Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/XabN45sUTEexNxp5v2LPbtykpzs.cer
File:                     XabN45sUTEexNxp5v2LPbtykpzs.cer (raw, json)
Hash identifier:          A8R/skVexvD6RHIhx7WtdeMH4Ywo68WiBEFPcpjj+Sc=
Subject key identifier:   5D:A6:CD:E3:9B:14:4C:47:B1:37:1A:79:BF:62:CF:6E:DC:A4:A7:3B
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2318
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F361174D/25EC10C008F811ED910AC3A5F1222468/XabN45sUTEexNxp5v2LPbtykpzs.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F361174D/25EC10C008F811ED910AC3A5F1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:02:01 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 327984
                          IP: 102.176.192.0/19
                          IP: 196.32.96.0/20
                          IP: 2c0f:f5b0::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8984 (0x2318)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 00:02:01 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F361174DAF/serialNumber=5DA6CDE39B144C47B1371A79BF62CF6EDCA4A73B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:52:bc:66:88:e6:d3:a5:73:9d:9d:9e:d5:d4:
                    79:24:a8:a1:41:e9:60:ec:eb:21:6a:4c:1e:6e:15:
                    87:29:7f:94:4c:66:bd:01:79:82:5c:ec:d8:1f:99:
                    be:21:3e:d5:3c:5c:94:b2:50:ae:e3:4b:27:ed:17:
                    8f:de:c8:c2:04:14:63:54:65:c9:aa:01:8f:d6:20:
                    bf:cd:71:7c:6d:6f:43:ee:dd:05:98:90:2e:9a:82:
                    e1:15:e6:fc:bb:f9:60:a3:68:99:a2:2e:a6:cd:a2:
                    de:f5:df:1f:a0:1c:2c:49:77:90:b9:ff:28:94:e6:
                    bc:89:7c:ce:5d:bf:a7:24:a2:9e:1f:8f:10:e4:67:
                    43:09:82:8d:bb:ed:f8:79:92:78:85:e1:f1:e5:8b:
                    26:7f:df:14:69:f7:d8:1d:9e:50:45:88:25:1a:99:
                    30:41:41:22:77:5d:66:e2:9b:be:91:1c:cc:9c:3b:
                    f1:b8:09:92:0b:82:15:b2:3f:e3:93:fa:50:e7:7a:
                    83:12:6e:60:f5:35:db:61:11:76:a8:94:4a:ac:9b:
                    7c:6c:e8:43:50:90:40:3e:76:26:58:7f:ec:4c:65:
                    dc:7e:16:37:41:10:02:8e:7a:97:37:fb:12:92:c3:
                    44:82:7d:f0:7c:bc:57:5d:eb:63:f9:d6:d2:ae:8c:
                    dd:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:A6:CD:E3:9B:14:4C:47:B1:37:1A:79:BF:62:CF:6E:DC:A4:A7:3B
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F361174D/25EC10C008F811ED910AC3A5F1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F361174D/25EC10C008F811ED910AC3A5F1222468/XabN45sUTEexNxp5v2LPbtykpzs.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  327984

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.176.192.0/19
                  196.32.96.0/20
                IPv6:
                  2c0f:f5b0::/32

    Signature Algorithm: sha256WithRSAEncryption
         02:a6:56:13:9f:13:b9:9d:6b:d4:16:40:ed:b8:52:b2:47:3a:
         9c:ff:89:e0:97:29:03:38:b6:f8:d3:22:bd:d5:68:ad:14:99:
         57:64:85:16:c3:80:43:cd:9a:c2:28:74:dd:20:d7:f6:e8:69:
         d4:fd:50:42:e9:1c:22:55:0a:67:db:33:d9:91:a2:c5:19:3f:
         93:6b:0d:7b:dd:1b:db:30:1c:dc:dd:cc:e3:0f:3f:85:ae:09:
         38:83:b1:86:77:4c:28:43:8d:a9:fa:7b:f9:ab:c7:45:a6:a5:
         f7:16:64:e4:12:82:ad:35:27:26:70:6a:59:a3:2a:55:29:3a:
         a0:d0:e6:c7:bb:6e:6a:cc:41:5b:14:69:4e:d5:24:3a:52:2a:
         75:e5:42:a8:46:cd:dd:a7:94:33:48:70:f0:40:b8:63:52:6f:
         c8:d4:73:7c:46:ea:e7:11:8b:5e:f1:ca:d0:43:5e:a7:74:ad:
         71:02:d8:ed:4e:e4:e6:ad:98:3b:5a:59:9c:79:47:77:8b:74:
         e2:7f:07:d5:07:27:e2:c5:cb:c0:26:37:24:41:28:21:41:4f:
         61:5b:b8:fa:51:74:1a:ae:7f:2e:52:72:51:77:95:b8:97:d0:
         8b:af:a8:46:5b:df:c2:00:74:c7:be:7f:4d:51:09:23:04:ce:
         75:1d:33:af
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgICIxgwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMDAyMDFaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjExNzREQUYxMTAvBgNVBAUTKDVEQTZDREUzOUIxNDRDNDdCMTM3MUE3
OUJGNjJDRjZFRENBNEE3M0IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDNUrxmiObTpXOdnZ7V1HkkqKFB6WDs6yFqTB5uFYcpf5RMZr0BeYJc7Ngfmb4h
PtU8XJSyUK7jSyftF4/eyMIEFGNUZcmqAY/WIL/NcXxtb0Pu3QWYkC6aguEV5vy7
+WCjaJmiLqbNot713x+gHCxJd5C5/yiU5ryJfM5dv6ckop4fjxDkZ0MJgo277fh5
kniF4fHliyZ/3xRp99gdnlBFiCUamTBBQSJ3XWbim76RHMycO/G4CZILghWyP+OT
+lDneoMSbmD1NdthEXaolEqsm3xs6ENQkEA+diZYf+xMZdx+FjdBEAKOepc3+xKS
w0SCffB8vFdd62P51tKujN0PAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUXabN45sU
TEexNxp5v2LPbtykpzswHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzYxMTc0RC8yNUVDMTBDMDA4Rjgx
MUVEOTEwQUMzQTVGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTE3NEQvMjVFQzEwQzAwOEY4MTFFRDkxMEFDM0E1RjEyMjI0NjgvWGFiTjQ1
c1VURWV4TnhwNXYyTFBidHlrcHpzLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFATAwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAVmsMADBATEIGAwDQQC
AAIwBwMFACwP9bAwDQYJKoZIhvcNAQELBQADggEBAAKmVhOfE7mda9QWQO24UrJH
Opz/ieCXKQM4tvjTIr3VaK0UmVdkhRbDgEPNmsIodN0g1/boadT9UELpHCJVCmfb
M9mRosUZP5NrDXvdG9swHNzdzOMPP4WuCTiDsYZ3TChDjan6e/mrx0WmpfcWZOQS
gq01JyZwalmjKlUpOqDQ5se7bmrMQVsUaU7VJDpSKnXlQqhGzd2nlDNIcPBAuGNS
b8jUc3xG6ucRi17xytBDXqd0rXEC2O1O5OatmDtaWZx5R3eLdOJ/B9UHJ+LFy8Am
NyRBKCFBT2FbuPpRdBqufy5SclF3lbiX0IuvqEZb38IAdMe+f01RCSMEznUdM68=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:32 2024 by rpki-client on console-fra.rpki-client.org