Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/YCmqMiQ3H_80BW6mdrX5npQG208.cer
File:                     YCmqMiQ3H_80BW6mdrX5npQG208.cer (raw, json)
Hash identifier:          4TvbTf4zMSWEZrWKvEzAG193vki2mRKPbBdBRJ70UN4=
Subject key identifier:   60:29:AA:32:24:37:1F:FF:34:05:6E:A6:76:B5:F9:9E:94:06:DB:4F
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2BDD
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F362BDD7/EF4D2B06856111EFA5670D9D762E951A/YCmqMiQ3H_80BW6mdrX5npQG208.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F362BDD7/EF4D2B06856111EFA5670D9D762E951A/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Tue 08 Oct 2024 10:42:04 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 327910

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11229 (0x2bdd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Oct  8 10:42:04 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F362BDD7AF/serialNumber=6029AA3224371FFF34056EA676B5F99E9406DB4F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:12:16:d0:af:1e:ea:27:c7:7e:eb:bb:c0:da:
                    f7:2b:ea:06:01:52:fe:3e:49:74:e2:ae:1c:10:60:
                    8e:cb:77:ca:ef:a0:37:80:a9:2c:ba:5f:f1:43:b1:
                    d3:8d:7e:7c:8c:54:2d:e4:9c:70:0b:2a:d8:86:ba:
                    fc:dc:63:98:da:f3:4a:82:0f:18:bb:23:fe:b2:f6:
                    06:54:7d:aa:9d:e5:24:81:1d:b3:5a:34:53:5e:4a:
                    f3:3d:42:43:c3:12:d8:8f:2d:66:ca:56:24:e9:92:
                    f3:a3:b8:aa:29:c2:e5:23:3a:f5:d7:d8:d1:bf:7c:
                    1c:6b:df:c9:cf:26:d0:6b:ff:96:94:e8:c0:cd:40:
                    25:97:af:27:cd:0a:9f:c0:93:fe:53:ac:c7:a9:24:
                    62:93:ee:b6:d3:32:c6:7b:51:88:9f:3e:29:28:75:
                    df:92:7b:62:ac:18:db:69:03:0a:5b:0d:d8:1d:7a:
                    cd:13:78:36:b0:eb:dd:d0:e7:87:a2:9f:ae:6a:06:
                    d7:12:c6:ca:b8:85:40:6c:ec:92:45:30:1e:a4:e7:
                    cb:47:50:70:30:a4:c2:04:ca:02:68:14:d2:bf:0b:
                    f0:ee:8e:31:47:3d:b3:87:d2:55:ad:cd:4c:9c:72:
                    af:d5:0a:48:b1:1a:56:72:c1:9f:ab:bd:a2:5b:3d:
                    dc:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:29:AA:32:24:37:1F:FF:34:05:6E:A6:76:B5:F9:9E:94:06:DB:4F
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F362BDD7/EF4D2B06856111EFA5670D9D762E951A/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F362BDD7/EF4D2B06856111EFA5670D9D762E951A/YCmqMiQ3H_80BW6mdrX5npQG208.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  327910

    Signature Algorithm: sha256WithRSAEncryption
         15:18:ea:5d:f7:28:e3:4f:4a:8e:00:20:db:bf:26:46:69:8f:
         9e:c9:3d:fd:3a:f5:56:64:c7:94:c3:77:3b:57:c4:09:25:8c:
         04:0f:3f:99:cd:90:f4:83:30:60:d3:8d:15:fa:bc:cc:0e:dd:
         16:a5:83:f7:62:14:16:19:5e:2d:d2:0f:fc:49:c4:a6:6c:5f:
         02:d7:18:2b:bd:4d:b0:ed:34:85:24:86:e5:94:b0:82:d1:73:
         44:22:70:09:84:38:3b:1b:4d:32:56:ba:89:58:f4:6c:41:c1:
         8c:58:fe:7d:25:66:2a:83:31:94:65:76:6e:af:f4:d8:d9:70:
         cf:3f:f2:a7:32:5e:0c:5f:ca:70:b0:3b:de:a7:cc:70:70:d4:
         24:69:11:4f:a2:a9:f5:4b:a9:7a:9d:73:a4:67:8f:4d:46:dc:
         78:65:47:96:70:89:0e:82:13:15:c6:08:af:16:32:b7:46:08:
         2d:9f:8d:ab:50:77:09:54:2f:be:64:cd:41:04:6e:2f:18:1b:
         bd:bb:bd:6b:02:ec:3b:df:a4:fe:7c:6a:71:4a:4c:33:5e:a1:
         de:07:97:9f:ad:fb:4d:61:03:e4:c6:ee:7f:7f:46:14:d4:3e:
         d8:01:9d:70:7d:76:f1:1d:96:c0:6b:22:1d:3e:d9:5b:24:51:
         5a:57:c4:7c
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgICK90wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDEwMDgxMDQyMDRaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjJCREQ3QUYxMTAvBgNVBAUTKDYwMjlBQTMyMjQzNzFGRkYzNDA1NkVB
Njc2QjVGOTlFOTQwNkRCNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDTEhbQrx7qJ8d+67vA2vcr6gYBUv4+SXTirhwQYI7Ld8rvoDeAqSy6X/FDsdON
fnyMVC3knHALKtiGuvzcY5ja80qCDxi7I/6y9gZUfaqd5SSBHbNaNFNeSvM9QkPD
EtiPLWbKViTpkvOjuKopwuUjOvXX2NG/fBxr38nPJtBr/5aU6MDNQCWXryfNCp/A
k/5TrMepJGKT7rbTMsZ7UYifPikodd+Se2KsGNtpAwpbDdgdes0TeDaw693Q54ei
n65qBtcSxsq4hUBs7JJFMB6k58tHUHAwpMIEygJoFNK/C/DujjFHPbOH0lWtzUyc
cq/VCkixGlZywZ+rvaJbPdzDAgMBAAGjggLqMIIC5jAdBgNVHQ4EFgQUYCmqMiQ3
H/80BW6mdrX5npQG208wHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzYyQkRENy9FRjREMkIwNjg1NjEx
MUVGQTU2NzBEOUQ3NjJFOTUxQS8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MkJERDcvRUY0RDJCMDY4NTYxMTFFRkE1NjcwRDlENzYyRTk1MUEvWUNtcU1p
UTNIXzgwQlc2bWRyWDVucFFHMjA4Lm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFAOYwDQYJKoZIhvcNAQELBQADggEBABUY6l33KONPSo4AINu/JkZpj57JPf06
9VZkx5TDdztXxAkljAQPP5nNkPSDMGDTjRX6vMwO3Ralg/diFBYZXi3SD/xJxKZs
XwLXGCu9TbDtNIUkhuWUsILRc0QicAmEODsbTTJWuolY9GxBwYxY/n0lZiqDMZRl
dm6v9NjZcM8/8qcyXgxfynCwO96nzHBw1CRpEU+iqfVLqXqdc6Rnj01G3HhlR5Zw
iQ6CExXGCK8WMrdGCC2fjatQdwlUL75kzUEEbi8YG727vWsC7DvfpP58anFKTDNe
od4Hl5+t+01hA+TG7n9/RhTUPtgBnXB9dvEdlsBrIh0+2VskUVpXxHw=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:32 2024 by rpki-client on console-fra.rpki-client.org