85:62:c7:a1:f9:92:8a:44:da:a1:f8:07:
                    05:9f:2c:9e:51:54:33:21:70:42:c5:b9:1e:1d:71:
                    29:f4:f2:81:0b:4c:bc:e2:26:9a:0c:b8:0d:46:45:
                    4a:43:a2:d3:4c:b8:57:f3:a6:0a:50:67:42:a4:82:
                    38:b5:03:bc:7d:df:27:34:18:08:78:a1:23:6f:b0:
                    b4:4e:93:53:fd:07:b5:79:a9:c7:25:99:1b:d0:2b:
                    85:68:0c:b3:a3:81:da:f7:db:c8:9c:dd:ee:05:25:
                    75:af:60:eb:7b:ed:90:78:74:ea:fc:9b:7e:fb:5a:
                    09:9f:72:aa:fd:7b:3c:15:b9:8c:c3:ef:b9:4a:39:
                    f4:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:AA:98:2C:03:17:93:26:33:2D:6B:77:0A:58:E8:79:5C:B8:45:9F
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/XKqYLAMXkyYzLWt3CljoeVy4RZ8.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  328633

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.217.184.0/22
                  102.223.104.0/22
                IPv6:
                  2c0f:e848::/32

    Signature Algorithm: sha256WithRSAEncryption
         44:4f:bd:c0:98:e7:22:48:af:0c:74:38:e3:b8:4f:8d:ce:61:
         35:27:96:cf:b9:a3:b7:52:6d:75:f3:2f:c8:a0:68:61:96:28:
         e1:8b:4f:23:b2:92:a6:6a:a0:67:4b:22:08:44:4e:2b:6e:40:
         6f:62:90:42:50:ec:b6:4f:99:a9:e4:f9:f2:a6:8a:b3:e4:03:
         47:73:ea:a3:54:5c:68:c7:be:96:d5:65:fb:f6:d8:9a:53:f3:
         09:af:6b:e8:e0:05:f7:78:cf:3c:24:a4:8a:70:7a:b7:ab:b8:
         aa:c8:1e:40:cc:37:09:1b:c6:71:2c:b0:11:ee:7a:17:38:7c:
         98:65:ae:34:0b:8c:60:b3:d0:58:24:41:20:6e:0b:4b:d3:1e:
         37:95:58:cc:b3:06:df:18:4e:c3:8d:87:d2:57:84:5e:ea:47:
         cb:1c:90:ec:4a:f0:48:28:d6:84:6a:3c:b9:3f:d5:37:d0:54:
         c3:da:a0:26:7c:5d:9f:fe:55:04:de:5e:4f:47:da:3e:19:ce:
         83:c1:89:74:e0:25:cf:ef:14:72:dd:da:59:cb:de:6d:93:25:
         d1:18:3a:ac:b5:13:11:29:54:06:ce:82:3b:25:54:2a:53:23:
         9f:ef:6e:10:86:37:ab:c8:3e:1b:a4:f3:6e:bf:77:e0:5d:91:
         6f:cb:b1:24
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgICJeYwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMjUwMDFaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjc4OTY3QUYxMTAvBgNVBAUTKDVDQUE5ODJDMDMxNzkzMjYzMzJENkI3
NzBBNThFODc5NUNCODQ1OUYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIgmsiZAqKXOjhaQLmHlV4x1UaCniYhu9xU+eDa9+tsSaflXF8xtr6QZ7J2fVd
VePlTsqBUWiW3LKb6hAb2u5lW/DIKaN+Qnb1dPcGsV+DsAKbM0SlRu+tAx0poRQ1
RwnTCTos4JYZsIj3RddjmCThE/Z7LzsjiCB2GYVix6H5kopE2qH4BwWfLJ5RVDMh
cELFuR4dcSn08oELTLziJpoMuA1GRUpDotNMuFfzpgpQZ0Kkgji1A7x93yc0GAh4
oSNvsLROk1P9B7V5qcclmRvQK4VoDLOjgdr328ic3e4FJXWvYOt77ZB4dOr8m377
Wgmfcqr9ezwVuYzD77lKOfSLAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUXKqYLAMX
kyYzLWt3CljoeVy4RZ8wHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY3ODk2Ny80QUE0NDJGNDc4RDkx
MUVBOUE4MDk1NUNGOEFFQTIyOC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Nzg5NjcvNEFBNDQyRjQ3OEQ5MTFFQTlBODA5NTVDRjhBRUEyMjgvWEtxWUxB
TVhreVl6TFd0M0Nsam9lVnk0Ulo4Lm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFA7kwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAJm2bgDBAJm32gwDQQC
AAIwBwMFACwP6EgwDQYJKoZIhvcNAQELBQADggEBAERPvcCY5yJIrwx0OOO4T43O
YTUnls+5o7dSbXXzL8igaGGWKOGLTyOykqZqoGdLIghETituQG9ikEJQ7LZPmank
+fKmirPkA0dz6qNUXGjHvpbVZfv22JpT8wmva+jgBfd4zzwkpIpwereruKrIHkDM
NwkbxnEssBHuehc4fJhlrjQLjGCz0FgkQSBuC0vTHjeVWMyzBt8YTsONh9JXhF7q
R8sckOxK8Ego1oRqPLk/1TfQVMPaoCZ8XZ/+VQTeXk9H2j4ZzoPBiXTgJc/vFHLd
2lnL3m2TJdEYOqy1ExEpVAbOgjslVCpTI5/vbhCGN6vIPhuk826/d+BdkW/LsSQ=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org