Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/XiJnU4QNZLrrAjtZQWyZHzl3Hvw.cer
File:                     XiJnU4QNZLrrAjtZQWyZHzl3Hvw.cer (raw, json)
Hash identifier:          3gp5f2RYCLSYoZ+W8NZi+sSqmZYjURS56Az/VwIPRL0=
Subject key identifier:   5E:22:67:53:84:0D:64:BA:EB:02:3B:59:41:6C:99:1F:39:77:1E:FC
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2B9B
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F36539AE/C4044E8A74DA11EFBCFA7F9A762E951A/XiJnU4QNZLrrAjtZQWyZHzl3Hvw.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F36539AE/C4044E8A74DA11EFBCFA7F9A762E951A/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Tue 17 Sep 2024 09:54:11 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 329260
                          IP: 102.213.177.0/24
                          IP: 2001:43fd:1000::/48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11163 (0x2b9b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Sep 17 09:54:11 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F36539AEAF/serialNumber=5E226753840D64BAEB023B59416C991F39771EFC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:cf:c0:4c:98:a5:66:f0:e3:db:d7:6f:87:9c:
                    3d:19:72:23:f5:64:0c:ab:92:88:4c:3e:c4:b0:78:
                    44:ea:0a:1e:f7:71:8f:da:8e:31:85:23:aa:6d:24:
                    d5:fc:87:1f:28:1e:0f:ba:47:21:c9:e0:b8:f6:62:
                    f6:ee:cd:47:e9:fc:49:aa:1a:25:4f:11:f4:57:fb:
                    e1:1c:81:05:64:f7:46:35:59:f3:8d:c2:0b:90:80:
                    66:98:3b:fb:1f:40:55:e6:d4:98:d8:1e:bd:c6:0b:
                    9f:b5:73:72:72:56:1f:26:79:29:4e:ef:52:0e:29:
                    a8:d3:e1:7c:8c:19:a6:69:e3:ec:1e:be:42:e8:7d:
                    59:83:7a:e7:f2:5b:fe:5f:a8:97:48:c6:df:48:0e:
                    06:e9:7f:85:53:df:9c:0e:ca:3d:47:53:3b:f8:c9:
                    61:78:2b:8b:5f:9b:1d:11:60:f0:55:80:0d:ae:08:
                    27:3c:89:39:c7:c4:62:8a:96:6e:7e:e6:c7:17:d4:
                    05:06:02:98:9e:1a:5b:b9:aa:95:00:30:25:c8:37:
                    25:74:6d:3d:f1:c3:b7:d4:1d:57:0f:96:a6:a3:30:
                    60:87:23:91:71:08:bb:95:48:fa:06:3f:d0:c6:6e:
                    d2:a5:68:1d:a6:98:8c:eb:d3:06:9c:74:3a:56:4a:
                    54:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:22:67:53:84:0D:64:BA:EB:02:3B:59:41:6C:99:1F:39:77:1E:FC
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F36539AE/C4044E8A74DA11EFBCFA7F9A762E951A/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F36539AE/C4044E8A74DA11EFBCFA7F9A762E951A/XiJnU4QNZLrrAjtZQWyZHzl3Hvw.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  329260

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.213.177.0/24
                IPv6:
                  2001:43fd:1000::/48

    Signature Algorithm: sha256WithRSAEncryption
         0e:55:63:94:94:3b:dc:2a:56:e0:18:41:2f:4d:02:a9:a1:b1:
         63:99:03:fa:1f:71:e2:e9:2f:26:12:47:af:5a:2a:5d:b7:59:
         84:1c:fd:f0:57:f8:3d:a0:97:d3:f8:90:8a:97:42:ff:24:9c:
         6c:b6:f7:98:e2:13:7b:7e:56:80:16:f5:dd:95:0a:b4:fa:1d:
         f1:0f:8f:bb:13:02:5c:ab:3f:9e:95:db:12:75:de:8a:29:d2:
         e5:c9:b3:2c:f6:60:de:fd:90:14:43:a3:0e:8d:30:b9:5b:ef:
         53:0b:6f:94:20:75:73:21:ed:be:19:4a:cf:35:ae:75:81:a7:
         d9:3b:c4:c4:3e:fa:35:ca:86:95:f4:d5:43:4f:34:ad:80:75:
         05:9d:86:77:3e:71:31:c2:86:a5:5e:11:6f:29:4b:07:bf:37:
         2a:85:ff:4f:32:bc:9e:95:d7:c1:08:0a:29:8d:ab:5d:d0:69:
         70:40:f3:a0:20:a3:9c:f6:84:19:60:28:51:59:9f:e0:fd:d3:
         02:b4:86:87:55:8c:34:90:74:32:cd:cf:e5:a7:1e:fe:32:eb:
         ab:30:1b:5b:d2:7b:8c:e3:f6:77:0b:1f:42:23:c7:62:09:81:
         9a:39:fc:56:db:eb:d8:06:c8:62:41:45:d9:c5:51:53:50:7d:
         35:25:9f:ad
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgICK5swDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDA5MTcwOTU0MTFaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjUzOUFFQUYxMTAvBgNVBAUTKDVFMjI2NzUzODQwRDY0QkFFQjAyM0I1
OTQxNkM5OTFGMzk3NzFFRkMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDrz8BMmKVm8OPb12+HnD0ZciP1ZAyrkohMPsSweETqCh73cY/ajjGFI6ptJNX8
hx8oHg+6RyHJ4Lj2YvbuzUfp/EmqGiVPEfRX++EcgQVk90Y1WfONwguQgGaYO/sf
QFXm1JjYHr3GC5+1c3JyVh8meSlO71IOKajT4XyMGaZp4+wevkLofVmDeufyW/5f
qJdIxt9IDgbpf4VT35wOyj1HUzv4yWF4K4tfmx0RYPBVgA2uCCc8iTnHxGKKlm5+
5scX1AUGApieGlu5qpUAMCXINyV0bT3xw7fUHVcPlqajMGCHI5FxCLuVSPoGP9DG
btKlaB2mmIzr0wacdDpWSlR9AgMBAAGjggMcMIIDGDAdBgNVHQ4EFgQUXiJnU4QN
ZLrrAjtZQWyZHzl3HvwwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY1MzlBRS9DNDA0NEU4QTc0REEx
MUVGQkNGQTdGOUE3NjJFOTUxQS8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTM5QUUvQzQwNDRFOEE3NERBMTFFRkJDRkE3RjlBNzYyRTk1MUEvWGlKblU0
UU5aTHJyQWp0WlFXeVpIemwzSHZ3Lm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBiwwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBABm1bEwDwQCAAIwCQMH
ACABQ/0QADANBgkqhkiG9w0BAQsFAAOCAQEADlVjlJQ73CpW4BhBL00CqaGxY5kD
+h9x4ukvJhJHr1oqXbdZhBz98Ff4PaCX0/iQipdC/yScbLb3mOITe35WgBb13ZUK
tPod8Q+PuxMCXKs/npXbEnXeiinS5cmzLPZg3v2QFEOjDo0wuVvvUwtvlCB1cyHt
vhlKzzWudYGn2TvExD76NcqGlfTVQ080rYB1BZ2Gdz5xMcKGpV4RbylLB783KoX/
TzK8npXXwQgKKY2rXdBpcEDzoCCjnPaEGWAoUVmf4P3TArSGh1WMNJB0Ms3P5ace
/jLrqzAbW9J7jOP2dwsfQiPHYgmBmjn8Vtvr2AbIYkFF2cVRU1B9NSWfrQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:32 2024 by rpki-client on console-fra.rpki-client.org