Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/XVwqlrLjcrCsR_SNvcfX_R-9sTI.cer
File:                     XVwqlrLjcrCsR_SNvcfX_R-9sTI.cer (raw, json)
Hash identifier:          HXnDljv8OXZrKo3Xh1s1DDcX2/Y1CWqaekCilFyMXWg=
Subject key identifier:   5D:5C:2A:96:B2:E3:72:B0:AC:47:F4:8D:BD:C7:D7:FD:1F:BD:B1:32
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2450
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F3644DAB/B511F7E4F24911ECA2791192F1222468/XVwqlrLjcrCsR_SNvcfX_R-9sTI.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F3644DAB/B511F7E4F24911ECA2791192F1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 01:26:02 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 329050
                          IP: 102.216.21.0/24
                          IP: 2001:43fc:6000::/48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9296 (0x2450)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 01:26:02 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F3644DABAF/serialNumber=5D5C2A96B2E372B0AC47F48DBDC7D7FD1FBDB132
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:c7:d4:b9:e1:21:7f:77:4b:3f:0b:f5:ca:e3:
                    0c:ff:10:2a:73:ff:f1:17:a9:7a:4e:13:fe:32:e0:
                    86:32:45:4c:0d:6b:75:9f:6d:32:92:61:06:b1:ee:
                    72:cd:64:98:8f:45:ee:c3:42:52:ee:73:4a:05:d0:
                    3a:ab:58:39:f7:81:bd:b2:c6:4b:63:6f:eb:de:d1:
                    ff:70:d3:d0:33:0f:65:b4:05:fe:2a:57:64:3a:7a:
                    d7:32:ab:1c:c5:11:ee:4a:6b:1c:0b:33:0e:01:ff:
                    71:41:b9:6a:6a:76:0c:d3:ad:27:84:d2:ab:30:14:
                    d4:3d:79:5d:0c:90:e0:20:07:1f:d2:bb:2d:ac:45:
                    33:80:a6:6e:3c:44:77:38:9a:3c:d7:5a:2b:4e:33:
                    e9:17:cc:26:93:65:53:f1:18:5f:d2:25:7f:7b:d8:
                    a4:08:53:61:04:8d:76:0d:40:07:17:78:d3:a6:84:
                    9e:10:77:40:ec:e2:8c:dd:95:23:c8:d0:45:c4:30:
                    5d:f6:97:69:db:89:dc:f7:14:0f:c7:a8:0e:1c:03:
                    79:d5:d6:b1:e4:da:52:32:88:6f:b1:2a:83:4d:43:
                    e3:0d:dc:8c:7d:4d:07:d8:5a:bd:03:c8:aa:a8:ec:
                    87:c6:d8:52:5b:f9:0c:ee:9c:92:d2:05:a2:fa:f9:
                    f8:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:5C:2A:96:B2:E3:72:B0:AC:47:F4:8D:BD:C7:D7:FD:1F:BD:B1:32
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F3644DAB/B511F7E4F24911ECA2791192F1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F3644DAB/B511F7E4F24911ECA2791192F1222468/XVwqlrLjcrCsR_SNvcfX_R-9sTI.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  329050

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.216.21.0/24
                IPv6:
                  2001:43fc:6000::/48

    Signature Algorithm: sha256WithRSAEncryption
         9e:b1:f8:6f:a8:5c:9d:81:9a:cd:db:ac:55:d6:6f:50:f1:c2:
         d4:32:db:73:65:eb:f1:48:19:ce:11:ac:f4:5c:b3:29:e6:c2:
         b7:c3:50:97:ac:1b:da:5d:bd:ab:09:29:c7:9e:68:9c:0e:e6:
         13:c5:ca:7f:0b:7b:81:ed:fe:83:81:d9:59:98:97:73:90:78:
         a9:37:af:47:b1:ff:3f:03:ff:28:a4:09:0d:76:c8:37:95:dd:
         eb:3a:10:8a:7f:06:c5:8a:ec:be:d3:5f:3f:b1:fe:a2:19:ef:
         85:63:bd:89:09:69:de:a5:0f:ad:19:45:a3:ee:c8:dd:01:ca:
         78:6f:f2:12:5c:a7:21:0f:d1:3e:e6:e1:04:10:7b:39:81:f5:
         33:cc:bc:b9:70:09:2d:7e:37:91:42:94:2d:ef:f6:c0:bf:13:
         10:70:5d:bd:01:5a:a6:fd:46:89:a0:f2:f1:fd:4b:75:0e:83:
         b6:bc:8e:71:d1:c9:88:b8:0f:d2:70:8f:6b:3e:05:f6:6e:03:
         6c:35:29:96:b0:e0:cc:0f:fb:b2:c0:93:a1:84:14:14:0b:6f:
         22:81:07:27:74:ee:45:1a:64:67:01:fb:10:19:3a:7f:b9:c8:
         1f:91:6a:1f:6f:eb:4f:60:92:79:e7:b2:cd:38:a8:60:a4:66:
         4f:e8:e8:3d
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgICJFAwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMTI2MDJaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjQ0REFCQUYxMTAvBgNVBAUTKDVENUMyQTk2QjJFMzcyQjBBQzQ3RjQ4
REJEQzdEN0ZEMUZCREIxMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBx9S54SF/d0s/C/XK4wz/ECpz//EXqXpOE/4y4IYyRUwNa3WfbTKSYQax7nLN
ZJiPRe7DQlLuc0oF0DqrWDn3gb2yxktjb+ve0f9w09AzD2W0Bf4qV2Q6etcyqxzF
Ee5KaxwLMw4B/3FBuWpqdgzTrSeE0qswFNQ9eV0MkOAgBx/Suy2sRTOApm48RHc4
mjzXWitOM+kXzCaTZVPxGF/SJX972KQIU2EEjXYNQAcXeNOmhJ4Qd0Ds4ozdlSPI
0EXEMF32l2nbidz3FA/HqA4cA3nV1rHk2lIyiG+xKoNNQ+MN3Ix9TQfYWr0DyKqo
7IfG2FJb+QzunJLSBaL6+fihAgMBAAGjggMcMIIDGDAdBgNVHQ4EFgQUXVwqlrLj
crCsR/SNvcfX/R+9sTIwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY0NERBQi9CNTExRjdFNEYyNDkx
MUVDQTI3OTExOTJGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDREQUIvQjUxMUY3RTRGMjQ5MTFFQ0EyNzkxMTkyRjEyMjI0NjgvWFZ3cWxy
TGpjckNzUl9TTnZjZlhfUi05c1RJLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBVowMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBABm2BUwDwQCAAIwCQMH
ACABQ/xgADANBgkqhkiG9w0BAQsFAAOCAQEAnrH4b6hcnYGazdusVdZvUPHC1DLb
c2Xr8UgZzhGs9FyzKebCt8NQl6wb2l29qwkpx55onA7mE8XKfwt7ge3+g4HZWZiX
c5B4qTevR7H/PwP/KKQJDXbIN5Xd6zoQin8GxYrsvtNfP7H+ohnvhWO9iQlp3qUP
rRlFo+7I3QHKeG/yElynIQ/RPubhBBB7OYH1M8y8uXAJLX43kUKULe/2wL8TEHBd
vQFapv1GiaDy8f1LdQ6DtryOcdHJiLgP0nCPaz4F9m4DbDUplrDgzA/7ssCToYQU
FAtvIoEHJ3TuRRpkZwH7EBk6f7nIH5FqH2/rT2CSeeeyzTioYKRmT+joPQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:22 2024 by rpki-client on console-ams.rpki-client.org