Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/Z4miVHJtAx5ZtGthtKyqhRv6Ld8.cer
File:                     Z4miVHJtAx5ZtGthtKyqhRv6Ld8.cer (raw, json)
Hash identifier:          DunfeSM79cjLQAqnMHgMcQC8eFyiTbO04rry84WW6oU=
Subject key identifier:   67:89:A2:54:72:6D:03:1E:59:B4:6B:61:B4:AC:AA:85:1B:FA:2D:DF
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2558
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F366351B/4665A9F0ACA011EDAF100DF7F1222468/Z4miVHJtAx5ZtGthtKyqhRv6Ld8.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F366351B/4665A9F0ACA011EDAF100DF7F1222468/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:29:45 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 329208
                          IP: 102.214.12.0/24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9560 (0x2558)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Jan  1 02:29:45 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F366351BAF/serialNumber=6789A254726D031E59B46B61B4ACAA851BFA2DDF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:b1:fe:cd:6e:7c:27:ce:28:e4:b7:5d:60:38:
                    c7:50:79:2d:2a:cc:ca:eb:8e:84:f9:b4:a8:fc:a6:
                    c1:1e:82:21:87:c0:f9:fd:fc:e2:e3:4c:54:bc:7c:
                    3a:06:5b:db:45:62:ab:65:29:30:d6:08:85:a5:0b:
                    ba:76:eb:56:aa:15:60:11:4e:ee:1e:45:78:7c:ea:
                    3f:36:38:e8:9a:c4:be:23:c9:2d:13:2e:d3:78:0e:
                    ec:11:ff:d3:53:9e:a2:b3:a3:0c:3f:1f:c9:c2:d0:
                    8f:d7:8f:fc:7b:3f:08:84:9c:ad:cf:5a:52:2c:bf:
                    ba:d9:1a:d1:37:28:15:bd:4e:4a:32:e3:ec:26:42:
                    47:d9:2d:d8:f7:99:fd:0e:fa:53:ab:9d:cc:cd:97:
                    e9:e4:19:ea:36:20:42:99:89:bb:f7:f9:20:72:16:
                    50:b9:70:47:e7:d6:8c:c0:43:ae:a7:1f:1f:c8:96:
                    e4:40:08:6d:b9:48:7a:2d:b6:b9:1d:5b:06:4e:17:
                    c4:d4:ca:ba:17:d9:e4:c2:17:e8:17:42:27:08:d6:
                    ef:65:3b:ce:86:ce:ce:d0:ec:22:2e:10:6a:4d:c3:
                    dc:09:38:9d:f8:d6:2b:53:3d:0f:f4:52:45:b6:a5:
                    50:27:dc:24:44:24:3c:31:f9:ce:de:34:82:3a:05:
                    42:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:89:A2:54:72:6D:03:1E:59:B4:6B:61:B4:AC:AA:85:1B:FA:2D:DF
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F366351B/4665A9F0ACA011EDAF100DF7F1222468/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F366351B/4665A9F0ACA011EDAF100DF7F1222468/Z4miVHJtAx5ZtGthtKyqhRv6Ld8.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  329208

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.214.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:8f:b0:c5:b8:2e:d8:44:ea:1a:79:47:3f:ae:6f:10:e2:7d:
         58:3f:84:fd:7c:ef:a5:9f:8c:be:f7:c5:46:19:37:de:f5:ec:
         8f:e5:e8:ac:98:89:d4:26:c5:a6:57:2e:fe:fe:01:22:00:6d:
         b6:4d:ba:ec:6e:12:81:e6:81:e7:41:9f:fa:cd:cb:62:b7:f7:
         35:7b:dc:d6:30:26:1b:80:8e:5b:d5:25:01:2c:af:1b:00:40:
         db:1a:b5:7e:0b:f4:88:0d:a6:27:9d:88:4b:b4:03:bd:d1:b5:
         a8:bf:f8:b9:23:e1:50:6d:bb:2f:e8:50:9e:33:24:59:da:0d:
         6c:18:46:de:c8:30:91:fe:34:a2:51:12:cb:75:66:bf:57:a1:
         68:be:e4:81:ab:21:e2:40:4a:2b:db:78:95:8b:33:d5:ed:25:
         af:dc:95:82:67:b1:7c:cf:93:c2:7e:f7:83:f0:7b:33:2d:33:
         fc:09:06:f7:e4:31:4b:a0:56:78:de:33:12:35:fa:9e:5d:59:
         75:43:37:87:e4:36:e2:aa:c1:a5:71:61:9e:2a:a7:fd:a1:5a:
         88:21:f2:47:5e:63:14:c6:c0:e7:14:07:3e:70:94:7a:11:5c:
         7f:90:c3:ed:8c:2f:f6:b8:f9:03:dc:9e:94:d0:1b:c0:2a:d9:
         84:2a:cb:cd
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgICJVgwDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDAxMDEwMjI5NDVaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjYzNTFCQUYxMTAvBgNVBAUTKDY3ODlBMjU0NzI2RDAzMUU1OUI0NkI2
MUI0QUNBQTg1MUJGQTJEREYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQsf7Nbnwnzijkt11gOMdQeS0qzMrrjoT5tKj8psEegiGHwPn9/OLjTFS8fDoG
W9tFYqtlKTDWCIWlC7p261aqFWARTu4eRXh86j82OOiaxL4jyS0TLtN4DuwR/9NT
nqKzoww/H8nC0I/Xj/x7PwiEnK3PWlIsv7rZGtE3KBW9Tkoy4+wmQkfZLdj3mf0O
+lOrnczNl+nkGeo2IEKZibv3+SByFlC5cEfn1ozAQ66nHx/IluRACG25SHottrkd
WwZOF8TUyroX2eTCF+gXQicI1u9lO86Gzs7Q7CIuEGpNw9wJOJ341itTPQ/0UkW2
pVAn3CREJDwx+c7eNII6BULLAgMBAAGjggMLMIIDBzAdBgNVHQ4EFgQUZ4miVHJt
Ax5ZtGthtKyqhRv6Ld8wHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY2MzUxQi80NjY1QTlGMEFDQTAx
MUVEQUYxMDBERjdGMTIyMjQ2OC8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjM1MUIvNDY2NUE5RjBBQ0EwMTFFREFGMTAwREY3RjEyMjI0NjgvWjRtaVZI
SnRBeDVadEd0aHRLeXFoUnY2TGQ4Lm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMFBfgwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm1gwwDQYJKoZIhvcN
AQELBQADggEBACiPsMW4LthE6hp5Rz+ubxDifVg/hP1876WfjL73xUYZN9717I/l
6KyYidQmxaZXLv7+ASIAbbZNuuxuEoHmgedBn/rNy2K39zV73NYwJhuAjlvVJQEs
rxsAQNsatX4L9IgNpiediEu0A73Rtai/+Lkj4VBtuy/oUJ4zJFnaDWwYRt7IMJH+
NKJREst1Zr9XoWi+5IGrIeJASivbeJWLM9XtJa/clYJnsXzPk8J+94PwezMtM/wJ
BvfkMUugVnjeMxI1+p5dWXVDN4fkNuKqwaVxYZ4qp/2hWogh8kdeYxTGwOcUBz5w
lHoRXH+Qw+2ML/a4+QPcnpTQG8Aq2YQqy80=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:32 2024 by rpki-client on console-fra.rpki-client.org